Assignemnt: Ethical Hacking
Part I
Write 600 words that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your classmates. Be substantive and clear, and use examples to reinforce your ideas.
After the footprinting tasks are completed, the attacker will have a good understanding about the security posture and very high-level network and server details. The next step that the attacker will perform is to scan and enumerate the systems. To help understand what scanning and enumeration are, provide your responses to the following:
• Describe scanning and enumeration.
• Discuss the pros and cons of 2 scanning and enumeration tools.
• Explain how enumeration can be considered first contact.
Part II
Write 600 words that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your classmates. Be substantive and clear, and use examples to reinforce your ideas:
• Discuss the importance of having a signed agreement, and give the implications of conducting a pen test without one.
• Many organizations employ intrusion detection systems (IDS) or even intrusion prevention systems (IPS). It is important to understand how these tools protect the organization.
• Describe how footprinting the stages of an attack might not be detected by an IDS.
• Recommend an IDS for your organization and include the pros and cons behind your recommendation.
Vulnerability Assessment and Management
Part I
Write 600 words that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your classmates. Be substantive and clear, and use examples to reinforce your ideas:
The team is concerned about understanding the difference between an authenticated and unauthenticated attack. They have asked you to describe what each one of them is and to provide examples of each. Prepare a report for your peers that describes the following:
• The definition and at least 2 examples if an unauthenticated attack.
• The definition and at least 2 examples if an authenticated attack.