User Account

All Pages

Overview of technical approach to conducting the test

Assignment Help Management Information Sys
Reference no: EM131406606 , Length: 6

Assignment Instructions

The Scenario:

You are hired as part of a team of external Penetration Testers to work for a company with a large enterprise network. The organization that hired your team is in the retail industry and processes over 100,000 credit card transactions every day across 100 store locations. This organization has a very large network infrastructure that connects their retail stores, business offices, and company headquarters. The Chief Information Security Officer (CISO) would like your team to focus on their most critical systems and devices.

Prior to executing the penetration test, the CISO would like to meet with the team as they are nervous about the test potentially bringing their network down. They would like to minimize impacts to their production environment and ensure that their backup systems and devices are not targeted at the same time. They want you to focus on the following: DNS servers, mail servers, web servers, database servers, firewalls, and routers.

Your Team Lead would like you to develop a Test Plan for the penetration test. The Test Plan should be developed using the following outline:

Sections:

1.0 Introduction

2.0 Overview of technical approach to conducting the test (high-level methodology)

3.0 Detailed penetration testing (hacking) process

Note: Section 3 should include 1) attacks you will use, 2) tools, 3) timeline (you only have one week), 4) reporting methods if major issues occur or if you identify incidents in their environment. You may make these as sub-sections if you'd like (e.g., 3.1 Attacks Used, 3.2 Tools Used, etc.)

4.0 Summary

Note: This section should be short, a paragraph or two.

Submission details:

Your submission should be 4 to 6 pages long (not including the title page and the reference page)

All sections are represented (Sections 1.0 - 4.0).

Utilized correct grammar and spelling.

In APA format with proper citations and references.

1" margins.

In Times New Roman or Arial font, font size 12.

Include and cite references as needed.

Penetration Test Plan:

You are facing a client who is nervous about you basically "hacking" their system, this is the scenario, and while you cannot dictate exactly what will happen once the testing actually begins you should be able to formulate a good plan of action.

All you are doing here is providing your plan of action, indicating what you believe are possible good tests to complete based off of your current knowledge. Of course, as you progress with the actual testing it is possible you could remove or add to your steps.

In the real world, no one is going to just give access to their network, they will want to know what you plan and to know what your backup plans are if things go wrong.

This case study is just to provide you an opportunity to explain what you would do in a situation similar to this one, where a client is asking you to provide guidance and potentially solutions. You are not predicting what will happen, so much as providing courses of action.

Reference no: EM131406606

Questions Cloud

Define a function called : Define a function called skip_string() that takes a string (call it string) and an optional positive integer (call it skip_amount). The function should return a string that starts with the first character in string, and then skips skip_amount char..
Sequence of numbers and an optional minimum value : Define a function called all_above(), which takes a sequence of numbers and an optional minimum value, and determines if every number in the sequence is larger than the given minimum value.
Determine the mean squared distortion : The objective of this problem is to use MATLAB to design a 10-level Lloyd-Max (nonuniform) quantizer for a zero-mean, unit-variance Gaussian source.
Identify the main business actors : 1. Identify the main business actors. 2. Using the Gane and Sarson symbols, draw a context and a level- 0 diagram for the narrative above.
Overview of technical approach to conducting the test : You are hired as part of a team of external Penetration Testers to work for a company with a large enterprise network. The organization that hired your team is in the retail industry and processes over 100,000 credit card transactions every day ac..
Pointing to the start of the string : Write a code for a function which is given (as arguments) char *p (pointing to the start of the string), char c, and returns a char *q to the *second * occurrence of the character c in the string, or a NULL pointer if c is not found at least twice..
Determine the resulting number of bits for a piece of music : In a CD player, the sampling rate is 44.1 kHz, and the samples are quantized using a 16 bit/sample quantizer. Determine the resulting number of bits for a piece of music with a duration of 50 minutes.
Standard bluetooth communication on an iphone : What type of antenna is used for standard Bluetooth communication on an iPhone? What are some drawbacks of this design?
File signature verification tool provides : Enumerate the information about system files and device driver files that the File Signature Verification tool provides.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd