Prepare and sign non-disclosure agreement documents
Course:- Software Engineering
Length: word count:250
Reference No.:- EM132161077

Assignment Help
Expertsmind Rated 4.9 / 5 based on 47215 reviews.
Review Site
Assignment Help >> Software Engineering

Assignment -

Write a review on this article with 2 APA format references. Network security is becoming more and more crucial as the volume of data being exchanged on the Internet increases. When people use the Internet, they expect their confidentiality, data integrity, and authentication protected and secured. Due to the increasing dependency of our society on networked information system the overall security of these systems should be measured and improved. The most accurate method to evaluate organization's information security stance is to observe how it stands up against an attack. The best way of ensuring that the system is secure is to attempt penetration testing. This would be the most effective way to find exploits and to proof whether a system a vulnerable. Penetration testing often allows the security analyst to find new vulnerabilities. Passive reconnaissance is an attempt to gain information about targeted computers and networks without actively engaging with the system.

For example, a pen tester who does not have any information about the company, passively, he/she can be as simple as watching the building to identify what time employees enter/ leave the building. However, it is usually done using the Internet searches, or by Googling to gather information about their target. Some of the passive information gathering methods could be social engineering and dumpster diving (Walker, 2017). Every pen tester begins their asset hacking by learning as much as they can about their targets.

For example, they want to know IP addresses, OS platforms, applications, patch levels, advertised network ports, users, and anything else that can lead to an exploitation. Unfortunately, ethical hacker must follow the rules of hacking because there is a thin line between black hat and white hat hacking. Therefore, to stay out of any trouble, the ethical hacker should follow certain framework for performing audit of an organization (Kruger, Nickolay, & Gaycken, 2013).

Talk to the client, and discuss the needs to be addressed during testing. Prepare and sign non-disclosure agreement (NDA) documents with the client. Prepare a schedule for testing Conduct the test Analyze the results of the testing, and prepare a report Present the final report to the client When it comes to legal issues, before taking any further steps, ethical hacker should know the penalties of unauthorized hacking into a system. No ethical hacking activities associated with a network-penetration test should begin until a signed document giving the ethical hacker express permission to perform the hacking activities is received from the company. Furthermore, ethical hackers need to be judicious with their hacking skills and recognize the consequences of misusing those skills.

For example, the Cyber Security Enhancement Act of 2002, mandates life sentences for hacker who "recklessly" endanger the lives of others. Malicious hackers who create a life-threatening situation by attacking computer networks for transportation systems, power companies, or other public services or utilities can be prosecuted under this law (Graves, 2010). For example, I have a friend who conduct pen testing on a company, but he was detected by the security employees who noticed some illegal activities on their network system. Luckily, he had a document signed by the company to conduct pen testing on their system. The person should be brave and true to himself about conducting something beneficial to him and to society, "All Scripture is God-breathed and is useful for teaching, rebuking, correcting and training in righteousness, so that the servant of God may be thoroughly equipped for every good work." Timothy 3:16-17. The Scriptures instruct us to provide a good work ethically. Yet we must apply the word properly, follow the rules diligently, and pray for wisdom.

References - Walker, M. (2017). CEH Certified Ethical Hacker All-in-one Exam Guide. Third Edition. New York, NY: McGraw-Hill. Kruger, J., Nickolay, B., & Gaycken s. (2013). The secure information society: Ethical, legal, and political challenges (1. Aufl. ed). London: New York, Springer. DOI:10.1007/978-1-4471-4763-3. Graves, K. (2010). CEH Certified Ethical Hacker Study Guide. Indianapolis, Indiana: Wiley Publishing, Inc.

Attachment:- Assignment File.rar

Put your comment

Ask Question & Get Answers from Experts
Browse some more (Software Engineering) Materials
Include charts or diagrams created in Visio or an equivalent such as Dia. The completed diagrams / charts must be imported into the Word document before the paper is submitt
What do you know about focused Linux distributions? If nothing, what can you find out by searching the Web? By "focused" we mean distributions that exist primarily for a spe
Describe a development scenario where an Agile method would not be an appropriate method to use for developing a software system. Cite an example that addresses a specific p
How can project leader find what user wants and needs. Point about observing the user is important step in gaining good understanding of the users needs.
Write a solution in pseudocode for swallowing a pill. Translate solution into flowchart. Write about which tool they like best and why? Which tool do they think would be easi
The next process is verification of the design to ensure all good design characteristics are incorporated. The project team may create several design options and decide whic
Use the E-R approach to model the operations of your local community library. The library has books, CDs, tapes, and so forth, which are lent to library patrons.
A 15-bit floating point number has 1 bit for the sign of the number, 5 bits for the exponent and 9 bits for the mantissa (which is normalized). Numbers in the exponent are i