Premium Essay

Lab #4 – Assessment Worksheet

In: Computers and Technology

Submitted By gusgarcia15
Words 285
Pages 2
Lab #4 – Assessment Worksheet
Using Ethical Hacking Techniques to Exploit a Vulnerable
Workstation
IS4650
Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you performed all five phases of ethical hacking: reconnaissance (using Zenmap GUI for Nmap), scanning (using OpenVAS), enumeration (exploring the vulnerabilities identified by
OpenVAS), compromise (attack and exploit the known vulnerabilities) using the Metasploit
Framework application), and conducted post-attack activities by recommending specific countermeasures for remediating the vulnerabilities and eliminating the possible exploits.
Lab Assessment Questions & Answers
1. What are the five steps of ethical hacking? reconnaissance, scanning,enumeration, compromise, post-attack activities: recommended countermeasures for remediation.

2. During the reconnaissance step of the attack, what open ports were discovered by Zenmap? What services were running on those ports?
There were several Ports, I will list onl a few POrts, 21,3306,22,53,445,111,25, all running TCP: the services running were Linux telneted, smtp Postfix, Apache Tomcat/Coyote JSP

3. What step in the hacking attack process uses Zenmap?
Reconnaissance

4. What step in the hacking attack process identifies known vulnerabilities?
Enumeration

5. During the vulnerability scan, you identified a vulnerable service in the Linux victim system.
What was the name of the vulnerable service?
I believe that this is the telnet service.
Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

Similar Documents

Free Essay

Lab 4 Assessment Worksheet

...the computer owner's or user's knowledge or permission for the benefit of someone else. Malicious code – Malware short for "Malicious" software is designed to infiltrate or damage a computer system without the owner's informed consent. 2. How often should you update your anti-virus protection? Must be updated regularly to stay effective against new viruses, and most anti-virus software is designed to update automatically, but you can also update your software manually. 3. Why is it a best practice to have and to carry an antivirus boot-up disc or CD? So that there is not a chance of anti-virus program to have issues (with virus, malware, etc.). Installed on the workstation already there could be virus’s already in there. 4. What other anti-malicious software and anti-malicious code applications are included with Avira under the Real-Time Shields application? What risk and threats do these help mitigate? Real-Time Shield (with Avira) shields the possibility of the program to check data for viruses at the time as the data is written or read, Avira AntiVir Personal have this into the Guard. The Guard will observe the drives and check the data at the time as the data is written or read. Avira AntiVir Personal can’t directly check the content of Websites, but the downloaded data from the sites will be checked after download from the...

Words: 992 - Pages: 4

Free Essay

Project Proposal

...………………………………………………………………………………………………………....….3 Inputs ……………………………………………………………………………………………………….……......4 Assumptions & External Factors ……………………………………………………………………..…...5 Objectives, Activities & Deliverables …………………………………………………………………………..…...5 Overall Objective ……………………………………………………………………………………………..….5 Short Term Objectives …………………………………………………………………………………….…..5 Midterm Objectives ………………………………………………………………………………………….…6 Deliverables …………………………………………………………………......................................................6 Outputs ……………………………………………………………………………………………………………….…….…..6 Stakeholders ………………………………………………………………………………………………...…….6 Activities …….…………………………………………………………………………………………….………...7 Evaluation Plan ……………………………………………………………………………………………………..……....8 Appendix A: Logic Model ………………..………………………………………………………………….…………...9 Appendix B: References……………………………………………………………………………………………...…10 Introduction & Background Purpose: This purpose of this project is to identify, assess and implement strategies in order to prevent potential workplace hazards from occurring at the North Alberta Pediatric Sleep Clinic situated within the Stollery Children’s Hospital in Edmonton, AB by completing a Hazard Identification, Assessment and Control (HIAC) worksheet. The overall project is outlined in a Logic Model (Appendix A). Overview of Clinic: The North Alberta Pediatric Sleep Clinic, also referred to as the “Sleep Lab”, is an outpatient clinic which cares for children aged 0-18 with sleep disorders. Examples...

Words: 1718 - Pages: 7

Premium Essay

Applying Owasp to a Web Security Assessment

...Assessment Worksheet Applying OWASP to a Web Security Assessment Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you explored the Open Web Application Security Project (OWASP) Web site and reviewed its Web application test methodology. You studied the standards and guides published by this project and summarized your findings. Finally, you drafted a Web Application Test Plan based on the information you gained in your OWASP research. Lab Assessment Questions & Answers 1. Identify the four recognized business functions and each security practice of OpenSAMM. 1) Governance 2) Construction 3) Verification 4) Deployment 2. Identify and describe the four maturity levels for security practices in SAMM. 1) Implicit starting point representing the activities in the Practice being unfulfilled 2) Initial understanding and ad hoc provision of Security Practice 3) Increase efficiency and/or effectiveness of the Security Practice 4) Comprehensive mastery of the Security Practice at scale 3. What are some activities an organization could perform for the security practice of Threat Assessment? Threat Assessment involves accurately identifying and characterizing potential attacks...

Words: 574 - Pages: 3

Premium Essay

Labs Rto

...systems, applications, and data recovery procedures. Fast recovery times for IT systems and applications are achievable with efficient and accurate recovery instructions. In this lab, you applied the same concepts of disaster recovery backup procedures and recovery instructions to your own data. You explained how you can lower RTO with proper backup and recovery procedures, defined a process for IT system and application recovery procedures, identified a backup solution for saving your own data, and tested and verified your backups for RTO compliance. Lab Assessment Questions & Answers 1. How do documented backup and recovery procedures help achieve RTO? 2. True or false: To achieve an RTO of 0, you need 100 percent redundant, hot-stand-by infrastructure (that is, IT system, application, data, and so on).   9 Develop Disaster Recovery Backup Procedures and Recovery Instructions 80 Lab #9 | Develop Disaster Recovery Backup Procedures and Recovery Instructions 3. What is most important when considering data backups? 4. What is most important when considering data recovery? 5. What are the risks of using your external e-mail box as a backup and data storage solution? 6. Identify the total amount of time required to recover and install the Lab #1 through Lab #8 Assessment Worksheets and to open the files to verify integrity. (Calculate your timed RTO using your computer clock and your documented instructions.) 7. Did you achieve your RTO? What steps and...

Words: 358 - Pages: 2

Free Essay

Construct a Linux Host Firewall and Monitor for Ip Traffic

...130 LAB #9 | Construct a Linux Host Firewall and Monitor for IP Traffic LAB #9 – ASSESSMENT SPREADSHEET Construct a Linux Host Firewall and Monitor for IP Traffic Course Name and Number: Student Name: Instructor Name: Lab Due Date: Internal Firewall Policy Definition Configure your “TargetUbuntu02” desktop Linux internal host IP stateful firewall according to the following policy definition. Test and validate your implementation after you configure it based on the policy definition. The following is your Ubuntu internal firewall policy definition: Deny incoming traffic Deny the following specific applications: TFTP Telnet SNMP ICMP FTP Allow the following specific applications under “Advanced” settings: SSH SMTP POP3 HTTPS HTTP Make a screen capture of the changes you made to the configuration and paste it into the text document. Use the File Transfer button to download the text file to your local computer and submit it as part of your deliverables. Assessment Worksheet 131 9 Construct a Linux Host Firewall and Monitor for IP Traffic LAB #9 – ASSESSMENT WORKSHEET Construct a Linux Host Firewall and Monitor for IP Traffic Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you configured the Gufw Ubuntu host IP stateful firewall as an internal service running on the Linux desktop. By defining what IP traffic is allowed and what IP traffic is denied, you implemented another layer of security in your overall...

Words: 665 - Pages: 3

Free Essay

Cis 534 - Lab Manual

...Design CIS 534 - Advanced Network Security Design 2 Table of Contents Toolwire Lab 1:Analyzing IP Protocols with Wireshark ........................................................................ 6 Introduction ............................................................................................................................................. 6 Learning Objectives ................................................................................................................................ 6 Tools and Software ................................................................................................................................. 7 Deliverables ............................................................................................................................................. 7 Evaluation Criteria and Rubrics ........................................................................................................... 7 Hands-On Steps ....................................................................................................................................... 8 Part 1: Exploring Wireshark ............................................................................................................... 8 Part 2: Analyzing Wireshark Capture Information .......................................................................... 12 Lab #1 - Assessment Worksheet .........................................................................................

Words: 48147 - Pages: 193

Premium Essay

Lab3

...56 Lab #3 | Configure BitLocker and Windows Encryption LAB #3 – ASSESSMENT WORKSHEET Configure BitLocker and Windows Encryption Course Name and Number: IS3340 Windows Security Student Name: Daniel Longo Instructor Name: Dakrouni Lab Due Date: 10/4/2013 Overview In this lab, you used the Microsoft® Encrypting File System (EFS) to encrypt files and folders on a Windows Server 2008 machine. You documented the success or failure of your encryption efforts. You also installed Microsoft® BitLocker Drive Encryption, a data protection feature that is used to resist data theft and the risk of exposure from lost, stolen, or decommissioned computers. You encrypted a data drive on the server and created a recovery key. Lab Assessment Questions & Answers 1. Within a Microsoft® Windows 2008 server R2 environment, who has access rights to the EFS features and functions in the server? 2. What are some best practices you can implement when encrypting BitLocker drives and the use of BitLocker recovery passwords? 38542_Lab03_Pass2.indd 56 3/2/13 10:01 AM Assessment Worksheet 3. What was the recover key created by BitLocker in this lab? 57 4. BitLocker secured drives. How would you grant additional users access rights to your EFS encrypted folders and data files? 5. What are the main differences between EFS and BitLocker? 6. The customer privacy data policy in your company’s data classification standard requires encryption in 3 ...

Words: 279 - Pages: 2

Premium Essay

Test

...Assessment Worksheet 97 LAB #7 – ASSESSMENT WORKSHEET Perform a Website and Database Attack by Exploiting Identified Vulnerabilities Course Name and Number: MNE 310 Student Name: Carl Sizemore Instructor Name: Williams Lab Due Date: 8/10/2014 Overview In this lab, you verified and performed a cross-site scripting (XSS) exploit and an SQL injection attack on the test bed Web application and Web server using the Damn Vulnerable Web Application (DVWA) found on the TargetUbuntu01 Linux VM server. You first identified the IP target host, identified known vulnerabilities and exploits, and then attacked the Web application and Web server using XSS and an SQL injection to exploit the Web application using a Web browser and some simple command strings. Lab Assessment Questions & Answers 1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production 7 Perform a Website and Database Attack by Exploiting Identified Vulnerabilities implementation? Penetration testing highlights what a real-world hacker might see if he or she targeted the given organization. The Penetraton test will give a security view in operational context and potential flaws can be discovered so that managment can make decisions about whether to allocated security resources to fix any discover problems. 2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting enables attackers to inject client-side...

Words: 491 - Pages: 2

Premium Essay

Network Security

...108 Lab #8 | Design a Layered Security Strategy for an IP Network Infrastructure Lab #8 – aSSESSmENT WORkSHEET Design a Layered Security Strategy for an IP Network Infrastructure Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you designed a layered security strategy, similar to the seven domains of a typical IT infrastructure, for the Cisco Mock IT infrastructure shown in Figure 8.2. You based your design on a set of functional and technical requirements. You also provided a written functional overview and description of how your security strategy meets the defined requirements. Lab Assessment Questions & Answers 1. Explain why a layered security strategy helps mitigate risk and threats both external and internal. 2. Why is it a good idea to put shared servers and services on a DMZ when both internal and external users need access? Assessment Worksheet 3. What recommendations do you have for the future e-commerce server and deployment in regard to 109 physical location and backend security for privacy data and credit card data? 4. What recommendations do you have to secure the server farm from unauthorized access? 5. If the organization implemented wireless LAN (WLAN) technology, what would you recommend regarding the use of VPNs or encryption within the internal network when accessing the server farm? 6. What is the purpose of a proxy server on a DMZ? 7. What is the purpose of an IDS/IPS...

Words: 314 - Pages: 2

Free Essay

Is404 Week 1 Lab

...Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? Discretionary access control List (DACL) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong 2. Why would you add permissions to a group instead of the individual? It is more resourceful and less time consuming. 3. List at least 3 different types of access control permissions available in Windows. Full Control, Modify, Execute, Read, Write 4. What are the least permissions that you need in order to view the contents of a folder? Read, so the user has access to any file on the system that they are entitled to, but they are not able to make any changes. 5. What are other available Password Policy options that could be enforce to improve security? ...

Words: 1093 - Pages: 5

Free Essay

Is4670 Week 3 Lab

...Week 3 Laboratory Week 3 Lab Part 1: Automate Digital Evidence Discovery Using Paraben’s P2 Commander Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Open an existing case file using P2 Commander * Analyze the data in the image and the files saved in the case * Sort and identify evidence file types in a case using Paraben's P2 Commander forensic tool * Use P2 Commander to identify information for potential evidence contained in chat logs such as Skype chat * Analyze the contents of user profiles and data using the P2 Commander browser Week 3 Lab Part 1 - Assessment Worksheet Overview View the Demo Lab available in the Practice section of Learning Space Unit 5 and then answer the questions below. The video will demonstrate the use of Paraben's P2 Commander and outline the different forensics capabilities of the tool. Lab Assessment Questions & Answers 1. When talking about Information Security, what does the 'CIA' stands for? CIA in information security stands for confidentiality, integrity and availability. 2. When would it be a good practice to classify data? It would be a good practice to classify data when you need to extract files from a hard drive or system for investigating in order to accurately organize the findings. 3. What is Security classification? Security classification is the security level assigned to a government document, file...

Words: 635 - Pages: 3

Premium Essay

Lab 1

...Assessment Worksheet 111 LAB #7 – ASSESSMENT WORKSHEET Relate Windows Encryption and Hashing to Confidentiality and Integrity Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview This lab demonstrated how hashing tools can be used to ensure message and file transfer integrity and how encryption can be used to maximize confidentiality. Common hashing and encryption tools, including MD5, SHA1, and GnuPG, were used. You used GnuPG to generate both a public and private key and a secret key for encryption only. Lab Assessment Questions & Answers 1. If you and another person want to encrypt messages, should you provide that person with your public 7 Relate Windows Encryption and Hashing to Confidentiality and Integrity key, private key, or both? You should both provide each other with your public keys. 2. What does GPG allow you to do once it is installed? GPG allows you to encrypt and decrypt data and generate public and private keys. 3. Name two different types of encryption supported by GPG for your key. GPG supports symmetric ciphers DES and Blowfish as well as asymmetric ciphers ELGamal and RSA. 112 LAB #7 | Relate Windows Encryption and Hashing to Confidentiality and Integrity 4. What happens when you sign and trust a new key to your keychain? A new private and public key is created with a fingerprint for non repudiation. 5. If a user sends you his/her public key, will he/she be able to decrypt your encrypted...

Words: 472 - Pages: 2

Premium Essay

Information Security

...JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES LABORATORY MANUAL TO ACCOMPANY Security Strategies in Windows Platforms and Applications 1E REVISED 38542_FMxx.indd i 9/5/12 10:48 AM World Headquarters Jones & Bartlett Learning 5 Wall Street Burlington, MA 01803 978-443-5000 info@jblearning.com www.jblearning.com Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, www.jblearning.com. Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to specialsales@jblearning.com. Copyright © 2013 by Jones & Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright owner. The Laboratory Manual to accompany Security Strategies in Windowa Platforms and Applications is an independent publication and has not been authorized, sponsored, or otherwise...

Words: 25969 - Pages: 104

Premium Essay

Lab 6

...Assessment Worksheet 91 LaB #6 – aSSESSmENt WORKSHEEt Perform Business Continuity Implementation Planning Course Name and Number: Student Name: Instructor Name: lab due date: 6 Perform Business Continuity Implementation Planning Overview In this lab, you were asked to begin the business continuity planning process for an e-commerce company, Online Goodies. You reviewed the key business functions and a prioritized list of impacted IT systems, applications, and data provided by your supervisor. You also compared the components of the major documentation required by the business continuity planning process: risk analysis, business impact analysis, business continuity plan, disaster recovery plan, and the business continuity implementation plan. Lab Assessment Questions & Answers 1. What is the difference between a risk analysis (RA) and a business impact analysis (BIA)? Risk analysis is often identifying the potential threats and the associated vulnerabilities to the organizations .Risk analysis doesn’t view the organization from the mission critical Business Process point of view. BIA the organization from the impact that is going to occur for an organization if the critical business processes are interrupted or tampered 2. What is the difference between a disaster recovery plan (DRP) and a business continuity plan (BCP)? Disaster recovery plan is have a full access to recover any lost data or essentials after a disaster while the business continuity...

Words: 681 - Pages: 3

Premium Essay

Noneofyourbusiness

...100 Lab #7 | Implement a VPN Tunnel Between a Microsoft® Server and Microsoft® Client LAB #7 – ASSESSMENT WORKSHEET Implement a VPN Tunnel Between a Microsoft® Server and Microsoft® Client Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you configured a virtual private network (VPN) tunnel between a Windows server and client computers using RADIUS (Remote Authentication Dial-in User Service) authentication. Lab Assessment Questions & Answers 1. What is the name of the Windows Server 2008 role you need to deploy to provide remote access services to clients? Explain why this service is important in a corporate environment. 2. What was the IP host range that was allocated for the remote VPN client pool? 3. How many encryption settings are available from the remote access server? Which one is best? Which one provides backward compatibility? Assessment Worksheet 4. During a remote access session, how many times is a client asked to provide credentials? Is this an 101 example of multi-factor authentication? Explain. 5. Why is it important to use strong encryption in both authentication and communication protocols? Explain. 6. Name the available authentication methods (protocols) available when configuring the VPN. Which authentication method is considered stronger? Why? 7. What other type of connections are supported by Microsoft® Remote Access services in Server 2008? 7 Implement...

Words: 318 - Pages: 2