Cover page
Table of Contents
Introduction
Goal: Execute, collect, and compile your network security test results into a security assessment report, so that management has a baseline view of the security posture of the enterprise network, before the actual external IT audit.
Step 1: Conduct a Security Analysis Baseline
“Security Analysis Baseline” section (3 pages)
· Security requirements and goals for the preliminary security baseline activity.
· Typical attacks to enterprise networks, their descriptions, and the impacts these attacks have on an organization.
· Network infrastructure and diagram, including configuration and connections. Include in the network diagram open and closed networks, show the connections to the Internet.
· Physical hardware components. Include routers and switches. What security weaknesses or vulnerabilities are within these devices?
· Operating systems, servers, network management systems.
· Data in transit vulnerabilities.
· Current mobile applications and possible future applications and other wireless integrations.
· What are the security risks and concerns associated with the infrastructure components above?
· What are ways to get real-time understanding of the security posture at any time?
· How regularly should the security of the enterprise network be tested, and what type of tests should be used?
· What are the processes in play, or to be established to respond to an incident?
· Workforce skill is a critical success factor in any security program, and any security assessment must also review this component. Lack of a skilled workforce could also be a security vulnerability. Does the security workforce have the requisite technical skills and command of the necessary toolsets to do the job required?
· Is there an adequate professional development roadmap in place to maintain and/or improve the skill set as needed?
· Describe the ways to detect these malicious code and what tactics bad actors use for evading detection.
· Once you found your risk factors above, identify the appropriate security controls and the best approach to test them using NIST SP 800-53A.
Step 2: Determine a Network Defense Strategy
“Network Defense Strategy section” (2 pages)
In this section you will have to determine the best defenses for your network.
· Outline how you would test violations on the network based on your baseline results.
· Identify how you will assess the effectiveness of existing controls and write test procedures that could be used to test for effectiveness.
· Explain the different testing types (black box testing, white box testing).
Step 3: Plan the Penetration Testing Engagement
“Penetration Test Planning” section (2 pages)
· Define your penetration testing process based on information above. Include all involved processes, people, and timeframe.
· Develop a letter of intent to the organization, and within the letter, include some formal rules of engagement.
Step 4: Conduct a Network Penetration Test
“Network Penetration Test” section (4 pages)
· Find the security issues within the network from your lab work.
· Define which control families from the NIST 800-53 are violated by these issues.
· Explain in the SAR why each is a violation, support your arguments with a copy of your evidence, and then provide suggestions on improving the security posture of these violations.
Step 5: Complete a Risk Management Cost Benefit Analysis
“Risk Management Cost Benefit Analysis” section (1 page)
· Perform a quantitative risk analysis. Calculate the cost of the violations that you found in the company, and other areas if you do not add the controls. Then add in the cost for implementing your controls.
Recommendations and Conclusion
References (APA format)
Step 6: Compile the SAR, Executive Briefing, and Lab Report
· Submit Executive briefing: This is about 5-slide visual presentation for business executives and board members.
· Submit Security assessment report (SAR): Your report should be 12-15 pages, double-spaced with citations in APA format. The page count does not include figures, diagrams, tables or citations.
· Submit your Lab report: A document sharing your lab experience and providing screenshots to demonstrate that you performed the lab.