Describe each stage of ethical hacking.

Explain the differences between Zenmap, Nessus, and Metasploit.

When would you use each of these tools?

Identify the vulnerability you discovered during the scan of the Linux system during the lab.

Explain how the vulnerability would affect an organization.

Describe what you must do before performing any vulnerability test.

Now apply what you learned in the lab to the following scenario.

Introduction

Human threats such as theft, terrorism, and malicious insider attacks are considered significant threats to Acme Corporation, a multinational company located in Las Vegas, Nevada.

Scenario and Your Role

You are the head of the international information technology security team for Acme Corporation. Your team has recently discovered host-to-host threats using footprinting techniques such as port scanning and session hijacking.

Your team decided to use host-to-host security protocols such as Secure Socket Layer (SSL) and Transport Layer Security (TLS) to mitigate the host-to-host threats. However, the cybersecurity blue team recommends the implementation of a symmetric algorithm such as Advanced Encryption Standard (AES) 256 to protect data in Acme Corporation.

You need to write a briefing report to the CISO to apprise him of the situation and recommend a course of action.

Requirements

Continue working in the same document; simply start your briefing report on a new page with an appropriate heading.

Write a briefing report in which you:

Describe the procedures and tools used to discover the port scanning threats and the systems affected. Hint: You will need to make assumptions about the procedures and tools that would most likely be used.

Describe the procedures and tools used to discover the session hijacking threats and the systems affected. Hint: You will need to make assumptions about the procedures and tools that would most likely be used.

Evaluate procedures and tools for mitigating these threats, including:

Secure Socket Layer (SSL).

Transport Layer Security (TLS).

Advanced Encryption Standard (AES) 256.

Recommend a course of action (are the solutions implemented by the team sufficient, or should the company implement AES 256?).

Support your work with references to at least three recent, relevant professional articles or websites. Keep in mind that this is a briefing report. Be as concise as possible while providing enough detail that the CISO feels that he understands the situation.


    Make your order right away

    Confidentiality and privacy guaranteed

    satisfaction guaranteed