9 hours 24 minutes
everyone Welcome back to the core. So in the last video, we talked about how our first control in the CIA security controls maps to the NIST cybersecurity framework.
In this video, we're gonna go ahead into a simple lab. We're just gonna run a skin with end map and specifically were to use n map the gooey version of it.
So don't worry about if you don't have experience with and map or any hands on experience, we're gonna walk through step by step in this particular video. I also want to mention that the step by step guide you see on the screen here, these were available for download in the resource is section of the course for you're welcome to use these to guide yourself through the lab or if you want to follow along with the video, that's fine as well.
So first things first, you're gonna be loved into Sai Buri, and then you're gonna search for the running network scan using and map Lab.
And I've also included a link up top here is you can just click on that link from your own system and it should take you directly to the lab
Once you get in the lab, you'll go ahead and launch it. Click the launch item button and then what you'll find after it takes about a minute or two. But once the lab launches, you'll see the screen that we're looking at right now.
So the first thing you want to do is just log into the Windows machine here. So just click on the screen there, and then it gives you the credentials right here. So it should default to putting your years. Your account is the administrator, and then all you should have to do is just enter in the password. So we're just gonna enter in the word password. So capital P lower case A S S
W the number zero. So that's a zero, not a capital O
lower case R D and then exclamation point that I'll go ahead and get us loved in there.
My take. Just a moment. So to pull it the desktop screen.
One thing I also want to mention as it's doing that is make sure you click through the lab and check these boxes as you're going through it, so it will continue to mark your progress and that way, when you get to the end of the lab that we're doing,
you will show is 100% complete. No, I'm not going to do that on my end because I'm not worried about showing completion on this particular lab. But on your side, you'll want to make sure you check those boxes to show that you've completed those steps in the lab.
Okay, so once the Windows desktop screen there pulls up,
what you're going to do is launch the again this gooey version of en masse. So it's called Zen map. So it's gonna be this little I look in icon right here. Just go ahead and double click on that
might take a moment. So four to go ahead and launch for you. Sometimes it's a little slow. And while it's doing that there,
we're gonna take a look back at our step by step guides. And now we're gonna be down here at step number seven. So what we're going to do is entering this I p address range and we're gonna scan this entire range of sub nets.
So let's go ahead and do that now. So in this target box here under Zen map. We're gonna go ahead and enter in that range of I P addresses. So it's gonna be 1 92
0.10 dot one and then dashed to 55.
It's already defaulted to the intense scans. If we look back at our step by step guide here in step A, just make sure that it is
showing the intense can. There, for some reason, is showing something else. Just make sure you select and 10 skin, and then all you have to do is click the scan button. Now, I'm gonna pause a video here because it takes about 4 to 5 minutes for the scan to run and will pick things back up once it's completed and do the same thing on your end. So while you're running this here, go ahead and pause this video,
wait until it's done and then restart the video.
Okay, Now that the scan has completed, the next thing we want to do is go ahead and save the skin. So the way we view that as just click thes scan button at the top left
and they were gonna select to save the scan.
Now I'm gonna go ahead and save the skin to my desktop,
and I'm gonna go ahead and rename the file.
Ah, first scan dot xml So first jan dot xml
and you'll see on the step by step guide. We've got it right there for you as well.
Now, go ahead. Just save that there
and we're gonna take a look here in the end map output window. So you've got a couple of questions here.
So once we look at the results here and just scroll up and down to review the results Question number one, do you see any limits host and question number two? Do you see any win Windows hosts?
Common Sense says You'll probably say yes to that. If you were scanning actual network, he probably gets to both of those. But let's actually take a look here and see what we have.
So if we scroll up a little bit here, we'll see that we do have a Lennox host. And if we keep scrolling up page a little bit, will also see that we've got a few windows host on this particular network that we're finding.
So you'll see here. We've got some windows.
And if we help a little further, we got some additional windows machines just as well.
All right, let's go back to our step by step lab guide.
So next thing we're going to do here in step 12 we're gonna select the services tab, and they were to select h T T p.
So let's go ahead and do that. I'm going to scroll down for continuity either. So click the services tab right here and then select H T T P.
So now we have a question. So do you see a web server on the network? So if you were, if your screen looks like mind, then the answer is yes, right. You do see a web server. So you see it? I I s server right here on the network.
Okay, the next thing we're going to do is select Resource is tap,
and then we're gonna choose deline. ICS one machines were gonna log into the other machine, So just over here on the right side of the screen, select a resource is right here,
and they were gonna select this linen one machine right here,
and it's going to take just a moment or so to pull up for us,
and now we just need to go ahead and log in this particular machine. So it's got the user name of password on the right side here for us. But we'll go ahead. Just type that in so
you may not see as I type what I'm typing into. Just be mindful of that. On your end is your typing make sure typing everything correctly.
So when a type in you o N e all over case
and then it's gonna prompt us for the password, which is going to be capital P lower case A and then the dollar sign the dollar sign again. Lower case W the number zero
lower case R D
and then Capital ABC
123 And by the way, never use a password that simple, right? We all know that common sense.
Okay, so you see, was going ahead logged in there. Let's go back to our step by step lab guide here.
Now we're going to do is down here on step number 15. We're gonna go ahead and type in this command here to stop service, and then we'll go ahead and check the status of it.
So we're to type in pseudo
space, S s h d. And then stop and then just hit the enter key on your keyboard there. It usually will prompt you for the passwords we're going to entering. That same password writes in the capital P lower case A the dollar sign the dollar sign lower case W the number zero lower case R D capital ABC and then 123
And that should stop it. Force their perfect. Okay, now we just need to double check ourselves right to make sure that we actually did stop the service. So we're gonna type in pseudo
s s h d and then to check the status of it
and we'll see there that it's a stopped.
Okay, let's go back to our step by step lab guide.
So now we're gonna go back to the witness machines, will go back to resource is and we're gonna run the same scan we did again. So let's go back to our Windows machine here,
and we're gonna run the exact same scan again that we did before.
Now what I'm going to do is I'm just gonna go ahead and close out of this and just launch it again. Um,
just so you can see from a blank screen there,
but you don't have to do it that way. You could just actually run the scan. All right, so now we're just gonna type in. Like I said, the same I p address 1 92.168
0.10 dot one dash to 55 of the same range, and we're gonna do the same intense scans. What's good and scan that
and similar thing here is gonna take about 4 to 5 minutes. I'm gonna pause this video and will pick up the skin in the next video.
CIS Top 20 Critical Security Controls
This course will provide students with an overview of the CIS Top 20 Critical Security Controls v7.1. Students in this course will learn each CIS control and why it is important to an organization.