This week in Hacker Bootcamp, we had the pleasure of learning about nmap and nessus aka the footprinting and scanning aspect of a penetration test. We also had the opportunity to speak with Kim Gaik who is a lead security analyst at Lowe’s Companies, Inc. We brought Kim in to speak with the students in regard to regulatory compliance and how this can affect your career as a security professional.
We discussed multiple regulatory topics, and one topic of interest was the relevance of PCI-DSS (Payment Card Industry Data Security Standard). This standard determines what companies need to do to safely store, process, and transmit credit card information in accordance with the PCI Standards. Obviously, this has a huge impact for many companies when it comes to selling their products as PCI standards are used by the major credit card companies like VISA, MasterCard, Discover, etc. to enact fines on non-compliant companies, or to stop processing credit cards. We discussed the importance of acknowledging that these standards such as PCI are always evolving, thus you need to always keep learning as a security professional. No company can put a stocker on their cash register or credit card payment processor and say they are “PCI Compliant” because everyday their could be a change in their systems or the overall standards that affect that compliance on a daily basis.
We also discussed the growing relevance of the CCPA (California Consumer Privacy Act) as well as GDPR and other regulatory standards that are putting more control of data into the customer’s hands. These recent regulations can enable customers to request for their data to be deleted at anytime, this has created a major need in many companies and organizations to be able to create processes and procedures to remove the data in an auditable and repeatable manner.
Basically - as a security professional, no matter what type of organization, company or government position you hold, you should know what regulatory compliance standards affect your environment. This affects the risk appetite of our organization on a daily basis, and it should also greatly affect the primary focus areas of your organization’s cybersecurity department.
In conclusion, I want you to take the NMAP module of the course material and extend your knowledge of nmap a little more by answering the below homework questions! I think you may find this page helpful for both these questions, and the eJPT exam Nmap Cheat Sheet and Pro Tips | HackerTarget.com.
1 . Please provide the nmap command for the following scenario: I want to scan a target (IP: 127.0.0.1) with verbose results, using a SYN Scan, I want to guess the OS Type, I want a timing of 3, and I want to output the results to an XML File named scan_results.xml (note, there will probably be multiple ways of doing this scan)
2. Please provide the nmap command for the following scenario: I want to scan a target (IP 127.0.0.1) for the following TCP ports: 80, 443, 8443, 8500-9000, and 65535, I want the results to go to a test file scan_results2.txt, and I want to run the script: vulners.nse to scan for well-known vulnerabilities.
3. Please explain the difference between port scanning and vulnerability scanning