is3110 lab 5 Essay

1047 Words Feb 26th, 2014 5 Pages
IS3110 LAB 5
Identify Threats and Vulnerabilities in an IT Infrastructure

1. What are the differences between ZeNmap GUI (Nmap) and Nessus? NMAP is primarily a host detection and port discovery tool. Instead of using Nessus to look for specific vulnerabilities against a known quantity of hosts, NMAP discovers active IP hosts using a combination of probes. On the other hand Nessus takes the open ports into account and notifies you if these ports have potential security vulnerabilities attached to them.
Nessus is typically installed on a server and runs as a web-based application. Nessus uses plugins to determine if a vulnerability is present on a specified machine.
2. Which scanning application is better for performing a
…show more content…
What is the source IP address of the Cisco Security Appliance device (refer to page 6 of the pdf report)? 192.168.0.1
7. How many IP hosts were identified in the Nessus® vulnerability scan? List them.
8. While Nessus provides suggestions for remediation steps, what else does Nessus provide that can help you assess the risk impact of the identified software vulnerability? Through passive monitoring, PVS can reveal devices and software on the network that are not authorized, or that may indicate a network compromise.
9. Are open ports necessarily a risk? Why or why not? They are a risk because a trojan can be used to transmit data to an attacker. They hold a port open, e.g. Port 31337. The attacker connects to the trojan and sends requests to do a certain task, for example to make a screenshot. The trojan makes the screenshot and sends the image via the port to the attacker. On newer trojans, the port number is quite freely configurable, which makes identifying the trojan by the port number difficult. There are no control mechanisms available which can prevent a trojan from using an specific port. If a trojan does use the port 80, for instance, a novice user could imagine the program is a webserver, and may even simply ignore the port.
10. When you identify a known software vulnerability, where can you go to assess the risk impact of the software vulnerability? Nessus can detect thousands of problems, and it classifies each as one of

More about is3110 lab 5 Essay

Open Document