Identifying Security Vulnerabilities

Welcome to the Identifying Security Vulnerabilities practice lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.

Identifying security vulnerabilities is a fundamental part of cybersecurity risk management. Identifying vulnerabilities can protect sensitive data, ensure business continuity, adhere to compliance requirements, prevent attacks, and save organizations from the costs of incident response.

Many significant configuration vulnerabilities are quick and easy to inadvertently enable. As such, it is important to study configurations to understand what the vulnerability is and how a misconfiguration can enable the vulnerability.

In this module, you will enable Lan Manager (LM) hash storage on ACIDC01 and a DNS domain transfer capability in order to study the adverse effects of both misconfigurations.

Overview

Learning Outcomes:

In this module, you will complete the following exercises:

Exercise 1 - Identify LM Hash Vulnerabilities
Exercise 2 - Identify DNS Transfer Vulnerabilities

After completing this module, you should be able to:

Extract hashes from ACIDC01.
Update the domain policy to enable LM hashes.
Extract and crack an LM hash.
Add a record to the DNS Server.
Configure the DNS Server to allow zone transfers.

Exam Objectives:

The following exam objectives are covered in this module:

2.3 Explain various types of vulnerabilities

Cryptographic
Misconfiguration

3.2 Given a scenario, apply security principles to secure enterprise infrastructure

Infrastructure considerations

5.1 Summarize elements of effective security governance

Policies

5.5 Explain types and purposes of audits and assessments

Internal

Courses

CompTIA Security+ (SY0-701) Skill Lab

Computer User Support Specialist - Self Paced Course