: Ab #1 Fundamentals Of Information Systems Security

661 words - 3 pages

Assessment Worksheet

15

1
Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Using Zenmap GUI (Nmap)

LAb #1 – ASSESSMENT WORKSHEET

Perform Reconnaissance and Probing Using Zenmap GUI (Nmap)
Course Name and Number:
Fundamentals of Information Security

Lab due date:

Overview
Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the attack by identifying the target and learning as much as possible about it. Hackers usually perform an initial reconnaissance and probing scan to identify IP hosts, open ports, and services enabled on servers and workstations. In this lab, you planned an attack on 172.30.0.0/24 where the VM server farm resides, and used the Zenmap GUI to perform an “Intense Scan” on the targeted IP subnetwork.
Note:
These forms have been formatted to allow you to complete the form online and save it ...view middle of the document...

What was the allocated source IP host address for the TargetWindows01 server, LAN Switch 1,

LAN Switch 2, and the IP default gateway router?
Target Window 01 Server: 172.30.08 Lan Switch 1: 172.16.8.5124 Lan Switch 2: 172.16.20.5124

3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when

you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source?
Yes, 172.30.0.8 sent back 4 172.30.0.1 sent back 4

4. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of

172.30.0.0/24?
nmap -SP -PE -PA21,23,80,3389 172.30.0.0124

5. Name at least five different scans that may be performed from the Zenmap GUI. Document under what

circumstances you would choose to run those particular scans.
Ping Scan Regular Scan Quick Scan Intense Scan Intense Scan, All TCP ports

Assessment Worksheet
6. How many different tests (i.e., scripts) did your “Intense Scan” definition perform? List them all after

17

1
Perform Reconnaissance and Probing Using Zenmap GUI (Nmap)

reviewing the scan report.
RPC Grind Scan SYN Stealth Scan ARP Ping Scan OS Detection Service Scan NSE
7. Describe what each of these tests or scripts performs within the Zenmap GUI (Nmap) scan report.

RPC Grind Scan: A remote program call (RPC) scan is used to locate and identify RPC applications. SYN Stealth Scan: sends a SYN packet then looks at the response. ARP Scan: puts Nmap and its optimized algorithms in charge of ARP requests. OS Detection: uses TCP/IP stack fingerprinting. Service Scan: sometimes reveal information about a target beyond the service type and version. NSE: allows users to write and share simple scripts to automate a wide variety of networking tasks.

8. How many total IP hosts (not counting Cisco device interfaces) did Zenmap GUI (Nmap) find on the

network?
It Found 6 IP Hosts on the Network

9. Based on your Nmap scan results and initial reconnaissance and probing, what next steps would you

perform on the VSCL target machines?
A Risk Assesmant

Other Papers Like : Ab #1 Fundamentals of Information Systems Security

Information Systems Powerpoint Chapter 1 Essay

1975 words - 8 pages Management Information Systems MANAGING THE DIGITAL FIRM, 12TH EDITION Chapter 1 INFORMATION SYSTEMS IN BUSINESS TODAY Management Information Systems CHAPTER 1: INFORMATION IN BUSINESS SYSTEMS TODAY The Role of Information Systems in Business Today • How information systems are transforming business – Increase in wireless technology use, Web sites – Increased business use of Web 2.0 technologies – Cloud computing, mobile digital

Chapter 1—Introduction to Accounting Information Systems

3566 words - 15 pages Chapter 1—Introduction to Accounting Information Systems TRUE/FALSE 1. The three themes of the text are operating systems, e-business, and internal control. ANS: F 2. In an assurance service the accountant will provide the original information used for decision making. ANS: F 3. Financial care for the elderly has been identified by the AICPA as a potential assurance service. ANS: T 4. Wireless technologies was

Business for Information Systems Assignment 1

887 words - 4 pages Case #1. As an artist starts to grow their fan base they begin to sell out venues, with limited seating available the supply of tickets remains the same but demands starts to grow. This is what inflates the prices of tickets, the ticket broker knows that increasing the price of tickets will not reduce the amount of people buying them. #2. Ticket scalping essentially shortens the supply of a tickets while the demand remains the same, this

Fundamentals of Information Technology Module 1

605 words - 3 pages document: 1. Identify all actors and use cases from the above description and draw a use case diagram for this library system. 2. Draw a class diagram (or split it into multiple diagrams if it cannot fit in one diagram) for entity objects based on the above description. For each class show the class name, major attributes and operations. Draw associations between classes, and indicate multiplicity at the association endings. 3. Draw a state diagram to show the status change of a book in library. 4. Briefly describe the architecture design of this library system.

Fundamentals Of Systems - Iii

1412 words - 6 pages Homework 1 - ECES 513 Fundamentals of Systems - III Naresh Shah, Pranav Ram Kamarajugadda May 2, 2014 Problem 1. A serial robot can be described as a set of n coupled links parameterized by a vector of co-ordinates x = (x1 , x2 ...., xn ), with n µ(x)ij j=1 d2 xj dt2 n = F (x, x, x)i + ˙ ¨ n j=1 n Kij (xj − xj,0 ) Kij (xj − xj,0 ) τij xj = ¨ j=1 j=1 where µ(x) is a mass matrix, τ is an inertia matrix, F (x, x, x) is a

Fundamentals of Selling Exam 1

1330 words - 6 pages FUNDAMENTALS OF SELLING - 2009FA (MKT12380-2009FA) > TAKE ASSESSMENT: MODULE 1 EXAM CHAPTERS 1, 2 & 3 1. What is the traditional definition for personal selling? How does the traditional definition differ from the new one in the text? The traditional definition of personal selling is the concept of personal communication of information in hopes of persuading a prospective customer to buy a good, service, idea, or anything that

Fundamentals of Macroeconomics Part 1

743 words - 3 pages Fundamentals of Macroeconomics Kenneth Machol ECO 372 October 1, 2012 Ashok Padhi Fundamentals of Macroeconomics Part I Macroeconomics includes a assortment of terms pertinent to its study. The following terms help recognize huge factors that influence the U.S. market. The Gross Domestic Product (GDP) is a measure of a country’s value based on goods produced, services rendered, government costs, and the differentiation of exports minus

Fundamentals of Pharmacology Lecture 1

863 words - 4 pages Surrogate animal models FDA – gives permission for investigators to start testing drug on humans Phase 1, phase 2, and phase 3 of testing on humans – focused on trying to define pharmacokinetics (phase 1), pharmacodynamics (phase 2), and then impact of drug on clinical outcome (phase 3) At this stage, the drug is still investigational – must undergo review again for FDA to discern whether drug is safe for use in populations If drug is approved

Principles of Information Security

3241 words - 13 pages ) Instant Access Code (ISBN 1-1111-3825-7) Author Team Michael Whitman and Herbert Mattord have jointly developed this text to merge knowledge from the world of academic study with practical experience from the business world. Michael Whitman, Ph.D., CISM, CISSP is a Professor of Information Security in the Computer Science and Information Systems Department at Kennesaw State University, Kennesaw, Georgia, where he is also the Coordinator of

Principles Of Information Security

3291 words - 14 pages information security Recount the history of computer security, and explain how it evolved into information security Define key terms and critical concepts of information security Enumerate the phases of the security systems development life cycle Describe the information security roles of professionals within an organization 1 Introduction James Anderson, executive consultant at Emagined Security, Inc., believes information security in an

Principles Of Information Security

307 words - 2 pages essential part of every IT organization’s ability to sustain long-term competitiveness. When an organization depends on IT-based systems to remain viable, information security and the discipline of risk management must become an integral part of the economic basis for making business decisions. These decisions are based on trade-offs between the costs of applying information systems controls and the benefits realized from the operation of secured

Related Essays

Principles Of Information Systems Security Essay

923 words - 4 pages once an employee was terminated. The third thing to consider is to install a Virtual Private Network if the Internet is used to maintain connectivity between multiple offices. A virtual private network (VPN) will encrypt connection over a less secure network, this to “ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it.”(John) Carefully manage and control foreign

Information Systems Security Essay

4584 words - 19 pages Fundamentals of Information Systems Security 1E REVISED 38351_FMxx_ttlcp.indd 1 8/1/12 1:00 PM 38351_FMxx_ttlcp.indd 2 8/1/12 1:00 PM Contents Ethics and Code of Conduct Preface LAB #1 ix vii Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Introduction Deliverables Hands-On Steps 1 1 3 14 15 2 Learning Objectives 1 Evaluation Criteria and Rubrics LAB #1 ASSESSMENT WORKSHEET LAB #2 Perform a

Chapter 1 Introduction To Information Security: Principles Of Information Security

979 words - 4 pages Chapter 1-Introduction to Information Security: 1. What is the difference between a threat and a threat agent? A threat is a constant danger to an asset, whereas a threat agent is the facilitator of an attack. 2. What is the difference between vulnerability and exposure? Vulnerability: is a fault within the system, such as software package flaws, unlocked doors or an unprotected system port. It leaves things open to an attack or

Principles Of Information Security Chapter 1

4922 words - 20 pages Principles of Information Security, 4th Edition 1 Chapter 1 1 Review Questions 1. What is the difference between a threat agent and a threat? A threat agent is the facilitator of an attack, whereas a threat is a category of objects, persons, or other entities that represents a potential danger to an asset. Threats are always present. Some threats manifest themselves in accidental occurrences and others are purposeful