Order from us for quality, customized work in due time of your choice.
Outcomes addressed in this activity:
Describe common port scanning tools and tec
Outcomes addressed in this activity:
Describe common port scanning tools and techniques.
Explain the enumeration step of security testing.
Use scanning and enumeration to identify potential vulnerabilities for exploitation.
Use appropriate tools to capture network traffic in order to perform a threat analysis.
Course Outcome:
IT542-2: Perform vulnerability tests using computer and network tools and utilities.
Purpose
The purpose of the first lab is to hack a compromised host. You will use Zenmap and OpenVAS to scan for vulnerabilities in a host and then use Metasploit to attack the target host. In the process, you will learn how to search for exploits and modules in Metasploit and how to configure various options as well as how to escalate privileges to the root. In the second lab, you will enumerate or list various resources on a target host. In the process, you will learn the difference between passive scanning and active scanning.
Lab Instructions
Part 1:
Complete the labs “Remote and local Exploitation” and “Enumerating Hosts Using Wireshark, Windows, and Linux Commands.” In the lab environment, you will find step-by-step instructions. As you work through the labs, there will be capture-the-flag challenges.
Part 2:
After completing the labs, answer the following questions. Conduct research and cite supporting sources in APA format where appropriate.
Discuss one measure that organizations can take to protect themselves from each of these attacks – ARP poisoning and MAC flooding. Summarize how you conducted active scanning in the lab “Enumerating Hosts Using Wireshark, Windows, and Linux Commands.”
Describe one tool/technique or command for enumerating 1. Netbios, 2. SNMP and 3. DNS on windows machines.
Describe three Linux commands along with syntax that you can use to enumerate Linux systems.
What is the difference between an auxiliary module and an exploit module in Metasploit? Give an example of a Metasploit post exploitation module along with syntax and description.
Research and find a Metasploit exploit for Android® devices. Describe the exploit and its various Metasploit options. Discuss what a user can do to protect themselves from the exploit.
Here is a hypothetical entry from the /etc/shadow file. Answer the following questions based on this entry:
naina:$1$nfqpGleOffcp0i:13000:0:30:7:1::
Which algorithm was used to hash the password?
What is the maximum number of days the password is valid?
What is the date that this account will expire?
TO ACCESS MY SCHOOL WEBSITE: GO ON GOOGLE AND TYPE IN “Purdue Global student login Brightspace”
Username: DonaldNkamdjeu
Password: HomeworkDue!4
Order from us for quality, customized work in due time of your choice.