Lab 1 Questions for Fundamentals of Information Systems Security

In: Computers and Technology

Submitted By Rtorres327
Words 415
Pages 2
Lab 1 Assessment Questions
1. Name at least five applications and tools pre-loaded on the Windows 2003 Server Target VM and identify whether that application starts as a service on the system or must be run manually?
Windows Applications Loaded | Starts as Service Y/N |
FileZila Server | Y |
Nmap | N |
WireShark | N |
WinPcap | N |
Tenable Network Security | N |
Tftpd32-SE | N |
2. What was the DHCP allocated source IP host address for the Student VM, DHCP Server, and IP default gateway router?
a. Student – 10.96.108.20
b. TargetWindows01 – 10.96.109.30
c. TargetUbunto01 – 10.96.109.36
d. TargetUbuntu02 – 10.96.109.40
3. Did the targeted IP host respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source?
e. Yes.
f. 4
4. If you ping the “WindowsTarget01” VM server and the “UbuntuTarget01” VM server, which fields in the ICMP echo-request / echo-plies vary?
g. The TTL on Windows was 128 while on Ubuntu the TTL was 64.
5. What is the command line syntax for running an “Intense Scan” with ZenMap on a target subnet of 172.30.0.0/24?
h. Nmap –T4 –A –V –PE –PS22, 25, 80 –PA21, 23, 80, 3389 10.96.109.30
6. Name at least 5 different scans that may be performed from the ZenMap GUI and document under what circumstances you would choose to run those particular scans.
i. Ping Scan
j. Quick Scan
k. Intense Scan
l. Regular Scan
m. Intense Scan, No Ping
7. How many different tests did your “Intense Scan” definition perform? List them all after reviewing the scan report.
n. 36
o. Nbstat
p. Smb-os-discovery
q. Smbv2-enabled
8. Describe what each of these tests or scripts performs…...

Similar Documents

Information Security Project 1

...Project: Information Security Project 1 Name: Ashiqul Abir Class: NT2580 Date: 02/28/2013 Information security best practice project: The information security best project was housed within the Oxford University computer emergency response team. The project sought build on the knowledge, commentary and information gathered during the 2009 self-assessment exercise. One of the main objectives of the project was to develop an information security toolkit, which includes the policies, guidelines, documentation and education and awareness programmers. Information security: In a devolved environment, such as a collegiate university, it is imperative that policy should not go into retail about how those objectives should be met. It also defines the scope of the policy and identifies roles and responsibilities for security. Information security toolkit: The example polies can be tailored to suit the individual needs of your department, college or hall. The toolkit focuses on some areas like, IT management Operations Network Management Physical Security Building on the 2009 self-Assessment: The 2009 Self-Assessment exercise asked unit within the collegiate university to assess their current approach to IT operations, management and security against recommended best practice guidelines. The information gathered helped the advisory group to understand where further attention, resource, and best......

Words: 280 - Pages: 2

Lab 5 Network Security Fundamental

...Lab # 5 Assessment Questions & Answers 1. What is the purpose of the address resolution protocol (ARP)? Arp converts IP addresses to Ethernet addresses 2. What is the purpose of the dynamic host control protocol (DHCP)? DHCP is a method for assigning IP addresses to individual machines in an organization. The IP addresses can be assigned permanently or temporary. 3. What was the DHCP allocated source IP host address for the “Student” VM and Target VM? 172.30.0.4 – Student VM (Ubuntu) 172.30.0.8 – Target VM (Windows) 4. When you pinged the targeted IP host, what was the source IP address and destination IP address of the ICMP echo-request packet? Source: 172.30.0.2 Target: 172.30.0.8 5. Did the targeted IP host respond to the ICMP echo-request packet with an ICMP echo-reply packet? If yes, how many ICMP echo-request packets were sent back to the IP source? Yes, 8 packets. 6. Find a TCP three-way handshake for a Telnet, FTP, or SSH session. What is the significance of the TCP three-way handshake? The three way handshake is needed to establish a reliable connection between computers. The handshake allows client to server communications to agree on security protocols for security and reliability. 7. What was the SEQ# of the initial SYN TCP packet and ACK# of the SYN ACK TCP packet? The SEQ# is 0 for the initial SYN TCP and the SYN ACK is ACK# 1 8. During the instructor’s Telnet session to LAN Switch 1 and LAN Switch 2, what was the captured terminal......

Words: 367 - Pages: 2

Lab 1 Assignment Question

...Lab Assessment Questions & Answers 1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. WINDOWS APPLICATION LOADED STARTS AS SERVICE Y/N 1. ❑ Yes ❑ No 2. ❑ Yes ❑ No 3. ❑ Yes ❑ No 4. ❑ Yes ❑ No 5. ❑ Yes ❑ No 2. What was the allocated source IP host address for the TargetWindows01 server, TargetUbuntu01 server,and the IP default gateway router? • The source IP host address was 172.30.0.8 but the IP default gateway was 172.30.0.1 3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source? • Yes the host sent a response, and there were 4 responses. 4. If you ping the TargetWindows01 server and the UbuntuTarget01 server, which fields in the ICMP echo-request/echo-replies vary? • The TTL changes from 64 to 128. 5. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of 172.30.0.0/24? • nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 173.30.0.0/24 6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans. • Intense Scan • Quick Scan ......

Words: 345 - Pages: 2

Lab 1 Questions for Fundamentals of Information Systems Security

...Lab 1 Assessment Questions 1. Name at least five applications and tools pre-loaded on the Windows 2003 Server Target VM and identify whether that application starts as a service on the system or must be run manually? Windows Applications Loaded | Starts as Service Y/N | FileZila Server | Y | Nmap | N | WireShark | N | WinPcap | N | Tenable Network Security | N | Tftpd32-SE | N | 2. What was the DHCP allocated source IP host address for the Student VM, DHCP Server, and IP default gateway router? a. Student – 10.96.108.20 b. TargetWindows01 – 10.96.109.30 c. TargetUbunto01 – 10.96.109.36 d. TargetUbuntu02 – 10.96.109.40 3. Did the targeted IP host respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source? e. Yes. f. 4 4. If you ping the “WindowsTarget01” VM server and the “UbuntuTarget01” VM server, which fields in the ICMP echo-request / echo-plies vary? g. The TTL on Windows was 128 while on Ubuntu the TTL was 64. 5. What is the command line syntax for running an “Intense Scan” with ZenMap on a target subnet of 172.30.0.0/24? h. Nmap –T4 –A –V –PE –PS22, 25, 80 –PA21, 23, 80, 3389 10.96.109.30 6. Name at least 5 different scans that may be performed from the ZenMap GUI and document under what circumstances you would choose to run those...

Words: 415 - Pages: 2

Lab 1 Assesment Question

...Lab 1 Assessment Questions & Answers 1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. 1. FileZilla Server Y 2. Internet Explorer N 3. Mozilla Firefox N 4. Nessus Client N 5. Wire Shark Y 2. What was the allocated source IP host address for the TargetWindows01 server, TargetUbuntu01 server, and the IP default gateway router? 1. The IP host is 172.30.0.8. 2. The IP host address is 172.30.0.4. 3. The IP host address is 172.30.0.2. 3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source? Yes. Four packets. 4. If you ping the TargetWindows01 server and the UbuntuTarget01 server, which fields in the ICMP echo-request/echo-replies vary? TargetWindows01 has Min = 0ms, Max = 0ms, Avg. =0ms. 5. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of 172.30.0.0/24? nmap-T4-A-v-PE.-P522,25,80 –PA21,23,80,3389.172.30.0.0124 6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans.1 a. Quick Scan b. Quick Scan Plus c. Quick Traceroute d. Regular Scan e. Slow comprehensive scan 7. How many...

Words: 428 - Pages: 2

Information System Security Lab 4

...1. What is the main difference between a virus and a Trojan? A virus is a program that is capable of replicating with little or no user intervention, and the replicated programs also replicate further. There is typically a piece of code that causes an unexpected, usually malicious, event (payload) to occur. Viruses are often disguised as games or images with clever marketing titles. A Trojan horse is a program that either pretends to have, or is described as having, a set of useful or desirable features, but actually contains a damaging payload. True Trojan horses are not technically viruses, since they do not replicate, however many viruses and worms use Trojan horse tactics to infiltrate a system. Although Trojans are not technically viruses, they can be just as destructive. 2. A virus or malware can impact which of the three tenets of information systems security (CIA)? Virus maybe can send files to other people that don’t allow reading these files. It will affect Confidentiality. Some virus will break program. Then these programs cannot run. This wills effect Availability. Some virus will change some file in a program. This wills effect Integrity. 3. Once a malicious file is found on your computer, what are the default settings for USB/removable device scanning? What should an organization do regarding use of USB hard drives and slots on existing computers and devices? 4. Why is it recommended to do an anti-virus signature file update before performing an anti...

Words: 418 - Pages: 2

Fundamental Security 1

...Lab Assessment Questions & Answers 1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. Note: These forms have been formatted to allow you to complete the form online and save it using Adobe Reader. You may experience problems with either or both of these actions if you are using any other software program. Windows Application Loaded Starts as Service Y/N 1. q Yes q No 2. q Yes q No 3. q Yes q No 4. q Yes q No 5. q Yes q No 1 Assessment Worksheet 15 3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source? 4. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of 172.30.0.0/24? 5. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans. 2. What was the allocated source IP host address for the TargetWindows01 server, LAN Switch 1, LAN Switch 2, and the IP default gateway router? 16 Lab #1 | Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) 6. How many different tests (i.e., scripts) did your “Intense Scan” definition perform? List......

Words: 336 - Pages: 2

Access Security Lab 1

...Course: IS3230 Lab 1 1. Discretionary Access Control Lists form the primary means by which authorization is determined. An ACL is conceptually a list of <account, access-rights> pairs. 2. Sometimes an entire group needs access or permissions, and by giving the group permission any new person will automatically be given the permissions needed, with no need to add each person individually. 3. Modify, Read & Execute, Read, Write, List contents. 4. Read only, sometimes users need to be able to get information from the network, but without them being able to modify anything. 5. Some password policies are, password length, character diversity, time required to change password. 6. The only time it’s a good idea is when an application needs to read stored passwords. Normally they are encrypted, so storing passwords using reversible encryption should be done on a per-user basis. 7. Local group policies govern smaller groups on the network such as a hand full of machines or users. A domain group policy affects every workstation or user on the domain. 8. Local GPO, GPO linked to sites, GPO linked to domains, and GPO linked to organizational units. 9. Administrative Templates are a large repository of registry-based changes (in fact, over 1300 individual settings) that can be found in any GPO on Windows 2000, Windows XP, and Windows Server 2003. The Administrative Templates are Unicode-formatted text files with the extension .ADM and are used to create the......

Words: 335 - Pages: 2

Information Security System

... their application in critical areas such as Government or Military; however with the current information technology wave spreading across the globe the application of Information security systems has also reached the corporate and industrial world. II. ADVANCEMENTS IN INFORMATION SECURITY SYSTEMS In this era where data is under a continuous threat of being hacked by an unauthorized person or entity, it is very important to secure one’s data and store it in a proper location. There are quite a few software which enable us to add an incremental layer of security to our data: 1) Advanced firewalls have been developed which act as a safety net to filter out unauthorized personnel from accessing any information which the user deems confidential. Developments are being done on these firewalls continuously to improve their efficiency, thus providing the user with incrementally stronger protection. 2) Software systems have been enhanced to prompt for authorization access for all users, which can be further configured to restricting access to certain folders, documents and even installing newer applications on the system. The systems also prompt for changing the password frequently to ensure security. 3) With a large population connected to each other through the internet and a lot of time being increasingly spent on it, websites have started using anti-virus software and robust privacy policies to ensure data pertaining to the users and their account information kept safe...

Words: 1395 - Pages: 6

Is3230 Lab #1 Assessment Question

...1. What does DACL stand for and what does it mean? It is a type of access control defined by the Trusted Computer System Evaluation Criteria as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)". 2. Why would you add permissions into a group instead of the individual? What policy definition do you think is required to support this type of access control implementation? User accounts are designed for individuals. Group accounts are designed to make the administration of multiple users easier. While you can log on to user accounts, you can't log on to a group account. Group accounts are usually referred to simply as groups. You use groups to grant permissions to similar types of users and to simplify account administration. If a user is a member of a group that can access a resource, that particular user can access the same resource. Thus, you can give a user access to various work-related resources just by making the user a member of the correct group. Note that while you can log on to a computer with a user account, you can't log on to a computer with a group account Adding...

Words: 816 - Pages: 4

Linux Security Lab #1

... various techniques. Backup and Recovery - Easier backup and recovery. Stability and efficiency - You can increase disk space efficiency by formatting disk with various block sizes. It depends upon usage. For example, if the data is lots of small files, it is better to use small block size. Testing - Boot multiple operating systems such as Linux, Windows and FreeBSD from a single hard disk. 11) How would selecting the option “encrypt files system” be useful? It is very useful simply to avoid someone attacking your personal information so “encrypt file system” has great security counter measures; this file system has always protected data files within the system. 12) How can partitioning with Logical Volume Manager help as it relates to the CIA Traid of security? Keep everything up to date and make sure all applications are running perfectly. 13) What security advantages can be realized when selecting the “minimal” software install option? If I install the minimal of applications such as a smart phone will use less disk space the more applications I install will make my network slow, it will be best to check your process and if there are any applications running you should kill them immediately 14) How could you automate a Fedora install geared for security? If I use yum to install hacking tools I can simply install a shell chip or create a script and automate in a script so only a certain amount of applications install automatically. 15)What is the......

Words: 1044 - Pages: 5

Fundamental Concept of Information System

...LECTURE 1 Fundamental Concepts of Information Systems Learning Objectives     Understand the concept of a system and how it relates to information systems Explain major components of an information system Present major types of information systems in the business world Explain how a firm can use IT to gain competitive advantages What is a system?  A system     Is a set of interrelated components With a clearly defined boundary Working together to achieve a common set of objectives By accepting inputs and producing outputs in a transformation process A computer, an organization  Example:  What is an Information System?  An organized combination of…      People Hardware and software Communication networks Data resources Policies and procedures Collects, processes, stores, and disseminates information in an organization  This system…  Information systems model Components of an IS  People Resources   End users: the people who use the IS or the information from the IS IS specialists: the people who develop and operate IS All physical devices used in information processing Machines, data media, peripherals All information processing instructions including programs and procedures System software, application software and procedures  Hardware Resources    Software Resources   Components of an IS (cont.)  Data Resources    Facts about the business...

Words: 1291 - Pages: 6

Csec 610 Lab Question 1

...Lab Assignment 1 Questions 1. Explain the two different types of attacks that can be performed in Cain and Abel to crack user account passwords. Which do you think is the most effective and why? Cain and Abel is a MS operating password recovery instrument made for administrators and security professionals. Brute Force and Dictionary attacks through LM via Lan Manager and NTLM via NT LAN Manager hashes were used in the following assignment. Brute Force attack “is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies” (Rouse, 2006). This method is considered time consuming because it goes through all possible combinations of characters. Dictionary attack “is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password” (Rouse, 2005). In addition Cain and Abel has the ability to use Cryptanalysis attacks to break passwords, it is considered the fastest [time memory trade off method], being faster than brute force attacks while also not needing as much memory as dictionary attacks (Gates, 2006). During the lab assignment I found that Dictionary attack with NTLM was the most effective. It allows the user to select more search options like reverse, lowercase and uppercase…etc. It was the fastest method in cracking the...

Words: 957 - Pages: 4

Information System Security

...Claudia Goodman IT302 Homework 2 Security-Enhanced Linux The NSA has long been involved with the computer security research community in investigating a wide range of computer security topics including operating system security. It recognizes the critical role of operating system security mechanisms in supporting security at higher levels. End systems must be able to enforce confidentiality and integrity requirements to provide system security. Unfortunately, existing mainstream operating systems lack the critical security feature required for enforcing separation: mandatory access control. Application security mechanisms are vulnerable to tampering and bypass, and malicious or flawed applications can easily cause failures in system security. The results of several of these projects in this area have yielded a strong, flexible mandatory access control architecture called Flask. This has been mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel. This provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements and it allows threats of tampering and bypassing of application security mechanisms to be addressed while enabling the confinement of damage that can be caused by malicious or flawed applications. This is simply an example of how mandatory access controls that can confine the actions of any process, including...

Words: 1522 - Pages: 7

Introduction to Information System Security

... (application) HC/Designing Interaction [0 Core-Tier1 hours, 4 Core-Tier2 hours] Motivation: CS students need a minimal set of well-established methods and tools to bring to interface construction. Topics: • • • • • • • • • Principles of different styles of interface: e.g. command line, graphical tangible. Basic two-dimensional design fundamentals as applied to the visual interface, including use of grid, typography, color and contrast, scale, ordering and hierarchy.) Task analysis Paper prototyping Basic statistics and techniques for controlled experimentation (especially in regard to web data) KLM evaluation Help & documentation Handling human/system failure User interface standards Learning Outcomes Students should be able to apply the principles of HCI foundations to: 1. Create a simple application, together with help & documentation, that supports a user interface (application) 2. Conduct a quantitative evaluation and discuss/report the results (application) 3. Discuss at least one national or international user interface design standard (comprehension) HC/Programming Interactive Systems [elective] Motivation: To take a user-experience-centred view of software development and then cover approaches and technologies to make that happen. Topics: • • Software Architecture Patterns: Model-View controller; command objects, online, offline, [cross reference to Software Engineering] Interaction Design Patterns: visual hierarchy, navigational distance Strawman......

Words: 1936 - Pages: 8