Cmit 321 penetration test proposal

CMIT 321 Final Penetration Test Proposal

You must combine my already prepared products and combine them with what I haven't done to complete this assignment today in the next 10 hours at 2200 EST. If you cannot make this deadline PLEASE do not accept the assignment.

I will supply you what what I have done via private message. This must be run through turn it in plagarism checker and must not come back any higher than 25 percent including references, so if you are going to rewrite what others have done you need to be exceptional at it.

Rules of Engagement (from Deliverable 1) --COMPLETE
Reconnaissance Plan (from Deliverable 2)-- COMPLETE
Scanning Plan (from Deliverable 2)-- COMPLETE
Gaining Access Plan (from Deliverable 3) Not done
Maintaining Access Plan (New) Not Done
Covering Your Tracks Plan (New) Not Done

Penetration Test Proposal
Deliverable 4: Final Penetration Test Proposal
Name:

Course Number and Section:

Instructor:

Date:

Rules of Engagement

Overview

Include a brief description of the penetration test project.

Scope

Discuss the scope of the penetration test (pen test).

Checklist

Provide a list of the testing requirements.

Ethical Considerations

Describe how you will apply appropriate ethical principles throughout the penetration testing process.

Reconnaissance Plan
Overview

Provide a summary of the Reconnaissance phase.

Reconnaissance Methods

Identify specific methods and demonstrate a structured and ordered methodology while gathering key information that could be used to penetrate the network and systems of Haverbrook Investment Group. Discuss in detail both passive and active methods of reconnaissance.

Scanning Plan
Overview

Provide a summary of the Scanning phase.

Tactics, Techniques, and Procedures

Outline and discuss specific use cases to discover and enumerate information that could be used for potential exploitation. Some examples of information that you are gathering from Haverbrook Investment Group’s systems are usernames, machine names, shares, and services from a system. Identify any software, applications, or scripts that will be needed and provide a description of how this software will be used to gather information about Haverbrook’s systems.

Gaining Access Plan
Overview

Provide a summary of the Gaining Access phase.

Vulnerable Resources

Identify the resources where vulnerabilities can be located and include a brief description of those resources. Be sure to include a reference to the vulnerability, i.e., NVD.

Techniques and Software

Provide the techniques and any software, applications, or scripts that will be used in gaining access to the network(s) or system(s) along with a description of each technique. Refer to Chapter 6 in the textbook for additional information.

Maintaining Access Plan
Overview

Provide a summary of the Maintaining Access phase.

Techniques and Software

Identify the techniques used to maintain network and/or system access. Provide a brief summary of each technique. Include any software, applications, or scripts that may be needed to maintain access in the network or system(s). Refer to Chapter 6 in the textbook for additional information.

Covering Your Tracks Plan
Overview

Provide a summary of the Cover Your Tracks phase.

Techniques and Software

Identify the methods, software, applications, scripts and any other means of covering your tracks. Provide a brief description of how each of these will be used to hide from the system administrator. Refer to Chapter 6 in the textbook for additional information.

References