CMIT 321-6382: Ethical Hacking. Penetration Test Proposal Deliverable 4: Final Penetration Test Proposal

Document Content and Description Below

Penetration Test Proposal Deliverable 4: Final Penetration Test Proposal Questdrion Threat CMIT 321-6382 Professor Gripko 9/3/2019 Rules of Engagement Overview This document is to state th... e overall goal and expectations from the penetration performed by Centralia Security Labs. The goal is this project is to detect any and all network security breaches within Haverbrook Investment Group. These tests are not limited to social engineering, spoofing or other tools used by the company to perform the test. Haverbrook will be notified at designated intervals during the test. All progress and issues will be communicated with the CIO, CISO and System administrator as points of contact. Testing will take place over the course of one month. Weekly reports will be given to CIO, CISO and the System administrator on the progress of testing. Scope The penetration test will cover the scope of a rogue entity infiltrating the system and gaining access and control of the network with an administrator account. These accounts include the CIO, CISO and CEO. Disrupting operations using DOS attacks and extorting the company via encryption. These accounts include the CIO, CISO and CEO. The tester will not touch financial records of the company nor access personal information such as Human Resources documents or emails. The tester will have access to exploit servers, computers and other devices connected to the company’s network. Tester will use various software to find and exploit the network. These include command line, network mapping, IP spoofing and various other means. The testing will take place offsite. The attacker (pen tester) will attempt to gain access remotely. The attacker will use social engineering techniques, Kali Linux hacking software to gain access to the companies’ servers and user computers. The attack will take place over the course of 1 month. Employees can expect slow connections and possible downtimes during testing time. The test will be “blind”. In this respect, the attacker will only know the companies name. This will simulate a real-time attack and allow us and stakeholders to see how the company’s security infrastructure will hold up. Checklist Permission to use social engineering to gain information about employees (methods are limited to phishing emails). Social engineering entails the use of phishing, dumpster and other acts used to trick, coerce or deceive victims into giving sensitive information such as passwords, account numbers, ect. Permission to attack and infiltrate firewall Permission to perform DOS (Denial of Service attacks) which can impede productivity Permission to encrypt sensitive data Permission to exploit hardware and software used by employees Permission to exploit, manipulate and/or compromise company webpages Ethical Considerations The tester will not access, tamper or alter any personal information such as names, address, emails, phones numbers or any Human Resources documents. Tester will not access, tamper or alter any financial information. Any exploits discovered during testing must be reported during check points and final security report. Tester will NOT program, alter or tamper with any hardware or software that will allow backdoor access upon conclusion of testing. Centralia and tester will both agree to an NDA about Haverbrook Investment Group’s network architecture, passwords, and emails. Reconnaissance Plan Overview The first step in the penetration test will be the reconnaissance phase. During this phase the attacker (pen tester) will be doing research on the company and the site. The attacker may begin by visiting the company’s site to figure out the organizations structure and hierarchy, business model, phone numbers and various other sources of information that is available to the public to develop a plan of attack. Reconnaissance Methods There are 2 key methods the attacker will use to gather information about the company to perform the attack: Passive and Active. The passive reconnaissance entails the attacker simply gathering information about the target without actively compromising any systems. Active reconnaissance entails the attacker compromising the system to gain information. For the penetration test on Havenbrook Investment Group, the attacker will be using both. Some examples methods and styles of the reconnaissance are outlined as follows: Passive • War Driving: • Dumpster diving • WHOIS • SQLMAP • Nessus: Active • Port scanning For the purpose of this penetration test, the attacker will be using the described methods and software to attempt to gather information about Havenbrook Investment Group’s network. [Show More]

Last updated: 1 year ago

Preview 1 out of 13 pages