Final Project Template

Instructions

Your Final Project is a combination of short answer responses as well as lab exercises. Where “short answer” is indicated, you can type your response directly into this document.

Where “Lab” is indicated, you will need to go and use the NetLabs environment to re-do the steps specified*. As evidence that you have completed this part of the lab, follow the same instructions as you did for the lab itself:

· For each significant step, take a screenshot of your entire screen (your screenshot must include a view of the clock on your computer). For instructions on how to take a screenshot, see take-a-screenshot.org.

· Note: A significant step is any step in which you are making an observation or entering a command. (You do not need to take a screenshot of steps that include opening or closing a window.)

· Identify the step you took a screenshot of and paste the screenshot into this document.

· Then, write a brief 1-2 sentence explanation of what you did, the purpose behind it, and what happened.

· Repeat for all relevant steps to complete the requirements.

· Note: You do not need to include a lab summary in this document.

The lab exercises are a repeat of labs you have completed to provide additional practice and review in light of the entirety of this course. However, you should not duplicate your lab responses here. Your comments should reflect your understanding of the actions in light of the entire course.

Since the entire class will be working on the project at the same time, be sure to plan ahead and give yourself sufficient time to reserve lab slots and complete it on time.

1. List 3 tools you used to capture network traffic (Short Answer):

a. Use one of those tools to capture ICMP traffic and save to .cap file (Lab)

i. (Netlab 1 Section 1.1 & 1.2 TCP Dump)

Step #

Screen capture

Comment:

2. What is a rootkit? Define what it is and how it can be used maliciously. (Short Answer)

a. List one tool used to detect a rootkit (Short Answer & Lab)

i. (NetLab 10 section 2.3 1-7)

Step #

Screen capture

Comment:

3. Define steganography. (Short Answer)

a. To what tool were you exposed to perform steganography with an image? (Short Answer)

b. Use that tool to hide text in an image. Use the steps you performed in the specific lab. (Lab)

i. (NetLab 16 Section 1.1)

Step #

Screen capture

Comment:

4. Explain the benefits of encrypting data. Which elements of the CIA triad does encryption of data provide? (Short Answer)

a. Create a TrueCrypt volume and place a file in the volume. (Lab)

i. (Netlab 12 Section 1.1 steps 1 through 21)

Step #

Screen capture

Comment:

5. Describe the purpose of a proxy. What are its benefits? (Short Answer)

a. Configure a proxy and create a blacklist. Configure a browser to use the proxy and test the proxy. (Lab)

i. (Netlab 15 Section 1, 1.1 – 1.3)

Step #

Screen capture

Comment:

6. Explain SQL injection. How is it performed? What can be done with it? (Short Answer)

a. How can SQL injection attacks be prevented? (Short Answer)

b. Use WebGoat to perform a dump of the entire database. (Lab)

i. (Netlab 13 Section 1.1 steps 1 through14)

Step #

Screen capture

Comment:

7. What does a firewall do? How does it protect the network? (Short Answer)

a. Configure a firewall to block ICMP (Lab)

b. Configure pfSense to block ICMP traffic (Lab)

i. (Netlab 2 Section 1.1 steps 1 through17)

Step #

Screen capture

Comment:

8. Explain Telnet. For what is it used? Is it secure? (Short Answer)

a. Describe how to mitigate the risk Telnet poses. (Lab)

i. (NetLab 3 Section 1.3 steps 1 through 16)

Step #

Screen capture

Comment:

9. Describe the differences between intrusion detection and prevention controls. (Short Answer)

a. Explain how they are implemented in a network (host vs. network). (Short Answer)

b. What are the benefits and disadvantages of each? (Short Answer)

c. What tool did you use as an IDS in Netlab 9? (Short Answer)

10. Describe the five basic steps in Access Control. Provide an example of each step. (Short Answer)

a. In Netlab 14, to which of the basic steps in Access Control are adding users and passwords associated? (Short Answer)

b. What Access Control step is addressed by setting permissions to a given resource? (Short Answer)

11. List and describe the factors used in authentication. Provide an example of each. (Short Answer)

a. Use hashcat to crack Windows passwords (Lab)

i. (Netlab 8 Section 2.1 steps 1-7)

Step #

Screen capture

Comment:

12. Compare and contrast vulnerability scanning and penetration testing. (Short Answer)

a. What tools did you use in Netlab 11 to conduct vulnerability scans? (Short Answer)

b. Perform a vulnerability scan using ZenMap. (Lab)

i. (Netlab 11 Section 1.2 steps 1-13)

Step #

Screen capture

Comment: