Cases (1 page each)


Case 1: Enumerating Systems on the Alexander Rocco Network

After conducting enumeration of the Alexander Rocco network, you discover several Windows computers with shared folders for the Help Desk Department. You’re concerned when you access one of the shared folders containing information for help desk personnel and find an Excel spreadsheet listing e-mail addresses and passwords for all employees. Help desk employees use this shared folder to access the Excel spreadsheet if users call saying they have forgotten their passwords and need this information even when they’re away from their offices.

Case Question

a. Based on this information, write a one-page memo to the IT manager, Donald Lee, describing the steps you would take after this discovery. The memo should also mention any information you find in the OSSTMM that relates to your discovery and offer recommendations.

___________________________________________________________________________________________________________________________________________________________________

Case 2: Researching enum4Linux on the Internet

You are given permission to use your credentials to run some basic security checks on the Alexander Rocco domain. You don’t have access to Nessus or OpenVAS, so you have to use other tools to enumerate the domain. After some research, you come across the enum4linux tool. To make sure your boss is okay with this tool, you need to tell him why you want to use enum4linux and what it’s capable of.

Case Question

a. Write a one-page memo on the enum4linux tool in which you describe the goal of your enumeration and the checks available in enum4linux. Your memo should persuade your boss into letting you use the tool for enumeration purposes.