Attack and Penetration Test Plan

Scenario:

You are the owner and operator of a small information security consulting firm. You have received a request from one of your clients, Infusion Web Marketing, to provide a written proposal for performing a penetration test on the company’s production Web servers and corporate network.

Environment:

Scope

Production e-commerce Web application server, the e-commerce Web application server is acting as an external point-of-entry into the network:
• Ubuntu Linux 16.04 LTS Server (TargetUbuntu01)
• Apache Web Server running the e-commerce Web application server
• Credit card transaction processing occurs on all web servers

Intrusive or Non-Intrusive

Intrusive. The test will include penetrating past specific security checkpoints.

Compromise or No Compromise

No compromise. The test can compromise with written client authorization only.

Scheduling

Between 2:00 a.m-6:00 a.m. weekend only (Saturday or Sunday)

Deliverables:

Using the information from the scenario above, provide a written attack and penetration testing plan, describing your firm’s approach to performing the penetration test and what specific tasks, deliverables, and reports you will complete as part of your services. The plan should include these sections:

  1. Table of Contents
  2. Project Summary
  3. Goals and Objectives
  4. Tasks
  5. Reporting
  6. Schedule

Your penetration testing plan should be 2-3 pages in length, not including the title and references pages, and cite at least three credible sources other than the course materials. It should follow Saudi Electronic University academic writing standards and APA style guidelines, as appropriate.

It is strongly encouraged that you submit all assignments to the Turnitin Originality Check prior to submitting it to your instructor for grading. If you are unsure how to submit an assignment to the Originality Check tool, please review the Turnitin Originality Check Student Guide for step-by-step instructions.

Helpful Resources:

The SANS Institute provides several resources that you might find helpful for this assignment: http://www.sans.org/reading-room/whitepapers/testing

The National Institute for Standards and Technologies (NIST) also provides some guidance on this topic: http://csrc.nist.gov/publications/nistpubs

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 6-12hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

Do you have an upcoming essay or assignment due?

All of our assignments are originally produced, unique, and free of plagiarism.

If yes Order Paper Now