Reference no: EM133558454
Question 1: Executive Summary
Provide a brief summary of what you were asked to do, what did, and what results were obtained. Be certain to indicate how many controls you implemented, how many passed your test and evaluation.
Question 2: Assessment Scope
Describe the technical infrastructure you were asked to assess. How many systems? What network(s)? What tools, techniques, and practices were employed? What were your predictions?
Question 3: Assessment Methodology
In your words, detail the steps you took to fulfill the business requirements.
Question 4: Detailed Findings
Document what you found with each step in your methodology. You can use the following outline:
Action: what you did at the command line or in an application
Result: the result from the command line or application action
Screenshot: include a screenshot of the result with the current day and time clearly visible
Conclusion
Document your reflections here in a numbered list. Everyone must address the General questions. If you want a challenge, take on the Technical reflections too! Refer back to your predications (i.e., I predicted x but I got y).
Question 5: General
- What is vulnerability scanning, and why is it an essential aspect of cybersecurity?
- What are the main types of vulnerabilities that a vulnerability scanner can detect?
- What is the difference between an authenticated and unauthenticated vulnerability scan?
- What are some common vulnerability scanning tools used in the industry, and how do they differ from each other?
- What are some of the limitations of vulnerability scanning, and what are some other methods used to identify vulnerabilities?