Penetration Test Plan
IT542 Dr. Matthew North
March 19, 2013
Table of Contents Scope 3 Goals and Objectives 4 Tasks 4 Reporting 7 Schedule 9 Unanswered Questions 10 Authorization Letter 11 References 13
This Vulnerability and Penetration Test Plan is designed specifically for E-commerce Sales and is designed to determine what steps need to be taken to secure and protect the network against malicious attacks. This Vulnerability and Penetration Test will cover numerous aspects of the E-commerce Sales information …show more content…
Netcat: Sends both TCP and UDP packets over the network and can be used to install backdoors on hosts by monitoring a specific port (Wirelessdefence.org, 2010).
When completed in relation to the testing schedule detailed later, the data will be collected, analyzed and presented to E-commerce Sales.
At completion of the Vulnerability and Penetration test all discoveries will be compiled into a variety of reports for presentation to E-commerce Sales. Any reports generated from the utilities used during testing will be included in their raw formats such as the Nessus report (Dobison, 2011) in Figure 2. [pic] Figure 2 (Dobison, 2011) The vulnerabilities and risks will also be compiled into a report rating each risk on an Information Security Risk Rating Scale as illustrated in Figure 3.
|Information Security Risk Rating Scale |
|Extreme |Extreme risk of security being compromised with potential of complete loss of data and finances. |
|13-15 | |
|High |High risk of security controls