Solved by verified expert:Vulnerability ScannersImagine a system administrator learns of a server’s vulnerability, and a service patch is available to solve it. Unfortunately, simply applying a patch to a server is not assurance enough that a risk has been mitigated. The system admin has the option of opening the application and verifying that the patch has raised the version number as expected. Still, the admin has no guarantee the vulnerability is closed, at least not until the vulnerability is directly tested. That’s what vulnerability scanners are for.Two vulnerability scanners available to the system administrator are Nmap® and Nessus®, which produce scan reports. The purpose of using Zenmap® GUI (Nmap) and Nessus® reports is to enable you to create network discovery port scanning reports and vulnerability reports. These reports can identify the hosts, operating systems, services, applications, and open ports that are at risk in an organization.In this lab, you will look at an Nmap® report and a Nessus® report. You will visit the http://cve.mitre.org Web site, you will define vulnerability and exposure according to the site, and you will learn how to conduct searches of the Common Vulnerabilities and Exposures (CVE) listing.
