Security Essentials, Lab Manual page 22

Copyright Goodheart-Willcox Co., Inc. May not be reproduced or posted to a publicly accessible website. 22 Security Essentials Lab Manual Name ________________________________________________________________ Date ________________________ Class ________________ Lab 3-2 Vulnerability Scanner A vulnerability scanner automates the process of scanning systems for potential weaknesses. Nessus developed a vulnerability scanner that can be used for free: Nessus Essentials (formerly Nessus Home). If this program has not been installed on your machine, navigate to www.tenable.com, download Nessus Essentials, and install the software before beginning this activity. Note that to download the file, you will need to provide a valid e-mail address to receive the activation code. Learning Goals • Conduct a vulnerability scan on a device. • Analyze the results of a vulnerability scan. Materials • Virtual machine or other machine for which you have administrator permissions • Microsoft Windows 10 • Nessus Essentials • Registration key for Nessus Essentials (sent to e-mail address used to obtain Nessus) Procedures 1. Once Nessus has been installed, it opens automatically in your default browser. Choose Connect with SSL. You may get a privacy error, which is expected due the use of a self-signed digital certificate. However, you should continue to the localhost, regardless. This error occurs only if there is no local certificate. If prompted, accept the warning and continue to the localhost. For example, the following shows an error displayed in Chrome. To bypass the warning, the user should select Advanced Proceed to localhost. 2. On the Welcome to Nessus page, choose Nessus Essentials and click Continue. Skip the next step if you received an activation code in your e-mail. On the resulting screen, enter your activation code. 3. If you have not already done, create a user account and password that you will use to access Nessus Essentials. Obtain the activation code that was sent to your e-mail address and enter it to activate the software. Following activation, you will be prompted to create a Nessus administrator account. 4. On the main Welcome to Nessus Essentials screen, enter either your local IP address or the loopback adapter address 127.0.0.1 to scan your local computer. Click Submit. 5. On the following screen, click Start Scan. A basic scan begins. You can monitor its progress in the Scan Details portion on the right side of the screen. As it scans, any information that includes vulnerabilities will appear at the top of the screen in the Vulnerabilities tab. Goodheart-Willcox Publisher

Previous Page Next Page

Security Essentials, Lab Manual Page 22 (30 of 232)

Resources and Downloads

Help