M7- Method to the Madness Jamar Marshall
docx
keyboard_arrow_up
School
Schoolcraft College *
*We aren’t endorsed by this school
Course
115
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
5
Uploaded by chiquria
M7: Method to the Madness
Hacking Methodology
Step 1
1.
What is the first step of the five step hacking methodology? (2 points)
Reconnaissance
2.
Choose a website to investigate and record the URL here (the site should be reachable on https): (1 point)
https://www.temu.com
3.
Open a browser and go to the Netcraft Toolbar
. Enter the URL of your chosen site (from above) in the textbox that says “Enter a URL here” and then press <Enter>.
Take a screenshot of the output that includes the Background
, Network
, and Hosting History
sections and insert it below. Review Inserting Images into a Worksheet
if you need help. (3 points)
4.
Choose three pieces of information that would be beneficial to you as a security professional if you were assessing the security of this site. List the items below, and explain why they could be important for the 2
nd
phase of methodology. (6 points)
Hosting company – Want to be sure it is a known company and they will protect your data. Date first seen – Lets you know when the site was first brough about
Site – Lets you know that you are going to the correct site and not a fake site that could steal your information. Step 2
5.
What is the second step of the five step hacking methodology? (2 points)
Scanning
6.
Using a browser, go to the MX Toolbox
. Enter the domain name of the site you are investigating (e.g. example.com
), then click the “Submit” button. Note: The test may take a few minutes to complete
.
After the test completes, take a screenshot of the results and insert it below. (3 points)
7.
How many warnings or errors were identified as part of the test? (
these will typically be highlighted in pink or orange after the overall rating
). (1 point)
2 warnings.
8.
Proceed to the Port Scan Tool
at pentest-tools.com. This will simulate a port scan on your chosen target
using a testing site in its place. Perform the following steps using only the provided hostname below
-
Hostname or IP address: scanme.nmap.org
-
Choose “Light Scan (Free)”
-
Click “Scan Now”
Note: the test may take a few minutes to complete.
After the test completes, take a screenshot of the results and insert it below. (3 points)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.
How many open ports were found? (1 point)
2
9.
Why would these tools be potentially valuable during the second step of the five step hacking methodology? (2 points)
Scanningof these websites are made so easy. Everything is done for you without any effort from a person. Steps 3 – 5
10. List and describe the 3 remaining steps of the five step hacking methodology. (3 points)
Gaining access
Maintaining Access
Clearing Tracks
Penetration Testing
Compare the 5-step hacking methodology to the NIST, NSA and PCI-DSS penetration testing guidelines presented in the text.
11. What steps are similar between the penetration testing standards and the hacking methodology? (2 points)
Planning, reconnaissance, scanning, gaining access and maintaining access. 12. What is the focus of the steps that are not included in the 5-step hacking methodology, but are in the penetration testing guidelines? (2 points)
Recommending and Reporting
13. How do these additional steps benefit the customer that hired the penetration test? (2 points)
It allows people to see what is happening behind the scenes. 14. Why is penetration testing important in an increasingly dangerous world of cybersecurity? (2 points)
It test the vulnerabilities that someone may have and will find them out before the hackers can.