Fundamentals of Information System Security
A limited time offer! Get a custom sample essay written according to your requirements urgent 3h delivery guaranteedOrder Now
1.What is the application Zenmap GUI typically used for ? Describe a scenario in which you would use this type of application? Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner. The application is a multi-platform, which feature an free and open source application. It is basically design to make Nmap easier to use for beginners which on the other hand it is providing advanced features for experienced Nmap users.
2.What is the relationship between risks, threats, and vulnerabilities as it pertains to information systems security throughout the seven domains of a typical IT There are seven domains of an infrastructure, user, workstation, LAN, LAN to WAN, components, remote access, and system/application. We all know that the user is the weakest link in security which are vulnerable to threats and may cause risk in the future. When thinking Risk we assume that something could happen now or down the line. When we think about Threat we assume the action that could damage an asset, and make our system vulnerability, which is the weakness that allows a threat to be realized. Risk mitigation must include finding and eliminating vulnerabilities and exploits infrastructure.
3.Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan? Nessus vulnerability assessment scanning software.
4.Before you conduct an ethical hacking process or penetration test on a live production network, what must you do prior to performing the reconnaissance, probing, and scanning procedures? You must have written permission. You must obtain written authorization to perform an intrusive Penetration test or vulnerability assessment scan on a live production network.
5.What is a CVE listing? Who hosts and who sponsors the CVE database listing website? CVE is a publicly available and free to use list and dictionary of standardized identifiers for common computer vulnerabilities and exposures. CVE is sponsored by US Department of Homeland Security. The website is sponsored and managed by the MITRE Corporation
6.Can Zenmap GUI detect which operating systems are present on IP servers and workstations? What would that option look like in the command line if running a scan on 172.30.0.10?