We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

ZenMap GUI and Nessus

essay
The whole doc is available only for registered users OPEN DOC

A limited time offer! Get a custom sample essay written according to your requirements urgent 3h delivery guaranteed

Order Now

1. What are the differences between ZenMap GUI and Nessus?

NMAP is run most of the time on a host and port discovery, Nessus is usually installed on servers and takes it to the next level. It analyzes the ports and looks for potential security issues

2. Which scanning application is better for performing a network discovery Reconnaissance probing of an IP Network infrastructure? NMap

3. Which scanning application is better for performing a software vulnerability assessment with suggested remediation steps? Nessus

4. How many total scripts does the Intense Scan using ZenMap GUI perform? Runs 36 Scripts

5. From the Zen Map GUI pdf report page 6, who ports and services are enabled on the Cisco Security Appliance Device? 22 / TCP Open SSH Cisco SSH 1.25

6. What is the source IP address of the Cisco Security Appliance Device? 172.30.0.1

7. How many IP hosts were identified in the Nessus vulnerability Scan? Depends on the scan

Nine IP Addresses scanned, 49.39 seconds, 256 IP Addresses (5 hosts) scanned in 5433.44 Seconds

8. While Nessus provides suggestions for remediation steps, what else does Nessus provide that can help you assess the risk impact of the identified software vulnerability? It provides a way either through a patch or update that will allow you to repair that vulnerability

9. Are open ports necessarily a risk? Why or why not? An open port is only a risk if it is not supposed to be open. There are always ports that will need to be open , but ones that have no need to be open should be closed.

10. When you identify a known software vulnerability, where can you go to access the risk impact of the software vulnerability? It’s located in the server section of the application, or a software icon

11. Specify what CVE-2009-3555 is and what the potential exploits are, and assess the severity of the vulnerability. It is a list of what the potential exploits are and the severity of the vulnerability. It attempts to provide common names for publicly known problems with the goal of making it easier for companies to share vulnerabilities across different tools that they may have in their organization

12. Explain how the CVE search listing can be a tool for security practitioners and a tool for potential hackers. Your vulnerability databases, services, and tools can now talk to each other. It is something that allows better communication of vulnerabilities across your systems and even different vendors. You used to have to choose the “best vendor” and use their equipment exclusively. The downside is that public discussion of vulnerabilities across your system is good information for a hacker to have and with this tool he doesn’t even have to run the scan himself or hack a highly secure resource

13. What must an IT organization do to ensure that software updates and security patches are implemented timely? Set aside a certain team of members in your organization whose duties specifically deal with patch updates and system fixes

14. What would you define in a vulnerability management policy for an organization? It will give a priority level for different systems that will tell us what systems should be monitored more often than others. It doesn’t have to be a system that houses sensitive information but they are usually on the top of the list. The highest priority system could simply be the one that is most likely to be hacked, like a Web Server, and it might not contain sensitive information, but could be a gateway to other systems

15. Which tool should be first used when performing an ethical hacking penetration test and why? NMap, it is the first step because it focused on the host and gives information to Nessus to run its scan

Related Topics

We can write a custom essay

According to Your Specific Requirements

Order an essay
Get Access To The Full Essay
icon
300+
Materials Daily
icon
100,000+ Subjects
2000+ Topics
icon
Free Plagiarism
Checker
icon
All Materials
are Cataloged Well

Sorry, but copying text is forbidden on this website. If you need this or any other sample, we can send it to you via email.

By clicking "SEND", you agree to our terms of service and privacy policy. We'll occasionally send you account related and promo emails.
Sorry, but only registered users have full access

How about getting this access
immediately?

Become a member

Your Answer Is Very Helpful For Us
Thank You A Lot!

logo

Emma Taylor

online

Hi there!
Would you like to get such a paper?
How about getting a customized one?

Can't find What you were Looking for?

Get access to our huge, continuously updated knowledge base

The next update will be in:
14 : 59 : 59
Become a Member