3.2.5 Notebook Prompts and Screen Shots
Step 9: Record what you see in the scan results:
• For the Ping scan, confirm the IP addresses match your topology diagram of the water treatment
facility network. Recall that some of the addresses are responsible for running the virtual lab.
• For the Quick Scan Plus:
a. What does this scan provide about this specific host that isn’t available in the Quick scan (used
in Activity 3.2.3)?
This scan provides the OS matches for host, TCP/IP fingerprint, and Network Distance
b. Record the detailed information for the required services on PumpPLC.
21 tcp open ftp
22 tcp open ssh
80 tcp open http
111 tcp open rpcbind
139 tcp open netbios-ssn
445 tcp open netbios-ssn
631 tcp open ipp
3306 tcp open mysql
8080 tcp open http
c. For the essential services, which of these, if any, should be accessible from outside the firewall?
Zenmap Scan: The only open port on PumpPLC was 22 for ssh over tcp.
d. How would unethical hackers use information from these scans to their advantage in
developing an attack plan?
Unethical hackers could use information from these scans to see which ports are open
and which services are running on each port. They could attack the network using
specific hosts.
Step 20: While Nessus is scanning, research an example of a plug-in and the impact an exploit of its
service may have on a system.
1. Research Plugin ID 84215 on the Nessus Tenable website. In a new browser tab, search “nessus
tenable” to find their site. (Do not select an Ad-based or Download link.)
2. On the home page, find a link similar to “Explore our latest research”. As of this writing, it’s in a
section showing “137,000+ Plugins”.
This study source was downloaded by 100000850872992 from CourseHero.com on 04-14-2023 07:24:20 GMT -05:00
https://www.coursehero.com/file/69767704/3-2-5-Exploring-Security-Frameworks-Notebook-Prompts-and-Screen-Shotspdf/
Step 9: Record what you see in the scan results:
• For the Ping scan, confirm the IP addresses match your topology diagram of the water treatment
facility network. Recall that some of the addresses are responsible for running the virtual lab.
• For the Quick Scan Plus:
a. What does this scan provide about this specific host that isn’t available in the Quick scan (used
in Activity 3.2.3)?
This scan provides the OS matches for host, TCP/IP fingerprint, and Network Distance
b. Record the detailed information for the required services on PumpPLC.
21 tcp open ftp
22 tcp open ssh
80 tcp open http
111 tcp open rpcbind
139 tcp open netbios-ssn
445 tcp open netbios-ssn
631 tcp open ipp
3306 tcp open mysql
8080 tcp open http
c. For the essential services, which of these, if any, should be accessible from outside the firewall?
Zenmap Scan: The only open port on PumpPLC was 22 for ssh over tcp.
d. How would unethical hackers use information from these scans to their advantage in
developing an attack plan?
Unethical hackers could use information from these scans to see which ports are open
and which services are running on each port. They could attack the network using
specific hosts.
Step 20: While Nessus is scanning, research an example of a plug-in and the impact an exploit of its
service may have on a system.
1. Research Plugin ID 84215 on the Nessus Tenable website. In a new browser tab, search “nessus
tenable” to find their site. (Do not select an Ad-based or Download link.)
2. On the home page, find a link similar to “Explore our latest research”. As of this writing, it’s in a
section showing “137,000+ Plugins”.
This study source was downloaded by 100000850872992 from CourseHero.com on 04-14-2023 07:24:20 GMT -05:00
https://www.coursehero.com/file/69767704/3-2-5-Exploring-Security-Frameworks-Notebook-Prompts-and-Screen-Shotspdf/
