Home‎ > ‎CIS 75‎ > ‎

Lab 11: Analyze and Differentiate Types of Application Attacks

Before the next class complete Lab 11: Analyze and Differentiate Types of Application Attacks. In the lab you will use tools that scan for vulnerable systems. Those tools would (should) be detected by a good NIDPS. You will also get an introduction to Metasploit. Metasploit is a tool that enables people to automatically identify systems and test them for exploits. Metasploit is programmed in the Ruby programming language and exploits, written in Ruby, can be downloaded and shared. Metasploit is a key tool to know for security professionals. 

When you have completed the lab answer the following questions: 
  1. What is the purpose of a banner message and how might hackers use these messages to their advantage?
  2. How can you learn more information about a particular exploit in Metasploit?
  3. What tools can be used to crack passwords once you obtain the hashes?
  4. When is it ethical to use Metasploit on a network?
Submit your answers on Canvas.