JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES

JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES

LABORATORY MANUAL TO ACCOMPANY

Don't use plagiarized sources. Get Your Custom Essay on
JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES
Just from $13/Page
Order Essay

Managing Risk in Information Systems

VERSION 2.0

Powered by vLab Solutions

INSTRUCTOR VERSION

Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.

Lab #5 Identifying Risks, Threats, and Vulnerabilities in an IT Infrastructure Using Zenmap® GUI (Nmap) and Nessus® Reports

Introduction

Imagine a system administrator learns of a server’s vulnerability, and a service patch is available to solve it. Unfortunately, simply applying a patch to a server is not assurance enough that a risk has been mitigated. The system admin has the option of opening the application and verifying that the patch has raised the version number as expected. Still, the admin has no guarantee the vulnerability is closed, at least not until the vulnerability is directly tested. That’s what vulnerability scanners are for.

Two vulnerability scanners available to the system administrator are Nmap® and Nessus®, which produce scan reports. The purpose of using Zenmap® GUI (Nmap) and Nessus® reports is to enable you to create network discovery port scanning reports and vulnerability reports. These reports can identify the hosts, operating systems, services, applications, and open ports that are at risk in an organization.

In this lab, you will look at an Nmap® report and a Nessus® report. You will visit the

http://cve.mitre.org Web site, you will define vulnerability and exposure according to the site,

and you will learn how to conduct searches of the Common Vulnerabilities and Exposures (CVE)

listing.

Learning Objectives

Upon completing this lab, you will be able to:

Review a Zenmap® GUI (Nmap) network discovery and port scanning report and a Nessus®

software vulnerability report.

Identify hosts, operating systems, services, applications, and open ports on devices from the

Zenmap® GUI (Nmap) scan report.

Identify critical, major, and minor software vulnerabilities from the Nessus® vulnerability assessment scan report.

Visit the Common Vulnerabilities and Exposures (CVE) online listing of software vulnerabilities at http://cve.mitre.org and learn how to conduct searches on the site.

41

Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company – All Rights Reserved.

43

Hands-On Steps

Note:

This is a paper-based lab. To successfully complete the deliverables for this lab, you will need access to Microsoft® Word or another compatible word processor. For some labs, you may also need access to a graphics line drawing application, such as Visio or PowerPoint. Refer to the Preface of this manual for information on creating the lab deliverable files.

3. Review the Lab 5 Nmap Scan Report that accompanies this lab.

4. Using the Lab 5 Nmap Scan Report, answer the following questions:

 What are the date and timestamp of the Nmap host scan?

 What is the total number of loaded scripts for scanning?

 A synchronize packet (SYN) stealth scan discovers all open ports on the targeted host.

How many ports are open on the targeted host for the SYN stealth scan at 13:36?

 Identify hosts, operating systems, services, applications, and open ports on devices from the Zenmap GUI (Nmap) scan report.

Why Nmap Became Popular

Nmap started more than 15 years ago as a simple, command-line tool. Its one purpose—to send crafted packets to a targeted Internet Protocol (IP) address to determine what ports are listening for connections. Knowing what specific ports are listening, the Nmap operator can infer what services are running.

For example, if Transmission Control Protocol (TCP) port 80 is open and listening, it’s a safe assumption the target machine is a Web server, running the Hypertext Transfer Protocol (HTTP) service on port 80. Other popular ports such as 21, 25, 137, and 161 mean the services File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Network Basic Input/Output System (NetBIOS), and Simple Network Management Protocol (SNMP) are listening, respectively. This made Nmap very popular with administrators who could then monitor and verify their systems’ services.

Nmap also became very popular as an easy tool for reconnaissance. With malicious intent, a person armed with knowing what services were running could research what vulnerabilities to exploit. The fast scanning Nmap made locating the recently discovered exploits called zero-day exploits very efficient.

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Instructor Lab Manual

44 | LAB #5 Identifying Risks, Threats, and Vulnerabilities in an IT Infrastructure

Using Zenmap® GUI (Nmap) and Nessus® Reports

Over the past 15 years, the features available in Nmap have multiplied several times. The ability to craft packets down to specific flags and options can make troubleshooting—and disrupting—networked devices almost limitless. The people and companies tasked with protecting against hackers must play a game of cat and mouse against the growing set of options in tools such as Nmap. Innovation and open source allows this game to be played indefinitely.

5. Review the Lab 5 Nessus Vulnerability Scan Report that accompanies this lab.

6. Using the Lab 5 Nessus Vulnerability Scan Report, answer the following questions:

 How many hosts were scanned?

 What were the start and end times for each of the scans?

 How many total vulnerabilities were discovered for each host?

 How many of the vulnerabilities were critical, major, and minor software vulnerabilities?

Note:

Nessus is a powerful vulnerability scanner, with a fast-growing list of available plug-ins. As a vulnerability scanner, the tool scans the networked devices for potential weaknesses and exploitable services. As you see from the lab sample, reporting can be detailed and customized. While still free for personal, home use, Nessus is also available for commercial use with an annual subscription fee.

Nessus can be installed and run fairly easily, but here are a few tips that will produce much more benefit. First, update the plug-ins on install. By default, Nessus will update plug-ins once a day. Another tip is to use Nessus as a compliance tool. While it is by nature a vulnerability tool, one Nessus feature is to load a configuration file (called an audit file by Nessus) and then scan with Nessus to verify compliance against your end devices.

6. In the browser, navigate to http://cve.mitre.org

7. On the Web site, toward the top left of the screen, click the CVE List link.

8. Review the CVE List Main Page.

9. Define CVE.

10. On the CVE Page, click the search link

11. In the Search box, type Microsoft® XP 2003 Service Pack 1 and click the search button

12. In your Lab Report file, describe some of the results you discover.

13.. After viewing the results, conduct another search and this time, type the words Cisco ASA 5505 Security + and click the Search button.

19. Describe some of the search results.

Note:

This completes the lab. Close the Web browser, if you have not already done so.

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Instructor Lab Manual

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
Live Chat+1(978) 822-0999EmailWhatsApp