WHAT IS WEB APPLICATION VULNERABILITY? Vulnerability in relation to web application is any weakness or flaw that an attacker can use as a link point in order to have access to the application and its underlying layers so as to compromise the information assurance. Vulnerability can best be described as the conjunction of these three things – first‚ the weakness or susceptibility of the web application‚ accessibility of the weakness by the attacker‚ and the attacker’s ability to exploit the weakness
Premium World Wide Web SQL
packets were sent back to the IP source? Yes‚ there was a response of 4 packets. 4. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of 172.30.0.0/24? nmap -T4 -A -v -PE -PS22‚25‚80 -PA21‚23‚80‚3389 173.30.0.0/24 5. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans. Quick Scan – Fast network scan. Regular Scan – Basic network scan
Premium Router Computer network Linux
connected to a remote Windows machine‚ and explored two file transfer applications‚ FileZilla and Tftpd64. You used PuTTY to connect to a Linux machine and ran several Cisco commands to display statistics for the network interfaces. Finally‚ you used Zenmap to perform a scan of the network and created a network topology chart. Lab Assessment Questions & Answers 1. Name at least five applications and tools used in the lab. Wireshark‚ OpenVAS‚ NetWitness Investigator‚ and FileZilla 2. What is promiscuous
Premium Transmission Control Protocol
1. What is the application ZenMap GUI typically used for? Describe a scenario in which you would use this type of application. / Scanning all domains within the local domain. / If I was a financial accountant‚ I would use this to see what my employees are accessing and who is doing what on the company internet. I would like to find out who is compromising their privileges and accessing inappropriate sites. 2. What is the relationship between risks‚ threats and vulnerabilities as it pertains
Premium Operating system Risk Security
LATE and subject to a grade of 0 for the assignment. Please refer to Pages 33-38 of the IS3110 Student Lab Manual when working on this lab. Lab #5 – Assessment Worksheet How to Identify Risks‚ Threats & Vulnerabilities in an IT Infrastructure Using ZeNmap GUI (Nmap) & Nessus® Reports Overview One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers
Premium Risk Computer security Security
Maintaining Access‚ Covering Tracks 2. During the reconnaissance step of the attack‚ describe what task Zenmap GUI performs to do passive os fingerprinting. It sends commands to the platform-specific nmap executable and pipes the output back. Zenmap uses Profiles which are basically nmap parameter presets to specify how scans are performed. 3. What step in the hacking attack process uses Zenmap GUI? System Hacking 4. What step in the hacking attack process identifies known vulnerabilities
Premium Windows XP Microsoft Windows Operating system
echo-request/echo-replies vary? TargetWindows01 has Min = 0ms‚ Max = 0ms‚ Avg. =0ms. 5. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of 172.30.0.0/24? nmap-T4-A-v-PE.-P522‚25‚80 –PA21‚23‚80‚3389.172.30.0.0124 6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans.1 a. Quick Scan b. Quick Scan Plus c. Quick Traceroute d. Regular Scan
Premium IP address Web server Subnetwork
Unit 10 Lab 1 1. ZenMap GUI sends out broadcasts for server queries for various different types of operating systems in servers (OS). By examining how various hosts respond to certain queries‚ ZenMap GUI can distinguish what kind of OS and server exists. 2. Nmap searches its internal database and what ports on the IP’s are listening and matches it to the best known application. Applications like MSSQL and Web servers usually use the same ports over and again For example tcp port 3389 will most definitely
Premium IP address Subnetwork CIDR notation
IS3110 LAB 5 Identify Threats and Vulnerabilities in an IT Infrastructure 1. What are the differences between ZeNmap GUI (Nmap) and Nessus? NMAP is primarily a host detection and port discovery tool. Instead of using Nessus to look for specific vulnerabilities against a known quantity of hosts‚ NMAP discovers active IP hosts using a combination of probes. On the other hand Nessus takes the open ports into account and notifies you if these ports have potential security vulnerabilities attached
Premium IP address Computer security Security
1. What are the differences between ZenMap GUI and Nessus? NMAP is run most of the time on a host and port discovery‚ Nessus is usually installed on servers and takes it to the next level. It analyzes the ports and looks for potential security issues 2. Which scanning application is better for performing a network discovery Reconnaissance probing of an IP Network infrastructure? NMap 3. Which scanning application is better for performing a software vulnerability assessment with suggested
Premium IP address Internet Protocol Web server