Computers and Technology, 16.01.2020 05:31 ira51
This research is a security assessment of a small group of systems. in this assessment, students will apply security tools and resources learned in labs to a set of unknown systems. they will synthesize the output of security tools and the results of research into a report evaluating the security of each unknown system.
1 scope of assessment
• the assessment is limited to the 3 ip addresses.
• room 250 anypc_ip_1
• room 250 anypc_ip_2
• room 250 anypc_ip_3
2 rules of engagement
• students may use any security tools to perform a security evaluation of the systems listed in the scope of assessment. these tools should include but are not limited to those listed in the resources required. security tools can be used to identify potential vulnerabilities and verify these potential vulnerabilities through the use of exploits. however, no tools that are designed to crash a system or otherwise create a denial of service attack may be used.
3 resources required
• students will need the following data and tools to create and test the software:
• kali vm
• port scanner like nmap
• vulnerability scanner like nessus
• metasploit
4 procedure
4.1 network scanning
• scan each ip address listed in the scope with nmap. scans should verify that the systems are up before proceeding, then identify the operating systems of each system, and finally identify both the names and versions of the running services on each system. students will need to scan all tcp and udp ports.
4.2 vulnerability research
• first, lookup the operating system type and version that were reported by network scanning tools. next, lookup any services, such as iis or apache, whose names were identified. use service versions to determine which vulnerabilities apply to the system under assessment. compare these lists of vulnerabilities with the ones found in the next step: vulnerability scanning.
4.3 vulnerability scanning
you need use the nessus vulnerability scanner tool to find vulnerabilities. create scan configurations for each of the targets. be sure that you can ping a target before beginning an nessus scan. if a nessus scan reports zero vulnerabilities, then there was an error during the scan or the target was not up.
5 report
• the report will need to be at least 5 pages single spaced using a 12-point font. the report must be divided into six sections:
1 summary
2 procedure
3 assessment of system 1 at ip room 250 anypc_ip_1
4 assessment of system 2 at ip room 250 anypc_ip_2
5 assessment of system 3 at ip room 250 anypc_ip_3
6 conclusion
7 references
Answers: 3
Another question on Computers and Technology
Computers and Technology, 22.06.2019 17:00
Your company has 1,500 desktop computers running windows 7. you want to upgrade them to windows 10. which type of microsoft license would be best suited in this situation?
Answers: 3
Computers and Technology, 23.06.2019 02:30
People with high self-esteem: accept their strengths and weaknesses. believe that failed experiences are failures of their whole self. feel good about who they are only when they reach total success. need positive external experiences to counteract negative feelings that constantly plague them.
Answers: 1
Computers and Technology, 23.06.2019 06:00
Respond to the following in three to five sentences. select the workplace skill, habit, or attitude described in this chapter that you believe is most important for being a successful employee.
Answers: 1
Computers and Technology, 23.06.2019 06:30
Who can provide you with a new password when you have forgotten your old one? your provide you with a new password in case you forget your old one.
Answers: 3
You know the right answer?
This research is a security assessment of a small group of systems. in this assessment, students wil...
Questions
Physics, 07.05.2021 22:10
Mathematics, 07.05.2021 22:10
Mathematics, 07.05.2021 22:10
Biology, 07.05.2021 22:10
History, 07.05.2021 22:10
Biology, 07.05.2021 22:10
History, 07.05.2021 22:10
Mathematics, 07.05.2021 22:10
