Lab 1
Assessment Worksheet
Develop an Attack & Penetration Plan
1. List the 5 steps of the hacking process.
Reconnaissance
Scanning
Gaining Access
Maintaining Access
Covering Tracks
2. In order to exploit or attack the targeted systems, the first initial step I would do to collect as much information as possible about the targets prior to devising an attack and penetration test plan would be reconnaissance. I would use passive reconnaissance as this pertains to information gathering.
3. The reconnaissance phase can have many different faces, and depending on the goal of the attacker, various tools and applications can be used. Nslookup can be used to look up all the available host on a network through the DNS server. You can get IP address information of hosts on your targeted network. You can also get the information of the purpose of the hosts. Whois lookup is a protocol that can be used to interrogate the servers operated by regional internet registries which holds information about every IP/Domain registered on the internet. You can get information about your target such as; the name of the owner, address of the owner. IP ranges that a certain IP belongs to, contact information like emails and phone numbers, administrators names and server names. You can also just use your targets web site. Sometimes the targets website can reveal way too much information without realizing it, and just by looking at the information they have on there can get you what you need. Social Engineering is also another way to get information that you desire. Without realizing it, you can get people to tell you whatever you want without them being the wiser. Most people are naïve and you can use that to your advantage.
4. A system has hardware, software, and then the human element. The first two systems may be almost impenetrable, but with enough patience and knowledge, a social engineer can use weaknesses to trick and unsuspecting target into revealing sensitive information. Social engineering includes scams such as obtaining passwords by pretending to be an employee, leveraging social media to identify new employees who might be more easily tricked into providing customer information, and basically any other method to attempt to breach security by obtaining trust. The major forms of social engineering are Phishing, Baiting, and Diversion Theft.
5. Enumeration is the first attack on a target network. It is the process to gather information about a target machine by actively connecting to it. It means to identify the user account, system account, and administrative accounts. Enumeration is the same as scanning a system for vulnerabilities that can be used to attack the system itself. This is vital to any hacker’s goal since it reveals the information needed to access the target. It can include a list of usernames, groups, applications, banner settings, and auditing information.
6. In most cases, an; attacker tries to avoid detection, and will do so by covering their tracks by purging information from the system to destroy any evidence of the crime. You must be careful when doing so because sometimes it is not what was covered up or deleted, it is what is not there that can get the hacker busted.
7. If an attacker wants to regain access to an already penetrated system, depending on the goals of the attacker, they may leave behind a backdoor on the system for later use. They can be used to regain access, as well as allow any number of different scenarios to take place, such as privilege escalations or remotely controlling a system.
8. When asked to perform an intrusive penetration test that involves cracking into the organizations WLAN, and you are able to retrieve the authentication key, you should use this and continue your penetration testing. Record your results and report your findings when you are finished. But if you can get the authentication key, what else are you really able to get? You should see how far your
International Leadership charter School / Unit 1: Scientific Inquiry Stage 1 – Desired Results Established Goals: Living Environment – 9th Grade S1 / KI-1 - Use scientific inquiry and analysis to pose questions, seek answers, and develop solutions RL.9-10.2 - Determine a theme or central idea of a text and analyze in detail its development over the course of the text, including how it emerges and is shaped and refined by specific details; provide an objective summary of the text. L.9-10.5 -…
reporting your results. Formal Lab Reports: You should keep ALL COMPLETE copies of lab reports in your 3-ring binder in a back section/tab labeled “AP Lab Reports”. Ultimately, all formal labs and lab worksheets should go into this binder for later use during review. Formal lab reports will be done on the computer and NEED TO BE TYPED and submitted to www.turnitin.com! They should be stored on a hard-drive or on disc/cd/flashdrive for back-up. Formal lab write-ups should contain the following:…
punch • tabbed dividers • loose-leaf paper • folders with holes for a 3-ring binder (for projects or papers you don’t want to hole-punch) The Sections Use a pencil to write the names of each unit on your tabbed dividers. If you do not have enough room on the tabs, you can shorten their titles. The units are: • Earth’s Surface • Rocks and Minerals • Geologic History • Plate Tectonics • Air, Weather, and Climate • Water on Earth • Energy and Earth’s Resources • Our Place in the Universe…
A.P. Environmental Science Syllabus 2009-2010 General scope and sequence for the course |Unit |Topic |Relevant Text Chapters | |1 |Sound Science, Stewardship and Sustainability |1, 22 | |2 |Ecosystems and Biogeochemical Cycles |2, 3, 4…
course, the comprehensive knowledge of each student will be measured by taking the Virginia State Standards of Learning (SOL) Test in Biology. Topics of Study The unifying theme for the course is the characteristics that all living things share are: 1. Scientific Method and The Nature of Science (integrated throughout the year) 2. Ecology: Interactions with the Environment 3. Molecules of Life: The Chemistry of Living Things 4. The Cell: structure and function; use of the microscope 5. Homeostasis:…
End of semester WaaHoo!!! Bill Friday Nov. 28th As of 3:30pm, Friday Nov. 28th, all queries/statements in Part II have been checked and verified at least once. Bill POST A QUESTION or ANSWER ONE, BELOW HERE Thanks Jake! **Prob 1 – List all rows and columns for the complete ORDERS table SELECT * FROM Orders **Prob 2 – List the order number for each order placed by customer number 148 on 10/20/2007 SELECT order_num FROM Orders WHERE orders.order_date = (select DATE('20071020'))…
a minimum of 120 units. At least 42 of those units must be in upper-division (300-400 level) coursework. To graduate you must have a minimum 2.0 GPA in your major, minor, and overall. This page outlines your General Education requirements. Page 4 will review the requirements for the Psychology major. General Education Requirements: Foundations Composition ENGL 101, 107 AND ENGL 102, 108 Or ENGL 109H (along with a 4 or 5 on the AP English exam) Mid-Career Writing Assessment: Fulfilled by an…
Instructor Avatar Help Info Students can click on the Instructor Avatar for more information to help them with the case. Click on avatar and a window appears with the following options: Preeclampsia pathophysiology Common lab tests Preeclampsia dangers Preeclampsia pathophysiology Preeclampsia progresses along a continuum from mild to severe preeclampsia, HELLP syndrome, or eclampsia. There is no definitive cause of preeclampsia, but the pathophysiology is distinct. Preeclampsia develops…