Module 5. Vulnerability Assessment

Vulnerability assessments scan networks for known security weaknesses: it recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channel; and evaluates the target systems for vulnerabilities such as missing patches, unnecessary services, weak authentication, and weak encryption. Additionally, it assists security professionals in securing the network by determining security loopholes or vulnerabilities in the current security mechanism before attackers can exploit them.

The information gleaned from a vulnerability assessment helps you to identify weaknesses that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.

The labs in this module will give you real-time experience in collecting information regarding underlying vulnerabilities in the target system using various online sources and vulnerability assessment tools.

Objective

The objective of this lab is to extract information about the target system that includes, but not limited to:

• Network vulnerabilities

• IP and Transmission Control Protocol/User Datagram Protocol (TCP/UDP) ports and services that are listening

• Application and services configuration errors/vulnerabilities

• The OS version running on computers or devices

• Applications installed on computers

• Accounts with weak passwords

• Files and folders with weak permissions

• Default services and applications that may have to be uninstalled

• Mistakes in the security configuration of common applications

• Computers exposed to known or publicly reported vulnerabilities