Prepare and sign non-disclosure agreement documents
Course:- Software Engineering
Length: word count:250
Reference No.:- EM132161077

Assignment Help
Expertsmind Rated 4.9 / 5 based on 47215 reviews.
Review Site
Assignment Help >> Software Engineering

Assignment -

Write a review on this article with 2 APA format references. Network security is becoming more and more crucial as the volume of data being exchanged on the Internet increases. When people use the Internet, they expect their confidentiality, data integrity, and authentication protected and secured. Due to the increasing dependency of our society on networked information system the overall security of these systems should be measured and improved. The most accurate method to evaluate organization's information security stance is to observe how it stands up against an attack. The best way of ensuring that the system is secure is to attempt penetration testing. This would be the most effective way to find exploits and to proof whether a system a vulnerable. Penetration testing often allows the security analyst to find new vulnerabilities. Passive reconnaissance is an attempt to gain information about targeted computers and networks without actively engaging with the system.

For example, a pen tester who does not have any information about the company, passively, he/she can be as simple as watching the building to identify what time employees enter/ leave the building. However, it is usually done using the Internet searches, or by Googling to gather information about their target. Some of the passive information gathering methods could be social engineering and dumpster diving (Walker, 2017). Every pen tester begins their asset hacking by learning as much as they can about their targets.

For example, they want to know IP addresses, OS platforms, applications, patch levels, advertised network ports, users, and anything else that can lead to an exploitation. Unfortunately, ethical hacker must follow the rules of hacking because there is a thin line between black hat and white hat hacking. Therefore, to stay out of any trouble, the ethical hacker should follow certain framework for performing audit of an organization (Kruger, Nickolay, & Gaycken, 2013).

Talk to the client, and discuss the needs to be addressed during testing. Prepare and sign non-disclosure agreement (NDA) documents with the client. Prepare a schedule for testing Conduct the test Analyze the results of the testing, and prepare a report Present the final report to the client When it comes to legal issues, before taking any further steps, ethical hacker should know the penalties of unauthorized hacking into a system. No ethical hacking activities associated with a network-penetration test should begin until a signed document giving the ethical hacker express permission to perform the hacking activities is received from the company. Furthermore, ethical hackers need to be judicious with their hacking skills and recognize the consequences of misusing those skills.

For example, the Cyber Security Enhancement Act of 2002, mandates life sentences for hacker who "recklessly" endanger the lives of others. Malicious hackers who create a life-threatening situation by attacking computer networks for transportation systems, power companies, or other public services or utilities can be prosecuted under this law (Graves, 2010). For example, I have a friend who conduct pen testing on a company, but he was detected by the security employees who noticed some illegal activities on their network system. Luckily, he had a document signed by the company to conduct pen testing on their system. The person should be brave and true to himself about conducting something beneficial to him and to society, "All Scripture is God-breathed and is useful for teaching, rebuking, correcting and training in righteousness, so that the servant of God may be thoroughly equipped for every good work." Timothy 3:16-17. The Scriptures instruct us to provide a good work ethically. Yet we must apply the word properly, follow the rules diligently, and pray for wisdom.

References - Walker, M. (2017). CEH Certified Ethical Hacker All-in-one Exam Guide. Third Edition. New York, NY: McGraw-Hill. Kruger, J., Nickolay, B., & Gaycken s. (2013). The secure information society: Ethical, legal, and political challenges (1. Aufl. ed). London: New York, Springer. DOI:10.1007/978-1-4471-4763-3. Graves, K. (2010). CEH Certified Ethical Hacker Study Guide. Indianapolis, Indiana: Wiley Publishing, Inc.

Attachment:- Assignment File.rar

Put your comment

Ask Question & Get Answers from Experts
Browse some more (Software Engineering) Materials
You are a manager in a company that has a lot of in-house IS expertise. What might be your key decision rules for when to purchase a system versus when to develop it in-hous
Explain why it is that many of us continue to live by Meskirnen's law. What is it about the software business that causes this and You have been given the responsibility for i
What is the difference between forward and reverse engineering? How would you recommend this be used in our Project? Would CASE tools be helpful in forward/reverse engineeri
Design and list 10 test cases and explain the purpose of each of them in 1-2 sentences. (e.g., the purpose of [3, 4, 5] is to test that the program correctly identifies a ri
Develop a 1,050-word summary describing typical features of software in the selected category. In the summary include the The purpose of the software for an organization
Elabote on how applying a mixed-source methodology overcomes the disadvantages of a single-source methodology. Elaborate on how applying a mixed-source methodology enhan
In this project, write a program to simulate the scheduling of CPU. The program will randomly generate process CPU burst based on user's setting. Performance is measured and
Define and explain, in your own words, the primary challenge(s) of software development projects and compare and contrast at least three (3) different software development met