Homework Essay Help

Penetration testing plan | CMGT400 Intro To Information Assurance & Security | University of Phoenix

 

A Penetration Tester evaluates the security of an information infrastructure by intentionally, and safely, exploiting vulnerabilities.

Don't use plagiarized sources. Get Your Custom Essay on
Penetration testing plan | CMGT400 Intro To Information Assurance & Security | University of Phoenix
Just from $13/Page
Order Essay

Take on the role of Penetration Tester for the organization you chose in Week 1.

Use the Penetration Testing Plan Template to create a 3- to 4-page Penetration Testing Plan for the organization you chose. The 3-4 page assignment length requirement applies to the content of the assignment. Start the assignment with an APA formatted title page and add a reference section with at least two professional references. Use the references in the text of the assignment. 

Research and include the following:

  • Pentest Pre-Planning
    • Engagement timeline: Tasks and who performs them
    • Team location: Where will the penetration team execute their tests?
    • Organization locations tested: multiple locations, countries (Export restrictions and government restrictions)
    • Which pentest technologies will be used? Consider the following as you research options:
      • Scanning Tools: Nmap, Nikto
      • Credential Testing Tools: Hashcat, Medussa, John the Ripper, Cain and Abel
      • OSINT Tools: Whois, TheHarvester
      • Wireless Tools: Aircrack-ng, Kismet
      • Networking Tools: Wireshark, Hping
    • What client personal are aware of the testing?
    • What resources provided to pentest team?
    • Test Boundaries:
      • What is tested?
      • Social engineering test boundaries? What is acceptable?
      • What are the boundaries of physical security tests?
      • What are the restrictions on invasive pentest attacks?
      • What types of corporate policy affect your test?
    • Gain Appropriate authorization (Including third-party authorization)
  • Pentest Execution Planning: Given the scope and constraints you developed in your Pentest Pre-Plan, plan the following pentest execution activities
    • Reconnaissance
    • Scanning
    • Gaining Access
    • Maintaining Access
    • Covering Tracks
  • Pentest Analysis and Report Planning: 
    • Analyze pentest results
    • Report pentest results 

Order your essay today and save 30% with the discount code ESSAYHELP