Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Nmap scan report for

25/03/2021 Client: saad24vbs Deadline: 3 days

JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES

LABORATORY MANUAL TO ACCOMPANY

Managing Risk in Information Systems

VERSION 2.0

Powered by vLab Solutions

INSTRUCTOR VERSION

Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company - All Rights Reserved.

Lab #5 Identifying Risks, Threats, and Vulnerabilities in an IT Infrastructure Using Zenmap® GUI (Nmap) and Nessus® Reports

Introduction

Imagine a system administrator learns of a server’s vulnerability, and a service patch is available to solve it. Unfortunately, simply applying a patch to a server is not assurance enough that a risk has been mitigated. The system admin has the option of opening the application and verifying that the patch has raised the version number as expected. Still, the admin has no guarantee the vulnerability is closed, at least not until the vulnerability is directly tested. That’s what vulnerability scanners are for.

Two vulnerability scanners available to the system administrator are Nmap® and Nessus®, which produce scan reports. The purpose of using Zenmap® GUI (Nmap) and Nessus® reports is to enable you to create network discovery port scanning reports and vulnerability reports. These reports can identify the hosts, operating systems, services, applications, and open ports that are at risk in an organization.

In this lab, you will look at an Nmap® report and a Nessus® report. You will visit the

http://cve.mitre.org Web site, you will define vulnerability and exposure according to the site,

and you will learn how to conduct searches of the Common Vulnerabilities and Exposures (CVE)

listing.

Learning Objectives

Upon completing this lab, you will be able to:

Review a Zenmap® GUI (Nmap) network discovery and port scanning report and a Nessus®

software vulnerability report.

Identify hosts, operating systems, services, applications, and open ports on devices from the

Zenmap® GUI (Nmap) scan report.

Identify critical, major, and minor software vulnerabilities from the Nessus® vulnerability assessment scan report.

Visit the Common Vulnerabilities and Exposures (CVE) online listing of software vulnerabilities at http://cve.mitre.org and learn how to conduct searches on the site.

41

( Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company - All Rights Reserved. )

43

Hands-On Steps

Note:

This is a paper-based lab. To successfully complete the deliverables for this lab, you will need access to Microsoft® Word or another compatible word processor. For some labs, you may also need access to a graphics line drawing application, such as Visio or PowerPoint. Refer to the Preface of this manual for information on creating the lab deliverable files.

3. Review the Lab 5 Nmap Scan Report that accompanies this lab.

4. Using the Lab 5 Nmap Scan Report, answer the following questions:

 What are the date and timestamp of the Nmap host scan?

 What is the total number of loaded scripts for scanning?

 A synchronize packet (SYN) stealth scan discovers all open ports on the targeted host.

How many ports are open on the targeted host for the SYN stealth scan at 13:36?

 Identify hosts, operating systems, services, applications, and open ports on devices from the Zenmap GUI (Nmap) scan report.

Why Nmap Became Popular

Nmap started more than 15 years ago as a simple, command-line tool. Its one purpose—to send crafted packets to a targeted Internet Protocol (IP) address to determine what ports are listening for connections. Knowing what specific ports are listening, the Nmap operator can infer what services are running.

For example, if Transmission Control Protocol (TCP) port 80 is open and listening, it’s a safe assumption the target machine is a Web server, running the Hypertext Transfer Protocol (HTTP) service on port 80. Other popular ports such as 21, 25, 137, and 161 mean the services File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Network Basic Input/Output System (NetBIOS), and Simple Network Management Protocol (SNMP) are listening, respectively. This made Nmap very popular with administrators who could then monitor and verify their systems’ services.

Nmap also became very popular as an easy tool for reconnaissance. With malicious intent, a person armed with knowing what services were running could research what vulnerabilities to exploit. The fast scanning Nmap made locating the recently discovered exploits called zero-day exploits very efficient.

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Instructor Lab Manual

44 | LAB #5 Identifying Risks, Threats, and Vulnerabilities in an IT Infrastructure

Using Zenmap® GUI (Nmap) and Nessus® Reports

Over the past 15 years, the features available in Nmap have multiplied several times. The ability to craft packets down to specific flags and options can make troubleshooting—and disrupting—networked devices almost limitless. The people and companies tasked with protecting against hackers must play a game of cat and mouse against the growing set of options in tools such as Nmap. Innovation and open source allows this game to be played indefinitely.

5. Review the Lab 5 Nessus Vulnerability Scan Report that accompanies this lab.

6. Using the Lab 5 Nessus Vulnerability Scan Report, answer the following questions:

 How many hosts were scanned?

 What were the start and end times for each of the scans?

 How many total vulnerabilities were discovered for each host?

 How many of the vulnerabilities were critical, major, and minor software vulnerabilities?

Note:

Nessus is a powerful vulnerability scanner, with a fast-growing list of available plug-ins. As a vulnerability scanner, the tool scans the networked devices for potential weaknesses and exploitable services. As you see from the lab sample, reporting can be detailed and customized. While still free for personal, home use, Nessus is also available for commercial use with an annual subscription fee.

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Engineering Solutions
Top Class Results
Top Rated Expert
Assignment Helper
Quick Finance Master
Quality Homework Helper
Writer Writer Name Offer Chat
Engineering Solutions

ONLINE

Engineering Solutions

I have read your project details. I can do this within your deadline.

$35 Chat With Writer
Top Class Results

ONLINE

Top Class Results

I have read your project details. I can do this within your deadline.

$40 Chat With Writer
Top Rated Expert

ONLINE

Top Rated Expert

I will cover all the points which you have mentioned in your project details.

$99 Chat With Writer
Assignment Helper

ONLINE

Assignment Helper

Give me a chance, i will do this with my best efforts

$98 Chat With Writer
Quick Finance Master

ONLINE

Quick Finance Master

You can award me any time as I am ready to start your project curiously. Waiting for your positive response. Thank you!

$120 Chat With Writer
Quality Homework Helper

ONLINE

Quality Homework Helper

I have read and understood all your initial requirements, and I am very professional in this task.

$110 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Prisoners of geography ricardo hausmann - Blue sky project case study - Building material list spreadsheet excel - Sound intensity over distance - What best describes greek theater - 3rd degree heart block acls - Managerial accounting heisinger and hoyle - How to write a full sentence outline for a speech - Vision of Nursing - Rolls royce six sigma - I need 4000 words in influence of finance and technology of the growth of Oman SMEs. - Kingsgate student lock in - School by kyoko mori questions and answers - Health care delivery in the united states 11th edition ebook - Disaster recovery-4 - Conveyor belt project part 5 answers - Career development plan - Describe and evaluate two theories of the formation of relationships - Atkinson theory of motivation ppt - Algebra even and odd numbers hands on lesson 1.1 - Cs lewis we read to know we are not alone - Confucius said - 3 4x 6 7x simplify - Gatford and phillips nursing calculations - How many significant figures in 20 - Nrs 433v week 1 assignment - Since 1990, job and wage research has shown that as the price of computer technology plummets, - P3 explain the issues related to the use of information - University of applied sciences upper austria tuition fees - Kristen swanson theory of caring powerpoint - Voluntary action sheffield jobs - Key steps employees must take to form unions - Art History Essay - Perception/Motivation - Organizational Behavior Post and Responses - Ecb e learning login - Project Part 2: Access Controls Procedure Guide Scenario - Vroom yetton jago model pdf - Physical safeguards are created to - Umuc writing 101 - 54 humphreys lane tallegalla - Order 2497384: Elective Music Teacher 1 page summary - In a communication context what is meant by shared meaning - Rose & frank co v jr crompton & bros ltd - HR - Optocoupler current transfer ratio - Case Study - 2 x 2 perceptual positioning map - Rite aid yahoo finance - Egg cell contains yolk which provides a large - Write a short post (~300 words/~2 paragraphs) - Edu gcfglobal en excel 2016 - Michael pollan unhappy meals summary - Determine the rank of each of the following matrices - Write a theory - 9/8 muston street mosman - Cafe worker job title - Ptc creo 5.0 system requirements - Dsm 5 seasonal affective disorder code - Hum 105 week 4 - Chapter 4 atomic structure test - Honeywell spyder sylk io - Thinking critically a concise guide john chaffee - The professional reference guide for the catering and event industry - Golf club market share by brand - Many companies are improving interpersonal relations by - Laserjet pro m402 driver - Discussion: Data Scenarios - Essay - Economics 201 question set 2 - The 4 e's of marketing - Cottage medical on pulman - Management a pacific rim focus 6e - Avaya one x agent license cost - Safe framework suitability acceptability feasibility - Descriptive statistics chart - The message of the almond tree - Marilyn terrill is the senior auditor - Art - Homeworks bright 9 led push light - West norwood better gym opening times - Time warner static ip cost - Qv flare up cream guardian - Context level data flow diagram for perfect pizza - Alex sharpe's portfolio solution - Assignment #33 - How to cite sentinel city in apa format - Precede proceed model steps - Review of grade qut - Forest development the indian way - Avaya 9611g phone quick reference guide - How does walt whitman reflect romantic thinking - Cost and management accounting syllabus - Half wave rectifier circuit multisim - Alaska fly fishing expedition risk assessment - Mater et magistra audience - Carbon 11 decay equation - Lab building proteins from rna - ?same-day +27833173182 LONHLUPHEKO ABORTION CLINIC // PILLS,,,, - Social sciences north flinders university - Why can't aldehydes hydrogen bond