Lab 2 Performing A Vulnerability Assessment Worksheet
Assessment Worksheet
Performing a Vulnerability Assessment
CSS150-1502A-02 : Introduction to Computer Security
Course Name and Number: _____________________________________________________
Johnathan McMullen
Student Name: ________________________________________________________________
Stephen Osborne
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you used Nmap commands within the Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them.
You also used OpenVAS to conduct a vulnerability assessment and record the high risk vulnerabilities identified by the tool. Finally, you used the information you gathered from the report to discover mitigations for those risks and make mitigation recommendations based on your findings.
Lab Assessment Questions & Answers
1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application.
Zenmap is a graphical interface for Nmap, a port scanning tool that can quickly identify hosts and detect what operating system and services are running on them, and all without privileged access. Zenmap, and similar tools, are typically used during the scanning and vulnerability phase of the ethicalcan hacking process.
2. Which application be used to perform a vulnerability assessment scan in the
reconnaissance phase of the ethical hacking process?
. OpenVAS (Greenbone Security Assistant). Vulnerability assessment tools are typically used to complete the scanning and vulnerability assessmentphase once the network mapping scanis completed 3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step?
You must obtain written authorization to perform an intrusive,
Performing a Vulnerability Assessment
CSS150-1502A-02 : Introduction to Computer Security
Course Name and Number: _____________________________________________________
Johnathan McMullen
Student Name: ________________________________________________________________
Stephen Osborne
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you used Nmap commands within the Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them.
You also used OpenVAS to conduct a vulnerability assessment and record the high risk vulnerabilities identified by the tool. Finally, you used the information you gathered from the report to discover mitigations for those risks and make mitigation recommendations based on your findings.
Lab Assessment Questions & Answers
1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application.
Zenmap is a graphical interface for Nmap, a port scanning tool that can quickly identify hosts and detect what operating system and services are running on them, and all without privileged access. Zenmap, and similar tools, are typically used during the scanning and vulnerability phase of the ethicalcan hacking process.
2. Which application be used to perform a vulnerability assessment scan in the
reconnaissance phase of the ethical hacking process?
. OpenVAS (Greenbone Security Assistant). Vulnerability assessment tools are typically used to complete the scanning and vulnerability assessmentphase once the network mapping scanis completed 3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step?
You must obtain written authorization to perform an intrusive,