Methods for Reconnaissance and Social Engineering
I will add the screenshots in
Methods for Reconnaissance and Social Engineering
I will add the screenshots in part 2 and answer any questions related to the lab assignmnets
Part one:
Write 1–2 pages on the following: Identify the technologies and tactics that a small organization can employ to prevent DOS and DDOS attacks.
Please answer the following questions. Conduct research and cite supporting sources in APA format where appropriate.
Describe the different capabilities of Low Orbit Ion Cannon. Search and identify at least one other product that allows you to conduct denial of service attacks, and identify two differences between the products. Provide appropriate citations.
In this lab you performed TCP, UDP, and HTTP flood attacks. Research and describe three different ways that an organization can prepare against denial of service attacks. Describe how the defense strategies against denial of service attacks differ based on the types of attacks. Provide appropriate citations.
While using tcpdump in step 9 of the lab, search and identify what –nntttt, -s 0 and –w options are supposed to do.
What steps should an organization take when it is actively under a DDOS attack? Provide appropriate citations.
Review the sources below and write out five questions that you would need to answer in your pen test plan.
Korpela, K., & Weatherhead, P. (2016). Planning for Information Security Testing—A Practical Approach. ISACA Journal, 5, 1-10. Retrieved from https://www.isaca.org/resources/isaca-journal/issues/2016/volume-5/planning-for-information-security-testinga-practical-approach
Pentest Standard: Pre-engagement. (n.d.). Retrieved from http://www.pentest-standard.org/index.php/Pre-engagement
Part 2:
Write an additional 1–2 pages on the following: How can a large global organization protect themselves against passive Reconnaissance attacks?
Section 2
Answer the following questions. Conduct research and cite supporting sources in APA format where appropriate.
What is the purpose of banner grabbing? Identify two tools/methods/commands to perform banner grabbing in addition to Nmap, Zenmap, netcat and telnet, which you used in the lab. Provide an example of one of them.
When would you use the Nmap scriipting engine? Describe a commonly used scriipt and give an example of its use syntax.
Why are there timing and performance options in Nmap? When would you perform a paranoid scan? Give an example of an Nmap scriipt that performs the paranoid scan.
Why would you use a wordlist with John the Ripper? Give an example of the syntax of John the Ripper with a wordlist.
Identify how you arrived at the conclusion that the firewall is redirecting to both the Windows®and Linux® machines in the lab. Provide screenshots from your Nmap scans to support your argument.
Requirements
Place your work from Part 1 and Part 2 into a Microsoft® Word® document. Support any assertions made with credible sources using APA style formatting.