Assessment Worksheet
Performing a Vulnerability Assessment
CSS150-1502A-02 : Introduction to Computer Security
Course Name and Number: _____________________________________________________
Johnathan McMullen
Student Name: ________________________________________________________________
Stephen Osborne
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you used Nmap commands within the Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them.
You also used OpenVAS to conduct a vulnerability assessment and record the high risk
…show more content…
Who hosts and who sponsors the CVE database listing Web site?
CVE stands for Common Vulnerabilities and Exposures. The Mitre Corporation , under contract with the Department of Homeland Security (sponsor) and the U.S. National Cyber Security
Division (sponsor), is responsible for hosting the CVE database listing web site. The CVE listing is a database of known software vulnerabilities and exposures and how to mitigate them with
5. Can
Zenmap detect which operating systems are present on IP servers and workstations? software patches and updates.
Which option includes that scan?
The –O command enables OS fingerprinting for OS detection.You can also use the –sV command to detect software version and the OS
6. How can you limit the breadth and scope of a vulnerability scan?
You can use a text file, which will list only the hosts detected in the Nmap scan.
7. Once a vulnerability has been identified by OpenVAS, where would you check for more information regarding the identified vulnerability, exploits, and any risk mitigation solution?
The CVE references found at the bottom of the vulnerability table.
8. What is the major difference between Zenmap and OpenVAS?
The second step of the ethical hacking process typically consists of two parts: port scanning and vulnerability assessment. Zenmap (Nmap) is used to perform an initial IP host discovery as well as scan for ports/services. OpenVAS is used to scan for vulnerabilities. It also can perform an audit of Unix,
Windows,
* Check existing security scan reports, from WireShark and NetWitness Investigator, and see if we can identify data leakage, and setup new policies and procedures for monitoring web servers and applications.
Risk assessments are vital to be included within a laboratory setting as it involves evaluating the potential risks which may be involved when completing an experiment or activity. The employer must be aware that risks which someone is exposed to at work must be reduced by them responsibly implementing precautions in order to make the setting safer. They need to analyse: what could possible go wrong? How likely is it? And what would be the consequences? These questions are regularly used when creating a risk assessment so that every risk sheet has a similar outline and meets the criteria of an effective risk assessment. It covers the general procedures, the working environment and the handling, storage and transportation of various substances.
HTML5 will also allow pen-testers to review new scans, create new policies, and view scans from any device on the scanner, which means the entire network will be secure. This magnificent security tool is capable of providing any vulnerability within the IP address range, network or host located on the network. Within the configuration and compliance auditing, it can be compared to the Security Content Automation Protocol (SCAP), which is a method used to enable automated vulnerability management (National Institute of Standards and Technology, 2016). Nessus will also ensure the system is configured to be compliant within the security structure of Windows, Linux, Mac OS and applications. One more feature included is the integration of patch management, which allows patch information to be retrieved and to be included in the patch management report. Nessus will go one step further and check to ensure that patches have been properly installed, will audit mobile device weaknesses, gathering data and writing reports about potential threats for the devices connected to the network, whether it be iOS, Android, or Windows operating
The most important step in the fi ve-step hacking process is step 5, where the security practitioner must remediate the vulnerability and eliminate the exploit. What is the name and number of the Microsoft® Security Bulletin?
This lab provided a virtual environment that simulated a corporate WAN network. Having a similar network environment at the organization I am currently employed at, I have some experience with vulnerability scanning. I do not have much experience using the nmap utility however, so I was interested to get some experience by completing the tasks within this lab. I didn’t experience many challenges following the steps in the lab itself. I was able to launch the environment successfully and perform the steps without any issue. As with any new environment, it took me a little time to figure out the layout of the simulation and how it functioned. After reading the documentation and spending about ten minutes clicking through the different areas, I felt comfortable and began the steps of the lab.
This will benefit me while generating a security strategy for the Network and its hardware.
Vitale, D. (2013, Feb 07). Doug Vitale Tech Blog. Retrieved from Network administration commands for Microsoft Windows and Active
The penetration tools provided in this document allow us to review our network from a security standpoint. This paper focused predominantly on phase two of a penetration test, the exploitation phase; however, a successful penetration test typically starts with the reconnaissance phase. In this phase, the tester attempts to gain as much information about the target company and its network as possible. He or she will test the physical infrastructure (how do people gain access to the building?) and other organizational aspects of the company to find a weakness and a way to get in. Also during this portion of the test, the penetration tester will use tools such as NMAP, whois.com, and other resources to obtain information regarding the network
Finally, gathering all this information would enable the network administrator adjust the IDS to attacks specific to the network.
What is the risk impact or risk factor (critical, major, minor) that you would qualitatively assign to the risks, threats, and vulnerabilities you identified for the LAN-to-WAN Domain for the healthcare and HIPPA compliance scenario?
Nessus is typically installed on a server and runs as a web-based application. Nessus uses plugins to determine if a vulnerability is present on a specified machine.
Despite its impact ping sweeps and port scans are best understood as a huge security threat on today's company's network system.
Identification of controls already in place – including policies, firewalls, applications, intrusion and detection prevention systems, virtual private networks, data loss prevention and encryption.
In the three maintained products the threats and risks are to be identified. Such as the data base securing, user identification, authorizing proper managers, protections from hackers and updated firewalls and less vulnerable software.