Information Systems homework help
Information Systems homework help. IT 643 Course Lab Guidelines
Overview
Each lab will give you valuable, real-world experience using cybersecurity tools to evaluate the security posture of an organization. You will
use these various tools to identify risks and vulnerabilities within an organization’s network. Your analysis will be instrumental for you in
identifying remediation strategies to mitigate the vulnerabilities identified. These labs contain valuable information and experience that will
assist you with your final project.
What to Expect in the Lab Environment
The lab exercises and tasks typically take approximately 30 to 60 minutes to complete; however, each student is different and some may
take longer or shorter.
Extremely Important!
Infosec includes instructions within the platform to complete the assigned lab. You will be given a time limit for each session of the lab.
Ensure that you complete and capture any information you need during your session before time expires. Once time expires, the lab
environment will be reset and all information on the lab virtual systems will be lost.
Students can take multiple attempts at the lab. While Challenge Flag completion will be preserved across multiple attempts, as noted
above, the virtual servers are reset so no changes to those systems will persist.
Lab Title Required Screenshots Total Possible
InfoSec Points
Module One
Lab 1-2:
TCP/IP Protocols – The
Core Protocols
1. USE NETWORK UTILITIES AND PROTOCOLS FROM THE TCP/IP SUITE – Step 6 – Output
from “ipconfig /all”
2. EXAMINING THE ARP PROTOCOL USING WIRESHARK – Step 5 – Wireshark Capture of
ARP Packets
3. CAPTURE AND ANALYZE A UDP DATAGRAM – Step 7 – UDP Wireshark Capture with
UDP Details
15
Lab Title Required Screenshots Total Possible
InfoSec Points
Module One
Lab 1-3:
Capturing and
Analyzing Network
Traffic Using a Sniffer
1. Analyzing The Traffic – Step 2 – Wireshark Showing FTP Password
2. Analyzing The Traffic – Step 3 – Wireshark Showing POP Password
3. Analyzing The Traffic – Step 6 – Wireshark Showing E-Mail TCP Stream
4. Analyzing The Traffic – Step 10 – Wireshark Showing Telnet “creeper” Add
15
Module Two
Lab 2-2:
Examining Wireless
Networks
1. Viewing Wireless Networks And Connected Devices – Step 10 – Wireshark Display of
Router Using “SSID of OPENWIFI”
2. Viewing Wireless Traffic Above Layer 2 – Step 10 – Wireshark Display of Adding Group
and User
3. Parsing Object From Traffic – Step 18 – Show Flags 2–6 as Completed (Green Check)
15
Module Two
Lab 2-3:
Deep Dive in Packet
Analysis Using
Wireshark and
Network Miner
1. Viewing Protocols with Wireshark – Step 18 – Telnet Login
2. Viewing Protocols with Wireshark – Step 24 – Echo
3. Parsing Objects with Wireshark – Step 12 – Challenge 2, 3, and 4 Complete
4. Using Network Miner – Step 6 – Usernames and Passwords
5. Using Network Miner – Step 12 – Challenge 5 and 6 Complete
15
Module Three
Lab 3-2:
Network Security –
Firewalls
1. View Windows Firewall Features – Step 8 – Challenge 2 Complete
2. View Windows Firewall Features – Step 10 – Challenge 3 Complete
3. Configure An Exception In Windows Firewall – Step 21 – Challenge 4 Complete
4. View And Configure Windows Firewall With Advanced Security (WFAS) – Step 12 –
Successful “Ping” of 192.168.12.11
5. Create A Firewall Rule (Iptables) Within Linux – Step 7 – Challenge 6 Complete
15
Lab Title Required Screenshots Total Possible
InfoSec Points
Module Three
Lab 3-3:
Configuring a Windows
Firewall to Allow
Incoming Traffic
1. Configuring And Testing The Windows-Based Firewall – Step 21 – NMAP Output
Showing the 3 Open Services
2. Configuring And Testing The Windows-Based Firewall – Step 35 Wireshark TCP
Stream of HTTP Session
3. Using Internal Services From An External Machine – Step 18 – Display of PNG File in
Browser
15
Module Four
Lab 4-2:
Configuring a Windows
Firewall to Allow
Incoming Traffic
1. Configuring And Testing The Linux-Based Firewall- Step 22 – Checking Outbound FTP
2. Configuring And Testing The Linux-Based Firewall – Step 33- Display of Current Rules
3. Configuring And Testing The Linux-Based Firewall- Step 34 – Results of NMAP
showing the 5 ports are Open
4. Using Internal Services From An External Machine – Step 15- Five Green Checks for
Testing Account Settings
15
Module Four
Lab 4-3:
Securing the pfSense
Firewall
1. Testing The Firewall From The External Network – Step 6 – Output from Zenmap
2. Closing Unnecessary Ports On The Pfsense Firewall – Step 6 – Challenge #3 Complete
3. Closing Unnecessary Ports On The Pfsense Firewall – Step 8 – Challenge #4 Complete
4. Adding A Secure Service To The Pfsense Firewall – Step 22 – Challenge #5 Complete
5. Adding A Secure Service To The Pfsense Firewall – Step 23 – Challenge #6 Complete
15
Module Five
Lab 5-2:
Intrusion Detection
Using Snort
1. Setting Up The Sniffer – Step 27 – Wireshark showing TCPDump Capture
2. Detecting Unwanted Incoming Attacks – Step 14 – Output from Alert.IDS
3. Detecting Unwanted Outgoing Traffic – Step 32 – Wireshark TCP Stream of Traffic
Between Victim and Target
15
Module Five
Lab 5-3:
Writing Custom Rules
1. The Hacker Enters The Network – Step 36 – Telnet Alerts from Alert.ids file
2. Writing Custom Rules – Step 5 – Third Custom Rule Change
3. The Hacker Triggers Alerts – Step 13 – Hash Dump
4. The Hacker Triggers Alerts – Step 17 – Output From alert.ids Showing fgdump Alert
15
Lab Title Required Screenshots Total Possible
InfoSec Points
Module Six
Lab 6-2:
Vulnerability Scanning
of a Linux Server
1. Scanning The Network For Vulnerable Systems – Using NMAP – Step 11 – NMAP
Output
2. Scanning The Network For Vulnerable Systems – Using NMAP – Step 18 – NMAP
Output
3. Scanning The Network For Vulnerable Systems – Using NMAP – Step 23 – NMAP
Output
4. Scanning With OpenVAS – Analyzing the Scan Report – Step 5 – Scan Report
15
Module Six
Lab 6-3:
Perform
Reconnaissance from
the WAN
1. Banner Grabbing – Step 19 – Challenge #2 Complete
2. Banner Grabbing – Step 20 – Challenge #3 Complete
3. Advanced Scanning With Nmap – Step 9 NMAP Output
4. Advanced Scanning With Nmap – Step 23 NMAP Output
5. Analysis And Exploitation – Step 4 – Challenge #4, #5, and #6 Complete
6. Analysis And Exploitation – Step 12 – Output From John Showing Password
15
Module Seven
Lab 7-2:
Signature Detection
and Alerting an Admin
1. Verifying It Works – Step 8 – Alert Log Output
2. Alerting An Admin – Step 8 – Alert E-Mail
3. Alerting An Admin – Step 11 – Alert Log Output
15
Module Seven
Lab 7-3:
Scanning the Network
on the LAN
1. Scanning – Step 9 – Challenge #2 and #3 Complete
2. Scanning – Step 11 – Challenge #4 Complete
3. Scanning With Metasploit And Armitage – Step 23 – Armitage Scan Complete
4. Exploitation – Step 7 – /etc/shadow Output
5. Exploitation – Step 25 – Showing All 4 Systems Compromised
15
Lab Title Required Screenshots Total Possible
InfoSec Points
Module Eight
Lab 8-2:
Log Analysis of Linux
Systems with GREP and
GAWK
1. Nmap Analysis Using Grep – Parsing Nmap Reports With CLI – Step 10 – grep with
Open Ports
2. Nmap Analysis Using Grep – Parsing Nmap Reports With Scripts – Step 7- Parsing
Report
3. Log Analysis Using Grep – Step 9 – Access Log File and Curl
4. Log Analysis Using Gawk – Using gawk With Logs – Step 6 – Names of New Users
5. FTP Log Analysis – FTP Access Analysis – Step 5 – Log Output of Failed Attempts
15
Module Eight
Lab 8-3:
IPS, Syslog, and NTP
1. Disabling Default Ruleset – Step 4 – Output
2. Enabling IPS – Step 9 – Configuration Verification
3. Configuring the Syslog Server – Step 13 – Verify Log Creation
4. Synchronized Logging – Step 9 – Verify Time Source
15