These other packet provides information on how the data packets were routed from the source to the destination.

1092 Words Dec 25th, 2013 5 Pages
Lab #1 – Assessment Worksheet

Perform Reconnaissance and Probing Using Zenmap GUI (Nmap)

Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the attack by identifying the target and learning as much as possible about it. Hackers usually perform an initial reconnaissance and probing scan to identify IP hosts, open ports, and services enabled on servers and workstations. In this lab, you planned an attack on where the VM server farm resides, and used the Zenmap GUI to perform an “Intense Scan” on the targeted IP subnetwork.

Lab Assessment Questions & Answers

1. Name at least five applications and tools pre-loaded on the
…show more content…
The first step in the hacking process is to perform an IP host discovery and port/services scan (Step 1: Reconnaissance and Probing) on a targeted IP subnetwork using ZenMap GUI (Nmap) security scanning software. The second step in the hacking process is to perform a vulnerability assessment scan (Step 2: Scanning) on the targeted IP subnetwork using Nessus® vulnerability assessment scanning software. Finally, the third step in the hacking process (Step 3: Enumeration) is to identify information pertinent to the vulnerabilities found to exploit the vulnerability.

Lab Assessment Questions & Answers

1. What is the application Zenmap GUI typically used for? Describe a scenario in which you would use this type of application.
This application is used to perform an intense scan of all 36 test scripts using the profile selection or you can just select a specific IP address using the Target selection. I would use this application to determine the vulnerability of my computer by completing an assessment scan of my entire system.

2. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan?
Nmap-Zenmap GUI

3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step?
Create a custom Security Policy

4. What is a CVE listing? Who hosts and who sponsors the CVE

Related Documents