Prepare and sign non-disclosure agreement documents
Course:- Software Engineering
Length: word count:250
Reference No.:- EM132161077

Assignment Help
Expertsmind Rated 4.9 / 5 based on 47215 reviews.
Review Site
Assignment Help >> Software Engineering

Assignment -

Write a review on this article with 2 APA format references. Network security is becoming more and more crucial as the volume of data being exchanged on the Internet increases. When people use the Internet, they expect their confidentiality, data integrity, and authentication protected and secured. Due to the increasing dependency of our society on networked information system the overall security of these systems should be measured and improved. The most accurate method to evaluate organization's information security stance is to observe how it stands up against an attack. The best way of ensuring that the system is secure is to attempt penetration testing. This would be the most effective way to find exploits and to proof whether a system a vulnerable. Penetration testing often allows the security analyst to find new vulnerabilities. Passive reconnaissance is an attempt to gain information about targeted computers and networks without actively engaging with the system.

For example, a pen tester who does not have any information about the company, passively, he/she can be as simple as watching the building to identify what time employees enter/ leave the building. However, it is usually done using the Internet searches, or by Googling to gather information about their target. Some of the passive information gathering methods could be social engineering and dumpster diving (Walker, 2017). Every pen tester begins their asset hacking by learning as much as they can about their targets.

For example, they want to know IP addresses, OS platforms, applications, patch levels, advertised network ports, users, and anything else that can lead to an exploitation. Unfortunately, ethical hacker must follow the rules of hacking because there is a thin line between black hat and white hat hacking. Therefore, to stay out of any trouble, the ethical hacker should follow certain framework for performing audit of an organization (Kruger, Nickolay, & Gaycken, 2013).

Talk to the client, and discuss the needs to be addressed during testing. Prepare and sign non-disclosure agreement (NDA) documents with the client. Prepare a schedule for testing Conduct the test Analyze the results of the testing, and prepare a report Present the final report to the client When it comes to legal issues, before taking any further steps, ethical hacker should know the penalties of unauthorized hacking into a system. No ethical hacking activities associated with a network-penetration test should begin until a signed document giving the ethical hacker express permission to perform the hacking activities is received from the company. Furthermore, ethical hackers need to be judicious with their hacking skills and recognize the consequences of misusing those skills.

For example, the Cyber Security Enhancement Act of 2002, mandates life sentences for hacker who "recklessly" endanger the lives of others. Malicious hackers who create a life-threatening situation by attacking computer networks for transportation systems, power companies, or other public services or utilities can be prosecuted under this law (Graves, 2010). For example, I have a friend who conduct pen testing on a company, but he was detected by the security employees who noticed some illegal activities on their network system. Luckily, he had a document signed by the company to conduct pen testing on their system. The person should be brave and true to himself about conducting something beneficial to him and to society, "All Scripture is God-breathed and is useful for teaching, rebuking, correcting and training in righteousness, so that the servant of God may be thoroughly equipped for every good work." Timothy 3:16-17. The Scriptures instruct us to provide a good work ethically. Yet we must apply the word properly, follow the rules diligently, and pray for wisdom.

References - Walker, M. (2017). CEH Certified Ethical Hacker All-in-one Exam Guide. Third Edition. New York, NY: McGraw-Hill. Kruger, J., Nickolay, B., & Gaycken s. (2013). The secure information society: Ethical, legal, and political challenges (1. Aufl. ed). London: New York, Springer. DOI:10.1007/978-1-4471-4763-3. Graves, K. (2010). CEH Certified Ethical Hacker Study Guide. Indianapolis, Indiana: Wiley Publishing, Inc.

Attachment:- Assignment File.rar

Put your comment

Ask Question & Get Answers from Experts
Browse some more (Software Engineering) Materials
What are the major components of a systems migration plan? Compare and contrast the different conversion methods. Select one and discuss why you feel that it would be the be
Once an activity has been completed, employees will use the system to submit the documentation. The system should support notifications to management personnel whenever thei
Create a decision table that describes the Big State University course catalog regarding eligibility for MIS 260. Show all possible rules and simplify the table you just cre
Create a small ALU in Logisim capable of performing the following operations on two 8-bit unsigned numbers, A and B. The 2-bit control, F, indicates the operation to be perf
Develop a high-level use case to represent the application as a whole. Develop a functional decomposition diagram to show all of the functions that the system or application w
Write structured english for clyde's narrative of the reimbursment policies. Write structure English, draw decision table and draw decision tree.
Create inheritance hierarchy which a bank might use to represent customer's bank accounts. All customers at this bank can deposit money into their accounts and withdraw mone
What are the connections between Shaw's observations and those that Parnas made? How does Shaw's work build on that of Parnas? How does Shaw's work fill in or correct some o