CMGT 400 Week 2 Penetration Testing
Plan
A Penetration Tester evaluates the security of an information
infrastructure by intentionally, and safely, exploiting vulnerabilities.
Take on the role of Penetration Tester for the organization you
chose in Week 1.
Use the Penetration Testing Plan Template to create a 3- to
4-page Penetration Testing Plan for the organization you chose.
Research and
include the following:
- Pentest Pre-Planning
- Engagement
timeline: Tasks and who performs them
- Team
location: Where will the penetration team execute their tests?
- Organization
locations tested: multiple locations, countries (Export restrictions and
government restrictions)
- Which
pentest technologies will be used? Consider the following as you research
options:
- Scanning
Tools: Nmap, Nikto
- Credential
Testing Tools: Hashcat, Medussa, John the Ripper, Cain and Abel
- OSINT
Tools: Whois, TheHarvester
- Wireless
Tools: Aircrack-ng, Kismet
- Networking
Tools: Wireshark, Hping
- What
client personal are aware of the testing?
- What
resources provided to pentest team?
- Test
Boundaries:
- What
is tested?
- Social
engineering test boundaries? What is acceptable?
- What
are the boundaries of physical security tests?
- What
are the restrictions on invasive pentest attacks?
- What
types of corporate policy affect your test?
- Gain
Appropriate authorization (Including third-party authorization)
- Pentest Execution Planning: Given
the scope and constraints you developed in your Pentest Pre-Plan, plan the
following pentest execution activities
- Reconnaissance
- Scanning
- Gaining
Access
- Maintaining
Access
- Covering
Tracks
- Pentest Analysis and Report
Planning:
- Analyze
pentest results
- Report
pentest results
Submit the
assignment.
CMGT 400 Week 2 Penetration Testing Plan
- Product Code: Tutorial
- Availability: In Stock
-
$9.00
Tags: CMGT 400