Loading

Misc - CSIA 301 - LAB #2 – ASSESSMENT WORKSHEET Perform a Vulnerability Assessment Scan Using Nessus. This lab demonstrated the first three steps in the hacking process that is typically performed when conducting ethical hacking or penetration testing. Th

Availability: In stock

$65.00
Already Bought 1 times.

Misc - CSIA 301 - LAB #2 – ASSESSMENT WORKSHEET Perform a Vulnerability Assessment Scan Using Nessus. This lab demonstrated the first three steps in the hacking process that is typically performed when conducting ethical hacking or penetration testing. Th

Double click on above image to view full picture

Zoom Out
Zoom In

More Views

Quick Overview

LAB #2 | Perform a Vulnerability Assessment Scan Using Nessus


 


LAB #2 – ASSESSMENT WORKSHEET


Perform a Vulnerability Assessment Scan Using Nessus


 


 


Course Name and Number:


Student Name:


Instructor Name:


Lab Due Date:


(Course Name and Number) CSIA 301


(Student Name)


(Instructor Name) John Galliano


(Lab Due Date)


Overview


 


This lab demonstrated the first three steps in the hacking process that is typically performed when


conducting ethical hacking or penetration testing. The first step in the hacking process is to perform an IP


host discovery and port/services scan (Step 1: Reconnaissance and Probing) on a targeted IP subnetwork


using Zenmap GUI (Nmap) security scanning software. The second step in the hacking process is to perform


a vulnerability assessment scan (Step 2: Scanning) on the targeted IP subnetwork using Nessus vulnerability


assessment scanning software. Finally, the third step in the hacking process (Step 3: Enumeration) is to


identify information pertinent to the vulnerabilities found to exploit the vulnerability.


 


Lab Assessment Questions & Answers


 


 1. What is the application Zenmap GUI typically used for? Describe a scenario in which you would use this


type of application.


(type of application [1])


(type of application [1])


(type of application [1])


(type of application [1])


2. What is the relationship between risks, threats, and vulnerabilities as it pertains to information systems


security throughout the seven domains of a typical IT infrastructure?


(security throughout the seven domains of a typical IT infrastructure [1])


(security throughout the seven domains of a typical IT infrastructure [2])


(security throughout the seven domains of a typical IT infrastructure [3])


(security throughout the seven domains of a typical IT infrastructure [4])


 


 


Assessment Worksheet


 


33


 


3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan?


(3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan [1])


(3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan [2])


(3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan [3])


(3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan [4])


4. Before you conduct an ethical hacking process or penetration test on a live production network, what


must you do prior to performing the reconnaissance, probing, and scanning procedures?


(must you do prior to performing the reconnaissance, probing, and scanning procedures [1])


(must you do prior to performing the reconnaissance, probing, and scanning procedures [2])


(must you do prior to performing the reconnaissance, probing, and scanning procedures [3])


(must you do prior to performing the reconnaissance, probing, and scanning procedures [4])


5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website?


(5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website [1])


(5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website [2])


(5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website [3])


(5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website [4])


Perform Vulnerability Assessment 2


6. Can Zenmap GUI detect which operating systems are present on IP servers and workstations? What would


that option look like in the command line if running a scan on 172.30.0.10?


(that option look like in the command line if running a scan on 172.30.0.10 [1])


(that option look like in the command line if running a scan on 172.30.0.10 [2])


(that option look like in the command line if running a scan on 172.30.0.10 [3])


(that option look like in the command line if running a scan on 172.30.0.10 [4])


7. If you have scanned a live host and detected that it is running Windows XP workstation OS, how would


you use this information for performing a Nessus vulnerability assessment scan?


(you use this information for performing a Nessus vulnerability assessment scan [1])


(you use this information for performing a Nessus vulnerability assessment scan [2])


(you use this information for performing a Nessus vulnerability assessment scan [3])


(you use this information for performing a Nessus vulnerability assessment scan [4])


8. Once a vulnerability is identified by Nessus, where can you check for more information regarding the


identified vulnerability, exploits, and the risk mitigation solution?


(identified vulnerability, exploits, and the risk mitigation solution [1])


(identified vulnerability, exploits, and the risk mitigation solution [2])


(identified vulnerability, exploits, and the risk mitigation solution [3])


(identified vulnerability, exploits, and the risk mitigation solution [4])


 


 


LAB #2 | Perform a Vulnerability Assessment Scan Using Nessus


 


9. What is the major difference between Zenmap GUI and Nessus?


(9. What is the major difference between Zenmap GUI and Nessus [1])


(9. What is the major difference between Zenmap GUI and Nessus [2])


(9. What is the major difference between Zenmap GUI and Nessus [3])


(9. What is the major difference between Zenmap GUI and Nessus [4])


10. Why do you need to run both Zenmap GUI and Nessus to perform the first three steps of the hacking


process?


(process [1])


(process [2])


(process [3])


(process [4])


 


 

$65.00

Details

LAB #2 | Perform a Vulnerability Assessment Scan Using Nessus

 

LAB #2 – ASSESSMENT WORKSHEET

Perform a Vulnerability Assessment Scan Using Nessus

 

 

Course Name and Number:

Student Name:

Instructor Name:

Lab Due Date:

(Course Name and Number) CSIA 301

(Student Name)

(Instructor Name) John Galliano

(Lab Due Date)

Overview

 

This lab demonstrated the first three steps in the hacking process that is typically performed when

conducting ethical hacking or penetration testing. The first step in the hacking process is to perform an IP

host discovery and port/services scan (Step 1: Reconnaissance and Probing) on a targeted IP subnetwork

using Zenmap GUI (Nmap) security scanning software. The second step in the hacking process is to perform

a vulnerability assessment scan (Step 2: Scanning) on the targeted IP subnetwork using Nessus vulnerability

assessment scanning software. Finally, the third step in the hacking process (Step 3: Enumeration) is to

identify information pertinent to the vulnerabilities found to exploit the vulnerability.

 

Lab Assessment Questions & Answers

 

 1. What is the application Zenmap GUI typically used for? Describe a scenario in which you would use this

type of application.

(type of application [1])

(type of application [1])

(type of application [1])

(type of application [1])

2. What is the relationship between risks, threats, and vulnerabilities as it pertains to information systems

security throughout the seven domains of a typical IT infrastructure?

(security throughout the seven domains of a typical IT infrastructure [1])

(security throughout the seven domains of a typical IT infrastructure [2])

(security throughout the seven domains of a typical IT infrastructure [3])

(security throughout the seven domains of a typical IT infrastructure [4])

 

 

Assessment Worksheet

 

33

 

3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan?

(3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan [1])

(3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan [2])

(3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan [3])

(3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan [4])

4. Before you conduct an ethical hacking process or penetration test on a live production network, what

must you do prior to performing the reconnaissance, probing, and scanning procedures?

(must you do prior to performing the reconnaissance, probing, and scanning procedures [1])

(must you do prior to performing the reconnaissance, probing, and scanning procedures [2])

(must you do prior to performing the reconnaissance, probing, and scanning procedures [3])

(must you do prior to performing the reconnaissance, probing, and scanning procedures [4])

5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website?

(5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website [1])

(5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website [2])

(5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website [3])

(5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website [4])

Perform Vulnerability Assessment 2

6. Can Zenmap GUI detect which operating systems are present on IP servers and workstations? What would

that option look like in the command line if running a scan on 172.30.0.10?

(that option look like in the command line if running a scan on 172.30.0.10 [1])

(that option look like in the command line if running a scan on 172.30.0.10 [2])

(that option look like in the command line if running a scan on 172.30.0.10 [3])

(that option look like in the command line if running a scan on 172.30.0.10 [4])

7. If you have scanned a live host and detected that it is running Windows XP workstation OS, how would

you use this information for performing a Nessus vulnerability assessment scan?

(you use this information for performing a Nessus vulnerability assessment scan [1])

(you use this information for performing a Nessus vulnerability assessment scan [2])

(you use this information for performing a Nessus vulnerability assessment scan [3])

(you use this information for performing a Nessus vulnerability assessment scan [4])

8. Once a vulnerability is identified by Nessus, where can you check for more information regarding the

identified vulnerability, exploits, and the risk mitigation solution?

(identified vulnerability, exploits, and the risk mitigation solution [1])

(identified vulnerability, exploits, and the risk mitigation solution [2])

(identified vulnerability, exploits, and the risk mitigation solution [3])

(identified vulnerability, exploits, and the risk mitigation solution [4])

 

 

LAB #2 | Perform a Vulnerability Assessment Scan Using Nessus

 

9. What is the major difference between Zenmap GUI and Nessus?

(9. What is the major difference between Zenmap GUI and Nessus [1])

(9. What is the major difference between Zenmap GUI and Nessus [2])

(9. What is the major difference between Zenmap GUI and Nessus [3])

(9. What is the major difference between Zenmap GUI and Nessus [4])

10. Why do you need to run both Zenmap GUI and Nessus to perform the first three steps of the hacking

process?

(process [1])

(process [2])

(process [3])

(process [4])

 

 

Additional Information

Programming Language Misc

Product Tags

Use spaces to separate tags. Use single quotes (') for phrases.