Description
You are the owner and operator of a small information security consulting firm. You have received a request from one of your clients, Infusion Web Marketing, that you provide a written proposal for performing a penetration test on the company's production Web servers and corporate network.
Environment:
Scope | Production e-commerce Web application server, the e-commerce Web application server is acting as an external point-of-entry into the network:
|
Intrusive or Non-Intrusive | Intrusive. The test will include penetrating past specific security checkpoints. |
Compromise or No Compromise | No compromise. The test can compromise with written client authorization only. |
Scheduling | Between 2:00 a.m – 6:00 a.m. weekend only (Saturday or Sunday) |
Using the information from the scenario above, provide a written attack and penetration testing plan, describing your firm's approach to performing the penetration test and what specific tasks, deliverables, and reports you will complete as part of your services. The plan should include these sections:
- Table of Contents
- Project Summary
- Goals and Objectives
- Tasks
- Reporting
- Schedule
Your penetration testing plan is required to be 4-5 pages in length, not including the title and references pages, and cite at least three credible sources other than the course materials. It should follow APA style guidelines, as appropriate.
Explanation & Answer
I appreciate working with you! In case of any further edits, please do not hesitate to let me know! See you soon! Remember me as always! Would love and appreciate to work with you in the future! Goodbye
Running head: PENETRATION TESTING PROPOSAL
Infusion Web Marketing Penetration Testing Proposal
Names:
Institution:
1
PENETRATION TESTING PROPOSAL
2
Contents
Project summary ......................................................................................................................... 3
Goals and objectives ................................................................................................................... 4
Tasks........................................................................................................................................... 4
Network and system reconnaissance ...................................................................................... 5
Network vulnerability testing ................................................................................................. 5
Testing the vulnerability of the server .................................................................................... 5
Reporting .................................................................................................................................... 6
Schedule ..................................................................................................................................... 6
References .................................................................................................................................. 7
PENETRATION TESTING PROPOSAL
3
Infusion Web Marketing penetration testing proposal
Project summary
Technology has become a vital part of businesses in the present century. While
companies like Infusion Web Marketing are shifting to technologies such as sophisticated
server systems to process and store credit card information for their clients, they create new
channels that expose them to c...