Users Online

· Guests Online: 94

· Members Online: 0

· Total Members: 188
· Newest Member: meenachowdary055

Forum Threads

Newest Threads
No Threads created
Hottest Threads
No Threads created

Latest Articles

CompTIA CASP+ # Risk Management and IT Governance

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


16. Conducting Security Assessment




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.

In this lab, we will use security utilities provided with Kali Linux to conduct a risk assessment. The lab provides a subnetwork of Linux and Windows servers to provide a complete VPC for exercising the Kali Linux utilities. Learning Objectives Successfully complete this lab by achieving the following learning objectives: Access the Kali Linux System Establish a session to the Kali Linux system: ssh cloud_user@ Change to superuser: su - Identify the Address Assigned to the Ethernet Controller Query the ethernet configuration on the Kali Linux server: ifconfig Make note of the IP address assigned to the primary ethernet controller. Use the `nmap` Command to Explore the Subnet Use the nmap utility to explore the ports open on the subnetwork. For help with nmap commands: nmap -h To scan a series or range of subnet private IP addresses: nmap -sn 10.0.1.1-255 To try other flags to speed the port scanning process: nmap -T4 -Pn -n -p- --min-parallelism 50 to 100 -vv 10.0.1.1-255 --max-retries 0 or 1 Use the hping3 Utility to Analyze a Single Host Use the hping3 to scan a certain host on the subnet: hping3 -1 Note: You may obtain the internal IP address of the host from the lab interface, the output from an nmap command, or the AWS dashboard. Use `nslookup` to Explore the Nameserver Configuration of Various Hosts Use nslookup to explore the A record on google.com: nslookup > google.com Use nslookup to look at MX records on google.com nslookup > set q=MX > google.com Use nslookup to interrogate other address types: nslookup > set type=any > google.com Use the dig Tool to Attempt a Domain Zone Transfer The syntax for the dig command is: dig axfr [domain host] [IP Address To Transfer To] Use `finger` to Determine Which Users Are Logged into Any Given Host Use the finger command to see who is logged in on a host: finger Or: finger -s root


  

Course Contents

Comments

No Comments have been Posted.

Post Comment

Please Login to Post a Comment.

Ratings

Rating is available to Members only.

Please login or register to vote.

No Ratings have been Posted.
Render time: 1.09 seconds
10,824,624 unique visits