penetration test paper

Penetration Testing Methodology Project

Name

Institution

Running Head: Penetration Testing Methodology Project 1

Introduction

A lot of organizations have this concern about the threats that they could face while using technologies while accessing internet at the same time. There are multiple threats coming from internet, the attacks come from inside the organization and outside the organization. Many of the attacks use the weaknesses of n organization and the applications nd the underlying system architecture. The purpose of penetration test is to come up with the maximum number of vulnerabilities within the limited time before any attack can take place in an organization. Managing penetration test in an enterprise can be a very difficult job even the most advanced organizations find the process very tasking as they are clueless on where to start from. Most companies which needs penetration tests are financial organizations, pharmaceuticals and government departments which host very sensitive data (Leeuw, Beringen, & Verruijt, 2009).

In order to secure very complex IT environment and ensure the business objectives are reached, there threats for the major systems in the company continue being profitable and achieving the business and corporate goals. A penetration test is the use of automates and manual techniques in simulating attacks. The threats to the systems has been increasing and there is a high probability of the systems being exposed to malicious attacks accidentally. The major aim of penetration testing is to make the impact of the attacks be at manageable level. The company should take many penetration tests in an origination, when this is done appropriately, the organization should be aware of the possible vulnerabilities of the system. The tests will also give an organization clue on how to deal with the vulnerabilities found during the tests. The following shows other benefits of continuously carrying out penetration tests.

· Reduction in the costs of ICT in the long run of the company.

· Improved technical environment within the company

· Higher level of confidence in the company security

· More awareness on the network and cyber security controls.

Phase I: Planning and Preparation

The company does financial brokerage online and has sets of data boundaries which have been put on the internet. The company is worried about its data being breached and is constantly seeking to do penetration testing. Apart from being a financial brokerage, the company is handling very large data from governments therefore the company will use variety of manual and simulated testing techniques to simulate all possible attacks on the network. All the tests are done using qualified testers and using known security software to carry out the tests. Penetration tests is done to unearth the vulnerabilities such as inappropriate system configurations to unknown hardware flaws. Other areas include the operation weaknesses in the process and technical remedies to be outlined. The need for penetration testing can be summarized in the following:

· Growing industry compliance

· Heavy impact on cyber-attacks on companies

· The business process has changed recently necessitating the need for penetration tests.

· Continually raising awareness in the industry

The goals for this penetration testing are to ensure business requirements are met, larger percentage of the system vulnerabilities are disclosed and the network risks are kept at acceptable levels. When undertaking penetration tests, the approach used is ad-hoc and the piecemeal approaches. The result of the penetration tests

There are two types of penetration testing that will be done on the system

· Application penetration testing.

· Infrastructure penetration testing

Assessment Agreement

The assessment agreement will include:

1. Scope:

a. Rules of Engagement

i. The scope of the test will engage both internal and external environment.

ii. The gray approach will be deployed in the system penetration

iii. The results will be unannounced, only leaked to the top management

b. The systems to be tested include the database, wifi telephony, Bluetooth and email servers. Other areas include VoIP, DMZ and routers.

c. The tests will be carried out using Back track and other codes developed by the tester.

*Use the Scope tables provided below as an example for logically organizing your information.

Figure 1. Penetration Tests Scope.

Figure 2. Penetration Testing Tools Scope.

Deliverables

Figure 3. Deliverables.

2. Team Members:

Figure 4. Team Members.

Penetration Testing Team Members

Figure 5. Penetration Testing Team Members.

3. There should be points of contact for every department, the most frequently visited deprtments will include dministration, Network, Quality assurance.

4. Date/Time of Test. The test will be done during working days, each day will take 8 working hours

5. Miscellaneous Points of Contact:

a. Law Enforcement officers from Mississippi

b. Internet Service Provider

c. Miscellaneous security contacts

d. Subject Matter Experts

e. Lawyers

6. Retest Policy: The company will do the retest after every 2 months.

7. Working conditions. Using the above listed network penetration test tools, all employees will work remotely, in order to do full simulation of how the tests could be carried out.

8. Non-disclosure Agreement: the result of the test will not be disclosed to a third party.

9. Liability Insurance: all engineers will be liable for any leak of the test results and they will be sued at a court of law.

10. Contractual Constraints: The engineers will be given 2 minutes to carry to the tests and during this period the customers will be informed of the interruption of services. There will be no data back up by any engineer as this will be done by internal security team. Internal security will be responsible for internal testing while eternal team will do perimeter testing and external vulnerabilities testing.

Phase II: Assessment

During this phase, the severity of the system and network vulnerability is done suing the penetration test tools. During this stage, the Engineers will use the test tools in simulating the real attack on the software in testing the defenses which have been laid out while mapping out the paths which could be taken by the attacker.

1. Information Gathering

Before any scanning is started, the engineer must find out which machine is found in the network and this is done using the network mapping tool. Nmap Security Scanner can be accessed on the web and can be used in network discovery, inventory and administration. The tool uses the IP packets in finding the available hosts, the operating system they run on and firewalls and packet filters available in every machine. For this project, we will use the Zenmap, which is a free scanner and the official NMAP which works in all operating systems. The test will implore the black box testing where results are more important than the procedure. The following tools will be used during various stages of vulnerability assessment tests.

The testing will be both active and inactive testing, in the inactive testing, the testing Engineer will create both data and use the data to analyze the results. The testers will create mental models of the process and the model should grow as the tests continue depending on the results. During the tests, new tests cases are developed. In the passive testing, the other engineers will monitor data set results without introducing new test cases. This will be used in sensitive areas of the database (Fadyushin, 2013). During the first phases of the testing, the automated and manual scanning will be deployed in identifying different topologies, identifying the hosts and servers, attack vectors and listing the unlikely targets for the attackers. All hosts firewall policy will be documented.

· The following activities will be carried out during the vulnerability testing:

· Scan the network for all live hosts available in the network,

2. Network Mapping

During port scanning, the following activities are done: internal network is mapped and scanned for all live hosts. After which the live hosts are scanned individually in the machines. At this stage, engineers will try to access unknown vulnerabilities. The users are then listed and the network is sniffed using Wireshark (Agarwal & Singh, 2013).

3. Vulnerability Analysis

In this stage, the following will be done:

Various venerable services are identified

There is search for known security vulnerabilities specifically NVD and CERT vulnerabilities. The vulnerabilities are prioritized and classified according to likelihood and success.

Create attack scenario.

4. Penetration Testing

This is the actual test. You are executing your attack scenario.

Phase III: Closing Activities

1. Reporting

The following were the reports from the vulnerability tests carried out.

Testing Screenshots

2. Follow-on Actions

· Data which should be secured should be centralized and the devices should be consolidated

· The data collection should be made very secure as possible and have low impact in the perimeter data

· The transmission of the data should be robust and reduce the usage of huge bandwidth.

· All monitoring of data should be centralized to allow single point access.

· The threats will be monitored to allow real time alerts and these alerts should be easily understandable by the system users (Ali & Heriyanto, 2011).

· All monitoring should be performed by multiple people in a scalable way.

· All alerting should be provided in a fashionable manner.

Reference

Agarwal, M., & Singh, A. (2013). Metasploit Penetration Testing Cookbook. Birmingham, UK: Packt Publishing.

Ali, S., & Heriyanto, T. (2011). BackTrack 4: assuring security by penetration testing. Birmingham [u.a.]: Packt Publ.

Fadyushin, V. (2013). Instant penetration testing. Birmingham: Packt Pub.

Leeuw, E., Beringen, F., & Verruijt, A. (2009). Penetration testing. Rotterdam: A.A. Balkema.

Appendix