Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

How does wireshark differ from netwitness investigator

14/10/2021 Client: muhammad11 Deadline: 2 Day

Each lab will be submitted based on the following:

Log into the Toolwire LiveLabs environment.
Complete the weekly labs described below using Toolwire LiveLabs.
Provide deliverables in the form of documents, files, and / or screenshots for the steps specified in each lab assignment. Some labs require the use of Microsoft Word or OpenOffice for preparing and submitting deliverables.
Answer the Lab Assessment questions for each of the individual labs completed in each week’s Lab Assignment. Lab Assessment questions are located here. Note: This is an academic writing assignment. Correct punctuation, grammar, and spelling are necessary. Points will be deducted for poor writing.
Toolwire LiveLabs Lab Submission Breakdown

Lab

Assignment

Week

Due

Toolwire Lab #: Title

Deliverables for Submission

7

8

Lab 8: Performing a Website and Database Attack by Exploiting Identified Vulnerabilities

1.Lab Report file including screen captures of the following step(s): Part 1, Steps 8 11, and Part 2, Step 18

2.Lab Assessments file

3.Optional: Challenge Questions file, if assigned by your instructor

Points: 35

Lab Assignments

Criteria

Unacceptable

Below 60% F

Meets Minimum Expectations

60-69% D

Fair

70-79% C

Proficient

80-89% B

Exemplary

90-100% A

1. Complete the lab assignment.

Weight: 100%

Did not submit or incompletely completed the lab assignment.

Insufficiently completed the lab assignment.

Partially completed the lab assignment.

Satisfactorily completed the lab assignment.

Thoroughly completed the lab assignment.

26 | Lab #1 Performing Reconnaissance and Probing Using Common Tools

Lab #1 – Assessment Worksheet

Performing Reconnaissance and Probing Using Common Tools

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you explored the common tools available in the virtual lab environment. You

used Wireshark to capture and analyze network traffic and OpenVAS to scan the

network. You reviewed a sample collection of data using NetWitness Investigator,

connected to a remote Windows machine, and explored two file transfer applications,

FileZilla and Tftpd64. You used PuTTY to connect to a Linux machine and ran several

Cisco commands to display statistics for the network interfaces. Finally, you used

Zenmap to perform a scan of the network and created a network topology chart.

Lab Assessment Questions & Answers

1. Name at least five applications and tools used in the lab.

2. What is promiscuous mode?

3. How does Wireshark differ from NetWitness Investigator?

4. Why is it important to select the student interface in the Wireshark?

5. What is the command line syntax for running an Intense Scan with Zenmap on a target subnet of 172.30.0.0/24?

6. Name at least five different scans that may be performed with Zenmap.

27

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

7. How many different tests (i.e., scripts) did your Intense Scan perform?

8. Based on your interpretation of the Intense Scan, describe the purpose/results of each tests script performed during the report.

9. How many total IP hosts did Zenmap find on the network?

52 | Lab #2 Performing a Vulnerability Assessment

Lab #2 – Assessment Worksheet

Performing a Vulnerability Assessment

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you used Nmap commands within the Zenmap application to scan the virtual network

and identify the devices on the network and the operating systems and services running on them.

You also used OpenVAS to conduct a vulnerability assessment and record the high risk

vulnerabilities identified by the tool. Finally, you used the information you gathered from the

report to discover mitigations for those risks and make mitigation recommendations based on

your findings.

Lab Assessment Questions & Answers

1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application.

2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process?

3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step?

4. What is a CVE listing? Who hosts and sponsors the CVE database listing Web site?

5. Can Zenmap detect which operating systems are present on IP servers and workstations? Which option includes that scan?

6. How can you limit the breadth and scope of a vulnerability scan?

53

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

7. Once a vulnerability has been identified by OpenVAS, where would you check for more information regarding the identified vulnerability, exploits, and any risk

mitigation solution?

8. What is the major difference between Zenmap and OpenVAS?

9. Why do you need to run both tools like Zenmap and OpenVAS to complete the reconnaissance phase of the ethical hacking process?

81

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

Lab #3 – Assessment Worksheet

Enabling Windows Active Directory and User Access Controls

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you followed the Microsoft approach to securing the CIA triad. You created new user

accounts and security groups, and applied the new user accounts to the security groups, just as

you would in a real world domain. You created nested folders on the remote server and assigned

unique file permissions using the new user accounts and security groups. You modified the

Windows Group Policy enabling each new user account to use remote desktop services to

remotely access the TargetWindows01 server. Finally, you tested the security layers you placed

in the previous parts of the lab by using each new user account to access and modify the nested

folders on the remote server.

Lab Assessment Questions & Answers

1. What are the three fundamental elements of an effective security program for information systems?

2. Of these three fundamental controls, which two are used by the Domain User Admin to create users and assign rights to resources?

3. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured?

4. What is the mechanism on a Windows server where you can administer granular policies and permissions on a Windows network using role-based access?

5. What is two-factor authentication, and why is it an effective access control technique?

82 | Lab #3 Enabling Windows Active Directory and User Access Controls

6. Relate how Windows Server 2012 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data.

7. Is it a good practice to include the account or username in the password? Why or why not?

8. Can a user who is defined in Active Directory access a shared drive on a computer if the server with the shared drive is not part of the domain?

9. When granting access to LAN systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend be implemented to

maximize CIA of production systems and data?

107

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

Lab #4 – Assessment Worksheet

Using Group Policy Objects and Microsoft Baseline Security Analyzer for Change Control

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

There are many tools and suites designed to aid the security practitioner and the organization in

implementing and managing change management. In this lab, you explored two such tools for

the Windows platform: Group Policy Objects (built into the Windows operating systems) and the

Microsoft Security Baseline Analyzer (provided free of charge). You used Group Policy Objects

to strengthen the organization’s password policy by adding complexity and minimum password

length requirements. You scanned the Windows server with the Microsoft Baseline Security

Analyzer (MBSA) to assess its security state, and you examined the results of the Microsoft

Baseline Security Analyzer in detail.

Lab Assessment Questions & Answers

1. Define why change control management is relevant to security operations in an organization.

2. Name six (6) policies you could enable in a Windows Domain.

3. What is the minimum password length enforced by the Password must meet complexity requirements policy?

4. What sources could you use as a source to perform the MBSA security scan?

5. What are some of the options that you can exercise when initiating the MBSA scan?

136 | Lab #5 Performing Packet Capture and Traffic Analysis

Lab #5 – Assessment Worksheet

Performing Packet Capture and Traffic Analysis

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you used common applications to generate traffic and transfer files between the

machines in this lab. You captured data using Wireshark and reviewed the captured traffic at the

packet level, and then you used NetWitness Investigator, a free tool that provides security

practitioners with a means of analyzing a complete packet capture, to review the same traffic at a

consolidated level.

Lab Assessment Questions & Answers

1. Why would a network administrator use Wireshark and NetWitness Investigator together?

2. What was the IP address for LanSwitch1?

3. When the 172.16.8.5 IP host responded to the ICMP echo-requests, how many ICMP echo-reply packets were sent back to the vWorkstation?

4. What was the terminal password for LanSwitch 1 and LanSwitch 2?

5. When using SSH to remotely access a Cisco router, can you see the terminal password? Why or why not?

6. What were the Destination IP addresses discovered by the NetWitness Investigator analysis?

137

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

7. Are packet-capturing tools like Wireshark less dangerous on switched LANs?

160 | Lab #6 Implementing a Business Continuity Plan

Lab #6 – Assessment Worksheet

Implementing a Business Continuity Plan

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you implemented a portion of your organization’s BCP. On the basis of the BIA, the

organization determined that the internal Active Directory database and the corporate Web site

must be recoverable in the event of system failure or natural disaster. To accomplish this, you

configured local backups of Active Directory on the existing virtual server using Windows

Server Backup. You also configured the organization’s Web servers to host content from a single

NFS share, and to back up that NFS share daily using Windows.

Lab Assessment Questions & Answers

1. What is the purpose of the business impact analysis (BIA)?

2. What is the difference between a disaster recovery plan (DRP) and a business continuity plan (BCP)?

3. What are the commands used in Windows 2012 to mount the NFS share on the Linux server.

4. Is creating redundancy for systems such as Active Directory or Web servers a part of the DRP or the BCP?

5. Why use the mklink command?

6. What role/service is Windows 2012 Server Backup part of?

161

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Manual

a. Windows Group Policy b. Windows Collaboration Server c. Windows Server Essentials Experience

7. Which Linux file makes a local share available to NFS clients? a. transports b. imports c. fstab d. exports

187

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

Lab #7 – Assessment Worksheet

Using Encryption to Enhance Confidentiality and Integrity

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you learned how cryptography tools can be used to ensure message and file transfer

integrity and how encryption can be used to maximize confidentiality. You used Kleopatra, the

certificate management component of GPG4Win, to generate both a public and a private key as

both a sender and a receiver. You used the sender’s keys to encrypt a file, sent it to the receiver,

and decrypted it using the receiver’s copy of the keys.

Lab Assessment Questions & Answers

1. If you and another person want to encrypt messages, should you provide that person with your public key, private key, or both?

2. What does Kleopatra allow you to do once it is installed?

3. What key type was used to create the certificate on Kleopatra? What other types of encryption key types are possible?

4. What was the fingerprint generated with your Kleopatra certificate?

5. If someone sends you his public key and you import it into Kleopatra, will he be able to decrypt the encrypted messages you send him?

203

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

Lab #8 – Assessment Worksheet

Performing a Web Site and Database Attack by Exploiting Identified Vulnerabilities

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you performed simple tests to verify a cross-site scripting (XSS) exploit and an SQL

injection attack using the Damn Vulnerable Web Application (DVWA), a tool left intentionally

vulnerable to aid security professionals in learning about Web security. You used a Web browser

and some simple command strings to identify the IP target host and its known vulnerabilities,

and then attacked the Web application and Web server using cross-site scripting (XSS) and SQL

injection to exploit the sample Web application running on that server.

Lab Assessment Questions & Answers

1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation?

2. What is a cross-site scripting attack? Explain in your own words.

3. What is a reflective cross-site scripting attack?

3. Which Web application attack is more likely to extract privacy data elements out of a database?

4. What security countermeasures could be used to monitor your production SQL databases against injection attacks?

204 | Lab #8 Performing a Web Site and Database Attack by Exploiting Identified Vulnerabilities

5. What can you do to ensure that your organization incorporates penetration testing and Web application testing as part of its implementation procedures?

6. Who is responsible for the C-I-A of production Web applications and Web servers?

226 | Lab #9 Eliminating Threats with a Layered Security Approach

Lab #9 – Assessment Worksheet

Eliminating Threats with a Layered Security Approach

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you used AVG, an antivirus scanning program, to identify malware found on a

compromised system. You also examined the services available on the Windows vWorkstation

machine and disabled an unnecessary service. In addition, you configured the Windows Firewall,

enabled ICMP traffic, and created a new rule for the FileZilla Server application.

Lab Assessment Questions & Answers

1. What is the main difference between a virus and a Trojan?

2. A virus or malware can impact which of the three tenets of information systems security (confidentiality, integrity, or availability)? In what way?

3. Why is it recommended to do an antivirus signature file update before performing an antivirus scan on your computer?

4. Why might your coworker suggest encrypting an archive file before e-mailing it?

5. What kind of network traffic can you filter with the Windows Firewall with Advanced Security?

6. What are typical indicators that your computer system is compromised?

227

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

7. What elements are needed in a workstation domain policy regarding use of antivirus and malicious software prevention tools?

246 | Lab #10 Implementing an Information Systems Security Policy

Lab #10 – Assessment Worksheet

Implementing an Information Systems Security Policy

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you acted as a member of the network security team. You were given an assignment

to implement two security standards that have been accepted by the organization. First, you

enforced a newly adopted corporate password policy using the Group Policy Management

console. Additionally, you joined a standalone Linux machine to the Active Directory domain

using an open source tool, PowerBroker Identity Services Open.

Lab Assessment Questions & Answers

1. What is the correct command syntax to force GPO settings?

a. /force GPO b. gpupdate /now c. gpupdate /force d. policyupdate /force

2. Why is it important to set a strict password policy as part of your security template?

3. Why is it important to bring standalone systems into the Domain?

4. What was the command line syntax to connect as the root user to 172.30.0.11 using PuTTY?

5. Name five different Windows password policies.

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Homework Master
Isabella K.
A+GRADE HELPER
Calculation Master
Finance Master
Quick Mentor
Writer Writer Name Offer Chat
Homework Master

ONLINE

Homework Master

I have written research reports, assignments, thesis, research proposals, and dissertations for different level students and on different subjects.

$26 Chat With Writer
Isabella K.

ONLINE

Isabella K.

As an experienced writer, I have extensive experience in business writing, report writing, business profile writing, writing business reports and business plans for my clients.

$15 Chat With Writer
A+GRADE HELPER

ONLINE

A+GRADE HELPER

After reading your project details, I feel myself as the best option for you to fulfill this project with 100 percent perfection.

$25 Chat With Writer
Calculation Master

ONLINE

Calculation Master

I have written research reports, assignments, thesis, research proposals, and dissertations for different level students and on different subjects.

$16 Chat With Writer
Finance Master

ONLINE

Finance Master

I am an academic and research writer with having an MBA degree in business and finance. I have written many business reports on several topics and am well aware of all academic referencing styles.

$45 Chat With Writer
Quick Mentor

ONLINE

Quick Mentor

I have done dissertations, thesis, reports related to these topics, and I cover all the CHAPTERS accordingly and provide proper updates on the project.

$42 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

How to date a browngirl thesis - I love you daddy shrek scene - Columbus custom carpentry a compensation case study - The computer revolution and the problem of global ethics - What is meant by mass percentage of solution - International date line time change - User sign off template - Tom buckley lancaster university - Nikon f100 focusing screen - Marketing Reseach - Fantastic mr fox badger - Gas turbine compressor surge - Help with chapter quality control 2 assignment - Study of human movement - The primary drivers of hypercompetition are - Theorists and theories of preschool worksheet answers - HOMEWORK 3 "ALL QUESTION MUST BE ANSWERED IN DETAIL" - 300 words each - Ex or quickset programmer - Civil war stories ambrose bierce pdf - Enron the smartest guys in the room summary - Parts of a complete circuit - Stihl fs55r carb settings - Leaky barrel model - Daystar windows and doors farmingdale - Mystic monk coffee vision and mission - Nurs 4455 financial management case study - Distorted evidence definition - The book thief images - If sales increase to 1,001 units, what would be the increase in net operating income? - Castle hill shopping centre expansion - Sample employee observation report - How many syllables in a sonnet - Josh turner your man reggae remix - Preferred products has issued preferred stock with an - Mass of empty 150ml beaker - Carson and butcher abnormal psychology 13th edition pdf - Walmart executive summary - Smith an adamant spear at otto's grotto - Lumo energy peak and off peak times - Maritime questions and answers - Critical Thinking : Trade Barriers: Additional Issues - Critical thinking 12th edition moore pdf free - Molecular model kit color key - The time period assumption states that - Ancient chinese courtyard homes - Bcg matrix example pepsi - Is vodka a homogeneous mixture - Kastle meyer test advantages and disadvantages - Community Assessment Powerpoint Presentation - The dimensions of an open box are 50cm - Exit interviews cipd - Polishing your penmanship barbara nichol pdf - Boy overboard teaching activities - Marine vessel operation - Plc ladder diagram for logic gates - Wireless network setup guide unisa - A 2 b 2 c 2 2bc cosa - Assessment 3: Ego Integrity Presentation - Correction of errors in accounting questions - Dorry and brogy bounty - List of physics competitions - Which of the following is an underlying assumption of the costminus−volumeminus−profit graph? - Gibbs learning by doing - What is a thesis driven essay - Quick write - What does exulting mean - HIV/AIDS Epidemiology - Calculate the molar mass of baking soda - Speech Delivery - Romeo and juliet context - Aladdin micro lunch bowl instructions - Bsbmgt616 develop and implement strategic plans assessment 1 - Tiaa access lifecycle fund 2050 t4 - ENG 225 Introduction to Film NO PLAGIARISM PLZ - Cybertext building blocks of accounting a financial perspective - Introduction to Humanities Discussion - Where do squids live in the ocean - Consent form for psychology - Jonathan stockstill net worth - Structure of 3 ethyl 2 methylhexane - Concept of Blockchain - Elements of a letter - Order 2303456: the effect of bean type amount of egg laid by female bean bettles - How to teach addition and subtraction of fractions - Goring & woodcote medical practice - Come gather round bob dylan - Character synchronization in data communication - Literary devices in macbeth act 3 scene 4 - Earth the biography oceans - Https owl english purdue edu owl resource 560 02 - CIS web design part 4 - Karnataka state safety institute - Blue kangaroo paw kings park - Half round concrete culvert pipe - Trinity college dublin open day 2016 - Nixon is often called an accidental liberal because - Week 6 data mining - Help needed - Real property finance question