wk 4 respon mism 4335

Student’s Name
Professor’s Name
Course
Date
Discussion Response to Elda
Hello Elida, you have a good post. You have identified scanning and enumeration the second pre-attack phases. I agree that scanning allows the attacker to understand the vulnerabilities within the system and I would want to add to this that scanning combined with enumeration have the ability of making the attacker know the environment and its vulnerabilities through confirming the IP address and the system type that will be attacked (Faircloth, p. 98). You also managed to highlight the fact that Port scans such as the SYN as not being stealthy enough. I agree with this because such scans normally lack a connection with the TCP (Faircloth, p. 102). Enumeration as you have mentioned, is that it gathers in-depth information about the target through open share and user’s information. I have come to an understanding that this in-depth information is usually acquired through the enumeration process identifying the poorly protected sources and accounts and by just scanning for open ports and the IP ranges, the enumeration process manages to gather all needed information (Vines, p. 1). Highly the discussion because you brought to my attention that there is no means of doing away with port scan and the only chance is on risk minimization.
Work Cited
Faircloth, Jeremy. Scanning and Enumeration. In J. Faircloth, Penetration Tester’s Open Source Toolkit, Third Edition. 2011. (pp. 95-139). Waltham…