Scribd
Upload
22 views

Lab 5

Uploaded by

phucdnse180322
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
22 views

Lab 5

Uploaded by

phucdnse180322
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Lab #5: Assessment Worksheet

Identify Threats and Vulnerabilities in an IT Infrastructure

Course Name: IAA202

Student Name: DUONG NGOC PHUC

Instructor Name: DINHMH

Lab Due Date: 10.03.2024

Overview
One of the most important first steps to risk management and implementing a security
strategy is to identify all resources and hosts within the IT infrastructure. Once you
identify the workstations and servers, you now must then find the threats and
vulnerabilities found on these workstations and servers. Servers that support mission
critical applications require security operations and management procedures to ensure C-
I-A throughout. Servers that house customer privacy data or intellectual property require
additional security controls to ensure the C-I-A of that data. This lab requires the
students to identify threats and vulnerabilities found within the Workstation, LAN, and
Systems/Applications Domains.

Lab Assessment Questions


1. What are the differences between ZeNmap GUI (Nmap) and Nessus?
ZeNmap Nmap
Port discovery tool Vulnerability scanner
Discover active hosts on network Discover weakness of system
Scan all active ports and gather Focus on specific weakness of a known
infomation port
Better performing network Better performing software
Can protect system Cannot protect system
Platform: Windows and Unix variant OS Platform: Windows, Linux, Mac and
Unix

2. Which scanning application is better for performing a network discovery


reconnaissance probing ofan IP network infrastructure?
Nmap

3. Which scanning application is better for performing a software vulnerability


assessment withsuggested remediation steps?
Nessus
4. How many total scripts (i.e., test scans) does the Intense Scan using ZenMap GUI
perform?

Port Scanning, OS detection, Version detection, Network Distance, TCP sequence


prediction, Trace route

5. From the ZenMap GUI pdf report page 6, what ports and services are enabled on the
Cisco SecurityAppliance device?
443/tcp and ssl/http

6. What is the source IP address of the Cisco Security Appliance device (refer to
page 6 of the pdfreport)?
172.30.0.1

7. How many IP hosts were identified in the Nessus® vulnerability scan? List them.
7 IP hosts, include:
172.16.20.1
172.17.20.1
172.18.20.1
172.19.20.1
172.20.20.1
172.30.0.10
172.30.0.66

8. While Nessus provides suggestions for remediation steps, what else does Nessus
provide that can helpyou assess the risk impact of the identified software
vulnerability?
The number of effects that risks or vulnerabilities cause to system

9. Are open ports necessarily a risk? Why or why not?


Yes, if open ports are not used, they can be the targets for attacker
No, because open ports can be disguised to trap

10. When you identify a known software vulnerability, where can you go to assess the
risk impact of thesoftware vulnerability?
Common Vulnerability Scoring System (CVSS)
11. If Nessus provides a pointer in the vulnerability assessment scan report to look up
CVE-2009-3555when using the CVE search listing, specify what this CVE is,
what the potential exploits are, and assess the severity of the vulnerability.
CVE is a list of information security vulnerabilities and exposures that aims to
provide common names for publicly known problems
12. Explain how the CVE search listing can be a tool for security practitioners and a tool
for hackers.
It enables the users to identify system weaknesses. For hackers, this may be
extremely useful information. They could utilize this vulnerability to conduct an
attack if he knows about it. This will assist the administrator in identifying and
resolving problems, or at the very least mitigating them.

13. What must an IT organization do to ensure that software updates and


security patches areimplemented timely?
Scan for vulnerabilities and find the patch to fix them

14. What would you define in a vulnerability management policy for an organization?
The possible risk involved with vulnerabilities that were found on systems and
how to plan to mitigate them.

15. Which tool should be used first if performing an ethical hacking penetration test and
why?
When executing an ethical hacking penetration test, Nmap should be used.
Because it's a robust port scanner and auditing tool. It is also an open-source
application that may run on a variety of operating systems, including Windows, Linux,
and Mac OS.

You might also like