Lab #2 Questions and Answers

In: Computers and Technology

Submitted By tawatson
Words 401
Pages 2
Lab 2
1. What is the application ZenMap GUI typically used for? Describe a scenario in which you would use this type of application.
It’s used for port scanning. It can be used to see what hosts are on the network and to see what services they are running.
2. What is the relationship between risks, threats and vulnerabilities as it pertains to Information Systems Security throughout the seven domains of a typical IT infrastructure?
Threats and vulnerabilities lead risks, if you don’t have then then you don’t have any risk of anyone getting into your network
3. Which application is used for Step #2 in the hacking process to perform a vulnerability assessment scan?
That would be Nessus is the application used.
4. Before you conduct an ethical hacking process or penetration test on a live production network, what must you do prior to performing the reconnaissance and probing and scanning procedures?
You must get written permission
5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website?
A CVE (Common Vulnerabilities and Exposures) are known vulnerabilities and also show you how to patch them. They are from the Mitre Corporation but are under contract for Homeland Security and NCSD.
6. Can ZenMap GUI detect what operating systems are present on IP servers and workstations? What would that option look like in the command line if running a scan on 172.30.0.10?
Yes it can detect what OS are being used. The command would be –o.
7. If you have scanned a live host and detected that it is running Windows XP workstation OS, how would you use this information for performing a Nessus vulnerability assessment scan?
You can tell the scan to only include windows vulnerabilities.
8. Once vulnerability is identified by Nessus, where can you check for more information regarding the identified vulnerability, exploits, and the…...

Similar Documents

Lesson 2 Review Question Answers

...Review Questions - ANSWERS Name ____________________________ Answer the following questions: 1) What is a resource? People, equipment & materials necessary to complete a task 2) Why aren't resources assigned to summary tasks? Summary tasks are simply a grouping for a set of related tasks. The indiv tasks require resources but the summary task is just a compilation of those resources. 3) What is the difference between Start, Prorated and End in association with costs? Start – cost applied at the beginning of the task Prorated – cost applied as work is completed End – cost applied when the task is completed 4) Give a real-world example of the difference between a fixed cost and a cost per use? Give a real-world example of the difference between a fixed cost and a cost per use? Fixed Cost: (buy equipment) company bids $500 to clean carpet, cost of airline ticket… Cost Per Use: (rent equipment) Hourly rate on moving van, rental of shampoo machine, landing fee each time plane lands… 5) Why is a fixed cost entered with the task and not the resource? Because the cost is the same no matter how many people, hours, materials used. Not dependent upon the amount of time or number of resources it takes to complete. 6) Why is the resource cost for the Wiring Contractor $0.00? Because the installation of the wiring is a fixed contractual price of $4000 – it will not matter how many hours the contractor takes – still......

Words: 283 - Pages: 2

Lab #3 Assessment Questions & Answers

...1. What are the three fundamental elements of an effective access control solution for information systems? Identification, Authentication, and Authorization 2. What two access controls can be setup for a Windows Server 2003 folders and authentication? Authentication and Access control. 3. lf you can browse a file on a Windows network share but are not able to copy it or modify it what type of access controls and permissions are probably configured? What type of Access Control would best describe this access control situation? List Folder Contents – Security Policy based control. 4. What is the mechanism on a Windows Server where you can administer granular policies and permissions on a Windows network using role-based access? Group Policy Editor 5. What is two-factor authentication and why is it an effective access control technique? Two Factor uses two of the three characteristics in Authentication types (Knowledge, Ownership, Characteristics) 6. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve C-1-A for departmental LANs, departmental folders, and data. creates security principals in the Active Directory domain partition 7. Is it a good practice to include the account or user name in the password? Why or why not? It is not a good idea to have a user name in the password, because it easy for people can try to hack or decode the password. 8. Can a user who is defined in the Active Directory......

Words: 340 - Pages: 2

Chapter 2 Answers to Questions - Financial Accounting

...* Chapter 2 ANSWERS TO QUESTIONS 1. A conceptual framework is a coherent system of interrelated objectives and fundamentals that can lead to consistent standards and that prescribes the nature, function, and limits of financial accounting and financial statements. A conceptual framework is necessary in financial accounting for the following reasons: (1) It will enable the FASB to issue more useful and consistent standards in the future. (2) New issues will be more quickly solvable by reference to an existing framework of basic theory. (3) It will increase financial statement users’ understanding of and confidence in financial reporting. (4) It will enhance comparability among companies’ financial statements. 2. The primary objectives of financial reporting are as follows: (1) Provide information useful in investment and credit decisions for individuals who have a reasonable understanding of business. (2) Provide information useful in assessing future cash flows. (3) Provide information about enterprise resources, claims to these resources, and changes in them. 3. “Qualitative characteristics of accounting information” are those characteristics which contribute to the quality or value of the information. The overriding qualitative characteristic of accounting information is usefulness for decision making. 4. Relevance and reliability are the two primary qualities of useful accounting information. For informa-tion to be relevant, it should......

Words: 5662 - Pages: 23

Toolwire Lab 2 Question and Answers

...1. What is the application Zenmap GUI typically used for? Describe a scenario in which you would use this type of application. Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner. It is a multi-platform, free and open-source application designed to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. 2. What is the relationship between risks, threats, and vulnerabilities as it pertains to information systems security throughout the seven domains of a typical IT infrastructure? The seven domains of an infrastructure are user, workstation, LAN, LAN to WAN, components, remote access, and system/application. The user is the weakest link in security which are vulnerable to threats and may cause risk in the future. Risk is the likelihood that something bad will happen. Threat is the action that could damage an asset, and vulnerability is the weakness that allows a threat to be realized. Risk mitigation must include finding and eliminating vulnerabilities and exploits. 3. Which application is used for Step 2 in the hacking process to perform a vulnerability assessment scan? Nessus vulnerability assessment scanning software. 4. Before you conduct an ethical hacking process or penetration test on a live production network, what must you do prior to performing the reconnaissance, probing, and scanning procedures? Written permission. You must obtain written authorization to perform an intrusive...

Words: 465 - Pages: 2

Reflecting Light Off a Plane Mirror Lab Questions and Answers

...Questions A. How did the angle of incidence compare with the angle of reflection? B. In trial 5, you aimed the incident ray directly along the normal. Describe the path of the incident and reflected rays for this special case. C. Where might errors occur in this activity? D. How would these errors affect your conclusion? E. Billiards is a game that makes use of reflection (Figure 2). How could the results of this activity help you in such a game? F. What other sports or activities make use of the reflection rule that you discovered in this activity? Answers a. The angle of incidence (the angle between the light emitted from a source and the normal) and the angle of reflection (the angle between the light that bounces from the surface and the normal) have the same angle. This is because a reflection coming from a plane mirror is usually equivalent to the object it is reflecting; this means that the angle in which the incident ray hits the mirror will be the same angle as the reflected ray. b. When the light was directed to the mirror at the same angle as the normal, the incident ray travelled straight along the normal line towards the mirror and as it hit the mirror it made the reflected ray travel straight along the normal line away from the mirror and towards the light source. c. There are places where errors could've occurred in this activity; first, when the light was aimed at the plane mirror the spot in which the incident ray had to hit was the normal end of......

Words: 603 - Pages: 3

Is-3120 Lab 6 Question and Answer

...achieved allowing many physical groups to use the same network infrastructure B. Broadcast storms can be mitigated by decreasing the number of broadcast domains, thus increasing their size. C.A higher level of network security can be reached by separating sensitive data traffic from other network traffic. D. Port-based VLANs increase switch-port use efficient, thanks to 802.1Q trunks E.A more efficient use of bandwidth can be achieved allowing many logical networks to use the same network infrastructure. F. Broadcast storms can be mitigated by increasing the number of broadcast domains, thus reducing their size. G.VLANs makes it easier for IT staff to configure new logical groups, because the VLANs all belong to the same broadcast domain. 2. What are some drawbacks of implementing VLANs within a network? •Usable bandwidth is shared among all the devices connected to the LAN •ALL devices connected within a LAN can hear ALL the packets irrespective of whether the packet is meant for that device or not. It is possible for some unscrupulous node listening to data packets not meant for that. •Suppose, your organization has different departments. Using a traditional LAN, when any changes take place within the organization, physical cables and devices need to be moved to reorganize the LAN infrastructure. •A LAN cannot extend beyond its physical boundary across a WAN as in VLANs. Management is complex Possible problems in interoperability A VLAN cannot forward......

Words: 848 - Pages: 4

Lab Assessment Questions & Answers

...1. Relate how Windows Server 2012 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data. 2. Is it a good practice to include the account or user name in the password? Why or why not? 3. To enhance the strength of user passwords, what are some of the best practices to implement for user password definitions to maximize confidentiality? 4. Can a user who is defined in Active Directory access a shared drive on a computer if the server with the shared drive is not part of the domain? 5. Does Windows Server 2012 R2 require a user's logon/password credentials prior to accessing shared drives? 6. When granting access to network systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend implementing to maximize CIA of production systems and data? 7. In the Access Controls Criteria table, what sharing changes were made to the MGRfiles folder on TargetWindows01-DC server? 8. In the Access Controls Criteria table, what sharing changes were made on the TargetWindows01-DC server to allow Shopfloor users to read/write files in the C:\LabDocuments\SFfiles folder? 9. In the Access Controls Criteria table, what sharing changes were made on the TargetWindows01-DC server to allow HumanResources users to read/write files in the C:\LabDocuments\HRfiles folder? 10. Explain how CIA can be achieved down to the folder and data...

Words: 277 - Pages: 2

Chapter 2 Questions & Answers

...Linsey Cessor EDUC 2253 Dr. Shahan January 28, 2015 Professional Practice Chapter 2: Question for Discussion 2. Why is membership in an ethnic group more important to some individuals than to others? What characteristics might an educator look for to determine a student’s ethnic background and its importance in that student’s life? * Individuals may have multiples reasons of being more in tuned to their ethnicity than others. Most are drawn to their ethnic group because that is what is familiar to them. When the elderly generation is a dominate part of their raising then the younger generation has more information about their heritage. * Others are not so luck to grow up with the elderly generation influence and have are disconnected with their ethnic groups. Some people are a merge of two different ethnic groups and this causes confusion for the individual. With the merging of different ethnic groups, some people tend to loners. Not ever finding that “prefect” ethnic group that they belong in. As an educator there are many characteristics that will reveal the ethnicity of a student such as a student’s gender, race and religion. However, with all of this being said I do not think that the ethnicity of a student is completely important for an effective teacher. An effective teacher teaches on the level of their students, and then begins helping the student’s excel. An effective teacher is able to teacher all the curriculum to the students without biases...

Words: 344 - Pages: 2

Week 2 Questions and Answers

...Week 2 Assignment Question /Answers HRM320: Employment Law Professor:  Justin Lawrence DeVry University Michael Nealy January 16, 2015 1. What do you think are some of the factors in the modern workplace that contribute to a theft of time? How can those factors be managed? * There are many factors that can contribute to theft of time in the modern day workplace, for instance should you decide to take an extended coffee break, or if you search the internet a little too long when you should be working on other projects that’s considered to be theft of company time. Should you find yourself using the company phone for personal use such as talking to family members and friends rather than staying on task with the work that is at hand then you are guilty of the offense of theft of time. You are in fact stealing the employer’s money by not managing good use of the time that you have. * Here are some way that can best manage those scenarios. Where I work there are three bells that ring that at different times that lets you know when it is break time and when to return from break. The first bell lets you know that’s it’s time for break, the second bell lets you know that you should be returning from break and finally the third bell lets you know that you should be at your workstation. Should be caught too many times not at your work station you could be disciplined. That is one way to manage your time. As for the second scenario the best way to manage the......

Words: 1121 - Pages: 5

Chapter 2 Quick Answer Question

...Quick Study 1 1. Q: Define culture. How does ethnocentricity distort one’s view of other cultures? ANSWER: Culture is a set of values, beliefs, rules, and institutions held by a specific group of people. Ethnocentricity distorts one’s view of other cultures by believing that one’s own culture is superior to the culture of others, tending to make people to neglect important cultural differences. 2. Q: What is cultural literacy? Why should businesspeople understand other cultures? ANSWER: Cultural literacy is the detailed knowledge about a culture that allows a person to work effectively within it. Businesspeople should understand other cultures because it would improve their ability to manage employees, market products, and conduct negotiations in other countries. It also helps managers to attend local needs and desires, improving the company’s competitiveness as globalization continues. 3. Q: How do nation-states and subcultures influence a people’s overall cultural image? ANSWER: When it comes to culture, we tend to invoke the concept of the nation-states that support and promote the concept of national culture by building museums and monuments to preserve the legacies of important events and people, and that also intervene in business to preserve national culture. While the subculture that is a group of people that share a unique way of life within a larger culture (including language, race, lifestyle, attitudes, or other characteristics)...

Words: 2352 - Pages: 10

Lab 3 Questions and Answers

...Lab #3: Worksheet Configure Windows File System Permissions Student Name: _____________________________________________________________ Lab Due Date: April 10, 2015 If you may work in groups to complete this lab. Folder Structure Drawing You are asked to draw a folder structure that meets the scenario’s requirements. You may draw the structure on paper, use Visio or another drawing program. If you draw the structure on a separate sheet of paper, turn this in to your instructor. If you use Visio or another drawing program, paste your diagram here: Screenshots The lab requires the student to provide several screen captures at specific points in the process. Place your screen captures here in the appropriate order. Assessment Questions Overview In this lab, you reviewed a scenario requiring you to design a Windows folder structure, and you implemented your design. Next, you used the Microsoft® Active Directory Users and Computers utility to create security groups that suited the requirements in the scenario. Finally, you applied those security groups to the folder structure you designed. Questions 1. When you designed a file system in the first section of this lab, why did you choose the structure that you selected? a. What I learned how to do in the associates program 2. As you look back on the file structure that you created, what changes would you want to make if you were to use it for a real college environment? b. Make sure OU stay together 3.......

Words: 350 - Pages: 2

Lab 5 Assessment Questions & Answers

...1. How does a security awareness & training policy impact an organization’s ability to mitigate risks, threats, and vulnerabilities? Security awareness training is a formal process for educating employees about computer security. A good security awareness program should educate employees about corporate policies and procedures for working with information technology (IT).  Employees should receive information about who to contact if they discover a security threat and be taught that data as a valuable corporate asset. 2. Why do you need a security awareness & training policy if you have new hires attend or participate in the organization’s security awareness training program during new hire orientation? An employee security awareness program can alleviate the problem of employee security breaches by clarifying why security is important. 3. What is the relationship between an Acceptable Use Policy (AUP) and a Security Awareness & Training Policy? An acceptable use policy (AUP) is a document that outlines a set of rules to be followed by users or customers of a set of computing resources, which could be a computer network, website or large computer system. Security awareness training is a formal process for educating employees about corporate policies and procedures for working with information technology. 4. Why is it important to prevent users from engaging in downloading or installing applications and software found on the Internet? There are......

Words: 717 - Pages: 3

Lab 2

...UMUC NSCI 101/103 Lab 2: Types of Forces INSTRUCTIONS: On your own and without assistance, complete this Lab 2 Answer Form electronically and submit it via the Assignments Folder by the date listed on your Course Schedule (under Syllabus). To conduct your laboratory exercises, use the Laboratory Manual that is available in the classroom. Laboratory exercises on your CD may not be updated. Save your Lab 2 Answer Form in the following format: LastName_Lab2 (e.g., Smith_Lab2). You should submit your document in a Word (.doc or .docx) or Rich Text Format (.rtf) for best compatibility. Experiment 1: Friction Table 1: Applied Force Required to Slide Cup Cup Material Force Applied F1 m1 = 300 g water Force Applied F2 m2 = 150 g water F1 / FN1 F2 / FN2 Plastic Avg: Avg: Avg: Avg: Styrofoam Avg: Avg: Avg: Avg: Paper F1 m1 = 150 g water F2 m1 = 100 g water F1 / FN1 F2 / FN2 Avg: Avg: Avg: Avg: Surface Description Questions: What happened to your applied force Fapp as you decreased the amount of water in the cup? Assume the......

Words: 619 - Pages: 3

Ecet 220 Week 2 Lab Answers ( Graded )

...ECET 220 Week 2 Lab Answers ( graded ) Follow Below Link to Download Tutorial http://homeworklance.com/downloads/ecet-220-week-2-lab-answers-graded/ For More Information Visit Our Website ( http://homeworklance.com/ ) Email us At: Support@homeworklance.com or lancehomework@gmail.com Week 2 Lab Instructions Bipolar Junction Transistor – Biasing 1. Objectives • To analyze a normally biased BJT circuit comprising of a BJT and resistors and measure the circuit voltages between emitter, common, base, and collector. • To theoretically calculate and verify the circuit using Ohm’s Law, KCL and KVL. • Determine the voltage drop across the collector load resistance and measure the current passing through the emitter and collector resistors. 1. Equipment and Parts List Equipment: • IBM PC or compatible • DMM (digital multimeter) • Variable dc power supply Parts: Qty. Component Tolerance Band Wattage Rating, W 1 2N3904 Transistor 6 10 K Ω Resistor gold ¼ 1 Proto Board Hookup wires of different colors Software: MultiSim III. Procedure 1. Theoretical Analysis 1. Given the circuit in Figure 1, calculate the total resistance between the base and VCC in kΩ and the total collector resistance (combination of R3 and R4) in kΩ. Enter the values obtained in Table 1 on the worksheet. Figure 1 2. Given Figure 1, calculate the circuit voltages cited below entering the values in Table 2 on the......

Words: 1479 - Pages: 6

Ecet 220 Week 2 Lab Answers ( Graded )

...ECET 220 Week 2 Lab Answers ( graded ) Follow Below Link to Download Tutorial http://homeworklance.com/downloads/ecet-220-week-2-lab-answers-graded/ For More Information Visit Our Website ( http://homeworklance.com/ ) Email us At: Support@homeworklance.com or lancehomework@gmail.com Week 2 Lab Instructions Bipolar Junction Transistor – Biasing 1. Objectives • To analyze a normally biased BJT circuit comprising of a BJT and resistors and measure the circuit voltages between emitter, common, base, and collector. • To theoretically calculate and verify the circuit using Ohm’s Law, KCL and KVL. • Determine the voltage drop across the collector load resistance and measure the current passing through the emitter and collector resistors. 1. Equipment and Parts List Equipment: • IBM PC or compatible • DMM (digital multimeter) • Variable dc power supply Parts: Qty. Component Tolerance Band Wattage Rating, W 1 2N3904 Transistor 6 10 K Ω Resistor gold ¼ 1 Proto Board Hookup wires of different colors Software: MultiSim III. Procedure 1. Theoretical Analysis 1. Given the circuit in Figure 1, calculate the total resistance between the base and VCC in kΩ and the total collector resistance (combination of R3 and R4) in kΩ. Enter the values obtained in Table 1 on the worksheet. Figure 1 2. Given Figure 1, calculate the circuit voltages cited below entering the values in Table 2 on the......

Words: 1479 - Pages: 6