Security Foundations Practical Demonstration
This practical demonstration will assess your skills learnt through the weekly labs. Not all labs will be covered, however.
The following course objectives will be assessed:
· CO2. Identify and discuss the skills required for the various roles in the cyber security profession.
· CO3. Recognise a range of contemporary cyber security threats.
The practical demonstration will have you initially build a working virtual network with 2 virtual machines networked together. These machines will be referred to as the Attack PC (Kali) and the Victim PC (Metasploitable2).
Before you begin the Practical you will need to build the environment. Access the document BuildThePracticalNetwork on the Practical assessment page. Follow the steps to prepare your virtual network.
Use the following template when answering the tasks that require a screenshot.
|
Task Number -
|
|
Screenshot(s)
|
|
Place screenshot here
|
|
Description of screenshot(s)
|
|
Place description here
|
When you see the following icon a screenshot will be required.
Task 1 – Document the Virtual Machine settings. (10 points)
Take a screenshot of each virtual machine’s configuration. This can be taken from the main screen of Virtualbox as shown below. Take one showing Kali and one showing Metasploitable.
Task 2 – Check Addressing (10 points)
Use the ifconfig command on both VM’s to display the IP addresses of each machine.
Kali Linux IP address - ___________________________________
Metasploitable2 IP Address - ____________________________
What network address do both VM’s belong to? _______________________
Task 3 – Test Connectivity (10 points)
Ping Metasploitable from Kali and screenshot a successful ping.
Ping Kali from Metasploitable and screenshot a successful ping.
Task 4 – Capture Network Traffic (10 points)
Using the Kali VM capture network traffic using Wireshark.
Ping Metasploitable and screenshot the captured ICMP packets in Wireshark.
FTP to Metasploitable using msfadmin/msfadmin as the username and password. Screenshot the credentials captured by Wireshark.
Task 5 – Reconnaissance and Enumeration (10 points)
From the Kali VM perform. the following reconnaissance and Enumeration:
Initiate a nmap ping sweep of the network address used in this topology and screenshot the command used and the result.
Initiate a general nmap scan of the Metasploitable VM and screenshot the results.
Initiate a nmap scan of the Metasploitable VM to discover the Operating system version and the versions of SSH and HTTP, screenshot the results.