Lab #3 – Assessment Worksheet Data Gathering and Footprinting on a Targeted Web Site Student Name: Overview The first phase of hacking is the footprinting phase, which is designed to passively gain information about a target. In this lab, you performed technical research against three Web domains using Internet search tools. You collected public domain information about an organization using the Google search engine to uncover information available on the Internet. Finally, you recorded the information you uncovered in a research paper, describing how this information can make an organization vulnerable to hackers. Lab Assessment Questions & Answers 1 What information can you obtain by using the WHOIS tool contained within Sam Spade?
This password is stored in _______. BIOS CMOS RAM* DDR RAM the CPU 8. (TCO 3) The term form factor in regards to a motherboard refers to the ______ layout of the components on the board physical logical proposed inverted 9. (TCO 9) When you first purchase a notebook, make sure you have a ____ CD containing the installed OS so you can recover from a failed hard drive development management diagnostic recovery 10. (TCO 9) ____ let you specify which devices are to be loaded on startup for a particular user or set of circumstances Hardware profiles* Folder redirections Briefcase profiles Startup profiles 11.
• Suggest security devices or configurations that should be employed to mitigate risks existing in telecommunications. Support your response. Risks include: theft of services, Denial of services, privacy and compliance. Best practices incorporate virtual private network technologies VPN’s with built-in encryption features, firewalls, and admission control security endpoints. http://www.ipcsit.com/vol2/52-B138.pdf • Examine the defense-in-depth concept of a small government agency that has recently relocated to a new building.
Secure the Telecommuters computers before they are distributed. Use data encryption for customer data. | | Telecommuters try to repair or troubleshoot their own computers instead of calling technical support or taking the computer in for service. | Computers become inoperable and job duties can’t be performed or are late. | H | H | Require employees come to the office to complete work and turn in computers to IT for repair | Phoebe | Require computers with performance issues to be brought into the IT department, or configure remote desktop for routine maintenance at regular intervals.
Is this the same thing as a Public Key Infrastructure (KI) server? The Public Key Infrastructure creates encryption keys and manages certificate requests while the storage location is called the certificate store. 7. What do you need if you want to decrypt encrypted messages and files from a trusted sender? You need the sender’s private key to decrypt the message.
If this is not done regularly the company may lose potential customers. The people who they hire to maintain the website will be an external source. MSM driving school will state what they expect to have changed or updated and will give them a certain space of time to have it done in. When this is happening they will need to warn customers that the website will be down for a few weeks and an alternative way to get information. If they do not update the information when needed they are giving false information losing them their future customers.
By proper end user training for anyone involved with the Corporate Techs site, proper scanning of all USB and thumb drives on a test computer being used for this particular site, can mitigate threats from bugs and viruses. Also, by changing all local computer default autorun policies, will disable usage of these USB ports and stop an occurrence from taking place. Last, it’s almost near impossible for an end user to not use a personal laptop during work hours for personal use or for work. But to mitigate further problems from happening, I will implement an encrypted file system for sensitive data. TrueCrypt is a program that I have found efficient that controls over endpoints that enter and exit the internal system.
3. If the company is looking into using laptops and Internet access in the field, then it must consider encryptions. According to Pfleeger & Pfleeger, “encryption is powerful for providing privacy, authenticity, integrity, and limited access to data” (p. 444). I would suggest “end-to-end encryption” this is known to provide encryption from one end of transmission to the other” (p. 446). This way, information transmitted from the field would be in encrypted throughout the network.
If humans do give up power to machines they may be capable of making all of our decisions for us. The world may become so dependent on machines, that if the machines were to stop working or we turn them off, it may lead to suicide because of dependency. We can personally have control over our cars and computers, but if there is a large computer system that takes over it could be harder to take them back over. There are many ups and downs to having technology running the world. As humans we should be cautious to what we create and what should control us.
* Furthermore the customers are likely to lose interest after such an error of the webpage not responding after a long period of time. * There are 2 different forms of testing that a business needs to do through the website before it gets published. Such as : * Functional/System testing 1. Navigation – To make sure that the customers are able to navigate around the webpage 2. Sound – so that videos and audio clip work accordingly.