Lab 01
Lab #1 – Assessment Worksheet
Performing Reconnaissance and Probing Using Common Tools
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you explored the common tools available in the virtual lab environment. You used
Wireshark to capture and analyze network traffic and OpenVAS to scan the network. You reviewed a sample collection of data using NetWitness Investigator, connected to a remote
Windows machine, and explored two file transfer applications, FileZilla and Tftpd64. You used
PuTTY to connect to a Linux machine and ran several Cisco commands to display statistics for the network interfaces. Finally, you used Zenmap to perform a scan of the network and created a network topology chart.
Lab Assessment Questions & Answers
1. Name at least five applications and tools used in the lab.
Wireshark, OpenVAS, NetWitness Investigator, and FileZilla
2. What is promiscuous mode?
Allows a network device to intercept and read each network packet that arrives in its entirety.
3. How does Wireshark differ from NetWitness Investigator?
Wireshark provides detailed information about network traffic down to the packet level. However, many are unable to completely understand the information being displayed. NetWitness translates a large packet capture session into readable data.
4. Why is it important to select the student interface in the Wireshark?
Choosing the public network will prevent Wireshark from seeing traffic that is related to the lab
5. What is the command line syntax for running an Intense Scan with Zenmap on a target subnet of
172.30.0.0/24?
nmap -T4 -A -v 172.30.0.0/24
2 | Lab #1: Performing Reconnaissance Using Common Tools
6. Name at least five different scans that may be
Performing Reconnaissance and Probing Using Common Tools
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you explored the common tools available in the virtual lab environment. You used
Wireshark to capture and analyze network traffic and OpenVAS to scan the network. You reviewed a sample collection of data using NetWitness Investigator, connected to a remote
Windows machine, and explored two file transfer applications, FileZilla and Tftpd64. You used
PuTTY to connect to a Linux machine and ran several Cisco commands to display statistics for the network interfaces. Finally, you used Zenmap to perform a scan of the network and created a network topology chart.
Lab Assessment Questions & Answers
1. Name at least five applications and tools used in the lab.
Wireshark, OpenVAS, NetWitness Investigator, and FileZilla
2. What is promiscuous mode?
Allows a network device to intercept and read each network packet that arrives in its entirety.
3. How does Wireshark differ from NetWitness Investigator?
Wireshark provides detailed information about network traffic down to the packet level. However, many are unable to completely understand the information being displayed. NetWitness translates a large packet capture session into readable data.
4. Why is it important to select the student interface in the Wireshark?
Choosing the public network will prevent Wireshark from seeing traffic that is related to the lab
5. What is the command line syntax for running an Intense Scan with Zenmap on a target subnet of
172.30.0.0/24?
nmap -T4 -A -v 172.30.0.0/24
2 | Lab #1: Performing Reconnaissance Using Common Tools
6. Name at least five different scans that may be