Computers and Technology, 16.01.2020 05:31 ira51
This research is a security assessment of a small group of systems. in this assessment, students will apply security tools and resources learned in labs to a set of unknown systems. they will synthesize the output of security tools and the results of research into a report evaluating the security of each unknown system.
1 scope of assessment
• the assessment is limited to the 3 ip addresses.
• room 250 anypc_ip_1
• room 250 anypc_ip_2
• room 250 anypc_ip_3
2 rules of engagement
• students may use any security tools to perform a security evaluation of the systems listed in the scope of assessment. these tools should include but are not limited to those listed in the resources required. security tools can be used to identify potential vulnerabilities and verify these potential vulnerabilities through the use of exploits. however, no tools that are designed to crash a system or otherwise create a denial of service attack may be used.
3 resources required
• students will need the following data and tools to create and test the software:
• kali vm
• port scanner like nmap
• vulnerability scanner like nessus
• metasploit
4 procedure
4.1 network scanning
• scan each ip address listed in the scope with nmap. scans should verify that the systems are up before proceeding, then identify the operating systems of each system, and finally identify both the names and versions of the running services on each system. students will need to scan all tcp and udp ports.
4.2 vulnerability research
• first, lookup the operating system type and version that were reported by network scanning tools. next, lookup any services, such as iis or apache, whose names were identified. use service versions to determine which vulnerabilities apply to the system under assessment. compare these lists of vulnerabilities with the ones found in the next step: vulnerability scanning.
4.3 vulnerability scanning
you need use the nessus vulnerability scanner tool to find vulnerabilities. create scan configurations for each of the targets. be sure that you can ping a target before beginning an nessus scan. if a nessus scan reports zero vulnerabilities, then there was an error during the scan or the target was not up.
5 report
• the report will need to be at least 5 pages single spaced using a 12-point font. the report must be divided into six sections:
1 summary
2 procedure
3 assessment of system 1 at ip room 250 anypc_ip_1
4 assessment of system 2 at ip room 250 anypc_ip_2
5 assessment of system 3 at ip room 250 anypc_ip_3
6 conclusion
7 references
Answers: 3
Other questions on the subject: Computers and Technology
Computers and Technology, 23.06.2019 23:00, Maya629277
Lucas put a lot of thought into the design for his company's new white paper. he made sure to include repeating design elements such as color schemes and decorative images. his goal was to a. add symmetry b. create a unified publication c. provide consistency d. save money
Answers: 1
Computers and Technology, 23.06.2019 23:40, dudedude1593
Which of the following calculates the total from the adjacent cell through the first nonnumeric cell by default, using the sum function in its formula? -average -autosum -counta -max
Answers: 1
Computers and Technology, 24.06.2019 01:30, kellygaytan
Suppose a cpu with a write-through, write-allocate cache achieves a cpi of 2. what are the read and write bandwidths (measured by bytes per cycle) between ram and the cache? (assume each miss generates a request for one block.)
Answers: 1
You know the right answer?
This research is a security assessment of a small group of systems. in this assessment, students wil...
Questions in other subjects:
Chemistry, 04.12.2020 19:20
Mathematics, 04.12.2020 19:20
Chemistry, 04.12.2020 19:20
Chemistry, 04.12.2020 19:20
Mathematics, 04.12.2020 19:20
Arts, 04.12.2020 19:20
