One of the key components of an information security program is ensuring that potential attacks and anomalous activities are detected in a timely fashion. This action is accomplished using intrusion detection and prevention systems (IDS or IPS). In order to increase security governance and posture, many organizations may also perform penetration and ethical hacking testing, which can be useful in detecting security vulnerabilities before others.
Address each of the following in the Word document that contains your lab screenshots. Clearly label each section.
Compare and contrast the uses of NetWitness Investigator and Wireshark used in the lab. Why would a network administrator use Wireshark and NetWitness Investigator together?
Interpret the results of the Wireshark and NetWitness scans performed in the lab. Describe the area of network vulnerability found in each scan.
Describe the security risk associated with the vulnerability you discovered.
Suggest a security control that you would use to address the vulnerability and explain why it is appropriate.
Explain in detail the results returned from the Zenmap reconnaissance.