is3110 lab 5
IS3110 LAB 5
Identify Threats and Vulnerabilities in an IT Infrastructure
1. What are the differences between ZeNmap GUI (Nmap) and Nessus? NMAP is primarily a host detection and port discovery tool. Instead of using Nessus to look for specific vulnerabilities against a known quantity of hosts, NMAP discovers active IP hosts using a combination of probes. On the other hand Nessus takes the open ports into account and notifies you if these ports have potential security vulnerabilities attached to them.
Nessus is typically installed on a server and runs as a web-based application. Nessus uses plugins to determine if a vulnerability is present on a specified machine.
2. Which scanning application is better for performing a network discovery reconnaissance probing of an IP network infrastructure? inSSIDer is a Wi-Fi network scanner for the 32-bit and 64-bit versions of Windows XP, Vista, and 7. It is free and open source. The software uses the current wireless card or a wireless USB adapter and supports most GPS devices (namely those that use NMEA 2.3 or higher). Its graphical user interface shows MAC address, SSID, signal strength, hardware brand, security, and network type of nearby Wi-Fi networks. It can also track the strength of the signals and show them in a time graph.
3. Which scanning application is better for performing a software vulnerability assessment with suggested remediation steps? The annual SANS Top 20 classifies most of these dangerous holes for both Windows and Unix, and prescribes best practices for patching and remediation. Also, the SANS Top 20 arranges vulnerabilities into 10 classes for each platform with categories of vulnerabilities within them.
4. How many total scripts (i.e., test scans) does the Intense Scan using ZenMap GUI perform? The Intense Scan can take 3 to 5 minutes to complete all 36 test scripts. When the scan has finished, Zenmap will display the Nmap done command
5. From the ZenMap GUI pdf report page 6,
Identify Threats and Vulnerabilities in an IT Infrastructure
1. What are the differences between ZeNmap GUI (Nmap) and Nessus? NMAP is primarily a host detection and port discovery tool. Instead of using Nessus to look for specific vulnerabilities against a known quantity of hosts, NMAP discovers active IP hosts using a combination of probes. On the other hand Nessus takes the open ports into account and notifies you if these ports have potential security vulnerabilities attached to them.
Nessus is typically installed on a server and runs as a web-based application. Nessus uses plugins to determine if a vulnerability is present on a specified machine.
2. Which scanning application is better for performing a network discovery reconnaissance probing of an IP network infrastructure? inSSIDer is a Wi-Fi network scanner for the 32-bit and 64-bit versions of Windows XP, Vista, and 7. It is free and open source. The software uses the current wireless card or a wireless USB adapter and supports most GPS devices (namely those that use NMEA 2.3 or higher). Its graphical user interface shows MAC address, SSID, signal strength, hardware brand, security, and network type of nearby Wi-Fi networks. It can also track the strength of the signals and show them in a time graph.
3. Which scanning application is better for performing a software vulnerability assessment with suggested remediation steps? The annual SANS Top 20 classifies most of these dangerous holes for both Windows and Unix, and prescribes best practices for patching and remediation. Also, the SANS Top 20 arranges vulnerabilities into 10 classes for each platform with categories of vulnerabilities within them.
4. How many total scripts (i.e., test scans) does the Intense Scan using ZenMap GUI perform? The Intense Scan can take 3 to 5 minutes to complete all 36 test scripts. When the scan has finished, Zenmap will display the Nmap done command
5. From the ZenMap GUI pdf report page 6,