Penetration Testing (PEN) allows the security practitioner to identify weaknesses before anyone else can exploit them. Effective communication of these vulnerabilities is essential. This assignment will explore two phases of PEN testing: scanning and exploitation.
Using your GCU-provided virtual machine, perform the following;
Using the Kali VM and Nmap, perform a scan of the network. Identify the IP addresses of the two target VMs.
Using the Kali VM and Nmap, identify the open ports and services running on the two identified targets.
Research at least one vulnerability on either of the two targets that can be exploited. Document your research.
As you go, take instructional notes and screenshots that will help to reproduce your process using the “Report Template,” located in Class Resources.
Then, at the end of the report, write a 250- to 350-word essay using the open network services that you discovered in your Nmap scan above to explain:
How can services discovered during host scanning be secured?
How does implementing security configuration parameters on network devices and other technologies (firewalls, IDS, etc.) defend against attacks and mitigate vulnerabilities?
The circumstances under which a vulnerability must be disclosed to an organization.
APA format is not required, but solid academic writing is expected.
This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.
Answer Preview-Penetration Testing (PEN)-ITT-307
