User Account

All Pages

Develop a test plan for the penetration test

Assignment Help Other Subject
Reference no: EM131406471

Problem -

You are hired as part of a team of external Penetration Testers to work for a company with a large enterprise network. The organization that hired your team is in the retail industry and processes over 100,000 credit card transactions everyday across 100 store locations. This organization has a very large network infrastructure that connects their retail stores, business offices, and company headquarters. The Chief Information Security Officer (CISO) would like your team to focus on their most critical systems and devices.

Prior to executing the penetration test, the CISO would like to meet with the team as they are nervous about the test potentially bringing their network down. They would like to minimize impacts to their production environment and ensure that their backup systems and devices are not targeted at the same time. They want you to focus on the following: DNS servers, mail servers, web servers, database servers, firewalls, and routers.

Your Team Lead would like you to develop a Test Plan for the penetration test. The Test Plan should be developed using the following outline:

Sections:

1. Introduction

2. Overview of technical approach to conducting the test (high level methodology)

3. Detailed penetration testing (hacking) process

Note: Section 3 should include 1) attacks you will use, 2) tools, 3) timeline (you only have one week), 4) reporting methods if major issues occur or if you identify incidents in their environment. You may make these as sub-sections if you'd like (e.g., 3.1 Attacks Used, 3.2 Tools Used, etc.)

4. Summary

Note: This section should be short, a paragraph or two.

Penetration Test Plan:

You are facing a client who is nervous about you basically "hacking" their system, this is the scenario, and while you cannot dictate exactly what will happen once the testing actually begins you should be able to formulate a good plan of action.

All you are doing here is providing your plan of action, indicating what you believe are possible good tests to complete based off of your current knowledge. Of course as you progress with the actual testing it is possible you could remove or add to your steps.

In the real world no one is going to just give access to their network, they will want to know what you plan and to know what your backup plans are if things go wrong.

This case study is just to provide you an opportunity to explain what you would do in a situation similar to this one, where a client is asking you to provide guidance and potentially solutions. You are not predicting what will happen, so much as providing courses of action.

Reference no: EM131406471

Questions Cloud

Define legal and criminal issues related to data breach : What is data breach. Define legal and criminal issues related to data breach? What are the plan to protect data breach?
How much does diversification reduce the var : What is the 10-day 97.5% value at risk for the portfolio? By how much does diversification reduce the VaR?
Purposes of routing data through interconnection : (1) An address that identifies both a network and a host for the purposes of routing data through interconnection of networks is?
Explain why communication is essential in an organization : Explain why communication is essential in an organization and explain the ways that effective communication improves employee trust and engagement. Focus on comparing/contrasting two types of channels or techniques
Develop a test plan for the penetration test : You are hired as part of a team of external Penetration Testers to work for a company with a large enterprise network. Your Team Lead would like you to develop a Test Plan for the penetration test
How can buffer-overflow attacks be avoided : Research and discuss the principle of exploits based on buffer-overflow attacks.How can buffer-overflow attacks be avoided?
Write to your professor asking them to write a letter : Write to your professor asking them to write a letter on your behalf. Make sure you include all the information your professor will need in order to write you the best reference possible.
Four bytes of the message integrity check : What are the first four bytes of the Message Integrity Check (MIC) in the AP's first packet of the authentication handshake?
What is the volatility of the ft-se 100 : Assume that the dollar/sterling exchange rate is expressed as the number of U.S. dollars per pound sterling. (Hint: When Z = XY, the percentage daily change in T. is approximately equal to the percentage daily change in X plus the percentage daily..

Reviews

len1406471

2/27/2017 3:49:02 AM

Your submission should be 4 to 6 pages long (not including the title page and the reference page) All sections are represented (Sections 1.0 - 4.0). Utilized correct grammar and spelling. In APA format with proper citations and references. In Times New Roman or Arial font, font size 12. Include and cite references as needed. This case study is just to provide you an opportunity to explain what you would do in a situation similar to this one, where a client is asking you to provide guidance and potentially solutions. You are not predicting what will happen, so much as providing courses of action.

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd