Users Online

· Guests Online: 94

· Members Online: 0

· Total Members: 188
· Newest Member: meenachowdary055

Forum Threads

Newest Threads

No Threads created

Hottest Threads

No Threads created

Latest Articles

· Do while loop
· The for loop in C
· C while loop
· Pointers in C
· Functions in C

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site,
or upgrade to a Web browser that does support JavaScript; Firefox, Safari, Opera, Chrome or a version of Internet Explorer newer then version 6.

Articles Hierarchy

Articles Home » CompTIA » CompTIA CASP+ # Risk Management and IT Governance

CompTIA CASP+ # Risk Management and IT Governance

CompTIA CASP+ # Risk Management and IT Governance
with John Marx

16. Conducting Security Assessment

Learn all about risk management and IT governance for the CAS-003 exam.

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.

In this lab, we will use security utilities provided with Kali Linux to conduct a risk assessment. The lab provides a subnetwork of Linux and Windows servers to provide a complete VPC for exercising the Kali Linux utilities. Learning Objectives Successfully complete this lab by achieving the following learning objectives: Access the Kali Linux System Establish a session to the Kali Linux system: ssh cloud_user@ Change to superuser: su - Identify the Address Assigned to the Ethernet Controller Query the ethernet configuration on the Kali Linux server: ifconfig Make note of the IP address assigned to the primary ethernet controller. Use the `nmap` Command to Explore the Subnet Use the nmap utility to explore the ports open on the subnetwork. For help with nmap commands: nmap -h To scan a series or range of subnet private IP addresses: nmap -sn 10.0.1.1-255 To try other flags to speed the port scanning process: nmap -T4 -Pn -n -p- --min-parallelism 50 to 100 -vv 10.0.1.1-255 --max-retries 0 or 1 Use the hping3 Utility to Analyze a Single Host Use the hping3 to scan a certain host on the subnet: hping3 -1 Note: You may obtain the internal IP address of the host from the lab interface, the output from an nmap command, or the AWS dashboard. Use `nslookup` to Explore the Nameserver Configuration of Various Hosts Use nslookup to explore the A record on google.com: nslookup > google.com Use nslookup to look at MX records on google.com nslookup > set q=MX > google.com Use nslookup to interrogate other address types: nslookup > set type=any > google.com Use the dig Tool to Attempt a Domain Zone Transfer The syntax for the dig command is: dig axfr [domain host] [IP Address To Transfer To] Use `finger` to Determine Which Users Are Logged into Any Given Host Use the finger command to see who is logged in on a host: finger Or: finger -s root

Course Contents

Page 16 of 20: 1...13 14 151617 18 19 20

Comments

No Comments have been Posted.

Post Comment

Please Login to Post a Comment.

Ratings

Rating is available to Members only.

Please login or register to vote.

No Ratings have been Posted.

Render time: 1.09 seconds

10,824,624 unique visits