Scribd
Upload
208 views3 pages

Lab 2 Assessment

This lab involves using various tools to perform reconnaissance and probing of a network. Students will use Wireshark to capture and analyze network traffic, Nessus to scan for vulnerabilities, and NetWitness Investigator to review captured data. They will also use FileZilla, Tftpd64, and PuTTY to transfer files and connect to remote machines. Finally, Zenmap will be used to perform a scan of the network and generate a topology chart, with an intense scan performing numerous tests to analyze the network.

Uploaded by

AngelShirk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
208 views3 pages

Lab 2 Assessment

This lab involves using various tools to perform reconnaissance and probing of a network. Students will use Wireshark to capture and analyze network traffic, Nessus to scan for vulnerabilities, and NetWitness Investigator to review captured data. They will also use FileZilla, Tftpd64, and PuTTY to transfer files and connect to remote machines. Finally, Zenmap will be used to perform a scan of the network and generate a topology chart, with an intense scan performing numerous tests to analyze the network.

Uploaded by

AngelShirk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

CIS2530 - Introduction to Cybersecurity

Lab #2 Performing Reconnaissance and


Probing Using Common Tools
Assessment Worksheet

Course Number:

Student Name:

Overview:
In this lab, you will explore the common tools available in the virtual lab environment. You will use
Wireshark to capture and analyze network traffic, use Nessus to scan the network, review a sample
collection of data using NetWitness Investigator, connect to a remote Windows machine and explore
two file transfer applications, FileZilla and Tftpd64. You will use PuTTY to connect to a Linux machine
and run several Cisco commands to display statistics for the network interfaces. Finally, you will use
Zenmap to perform a scan of the network and create a network topology chart.

Lab Assessment Questions & Answers


1. Name at least five applications and tools used in the lab.
Wireshark, NetWitness, FileZilla, Tftpd64, PuTTY, Zenmap 2

2. What is promiscuous mode?


Promiscuous mode allows Wireshark to capture packets destined to any host on the same
subnet or virtual LAN.

3. How does Wireshark differ from NetWitness Investigator?


Wireshark captures live traffic and displays results at packet level. NetWitness Investigator
allows an overview of previously captured traffic which can be used to spot anomalies,
compliance issues, and Denial of Service attacks.

1|Page
CIS2530 - Introduction to Cybersecurity

4. Why is it important to select the student interface in the Wireshark?

5. What is the command line syntax for running an Intense Scan with Zenmap on a target subnet of
172.30.0.0/24?

6. Name at least five different scans that may be performed with Zenmap.

7. How many different tests (i.e., scripts) did your Intense Scan perform?

8. Based on your interpretation of the Intense Scan, describe the purpose/results of each tests script
performed during the report.

9. How many total IP hosts did Zenmap find on the network?

Material from the Lab Work


1. a. Screenshot of The Arrival Time for the Wireshark ICMP traffic

2|Page
CIS2530 - Introduction to Cybersecurity

1. b. Screenshot of the filename of the attachment in the NetWitness Investigator Demo Collection

1. c. Screenshot of a Fisheye Bubble chart from Zenmap scan

2. a. zenmap.xml document

2. a. Results of Cisco command tests document

Mills_Lab_2_putty.log

3. b. Tests run as part of the Intense scan

3|Page

You might also like