Benchmark – Penetration Assessment
It is now time to put all your knowledge and skills together to perform and document a complete penetration test. We will utilize the “SANS Institute Conducting a Penetration Test on an Organization,” located in the Course Materials, as our blueprint. For this assignment, use the “Corporate Scenario” resource also found in the Course Materials. This assignment should identify which fundamental security design principles are in play, how they interrelate, and methods in which they should be applied to develop systems worthy of trust.
The following VMs found on Vulnhub will be used to perform this penetration test:
- De-Ice S1.100
- De-Ice S1.110
- De-Ice S1.120
- De-Ice S1.140
- De-Ice S2.100
Using the GCU Approved Virtualization Solution perform a complete penetration test against at least the first four VMs. Number 5 is for those students that want to go the extra mile. Document your findings under Phase Testing in the “PEN Testing Report Guidelines,” located in the Course Materials. Refer to the SANS Institute industry-standard “Writing a Penetration Testing Report,” for examples of a PEN Testing Report. Complete each section (cover page through resources) of the PEN Testing Report for submission, referencing the “PEN Testing Report Guidelines.” The report must include the complete Phasing Testing methodology.
While APA style is not required for the body of this assignment, solid academic writing is expected, and documentation of sources should be presented using APA formatting guidelines, which can be found in the APA Style Guide, located in the Student Success Center.
This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.
You are not required to submit this assignment to LopesWrite.
This benchmark assignment assesses the following programmatic competencies and professional standards:
6.4 Explain various cyber concepts, techniques, and implications regarding vulnerability exploitation, penetration testing (white-hat hacking), risk analysis, hardening, and business strategies.
Topic 8 DQ 1
Before you conduct a penetration test, you will negotiate a contract with your client. This is considered the scope of the test, or what you are going to do and how you will accomplish the test. How important is it for the tester to stay in scope? What would happen if you strayed from the scope of the test, even if it were important for successful completion of the PEN test?
Topic 8 DQ 2
Often, as a penetration tester you will be working as a third party contractor. The information that you gather during the test is often sensitive. What is the importance of non-disclosure? If you discover wrongdoing(s) by your client, should you disclose it to the authorities? Why or why not?
Place your order now on a similar assignment and get fast, cheap and best quality work written by our expert level assignment writers.