After completing the lab, respond to the following questions in a Microsoft® Word document. List the question
in the paper and follow the question with your answer.
- Write a brief description of one vulnerability found in the scan, including the operating system on which it
was found, its risk factor, and its CVSS scores. Choose a vulnerability that has a CVSS score and not one that
is informational. (35 points) - Are the results of default scans different than the credentialed scan? Why or why not? (20 points)
- How might an attacker without any credentials attack a network and what would he be able to identify and
exploit? (25 points) - This was a simple three computer LAN. Describe the complication added to this scan process in a large
Enterprise network with over 1000 computers in the LAN/WAN. (25 points) - Consider a cloud-hosted Infrastructure as a Service (IaaS) environment with many new, internet-accessible
systems regularly being built and brought online. Describe the challenges with Vulnerability Management in
this environment. (25 points)
Sample Solution