hands-on lab

Network Mapping and Target Identification

Up to 3h 17m
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.


One of the first phases of a network security assessment is to network mapping which identifies devices on the network. In this Lab, you will use a variety of tools in Kali Linux to map out a local network to identify targets by discovering hosts on the network. You will understand the difference between how tools scan local networks and remote networks. You will also understand the detection capabilities of each approach. The local network for this Lab is contained within a Hyper-V virtual environment. The hosts on the network consist of a variety of Linux and Windows hosts.

This Lab is designed for the CREST Practitioner Security Analyst (CPSA) certification examination but is of value to security practitioners in general.

Lab Objectives

Upon completion of this Lab you will be able to:

  • Scan for active network devices using the following tools:
    • The ARP Scanner (command line tool)
    • Nmap (command line tool)
    • Zenmap (graphical user interface)
  • Understand the approaches taken for scanning local networks versus remote networks including the request type packets

Lab Prerequisites

You should be familiar with:

  • Working at the command-line in Linux

You can fulfill the prerequisites by completing the Linux Command Line Byte Session Learning Path.



July 9th, 2020 - Enabled direct browser RDP connection for a streamlined experience

Environment before

Environment after

About the author

Logan Rakai, opens in a new tab
Lead Content Developer - Labs
Learning paths

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.

LinkedIn, Twitter, GitHub

Covered topics

Lab steps

Network Mapping Using The ARP Scan Tool
Network Mapping Using Nmap
Network Mapping Using Zenmap