Reference no: EM131143670
Lab- Assessment Worksheet Performing a Vulnerability Assessment
Overview
In this lab, you used Nmap commands within the Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them. You also used OpenVAS to conduct a vulnerability assessment and record the high risk vulnerabilities identified by the tool. Finally, you used the information you gathered from the report to discover mitigations for those risks and make mitigation recommendations based on your findings.
Lab Assessment Questions & Answers
1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application.
2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process?
3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step?
4. What is a CVE listing? Who hosts and sponsors the CVE database listing Web site?
5. Can Zenmap detect which operating systems are present on IP servers and workstations? Which option includes that scan?
6. How can you limit the breadth and scope of a vulnerability scan?
7. Once a vulnerability has been identified by OpenVAS, where would you check for more information regarding the identified vulnerability, exploits, and any risk mitigation solution?
8. What is the major difference between Zenmap and OpenVAS?
9. Why do you need to run both tools like Zenmap and OpenVAS to complete the reconnaissance phase of the ethical hacking process?
Recommend upper management consider for bruce project
: Bruce’s website development project is nearing an end, and upper management must decide what to do with the resources associated with the project. Bruce’s team met all schedule and expenditure goals, but the product they produced (a video-swapping on..
|
Effective systems in place to track work-effort-expenditures
: Your organization has effective systems in place to track work-effort and expenditures, but needs to do a better job at monitoring quality. How can Six Sigma be beneficial for an IT project?
|
Determine the correlation coefficient. comment on the value
: Determine the correlation coefficient. Comment on the value of the correlation coefficient. Find the predicted value of Y given X = 75. Give an interpretation of the predicted value in the context of the problem.
|
The intangible assets section of time company at december
: The intangible assets section of Time Company at December 31, 2010, is presented below.
|
Who hosts and sponsors the cve database listing web site
: What is a CVE listing? Who hosts and sponsors the CVE database listing Web site? Can Zenmap detect which operating systems are present on IP servers and workstations? Which option includes that scan?
|
What is the difference between flow stock and concentration
: What is the difference between flow, stock, and concentration statistics? How is each type of statistic used?
|
It was scrapped as having no value
: Bobby's has delivery equipment that cost $40,000 and that has been depreciated $26,000. Record the disposal under the following assumptions.
|
Create research problem on health wellness and technology
: create and clarify a research problem or research question for each of the following topics: - Health and Wellness, -Technology - Economy.
|
What are the changes in the local geodetic coordinates
: If the slant distance between two stations is 843.273 m, the zenith angle between them is 85°58'44" and the azimuth of the line is 312°23' 59", what are the changes in the local geodetic coordinates?
|