Lab #1 Assessing and Securing Systems on a
Wide Area Network (WAN)
Introduction
Penetration tests can help reveal multiple layers of defense: operating system (OS)-level security
settings, firewall settings, antivirus settings, patch and OS update settings, and more. Penetration
tests can also help reveal application layer security protocols (such as Web applications). Finally,
penetration tests help validate network layer security settings by ensuring demilitarized and other
isolated zones function as expected.
Penetration testers can help provide security awareness to managers in the organization. They
can offer instruction on desktop best practices (for example, keeping patches current, running
regular antivirus checks, and setting up system restore points). They can educate managers and
end users on current security incident trends, such as phishing attempts, untrusted Web sites, email risks, and effective countermeasures for each.
Most importantly, the pen tester will provide complete documentation of security assessment
engagement. Management needs to know the truth about the organization’s current security
posture. All too often organizations are lulled into a false sense of security; they believe that
established protocols and controls are still effective in an ever-changing world. Penetration
testers prioritize any findings and recommended policy and control changes.
In this lab, a systems administrator for the securelabsondemand.com network has reported odd
behavior on two servers that support legacy applications. You will first conduct internal
penetration tests (also called a vulnerability scan) on each system and then help secure those
systems by configuring firewalls and removing vulnerable open ports.
This lab has five parts, which should be completed in the order specified.
1. In the first part of this lab, you will use Nmap command line scripts to conduct a
network, OS footprint, and full vulnerability scan on two Windows...