Computers and Technology, 16.01.2020 05:31 ira51
This research is a security assessment of a small group of systems. in this assessment, students will apply security tools and resources learned in labs to a set of unknown systems. they will synthesize the output of security tools and the results of research into a report evaluating the security of each unknown system.
1 scope of assessment
• the assessment is limited to the 3 ip addresses.
• room 250 anypc_ip_1
• room 250 anypc_ip_2
• room 250 anypc_ip_3
2 rules of engagement
• students may use any security tools to perform a security evaluation of the systems listed in the scope of assessment. these tools should include but are not limited to those listed in the resources required. security tools can be used to identify potential vulnerabilities and verify these potential vulnerabilities through the use of exploits. however, no tools that are designed to crash a system or otherwise create a denial of service attack may be used.
3 resources required
• students will need the following data and tools to create and test the software:
• kali vm
• port scanner like nmap
• vulnerability scanner like nessus
• metasploit
4 procedure
4.1 network scanning
• scan each ip address listed in the scope with nmap. scans should verify that the systems are up before proceeding, then identify the operating systems of each system, and finally identify both the names and versions of the running services on each system. students will need to scan all tcp and udp ports.
4.2 vulnerability research
• first, lookup the operating system type and version that were reported by network scanning tools. next, lookup any services, such as iis or apache, whose names were identified. use service versions to determine which vulnerabilities apply to the system under assessment. compare these lists of vulnerabilities with the ones found in the next step: vulnerability scanning.
4.3 vulnerability scanning
you need use the nessus vulnerability scanner tool to find vulnerabilities. create scan configurations for each of the targets. be sure that you can ping a target before beginning an nessus scan. if a nessus scan reports zero vulnerabilities, then there was an error during the scan or the target was not up.
5 report
• the report will need to be at least 5 pages single spaced using a 12-point font. the report must be divided into six sections:
1 summary
2 procedure
3 assessment of system 1 at ip room 250 anypc_ip_1
4 assessment of system 2 at ip room 250 anypc_ip_2
5 assessment of system 3 at ip room 250 anypc_ip_3
6 conclusion
7 references
Answers: 3
Another question on Computers and Technology
Computers and Technology, 22.06.2019 23:30
What are some ways to use a range name in a formula? check all that apply. in the defined names group, click use in formula, and then select the desired name. begin typing the name in the formula, select a name from the autocomplete list, and use the arrow keys and tab key to enter the name in the formula. begin typing the formula, and then click and drag with the mouse to select the cells to include in the formula. right-click one of the cells in the range. click formula options, and use the dialog box to add the name.
Answers: 1
Computers and Technology, 23.06.2019 02:30
What is the power dissipated by a resistor with a current of 0.02 a and a resistance of 1,000 ? a. 200 w b. 20 w c. 0.4 w d. 4 w
Answers: 1
Computers and Technology, 23.06.2019 09:30
Light travels at a speed of 186,000 miles a second. the distance light travels in a year is 5,865,690,000,000 miles/year 5,865,695,000,000 miles/year 58,656,950,000,000 miles/year 6,789,000,0000 miles/year
Answers: 1
Computers and Technology, 24.06.2019 01:00
How can the temperature of a room be raised by 5degreesf?
Answers: 1
You know the right answer?
This research is a security assessment of a small group of systems. in this assessment, students wil...
Questions
Social Studies, 06.01.2020 22:31
