Module 6: Vulnerabilities

Module 6 Team Activity

"Team" by Newtown grafitti via Flickr. CC BY 2.0.Overview

Student teams continue to build a description of the operating environment for their sector-based organization, describing how they would use vulnerability scanning and/or penetration testing to evaluate threat potentials.

 

Team Activity Objectives

  • Identify vulnerability assessment techniques and tools, such as CSET, Nessus, and other assessment tools.
  • Explain the differences between vulnerability scanning and penetration testing.

 

 

Having identified threats that would be likely to impact your sector-based organization in the Module 5 Team Activity, consider how you would use vulnerability scanning and/or penetration testing to evaluate additional threat potentials. What tools would you use, and how could they impact the availability of a real-time control and/or SCADA system?

Look for passive penetration tools and tests that will not take the control and/or SCADA systems down.

 

Assignment Options

Option 1: Write a 2-page abstract summarizing your team’s rationale for using vulnerability scanning and/or penetration testing. What tools would your team use, and how could these decisions impact the availability of a real-time control and/or SCADA system?

Option 2: Prepare 2–3 presentation slides summarizing your team’s rationale for using vulnerability scanning and/or penetration testing. What tools would your team use, and how could these decisions impact the availability of a real-time control and/or SCADA system?

 

Grading Criteria Rubric

  • Content
  • Evidence of teamwork
  • References
  • Use of American Psychological Association (APA) style in writing the assignment

Grade Points: 100

License

Icon for the Creative Commons Attribution 4.0 International License

Critical Infrastructure Cybersecurity by Whatcom Community College and CyberWatch West is licensed under a Creative Commons Attribution 4.0 International License, except where otherwise noted.

Share This Book