CMIT 321 6383Gaining Access Plan/ Penetration Test Proposal Deliverable 3: Gaining Access Plan

Document Content and Description Below

Overview The next step in the penetration test will be the gaining access phase. During this phase the attacker would have collected the necessary information during reconnaissance to gain access to ... the target system. The attacker will exploit numerous computers and other devices to compromise the system, disrupt business processes or steal information. Vulnerable Resources The attacker will now exploit vulnerabilities in this phase discovered during reconnaissance. Vulnerabilities can be found within the software and hardware of numerous devices (computers printers, operating systems, ect.). Attackers can use public information to discover known vulnerabilities based on the type of software and hardware used by the target. Some resources with this information are as follows: NVD: National Vulnerability Database (NVD) is a vulnerability database created by NIST (National Institute of Standards and Technology). NIST is a government agency that records and analyzes know vulnerabilities reported to them nationwide. This site is available to the public. CVE details: this website contains numerous known vulnerabilities for multiple systems and vendors. Attackers and IT professionals can search for the vulnerabilities for specific to the systems in use or being targeted. This site is also available to the public. [Show More]

Last updated: 1 year ago

Preview 1 out of 4 pages