Project 1 - System Scan Report

Hide Assignment Information

Turnitin™

This assignment will be submitted to Turnitin™.

Instructions

This week, you will submit your first project, the System Scan Report. Your report should
include the following:

Introduction
Target System
Zenmap Scan
OpenVAS Scan
Open Socket Connection
Recommendations
References

If you haven’t already done so last week:

Follow the instructions to setup your Virtual Machine Hacking Lab.

Download the System Scan Report Template and follow the instructions in
the document. 
Delete the instructional text from the template before you submit.

How Will My Work Be Evaluated?

1.2.1: Identify the target audience, the context, and the goal of the communication.

Provide a brief introduction explaining the services performed and a summary at

the end with the important findings of the scan. Validate your recommendations
using industry standard techniques. Include at least two to three references in IEEE
format.

1.4.2: Use vocabulary appropriate for the discipline, genre, and intended audience.

Make sure the report to the client contains grammatically correct language without
any spelling or typographical errors. Explain industry acronyms when they are
introduced since they may be unfamiliar to the client.
 10.1.2: Gather project requirements to meet stakeholder needs.

The client has asked for a Zenmap scan, an OpenVAS vulnerability scan, and to use
other accepted industry practices for the systems scan. You will need to include
screenshots and note the application versions that are listed and displayed in the
scan results.

12.2.1: Identify systems for the risk assessment.

During any scan report, it is critical that you list the IP address of the system you
are using to connect to the client's corporate network (for auditing purposes) as
well as the IP address of the system(s) that you are scanning. Discuss the scope of
engagement and the limitations of your actions to stay within the parameters of
the test.

12.2.2: Perform a risk analysis.

Explain to the client the security issues that are present on the Linux system.
Discuss critical vulnerabilities that need to be addressed and the measures that
may need to be taken to deal with the underlying security issues (additional staff,
equipment, billable hours, etc.).

13.1.1: Create documentation appropriate to the stakeholder.

In this section, recommend that you and your contractors perform a full
penetration test on the target system. Mention the implications (ransomware,
exfiltration, credential harvesting, etc.) that might occur if the security issues are
not addressed.

When you are finished, click “add a file” to upload your work, and then click the Submit
button.