Preview

ISSC362 Week 2

Satisfactory Essays
Open Document
Open Document
645 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
ISSC362 Week 2
ISSC362 Week 2 Lab #4:
Compromise and Exploit a Vulnerable Microsoft® Workstation
Instructor Name: ________________

Lab Assessment Questions

1. What are the five steps of a hacking attack?

2. During the reconnaissance step of the attack, describe what task Zenmap GUI performs to do passive OS fingerprinting.
3.
4. 2
3. What step in the hacking attack process uses Zenmap GUI?

4. What step in the hacking attack process identifies known vulnerabilities and exploits?

5. During the scanning step of the hacking attack process, you identified known software vulnerabilities in a Windows XP Professional Workstation. List the name and number of the critical Microsoft® vulnerabilities identified. What is vulnerability “MS08-067”?

6. Which tool and application were used to exploit the identified vulnerability on the targeted Microsoft® Windows 2003 XP server?

7. What do If you were a member of a security penetration testing team, and you identifi ed vulnerabilities and exploits, should you obtain written permission from the owners prior to compromising and exploiting the known vulnerability?

8. What does the tool Ettercap do?

9. The most important step in the fi ve-step hacking process is step 5, where the security practitioner must remediate the vulnerability and eliminate the exploit. What is the name and number of the Microsoft® Security Bulletin?

10. What is the name of the Microsoft® Windows 2003 XP server Security Patch needed to remediate this software vulnerability and exploit?
ISSC362 Week 2 Lab #4:
Compromise and Exploit a Vulnerable Microsoft® Workstation
Instructor Name: ________________

Lab Assessment Questions

1. What are the five steps of a hacking attack?

2. During the reconnaissance step of the attack, describe what task Zenmap GUI performs to do passive OS fingerprinting.
3.
4. 2
3. What step in the hacking attack process uses Zenmap GUI?

4. What step in the hacking attack process

You May Also Find These Documents Helpful

  • Powerful Essays

    4. It is the responsibility of each manager and employee to safeguard and keep confidential all corporate assets.…

    • 4846 Words
    • 17 Pages
    Powerful Essays
  • Satisfactory Essays

    15) Which of the following defines the cycle used to address Windows threats and vulnerabilities? B) Discovery-analysis-remediation…

    • 284 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    c) Logical IDS: Network and workstation mechanisms that monitors network traffic and provide real-time alarms for network-based attacks Service Network.…

    • 1152 Words
    • 4 Pages
    Satisfactory Essays
  • Best Essays

    Microsoft (2001, August 24). Windows XP Professional system requirements. Retrieved January 9, 2009, from http://www.microsoft.com/windowsxp/sysreqs/pro.mspx…

    • 3895 Words
    • 16 Pages
    Best Essays
  • Satisfactory Essays

    The explosive growth and popularity of the Internet have resulted in thousands of structured query able information sources. Most organizations are familiar with Penetration Testing and other ethical hacking techniques as a means to understanding the current security status of their information system assets. Consequently, much of the focus of research, discussion, and practice, has traditionally been placed upon active probing and exploitation of security vulnerabilities. Since this type of active probing involves interacting with the target, it is often easily identifiable with the analysis of firewall and intrusion detection/prevention device (IDS or IPS) log files.…

    • 501 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Zenmap is a graphical interface for Nmap, a port scanning tool that can quickly identify hosts…

    • 652 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    Aup Definition

    • 554 Words
    • 3 Pages

    Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.…

    • 554 Words
    • 3 Pages
    Satisfactory Essays
  • Powerful Essays

    Nist 800-125

    • 15467 Words
    • 62 Pages

    Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 January 2011…

    • 15467 Words
    • 62 Pages
    Powerful Essays
  • Satisfactory Essays

    Lab 1

    • 690 Words
    • 4 Pages

    Located on ASA_Instructor, the e-commerce Web Application server is acting as an external point-of-entry into the network:…

    • 690 Words
    • 4 Pages
    Satisfactory Essays
  • Good Essays

    Hacking

    • 681 Words
    • 3 Pages

    5. What does the Enumeration step of the five step hacking process entail and how is it vital to the hacker’s objective?…

    • 681 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Known Operating Syst

    • 507 Words
    • 2 Pages

    In describing known operating security with in the operating systems. I will be describing how the systems are compromised how to counter the attack and what the attack does to the system. In the UNIX systems the vulnerability named shellshock which is a command line interrupter for Linux and Mac OSx, describe how it effects the Bash shell and is used to gain access to systems..…

    • 507 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    List of Hosts- HTML

    • 24535 Words
    • 99 Pages

    This script displays, for each tested host, information about the scan itself: - The version of the plugin set - The type of plugin feed (HomeFeed or ProfessionalFeed) - The version of the Nessus Engine - The port scanner(s) used - The port range scanned - The date of the scan - The duration of the scan - The number of hosts scanned in parallel - The number of checks done in parallel…

    • 24535 Words
    • 99 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Hacking Tools

    • 351 Words
    • 2 Pages

    There are always threats within the computer world, and hackers have tools that they use to hack into your computer and get data and information from within your system. They use tools like pass crackers, packet sniffers, vulnerability scanners, etc. to get this information. Zen map is one of the tools known as a network mapper security scanner GUI that uses raw IP packets to determine what hosts are available on the network, the services that they are running, the OS of their system and host names.…

    • 351 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    The article "Improving the Security of Your Site by Breaking Into it" allows IT administrators to look at their own network security through the eyes of an intruder. By utilizing the same tools as potential intruders, not only can administrators identify potential security holes in their existing network, but they can also raise the level of awareness and preparedness when it comes to intrusions. Quite often, IT administrators approach to network or host security is reactive instead of proactive. The article discusses techniques that can provide access to a remote intruder to a target host on your network.…

    • 1185 Words
    • 4 Pages
    Powerful Essays
  • Satisfactory Essays

    In today’s digital world, there is always an ever-increasing emphasis on information security. Cyber Security,one of the biggest challenges the IT industry is facing since its inception drives me to pursue a career in Computer security.…

    • 311 Words
    • 1 Page
    Satisfactory Essays