Lab 1

Topics: Computer security, Web server, Penetration test Pages: 4 (690 words) Published: July 1, 2014
Attack and Penetration Plan

Table of contents

1
Scope

2
Goals and Objectives

2
Tasks

2
Reporting

2
Schedule

2
Unanswered Questions

2
Authorized Letter

2

SCOPE
Located on ASA_Instructor, the e-commerce Web Application server is acting as an external point-of-entry into the network: Ubuntu Linux 10.04 LTS Server (TargetUbuntu01)
Apache Web Server running the e-commerce Web application server Credit card transaction processing occurs
GOALS AND OBJECTIVES
Perform a penetration test on the company’s production e-commerce Web application server and its Cisco network. TASKS
Pre-engagement Interactions
Architecture Review
To help the penetration testing team understand the intended functionality of the targeted system and asses the security risks at a vulnerability could pose to the organization Planning, Scoping and Recon

Intelligence Gathering
Network Survey (Nmap)
Identify domain names
Identify server names
Identify internet service provider
Identify IP address of host involved and create a network map using the nmap tool Determine domain registry
Determine operating system
Scanning
Network sweeps
Network tracing
Port scans
Threat Modeling/Vulnerability Detection
Identifying exploits and vulnerabilities
www.nessus.org
Determine manual Vulnerability
Identify Targets
Name machines for testing (by function)
Properly Identify Targets
Estimate time for completion of test
Exploitation/Perform Penetration Test
Exploitation
Server side escalations
Client-side escalations
Testing methods
Password Cracking
Social Engineering
Test physical security
Wireless and Web attacks
Establish Security Posture
Initial baseline configuration
Continuous security monitoring
Remediation

REPORTING
Overview of the penetration test
Analysis on critical vulnerabilities
Commentary on critical vulnerabilities
Summary of any successful penetration...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • MKT 571 Quizzes week 1 6 Essay
  • benetton images 1 Essay
  • APUSH Chapter 1 Cornell Notes Essay
  • Computer Lab Rules & Regulations Essay
  • Computer Lab Managemetn System Essay
  • Essay about Online Computer Labs Monitoring System
  • Campus Computer Labs: The Issue at Hand Research Paper
  • REFLECTION ON Ep.1 FS Essay

Become a StudyMode Member

Sign Up - It's Free