Week 2 Lab #4 Assessment

In: Computers and Technology

Submitted By pinkmist
Words 343
Pages 2
ISSC362: IT Security: Attack & Defense
14 Apr 2013
Lab #4 – Assessment Worksheet

1. Phase 1—Reconnaissance, Phase 2—Scanning, Phase 3—Gaining Access, Phase 4—Maintaining Access, Phase 5—Covering Tracks
2. Zenmap does an intense scan of all TCP ports in order to find open and vulnerable ports.
3. Phase 1 Reconnaissance
4. This is referred to by many names, but typically just called a vulnerability scan. Can be done with tools such as Nessus or Microsoft baseline security analyzer.
5. MS04-022: Microsoft Windows Task Scheduler Remote Overflow (841873), MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741), MS03-043: Buffer Overrun in Messenger Service (828035), MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159), MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution (921883), MS09-001: Microsoft Windows SMB Vulnerabilities Remote Code Execution (958687), MS03-039: Microsoft RPC Interface Buffer Overrun (824146), MS04-011: Security Update for Microsoft Windows (835732), MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028), MS05-027: Vulnerability in SMB Could Allow Remote Code Execution (896422), MS05-043: Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423), MS03-026: Microsoft RPC Interface Buffer Overrun (823980), MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644), MS02-045: Microsoft Windows SMB Protocol SMB_COM_TRANSACTION Packet Remote Overflow DoS (326830), MS08-067 is a security vulnerability that allows an attacker to take advantage of an exploit that allows a computer worm to remotely run code without user intervention. (Zero day exploit). The patch titled kb958644 fixes the vulnerability.
6. BackTrack4 Metasploit Framework
7. Yes, before penetrating a system, you would always want to get…...

Similar Documents

Week 2 Lab #4 Assessment

...ISSC362: IT Security: Attack & Defense 14 Apr 2013 Lab #4 – Assessment Worksheet 1. Phase 1—Reconnaissance, Phase 2—Scanning, Phase 3—Gaining Access, Phase 4—Maintaining Access, Phase 5—Covering Tracks 2. Zenmap does an intense scan of all TCP ports in order to find open and vulnerable ports. 3. Phase 1 Reconnaissance 4. This is referred to by many names, but typically just called a vulnerability scan. Can be done with tools such as Nessus or Microsoft baseline security analyzer. 5. MS04-022: Microsoft Windows Task Scheduler Remote Overflow (841873), MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741), MS03-043: Buffer Overrun in Messenger Service (828035), MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159), MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution (921883), MS09-001: Microsoft Windows SMB Vulnerabilities Remote Code Execution (958687), MS03-039: Microsoft RPC Interface Buffer Overrun (824146), MS04-011: Security Update for Microsoft Windows (835732), MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028), MS05-027: Vulnerability in SMB Could Allow Remote Code Execution (896422), MS05-043: Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423), MS03-026: Microsoft RPC Interface Buffer Overrun (823980), MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644), MS02-045: Microsoft Windows SMB Protocol...

Words: 343 - Pages: 2

Lab #2 – Assessment Worksheet

...Lab #2 – Assessment Worksheet IEE 802.3 CSMA/CD & Ethernet II Networking 1. Using the Wireshark Protocol Analyzer how was you able to isolate and inspect IP and CDP packets for further analysis? Navigating to the Analyze menu interface, selecting the “Disable All” button at the bottom of the window, in the “Protocol” window scroll to “IP” and select it the same steps apply to CDP. 2. In what section of the Wireshark Protocol Analyzer interface is the details of a capture packet frame displayed? On the Frame Analysis Window 3. Draw an IEEE 802.3 frame Showing segments and bytes assigned to each segment? 4. What are the main speeds of Ethernet? 10 mbps 100 mbps (fast Ethernet) 1000 mbps (gigabit Ethernet) 10000 mbps (ten gigabit Ethernet) 5. What is the Maximum size allocated for information in an IEEE 802.3 Ethernet Frame? Maximum length Ethernet II frames (1518 bytes, with a payload of 1500 bytes) 6. What is the main difference in the layout of IEEE.802.3and Ethernet II frame? IEEE 802.3 decided to include the Type of both source and destination in the 802.2 LLC header. So they replaced the Type field (bytes 13-14) with a Length field. The length" is not the full frame size - rather, it is the 802.2 packet length - the number of bytes of the 802.2 (LLC and data) portion of the frame, excluding padding. 7. What is the maximum number of bytes assigned to the “source address” segment of an IEEE.802.3? Ethernet and IEEE 802.3 specify similar...

Words: 485 - Pages: 2

Iss 3350 Lab 2 Assessment

...! ! ! Joel M. Bryant, Sr.! IS 3350 Windows Security! Assessment Worksheet # 2! ! ! 1. What is the Principle of Least Privilege?
 
 In information security, computer science, and other fields, the principle of least privilege requires that in a particular abstraction layer of a computing environment, every module must be able to access only the information and resources that are necessary for its legitimate purpose.
 2. What does DACL stand for and what does it mean?
 
 DACL stands for Discretionary Access Control List. Discretionary access control lists (DACLs, but often shortened to ACLs) form the primary means by which authorization is determined. An ACL is conceptually a list of pairs, although they are significantly richer than that.
 3. Why would you add permissions to a group instead of the individual?
 
 To grant hierarchical access to teams or groups such as company departments or development teams.
 4. Why would you allow shared access to groups instead of to everyone?
 
 Allowing shared access to groups rather than to everyone limits access to only those added to that group. This helps keep the information secured to only those who need access.
 5. List at least 3 different types of access control permissions you can enable for a file.
 
 read, write, execute
 6. Which access control permissions allow you to delete files and/or folders?
 
 modify and full control
 7. What is the lowest level permission needed in order to view the contents of a folder...

Words: 368 - Pages: 2

Is3110T Lab 2 Assessment Worksheet

...Lab #2 Assessment Worksheet Align Risks, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls 1. a. Unauthorized access from public internet - HIGH b. User destroys data in application and deletes all files - LOW c. Workstation OS has a known software vulnerability – HIGH d. Communication circuit outages - MEDIUM e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - MEDIUM 2. a. PO9.3 Event Identification – Identify threats with potential negative impact on the enterprise, including business, regulatory, legal, technology, trading partner, human resources and operational aspects. b. PO9.4 Risk Assessment – Assess the likelihood and impact of risks, using qualitative and quantitative methods. c. PO9.5 Risk Response – Develop a response designed to mitigate exposure to each risk – Identify risk strategies such as avoidance, reduction, acceptance – determine associated responsibilities; and consider risk tolerance levels. 3. a. Unauthorized access from public internet - AVAILABILITY b. User destroys data in application and deletes all files - INTEGRITY c. Workstation OS has a known software vulnerability – CONFIDENTIALITY d. Communication circuit outages - AVAILABILITY e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - INTEGRITY 4. a. Unauthorized access from public...

Words: 934 - Pages: 4

Week 4 Assignment 2: Organizational Risk Appetite and Risk Assessment

...Week 4 Assignment 2: Organizational Risk Appetite and Risk Assessment Abstract This report will touch on what is needed to prepare in case of untimely disaster and what should be done when the worse has happen and you need to recover. We will take a look at what the business impact analysis look like and the company risk assessment for our company and look for risk that can be handled and risk the most be avoided and try to come up with a plans and policies for how to handle all future risks and problems. ”Business Impact Analysis (BIA) determines the importance of the organization’s activities by assessing the impact over time, if they are interrupted, and establishes continuity and recovery objectives”. (Engemann & Henderson, 2012) When looking to make a Business Impact Analysis we need to talk a look at all the resources of our company and what they do for the company. Then we figure what each piece need in the event of a crisis and how long and how much money it will take to get back on line so let take a look at the most valuable piece of equipment and work our way to the most expandable piece of equipment. The first and most important is the 3 file servers which is the central storage and the managing of data files to the company. These servers house not only private information on the company but also customer information. This means if they are damage or found missing work is loss and vital customer data is either gone or in a worse case stolen...

Words: 2047 - Pages: 9

Hacking Lab 2 Assessment

...Assessment Worksheet 29 LAB #2 – ASSESSMENT WORKSHEET Implement Hashing and Encryption for Secure Communications Course Name and Number: Student Name: Instructor Name: Lab Due Date: 2 Implement Hashing and Encryption for Secure Communications Overview In this lab, you applied common cryptographic and hashing techniques to ensure message and file transfer integrity and maximize confidentiality. You also created an MD5sum and SHA1 hash on a sample file on the Linux virtual machine and compared the hash values of the original files with those generated after the file had been modified. Next, you used GnuPG to generate a public key, a private key, and a secret key to encrypt and decrypt a message. You then used these keys to send secure messages between two user accounts on the virtual machine and verify the integrity of the received files. Finally, you reviewed the process for uploading public keys to a public PKI website. Lab Assessment Questions & Answers 1. Compare the hash values calculated for example.txt that you documented during this lab. Explain in your own words why the hash values will change when the data is modified. 2. Why are the MD5sum and SHA1sum hash values the same every time you calculate for the “example.txt” sample file? What if they were different when you re-calculated the hash value at the other end? 30 Lab #2 | Implement Hashing and Encryption for Secure Communications 3. If you were using corporate e-mail for...

Words: 414 - Pages: 2

Week 4 Assessment

...Week 4 Stating an Opinion on a Position 1. Only the good die young. I would have to disagree with this saying. Why? Well because i believe that plenty of people who hold good morals and stay true to their good ways see a long life as well as I’ve very successful. 2.Its human Nature to be greedy. I believe this is true, because in the early years of the human race, it has been said that the men of the tribes always wanted to be superior to other man, and in a sense have that feeling of being the alpha male. 3. We know ourselves more than other know us. This is very true, in fact how can somebody with a completely different center on consciousness tell us how we feel or know us better than we know ourselves. Its impossible. 4. Black people are better athletes than white people. This can go both ways, but in my opinion yes! i believe they are better athletes they seem to hold more passion for the sport they play, and to them if you’re not 1st you’re last which is always a good attitude to have when participating in a competitive sport. 5. An unborn fetus is a human being. Absolutely! Anything with a heart beat inside another human being is considered a human being according to me. 6. Censorship is evil. Yes! i believe we have the right to know whats going on in our world that we share. Its not fair that information is being kept from us, and when i say this I’m referring to what the news airs or what they chose not to air. 7. Winning isn’t everything, Its the only thing...

Words: 434 - Pages: 2

Phase 2 Lab 4

...Assessment Worksheet 65 LAB #4 – ASSESSMENT WORKSHEET Configure Group Policy Objects and Microsoft® Baseline Security Analyzer (MBSA) Course Name and Number: CSS150-1402A-01 Student Name: Samuel French Instructor Name: Cheryl Garvin Lab Due Date: April 21, 2014 Overview In this lab, you used group policy objects to create a minimum password length password policy and link it to the newly created domain from the previous lab. You also ran the Microsoft® Baseline Security Analyzer (MBSA) and reviewed the results of the MBSA scan. Lab Assessment Questions & Answers 1. Describe two options you would enable in a Windows Domain password policy. password requirements lock out after x number of failed attempts 2. Is there a setting in your GPO to specify how many logon attempts will lock out an account? Name two parameters that you can set to enhance the access control to the system. Yes . Two parameters that one could use would be an account lockout duration and the threshold of what could be accessed. 4 3. What are some password policy parameter options you can define for GPOs that can enhance the CIA for Configure Group Policy Objects and Microsoft® Baseline Security Analyzer (MBSA) system access? Some policy parameter options that one could define are: setting a password minimum length 3 of the following: capitals, lowercase, numbers, special characters no reuse of the last 12 passwords 30-90 day password expiration 66 Lab...

Words: 419 - Pages: 2

Lab 2 Assessment Worksheet

...IS3340-WINDOWS SECURITY | Lab #2 | Assessment Worksheet | | [Type the author name] | 4/3/2014 | | 1. What is the Principle of Least Privilege? Providing only the necessary access required to carry out a task. 2. What does DACL stands for and what does it mean? Discretionary Access Control List is the list of access control rules (ACL’s). 3. Why would you add permissions to a group instead of the individual? Management of the permissions (add/remove) is easier to do from the Group Level, other than Individual User and is quicker. 4. Why would you allow shared access to groups instead of to everyone? By allowing access by Groups it is easier to manage – all users have to be part of a Group in order to be created. 5. List at least 3 different types of access control permissions you can enable for a file. Read, (permits viewing or accessing of the file's contents) Write (permits adding to the file) Modify (permits reading and writing of the file and allows deletion of the file) 6. Which access control permissions allow you to delete files and/or folders? Modify is the access control permission allowing the user to delete files and/or folders. 7. What is the lowest level permission needed in order to view the contents of a folder? Read 8. If you don’t remember the syntax when using iCacls.exe what command do you type in to see the options? icacls.exe (the command with no arguments) 9. What other tool......

Words: 331 - Pages: 2

Lab 4 Assessment Worksheet

...1. What is one Thing that a virus, a worm, spyware, and malicious code have in common? What are the differences among these four threats: They are all created to create a threat to the security of you system. A virus – A small program designed to infect your computer and cause errors, computer crashes, and even destroy your computer hardware A worm – Software applications designed to spread via computer networks Spyware – Tracking software that hides itself (runs in the background) and gathers information without the computer owner's or user's knowledge or permission for the benefit of someone else. Malicious code – Malware short for "Malicious" software is designed to infiltrate or damage a computer system without the owner's informed consent. 2. How often should you update your anti-virus protection? Must be updated regularly to stay effective against new viruses, and most anti-virus software is designed to update automatically, but you can also update your software manually. 3. Why is it a best practice to have and to carry an antivirus boot-up disc or CD? So that there is not a chance of anti-virus program to have issues (with virus, malware, etc.). Installed on the workstation already there could be virus’s already in there. 4. What other anti-malicious software and anti-malicious code applications are included with Avira under the Real-Time Shields application? What risk and threats do these help mitigate? Real-Time Shield (with Avira...

Words: 992 - Pages: 4

Issc421 Lab#2 Assessment

...Rodney L. Bennett Jr. ISSC421 Week 2 Lab #2: Network Documentation Instructor Name: _Clifton Krahenbill_ Lab Assessment Questions 1. What is the terminal console password for LAN Switch 1 and LAN Switch 2? LAN Switch 1: 172.16.8.5 LAN Switch 2: 172.16.20.5 2. Specify the host IP address for LAN Switch 1 and LAN Switch 2 that you discovered from the Wireshark protocol capture file. LAN Switch 1: 172.16.8.99 LAN Switch 2: 172.16.20.99 3. When you Telnet to LAN Switch 1 or LAN Switch 2, why is it a good idea to first ping an IP interface or port’s IP address? It is a good idea to first ping an IP interface or port’s IP address because the ping verifies the connectivity by sending ICMP echo packets to a host and then listening for the echo reply which enables the detection of name resolution issues, if any. 4. Why is using Telnet a security risk for an IP network infrastructure? Because Telnet sessions are in clear text which certain packet sniffers can exploit to gain passwords which can ultimately lead to unauthorized access for unauthorized users and potential attackers. 5. How can you mitigate the security risk caused by Telnet? Utilize tools/programs/software that have intrusion detection to monitor, intercept and respond to potential risks in real time. 6. What is...

Words: 517 - Pages: 3

Unit 4 Lab 2

...Security and Web Applications Unit 4 Vlab 2 Assessment 1. Injection, Broken Authentication and Session Management, XSS, Insecure Direct Object References, Security Misconfiguration, Sensitive Data Exposure, Missing Function Level Access Control, Cross-Site Request Forgery, Using Components with Known Vulnerabilities, Unvalidated Redirects and Forwards. 2. A Brute force attack in an attack that uses force instead of vulnerabilities to make its way into a site. Usually trying to crack username and password combinations. The risks of these attacks can be mitigated by strengthening password requirements, introducing lockouts when let’s say 3 attempts are made. That would unmotivated and attacker. 3. A user has established a level of privilege with Amazon. AN attacker uses CSRF to exploit the trust of that user. The attacker is posing as the user and is performing actions to get the latest porn film sent to his house. Boom, free porn. 4. SQL Injection, Brute Force, CSRF. 5. Hackers will use web applications with uploading options to upload files that are malicious. 6. A successful SQL injection exploit can read sensitive data from the database, modify database data execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. (https://www.owasp.org/index.php/SQL_Injection) 7. That user information pertaining to......

Words: 285 - Pages: 2

Week 4 Lab

...Lab 4 – Energy Sources and Alternative Energy Experiment 1: The Effects of Coal Mining |Table 1: pH of Water Samples | |Water Sample |Initial pH |Final pH (after 48 hours) | |Pyrite |6 |7 | |Activated Carbon |6 |6 | |Water |6 |6 | POST LAB QUESTIONS 1. Develop hypotheses predicting the effect of pyrite and coal (activated carbon) on the acidity of water? a. Pyrite hypothesis = If pyrite is in the water source, then it will make the specimen more acidic b. Coal (activated carbon) hypothesis = If coal is in the water source, then it will make the specimen less acidic 2. Based on the results of your experiment, would you reject or accept each hypothesis that you produced in question 1? Explain how you determined this. a. Pyrite hypothesis accept/reject = Rejected, The hypothesis “If pyrite is in the water source, then it will...

Words: 1163 - Pages: 5

Lab #4 – Assessment Worksheet

...Lab #4 – Assessment Worksheet Using Ethical Hacking Techniques to Exploit a Vulnerable Workstation IS4650 Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you performed all five phases of ethical hacking: reconnaissance (using Zenmap GUI for Nmap), scanning (using OpenVAS), enumeration (exploring the vulnerabilities identified by OpenVAS), compromise (attack and exploit the known vulnerabilities) using the Metasploit Framework application), and conducted post-attack activities by recommending specific countermeasures for remediating the vulnerabilities and eliminating the possible exploits. Lab Assessment Questions & Answers 1. What are the five steps of ethical hacking? reconnaissance, scanning,enumeration, compromise, post-attack activities: recommended countermeasures for remediation. 2. During the reconnaissance step of the attack, what open ports were discovered by Zenmap? What services were running on those ports? There were several Ports, I will list onl a few POrts, 21,3306,22,53,445,111,25, all running TCP: the services running were Linux telneted, smtp Postfix, Apache Tomcat/Coyote JSP 3. What step in the hacking attack process uses Zenmap...

Words: 285 - Pages: 2

Cis 417 Week 4 Assignment 2 Forensic Lab Design

...CIS 417 WEEK 4 ASSIGNMENT 2 FORENSIC LAB DESIGN To purchase this visit here: http://www.activitymode.com/product/cis-417-week-4-assignment-2-forensic-lab-design/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 417 WEEK 4 ASSIGNMENT 2 FORENSIC LAB DESIGN Imagine the university that employs you as an information security professional has recently identified the need to design and build a digital forensic laboratory. You have been tasked with designing the lab for the organization. Write a four to five (4-5) page paper in which you: 1. Explicate the steps you would take to plan a budget for the lab, keeping in mind the general business objective to avoid unneeded costs. 2. Recommend the physical requirements and controls that you would consider implementing in order to keep the lab safe and secure. 3. Identify at least three (3) hardware and software tools that you would include in the design of the lab and explain your reasons behind your choices. 4. Identify the high-level criteria that would be considered when selecting the forensic workstations to be utilized. More Details hidden… Activity mode aims to provide quality study notes and tutorials to the students of CIS 417 Week 4 Assignment 2 Forensic Lab Design in order to ace their studies. CIS 417 WEEK 4 ASSIGNMENT 2 FORENSIC LAB DESIGN To purchase this visit here: http://www.activitymode.com/product/cis-417-week-4-assignment-2-forensic-lab-design/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 417...

Words: 640 - Pages: 3