Is 305 Week 3 Lab
-------------------------------------------------
Week 3 Laboratory
How to Identify Threats & Vulnerabilities in an IT Infrastructure Using ZeNmap GUI (Nmap) & Nessus Reports
Learning Objectives and Outcomes
Upon completing this lab, students will be able to: 1. Understand how risk from threats and software vulnerabilities impacts the seven domains of a typical IT infrastructure
2 Review a ZeNmap GUI (Nmap) network discovery and Nessus vulnerability assessment scan report (hardcopy or softcopy)
3. Identify hosts, operating systems, services, applications, and open ports on devices from the ZeNmap GUI (Nmap) scan report
4. Identify critical, major, and minor software vulnerabilities from the Nessus vulnerability assessment scan report
5. Prioritize the identified critical, major, and minor software vulnerabilities
6. Verify the exploit potential of the identified software vulnerabilities by conducting a high-level risk impact by visiting the Common Vulnerabilities & Exposures (CVE) online listing of software vulnerabilities at http://cve.mitre.org/
Week 3 Lab: Assessment Worksheet
Identify Threats and Vulnerabilities in an IT Infrastructure
Overview
One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you now must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.
Lab Assessment
Week 3 Laboratory
How to Identify Threats & Vulnerabilities in an IT Infrastructure Using ZeNmap GUI (Nmap) & Nessus Reports
Learning Objectives and Outcomes
Upon completing this lab, students will be able to: 1. Understand how risk from threats and software vulnerabilities impacts the seven domains of a typical IT infrastructure
2 Review a ZeNmap GUI (Nmap) network discovery and Nessus vulnerability assessment scan report (hardcopy or softcopy)
3. Identify hosts, operating systems, services, applications, and open ports on devices from the ZeNmap GUI (Nmap) scan report
4. Identify critical, major, and minor software vulnerabilities from the Nessus vulnerability assessment scan report
5. Prioritize the identified critical, major, and minor software vulnerabilities
6. Verify the exploit potential of the identified software vulnerabilities by conducting a high-level risk impact by visiting the Common Vulnerabilities & Exposures (CVE) online listing of software vulnerabilities at http://cve.mitre.org/
Week 3 Lab: Assessment Worksheet
Identify Threats and Vulnerabilities in an IT Infrastructure
Overview
One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you now must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.
Lab Assessment