Overview

Introduction

Welcome to the Using various tools for security assessments Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Identifying Live Systems
  • Perform Network Footprinting

After completing this lab, you will be able to:

  • Connect to Kali
  • Identify live systems using nmap
  • Identify live systems using hping3
  • Use Nmap
  • Use Zenmap

Exam Objectives

The following exam objectives are covered in this lab:

  • CAS-003 3.2 Analyze a scenario or output, and select the appropriate tool for a security assessment.
  • CAS-003 3.3 Given a scenario, implement incident response and recovery procedures.

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1 - Identifying Live Systems

The basic and foremost step in studying the physical connectivity of networks is scanning. Scanning (also known as probing) is a process of leading the target machines to reveal useful information about them. A network scanner is a tool that will aid in scanning networks. Some of the popularly used network scanner tools are nmap and hping3. Both nmap and hping3 have several features that give complete control over the scans that you perform. You can download the appropriate nmap and hping3 tools for your operating system from the following respective links:

For this demonstration, nmap & hping3 are bundled with the default installation of Kali Linux.

In this exercise, you will learn to identify live systems using nmap and hping3.

Learning Outcomes

After completing this exercise, you will be able to:

  • Connect to Kali
  • Identify live systems using nmap
  • Identify live systems using hping3

Exercise 2 - Perform Network Footprinting

A network scan is usually the first step in an attempt to penetrate security (or indeed to establish what needs defending). Footprinting establishes the topology and protocols deployed on the network while fingerprinting determines the services and other configuration details of a target host.

One of the most popular scanning tools is nmap. This is a command-line program operated using scripts. A GUI version (Zenmap) can perform several very useful pre-configured scans though.

Learning Outcomes

After completing this exercise, you will be able to:

  • Use Nmap
  • Use Zenmap

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.