Ethical Hacking And Network Defense Unit 2 Assignment

1705 words - 7 pages

Ethical Hacking and Network Defense Unit 1 Assignment
Kaplan University

Table of Contents


Goals and Objectives




Unanswered Questions

Authorization Letter


Production e-commerce Web application server and Cisco network described in Figure 1.1. Located on ASA_Instructor, the e-commerce Web application server is acting as an external point-of-entry into the network:

• Ubuntu Linux 10.04 LTS Server (TargetUbuntu01)

• Apache Web Server running the e-commerce Web application server

• Credit card transaction ...view middle of the document...

• Information Gathering and Analysis – During this phase we will be using different tools to analyze the target network and plan for the actual penetration phase. Network surveys are conducted to analyze open ports, map the network and research is done to find the registry information and obtain IP addresses.
• Vulnerabilities will then be identified on the system. Vulnerabilities are put together via a combination of known exploits and the experience of our testers as well as tools that can identify known exploits against certain systems. Tools used for this step are Nessus Vulnerability Scanner.
• Once vulnerabilities are identifies, penetration attempts are planned out and executed. These are done on target systems on the network. One of the first steps is being able to gain access to the system via password cracking. If and when access is gained, further system vulnerabilities can then be identified.
• After penetration tested is completed the team will clean up any changes or modifications that were made during the exploitation.


Reporting will be done after the penetration tests have been completed and will contain a summary and detailed results of all of the tests conducted. Individual reports will be submitted be each tester and will pertain information that is applicable to their tests. All of the penetration tests will then be combined and listed out with the results of all tests. Vulnerabilities will be specifically pointed out as well as information and recommendations on how best to secure those weaknesses.


Penetration testing will be conducted between 2:00 a.m.–6:00 a.m. EST weekend only (Saturday and Sunday) starting 1 week from the date that this document is signed or an agreed upon date by both parties.

Unanswered Questions

To properly conduct penetration testing there are certain questions that remain unanswered. In order to provide accurate testing, the following questions still remain:

• Penetration testing often involves using social engineering to gain access. As we are unaware of E-commerce’s systems, we need to know if this type of attack is allowed or even available for use due to the time that the attacks need to be initiated.

Authorization Letter

Authorization is granted to ABC Security Systems to conduct penetration testing as outlined in this document. ABC Systems will adhere to all provisions in this document to the absolute best of its ability. ABC Systems is not responsible for any damages incurred by penetration testing or by any compromises to the target system due to testing conducted as long as it adherer’s to the standards set forth in this document. Any deviations to this document will require written approval and will be attached to this document for reference.



Lab #6 Design and Implement IT Security...

Other assignments on Ethical Hacking And Network Defense Unit 2 Assignment

Unit 5 Assignment 2 Define An Acceptable Use Policy (Aup)

339 words - 2 pages Unit 5 Assignment 2: Define an Acceptable Use Policy (AUP) Acceptable Use Policy Richman Investments holds requirements for the usage of the company network including filtering policies for network traffic. LAN – WAN is where the IT infrastructure links to a wide area network and internet. For Security (Administrators and Managers) - Security monitoring controls for intrusion - Apply email server and attachment antivirus and email

Pt1420 Unit 2: Research Assignment

270 words - 2 pages In Java, naming conventions for identifiers have been established and suggested by various Java communities such as Sun Microsystems, Netscape, AmbySoft etc. • The Classes names should be nouns in UpperCamelCase, with the first letter of every word capitalized. Use whole words — avoid acronyms and abbreviations (unless the abbreviation is much more widely used than the long form, such as URL or HTML). • Methods should be verbs in

Is3230 Unit 2 Assignment 1

307 words - 2 pages Selecting Security Countermeasures IS3220 As a technology associate in the information system department at Corporation Tech I have reviewed the new network design and identified possible security threats and appropriated countermeasures. Entering the internet without proper security can be harmful in many ways. The first thing that should be added is a firewall. Firewalls can prevent unwanted traffic from infiltrating the network. This is

Nt1310 Unit 7. Assignment 1. Reflection, Refraction And Optics

303 words - 2 pages On this assignment, I will explain reflection, refraction, and Optics. Refraction is the change in direction of a wave due to a change in its transmission medium. This is most commonly observed when a wave passes from one medium to another at any angle other than 90° or 0°. Refraction of light is the most commonly observed phenomenon, but any type of wave can refract when it interacts with a medium, for example when sound waves pass from one

Ceh Course

458 words - 2 pages attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. This course prepares you

Ethical Hacking

2587 words - 11 pages systems for personal gain. 2-Technically, these criminals are Crackers as Criminal Hackers. Crackers break into systems with malicious Intentions An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of

Ethical Issues Arising From The Intersection Of Law, Compliance & Investigations

417 words - 2 pages There are several ethical issues that arise in information security. The security is one of most issue of concern for every business organization. Ethics is a term which is used to distinguish between right or wrong things. Ethical issues in computer security includes cybercrimes, computer hacking and information warfare. In an Internet world, many banking organizations are attacked by attackers and millions of credit card details stolen every

Unit 1 Assignment 1: Effects Of Routing On Current Communication Methods Used By Organizations

3601 words - 15 pages Schema Diagram Submission Requirements * Format: Microsoft Word * Font: Arial, Size 12, Double-Space * Length: 1–2 pages * Due By: Unit 5 Self-Assessment Checklist Use the following checklist to support your work on the assignment; review each item for both IPv4 and IPv6 implementations: * I have determined whether private network addressing is appropriate. * I have determined the number of publically routed

Roles Involved In Network Security

430 words - 2 pages Unit 9 Assignment 1: List phases of a computer Attack Reconnaissance and Probing The primary attach would be pretending to be friendly to a user by simply starting with a story or a joke to a co-worker, to get some type of information, then a search through different means (google, social sites, etc.) Method of access 1. The primary target is to use some type of phishing, spear or pharming type of trick to get information (use a birthday


647 words - 3 pages because of large in number. The communication architecture of sensor networks has three phases 1. Sensor node 2.Sink 3.User. The sensor node collects data sends it to the sink, where the sink compute the data and finally sends it to the user. The design topology of sensor networks depends on the user requirement. The basic system consists of the power unit, processing unit, sensing unit and the transceiver. Depending on the requirement some other


326 words - 2 pages Unit 9 Assignment 2 Phases of a computer attack Phase 1 - Reconnaissance Phase 2 - Scanning Phase 3 - Gaining Access Phase 4 - Maintaining access Phase 5 - Covering Tracks Phase 1:   Passive and Active Reconnaissance Passive reconnaissance:   This is the process of scouting out a company or individuals knowledge and processes, such as finding out when employees come in to work and leave work.   It can also be the result of

Similar Documents

Network Security And Ethical Hacking Essay

5261 words - 22 pages Network Security & Ethical Hacking ------------------------------------------------- ------------------------------------------------- Neal Patrick and his friends did not realise they were doing anything unethical, in fact: when asked by Congress “At what point he questioned the ethics of his actions” – he answered “Once the FBI knocked upon my door.” “I have found that inadequate network security is usually caused by a failure to

Unit 1 Assignment 1 Windows 2008 Network

461 words - 2 pages Unit 1. Assignment 1. Windows 2008 Network Services Course Objectives and Learning Outcomes In this assignment, you will explain the function of DHCP and DNS. Assignment Requirements Write a 1-page report summarizing IT-management overhead in reference to DHCP and DNS. In your report, address IT-management overhead in reference to DNS and DHCP, with the following question in mind: 1. How many hosts does it take to justify the

Pt1420 V1 Unit 2 Assignment 1: Homework

319 words - 2 pages Unit 2 Assignment 1 Pt1420 Unit 2 Assignment 1: Homework Kenneth D. Davis Intro to Programming Short Answer 1. What does a professional programmer usually do first to gain an understanding of a problem? Interview the customer 2. What is pseudocode? Fake Code 3. Computer programs typically perform what three steps? 1. Input is received. 2. Some process is performed on the input. 3. Output is produced. 4. What does the

Unit 2 Assignment 1 Transfer Time

306 words - 2 pages Unit 2 Assignment 1: Transfer Time File Size | Transfer Rate | Transfer Time | 100 MB | 56 Kbps | 15 seconds | 100 MB | 4 Mbps | .2 seconds | 2 GB | 56 Kbps | 4 minutes 46 seconds | 2 GB | 4 Mbps | 4 seconds | (100 MB x 1,000 x 8) / (56 Kbps x 1000) = 15 seconds (100 MB x 1,000 x 8) / (4 Mbps x 1,000 x 1,000) = .2 seconds (2 GB x 1,000 x 1,000 x 8) / (56 Kbps x 1,000) = 286 seconds = 4 minutes 46 seconds (2 GB x 1,000 x 1,000 x