Assets and Topology: Vulnerability Analysis
In this lab, you'll focus on Asset Management. Asset Management ensures an organization’s assets are accounted for, maintained, and eventually disposed of. Over the next few challenges, you'll focus on scalable ways to approach Asset Management (and Vulnerability Management). You'll also witness how Asset Management can help you investigate suspicious behavior.
Terms and conditions apply.
Nmap: Host Inventory Analysis
In this challenge, you'll imagine you’re a Security Analyst at Globomantics Inc. Over the past few days, Globomantics’ System Administrators have reported strange activity. In particular, certain systems are turning off at “random times.” To make matters even more peculiar, the issue is occurring in a subnet that has servers dedicated to security monitoring (i.e., a SIEM server, etc.). Your job is to create a network baseline (through nmap) so you can investigate future changes to the network.
Nmap: Application Inventory Analysis
In this challenge, you'll continue your Asset Management journey by increasing the thoroughness of the nmap scans. By increasing the thoroughness, you'll be able to observe changes to externally available applications that are running on the SIEM.
Nmap: Closed-box Limitations
In this challenge, you'll continue your Asset Management journey. In particular, you'll learn about closed-box and open-box testing. You'll also learn how nmap (and ndiff) can be automated.
OpenVAS: Open-box Vulnerability Testing
In this challenge, you'll leverage the OpenVAS scanner (within the Greenbone security suite) to do a open-box test of the SIEM.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
- Basic Linux knowledge