How does wireshark differ from netwitness investigator

26 | Lab #1 Performing Reconnaissance and Probing Using Common Tools

Lab #1 – Assessment Worksheet

Performing Reconnaissance and Probing Using Common Tools

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you explored the common tools available in the virtual lab environment. You

used Wireshark to capture and analyze network traffic and OpenVAS to scan the

network. You reviewed a sample collection of data using NetWitness Investigator,

connected to a remote Windows machine, and explored two file transfer applications,

FileZilla and Tftpd64. You used PuTTY to connect to a Linux machine and ran several

Cisco commands to display statistics for the network interfaces. Finally, you used

Zenmap to perform a scan of the network and created a network topology chart.

Lab Assessment Questions & Answers

1. Name at least five applications and tools used in the lab.

2. What is promiscuous mode?

3. How does Wireshark differ from NetWitness Investigator?

4. Why is it important to select the student interface in the Wireshark?

5. What is the command line syntax for running an Intense Scan with Zenmap on a target subnet of 172.30.0.0/24?

6. Name at least five different scans that may be performed with Zenmap.

27

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

7. How many different tests (i.e., scripts) did your Intense Scan perform?

8. Based on your interpretation of the Intense Scan, describe the purpose/results of each tests script performed during the report.

9. How many total IP hosts did Zenmap find on the network?

52 | Lab #2 Performing a Vulnerability Assessment

Lab #2 – Assessment Worksheet

Performing a Vulnerability Assessment

Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________

Overview

In this lab, you used Nmap commands within the Zenmap application to scan the virtual network

and identify the devices on the network and the operating systems and services running on them.

You also used OpenVAS to conduct a vulnerability assessment and record the high risk

vulnerabilities identified by the tool. Finally, you used the information you gathered from the

report to discover mitigations for those risks and make mitigation recommendations based on

your findings.

Lab Assessment Questions & Answers

1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application.

2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process?

3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step?

4. What is a CVE listing? Who hosts and sponsors the CVE database listing Web site?

5. Can Zenmap detect which operating systems are present on IP servers and workstations? Which option includes that scan?

6. How can you limit the breadth and scope of a vulnerability scan?

53

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

7. Once a vulnerability has been identified by OpenVAS, where would you check for more information regarding the identified vulnerability, exploits, and any risk

mitigation solution?

8. What is the major difference between Zenmap and OpenVAS?

9. Why do you need to run both tools like Zenmap and OpenVAS to complete the reconnaissance phase of the ethical hacking process?

81

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.