2. What is the relationship between risks, threats and vulnerabilities as it pertains to Information Systems Security throughout the seven domains of a typical IT infrastructure? / They all affect security and integrity of a network domain local.
3. Which application is used in step #2 in the hacking process to perform a vulnerability assessment scan? / Nessus
4. Before you conduct an ethical hacking process or penetration test in a live production network, what must you do prior to performing the reconnaissance and probing and scanning procedures? / Perform an IP host discovery and port intense scan
5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website? / A system that provides a record for publicly know ISS vulnerability / The public
6. Can ZenMap GUI detect what operating systems are present on IP servers and Workstations? What would that option look like in the command line if running a scan on 172.30.0.10? / Yes / It would be the green text in the command line
7. If you have scanned a live host and detected that it is running Windows XP workstation OS, how would you use this information for performing a Nessus Vulnerability assessment scan? / You need to select Windows Credentials in the drop down menu next to credential type.
8. Once vulnerability is identified by Nessus, where can you check for more information regarding the identified vulnerability, exploits, and the risk mitigation...