Network Penetration Testing

2192 Words9 Pages
FULL BREACH PENETRATION TEST 1. Reconnaissance. a. Establish active and inactive routes into the property. b. Establish Contractor routines (Cleaners, Builders, Electricians, Technician etc) c. Establish Courier routines d. Establish employee routines, (Social Engineering) e. Obtain ID card/s, (Theft or Falsify) 2. Gain entry to the building. (Pretext, Deceit, Employment) a. Establish Office layout b. Establish Sensitive offices (Including ComCen and IT rooms) c. Establish Evacuation routines 3. Acquisition of Intelligence. a. Obtain Hard & Soft Copy Information b. Obtain Top Managerial Personal Information, (Addresses etc) c. (Optional deployment of Ethical Hacking)…show more content…
Note: Denial of Service attacks will not be undertaken unless specifically requested by Client and then, only by specific authorisation and only against predefined targets. 2 Report The results will be presented to Client in the form of a single report. The main sections of the report are detailed below: 1 Executive Summary This section is targeted at non-technical management. It will highlight vulnerabilities, risks and any impact these vulnerabilities may cause to business continuity. Only the more critical vulnerabilities, which can impact on business continuity or data integrity, will be detailed within this section. The executive summary will include a risk matrix. The matrix will include a high level risk assessment and will take into accounts such things as the likelihood of a successful attack against a target system and include information such as the risk per site, per phase and per system. 2 Technical Report This section of the report will contain a detailed technical breakdown of findings. This will detail any vulnerability found and the associated risks. Each node scanned will be listed individually with the assessment and recommendations listed below. Where practically possible we will advise you how to
Get Access