Course Name and Number: CIS175 Fundamentals of Information System Security
Student Name:
Instructor Name:
Lab Due Date:
Lab Assessment Question & Answers
1. What is the application Zenmap GUI typically used for ? Describe a scenario in which you would use this type of application? Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner. The application is a multi-platform, which feature an free and open source application. It is basically design to make Nmap easier to use for beginners which on the other hand it is providing advanced features for experienced Nmap users.
2. What is the relationship between risks, threats, and vulnerabilities as it pertains to information systems security throughout the seven domains of a typical IT There are seven domains of an infrastructure, user, workstation, LAN, LAN to WAN, components, remote access, and system/application. We all know that the user is the weakest link in security which are vulnerable to threats and may cause risk in the future. When thinking Risk we assume that something could happen now or down the line. When we think about Threat we assume the action that could damage an asset, and make our system vulnerability, which is the weakness that allows a threat to be realized. Risk mitigation must include finding and eliminating vulnerabilities and exploits infrastructure.
3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan? Nessus vulnerability assessment scanning software.
4. Before you conduct an ethical hacking process or penetration test on a live production network, what must you do prior to performing the reconnaissance, probing, and scanning procedures? You must have written permission. You must obtain written authorization to perform an intrusive Penetration test or vulnerability assessment scan on a live production network.
5. What is a CVE