The additional info will be provided.
- Use Network Utilities And Protocols From The TCP/IP Suite – Step 6 – Output From “ipconfig /all”
- Examining the ARP Protocol Using Wireshark – Step 5 – Wireshark Capture of ARP Packets
- Capture and Analyze a UDP Datagram – Step 7 – UDP Wireshark Capture with UDP Details
To complete this assignment, review the prompt and grading rubric in the Lab Guidelines and Rubric document. Refer to the Course Lab Guidelines document to view the screenshots you will need to take to complete this lab. Screenshots must include your name and date.
IT 643 Course Lab Guidelines Overview Each lab will give you valuable, real-world experience using cybersecurity tools to evaluate the security posture of an organization. You will use these various tools to identify risks and vulnerabilities within an organization’s network. Your analysis will be instrumental for you in identifying remediation strategies to mitigate the vulnerabilities identified. These labs contain valuable information and experience that will assist you with your final project. What to Expect in the Lab Environment The lab exercises and tasks typically take approximately 30 to 60 minutes to complete; however, each student is different and some may take longer or shorter. Extremely Important! Infosec includes instructions within the platform to complete the assigned lab. You will be given a time limit for each session of the lab. Ensure that you complete and capture any information you need during your session before time expires. Once time expires, the lab environment will be reset and all information on the lab virtual systems will be lost. Students can take multiple attempts at the lab. While Challenge Flag completion will be preserved across multiple attempts, as noted
above, the virtual servers are reset so no changes to those systems will persist.
Lab Title Required Screenshots Total Possible InfoSec Points
Module One Lab 1-2: TCP/IP Protocols – The Core Protocols
1. USE NETWORK UTILITIES AND PROTOCOLS FROM THE TCP/IP SUITE – Step 6 – Output from “ipconfig /all”
2. EXAMINING THE ARP PROTOCOL USING WIRESHARK – Step 5 – Wireshark Capture of ARP Packets
3. CAPTURE AND ANALYZE A UDP DATAGRAM – Step 7 – UDP Wireshark Capture with UDP Details
15
Lab Title Required Screenshots Total Possible InfoSec Points
Module One Lab 1-3: Capturing and Analyzing Network Traffic Using a Sniffer
1. Analyzing The Traffic – Step 2 – Wireshark Showing FTP Password 2. Analyzing The Traffic – Step 3 – Wireshark Showing POP Password 3. Analyzing The Traffic – Step 6 – Wireshark Showing E-Mail TCP Stream 4. Analyzing The Traffic – Step 10 – Wireshark Showing Telnet “creeper” Add
15
Module Two Lab 2-2: Examining Wireless Networks
1. Viewing Wireless Networks And Connected Devices – Step 10 – Wireshark Display of Router Using “SSID of OPENWIFI”
2. Viewing Wireless Traffic Above Layer 2 – Step 10 – Wireshark Display of Adding Group and User
3. Parsing Object From Traffic – Step 18 – Show Flags 2–6 as Completed (Green Check)
15
Module Two Lab 2-3: Deep Dive in Packet Analysis Using Wireshark and Network Miner
1. Viewing Protocols with Wireshark – Step 18 – Telnet Login 2. Viewing Protocols with Wireshark – Step 24 – Echo 3. Parsing Objects with Wireshark – Step 12 – Challenge 2, 3, and 4 Complete 4. Using Network Miner – Step 6 – Usernames and Passwords 5. Using Network Miner – Step 12 – Challenge 5 and 6 Complete
15
Module Three Lab 3-2: Network Security – Firewalls
1. View Windows Firewall Features – Step 8 – Challenge 2 Complete 2. View Windows Firewall Features – Step 10 – Challenge 3 Complete 3. Configure An Exception In Windows Firewall – Step 21 – Challenge 4 Complete 4. View And Configure Windows Firewall With Advanced Security (WFAS) – Step 12 –
Successful “Ping” of 192.168.12.11 5. Create A Firewall Rule (Iptables) Within Linux – Step 7 – Challenge 6 Complete
15
Lab Title Required Screenshots Total Possible InfoSec Points
Module Three Lab 3-3: Configuring a Windows Firewall to Allow Incoming Traffic
1. Configuring And Testing The Windows-Based Firewall – Step 21 – NMAP Output Showing the 3 Open Services
2. Configuring And Testing The Windows-Based Firewall – Step 35 Wireshark TCP Stream of HTTP Session
3. Using Internal Services From An External Machine – Step 18 – Display of PNG File in Browser
15
Module Four Lab 4-2: Configuring a Windows Firewall to Allow Incoming Traffic
1. Configuring And Testing The Linux-Based Firewall- Step 22 – Checking Outbound FTP 2. Configuring And Testing The Linux-Based Firewall – Step 33- Display of Current Rules 3. Configuring And Testing The Linux-Based Firewall- Step 34 – Results of NMAP
showing the 5 ports are Open 4. Using Internal Services From An External Machine – Step 15- Five Green Checks for
Testing Account Settings
15
Module Four Lab 4-3: Securing the pfSense Firewall
1. Testing The Firewall From The External Network – Step 6 – Output from Zenmap 2. Closing Unnecessary Ports On The Pfsense Firewall – Step 6 – Challenge #3 Complete 3. Closing Unnecessary Ports On The Pfsense Firewall – Step 8 – Challenge #4 Complete 4. Adding A Secure Service To The Pfsense Firewall – Step 22 – Challenge #5 Complete 5. Adding A Secure Service To The Pfsense Firewall – Step 23 – Challenge #6 Complete
15
Module Five Lab 5-2: Intrusion Detection Using Snort
1. Setting Up The Sniffer – Step 27 – Wireshark showing TCPDump Capture 2. Detecting Unwanted Incoming Attacks – Step 14 – Output from Alert.IDS 3. Detecting Unwanted Outgoing Traffic – Step 32 – Wireshark TCP Stream of Traffic
Between Victim and Target
15
Module Five Lab 5-3: Writing Custom Rules
1. The Hacker Enters The Network – Step 36 – Telnet Alerts from Alert.ids file 2. Writing Custom Rules – Step 5 – Third Custom Rule Change 3. The Hacker Triggers Alerts – Step 13 – Hash Dump 4. The Hacker Triggers Alerts – Step 17 – Output From alert.ids Showing fgdump Alert
15
Lab Title Required Screenshots Total Possible InfoSec Points
Module Six Lab 6-2: Vulnerability Scanning of a Linux Server
1. Scanning The Network For Vulnerable Systems – Using NMAP – Step 11 – NMAP Output
2. Scanning The Network For Vulnerable Systems – Using NMAP – Step 18 – NMAP Output
3. Scanning The Network For Vulnerable Systems – Using NMAP – Step 23 – NMAP Output
4. Scanning With OpenVAS – Analyzing the Scan Report – Step 5 – Scan Report
15
Module Six Lab 6-3: Perform Reconnaissance from the WAN
1. Banner Grabbing – Step 19 – Challenge #2 Complete 2. Banner Grabbing – Step 20 – Challenge #3 Complete 3. Advanced Scanning With Nmap – Step 9 NMAP Output 4. Advanced Scanning With Nmap – Step 23 NMAP Output 5. Analysis And Exploitation – Step 4 – Challenge #4, #5, and #6 Complete 6. Analysis And Exploitation – Step 12 – Output From John Showing Password
15
Module Seven Lab 7-2: Signature Detection and Alerting an Admin
1. Verifying It Works – Step 8 – Alert Log Output 2. Alerting An Admin – Step 8 – Alert E-Mail 3. Alerting An Admin – Step 11 – Alert Log Output
15
Module Seven Lab 7-3: Scanning the Network on the LAN
1. Scanning – Step 9 – Challenge #2 and #3 Complete 2. Scanning – Step 11 – Challenge #4 Complete 3. Scanning With Metasploit And Armitage – Step 23 – Armitage Scan Complete 4. Exploitation – Step 7 – /etc/shadow Output 5. Exploitation – Step 25 – Showing All 4 Systems Compromised
15
Lab Title Required Screenshots Total Possible InfoSec Points
Module Eight Lab 8-2: Log Analysis of Linux Systems with GREP and GAWK
1. Nmap Analysis Using Grep – Parsing Nmap Reports With CLI – Step 10 – grep with Open Ports
2. Nmap Analysis Using Grep – Parsing Nmap Reports With Scripts – Step 7- Parsing Report
3. Log Analysis Using Grep – Step 9 – Access Log File and Curl 4. Log Analysis Using Gawk – Using gawk With Logs – Step 6 – Names of New Users 5. FTP Log Analysis – FTP Access Analysis – Step 5 – Log Output of Failed Attempts
15
Module Eight Lab 8-3: IPS, Syslog, and NTP
1. Disabling Default Ruleset – Step 4 – Output 2. Enabling IPS – Step 9 – Configuration Verification 3. Configuring the Syslog Server – Step 13 – Verify Log Creation 4. Synchronized Logging – Step 9 – Verify Time Source
15
IT 643 Lab Guidelines and Rubric Overview: Throughout this course, you will be completing several labs. These labs have two purposes:
To provide you with valuable opportunities to “walk a mile in the shoes” of a forensic practitioner performing basic forensic tasks (Gaining this type of experience is necessary for managing and relating to the individuals and teams you will interact with in the field.)
To help you practice the communication and writing skills you will need to employ in both pieces of your final project It is important to note that these activities are relevant to your final project. They are practice opportunities that focus on some of the specific topics and skills that need to be addressed in the network defense training manual you will create, and the milestones you will complete in modules throughout the course. It is expected that examples and details from your experiences with the labs will support the sections in your training manual. Required Screenshots: In your lab report submission, be sure to include the screenshots outlined in the IT 643 Course Lab Guidelines document. Screenshots need to display your name and the date within the image. Follow these steps to complete the screenshot: How to Take a Screenshot (in Windows)
1. Open Notepad and type your name and the date. 2. Place the Notepad screen next to the InfoSec lab you are completing. 3. Hit the Control and Print Screen keys together (Ctrl + PrtScr). 4. Open a Microsoft Word document and paste the screenshot. 5. When you have finished pasting screenshots, upload the entire Word document to your assignment.
Rubric Guidelines for Submission: For each lab assignment, follow the instructions provided in the prompt. Each lab assignment should be submitted as a Microsoft Word document with the required screenshots. Any sources must be cited according to APA style.
Critical Elements Proficient (100%) Needs Improvement (75%) Not Evident (0%) Value
Lab Summary Provides a thorough summary of the lab Provides brief summary of the lab, and summary is cursory or contains inaccuracies
Does not provide lab name and brief summary of the lab
20
Screenshots Includes all required screenshots with student name and date
Includes at least 75% of required screenshots with student name and date; does not include all necessary screenshots
Does not include screenshots 70
Critical Elements Proficient (100%) Needs Improvement (75%) Not Evident (0%) Value
Articulation of Response
Submission has no major errors related to citations, grammar, spelling, or organization
Submission has some errors related to citations, grammar, spelling, or organization that negatively impact readability and articulation of main ideas
Submission has critical errors related to citations, grammar, spelling, or organization that prevent understanding of ideas
10
Total 100%
All papers you get at efficientpapers.com are meant for research purposes only. The papers are not supposed to be submitted for academic credit.
