Module Overview
Why are security controls important to an organization and its network security? Security controls are the mechanisms used to safeguard an organization's data. When these controls are being created, many factors must be considered:
• Who will have access to the data?
• Will a user be able to access data from a remote location?
• Where will information be stored?
• What kinds of devices will be allowed to access the data?
The labs in this module will be a great starting place to explore how an attacker gains access to an organization's data. An attacker has several reconnaissance steps in order to gain information about a user, organization, agency, or business. The process can include footprinting, social engineering, network enumeration, and port scanning. The initial step of information gathering is called footprinting, which is the process of gathering as much public information that is available about an information system. Footprinting gathers any information about domain names, services, scanning for open ports, remote capabilities, and any evident security controls. This process usually takes place in the form of open-source footprinting, and the information is often garnered from a public website that is accessed legally. Typically, footprinting is accomplished through a whois query to inquire public documents. After someone has completed footprinting, that individual often uses social engineering to gain access to an organization's network. Network enumeration is the process of probing and discovering domain names in a nonintrusive manner. Typically, network enumeration is identified through searching the internet and determining any networks attached to them. The results obtained can be used by a hacker to gain access to an organization's network. Finally, port scanning will identify communication outlets that can be exploited and how particular aspects of company information can expose the organization to hacking.
After engaging in the virtual activities in this module, you will have a better understanding of how hackers can exploit company information and how this information informs the development of security and response policies, security controls, and response mechanisms that can help address vulnerabilities.
While there is a discussion activity that will allow you to talk with your peers and instructor about any key points or questions, the two labs in this module should be your focus.
Learning Objectives
By the end of this module, you will meet these learning objectives:
• Appraise risk or vulnerabilities when accessing the organization information system or network
• Diagnose network security posture using Zenmap and OpenVAS
• Uncover available open ports that could be a security risk
Plan at a Glance
This is the recommended plan for completing the reading assignments and activities within the module. Additional information can be found in the module Reading and Resources section and in the task list.
8. Read Chapter 1, review the related lab presentation, and complete the lab. Post any questions or comments about the lab in the optional forum.
9. Read Chapter 2, review the related lab presentation, and complete the lab. Post any questions or comments about the lab in the optional forum.
Reading and Resources
Required Resources
Textbook: Hacker Techniques, Tools, and Incident Handling, Chapters 1 and 2
Presentations: Footprinting and Social Engineering (Lesson 1) and Port Scanning, Enumeration, and System Hacking (Lesson ¬2) Review these lecture presentations through the Jones & Bartlett lab environment.
The footprinting process involves gathering information about domain names, services, scanning for open ports, remote capabilities, and any evident security controls.
Attachment:- Lab.rar