Security Essentials, Lab Manual page 23

Chapter 3 Security Evaluation 23 Copyright Goodheart-Willcox Co., Inc. May not be reproduced or posted to a publicly accessible website. Name ________________________________________________________________ 6. When the basic scan completes, review any vulnerabilities listed. Provide a screenshot of your result. 7. In the upper right-hand corner of the screen, choose New Scan. This lists additional scan options templates you can choose to deploy. The available templates are displayed. 8. Click the Advanced Scan button. Name the scan Baseline Advanced Scan. In the description, enter create a baseline of vulnerabilities. Leave the default folder. Add your IP or loopback address in the scan. View the options available in the other setting tabs. Under Reports, check the box to Designate hosts by their DNS name. Save your settings. 9. For this activity, you will run a credentialed scan. Click on the Credentials tab. Choose to run in Windows and provide your authentication information in the input screen. Click Save. 10. From the My Scans page, select Baseline Advanced Scan. Click the Play button to launch the scan. You can view the progress of the scan by clicking it as it is running. 11. Analyze the output from the advanced scan. How was the credentialed scan different from the basic scan? _ __________________________________________________________________________________________________________________ __________________________________________________________________________________________________________________ _________________________________________________________________________________________________________________ How many Critical results were discovered? How many High results? List both types of results and provide a screenshot of the graph detailing the vulnerabilities. _ __________________________________________________________________________________________________________________ __________________________________________________________________________________________________________________ _________________________________________________________________________________________________________________ 12. Creating a policy template is a useful strategy for scanning. From the menu on the left side of the page, select Resources Policies New policy. 13. You will create a policy that will be used to scan hosts on a network. Select Advanced Scan, and configure the following settings: BASIC • Name: Monthly Network Vulnerability Scan • Description: monthly scan of business computers DISCOVERY • Check the box for Use fast network discovery • Check the box for Scan Network Printers REPORT • Designate hosts by their DNS name • Display unreachable hosts ADVANCED • Stop scanning hosts that become unresponsive during the scan Save your policy. Once saved, you can use this scan or export it to other Nessus installations. To locate your scan, select My Scans New Scan User Defined. Provide a screenshot of your custom scan. 14. Create and run a new scan using a template you have not yet used. Summarize the benefits of this template and provide a screenshot of your result. _ __________________________________________________________________________________________________________________ __________________________________________________________________________________________________________________ _________________________________________________________________________________________________________________

Previous Page Next Page

Security Essentials, Lab Manual Page 23 (31 of 232)

Resources and Downloads

Help