Chat with us, powered by LiveChat Identify Threats and Vulnerabilities in an IT Infrastructure Part 2 - Uni Pal

Identify Threats and
Vulnerabilities in an IT Infrastructure

Part 2

1. What are the
differences between ZeNmap GUI (Nmap) and Nessus?

2. Which
scanning application is better for performing a network discovery
reconnaissance probing of an IP network infrastructure?

3. Which
scanning application is better for performing a software vulnerability
assessment with suggested remediation steps?

4. How many
total scripts (i.e., test scans) does the Intense Scan using ZenMap GUI
perform?

5. From the
ZenMap GUI pdf report page 6, what ports and services are enabled on the Cisco
Security Appliance device?

6. What is the
source IP address of the Cisco Security Appliance device (refer to page 6 of
the pdf report)?

7. How many IP
hosts were identified in the Nessus® vulnerability scan? List them.

8. While Nessus
provides suggestions for remediation steps, what else does Nessus provide that
can help you assess the risk impact of the identified software vulnerability?

9. Are open
ports necessarily a risk? Why or why not?

10. When you
identify a known software vulnerability, where can you go to assess the risk
impact of the software vulnerability?

11. If Nessus
provides a pointer in the vulnerability assessment scan report to look up
CVE-2009-3555 when using the CVE search listing, specify what this CVE is, what
the potential exploits are, and assess the severity of the vulnerability.

12. Explain how
the CVE search listing can be a tool for security practitioners and a tool for
hackers.

13. What must an
IT organization do to ensure that software updates and security patches are
implemented timely?

14. What would
you define in a vulnerability management policy for an organization?

15. Which tool
should be used first if performing an ethical hacking penetration test and why?

error: Content is protected !!