Penetration Testing - Threats, Attacks, and Vulnerability Assessment
Throughout this course you will study the different roles that contribute to an organization's information security and assurance.
Part A:
Select an organization you wish to explore and use throughout the course.
As you make your selection, keep in mind that you will explore the following roles in the organization: Cyber Security Threat Analyst, Penetration Tester, Cyber Security Engineer, Risk Management Analyst, and Software Engineer. You need sufficient knowledge of the organization you select to complete these security assignments.
Part B:
A Cyber Security Threat Analyst conducts analysis, digital forensics, and targeting to identify, monitor, assess, and counter cyber-attack threats against information systems, critical infrastructure, and cyber-related interests.
Take on the role of a Cyber Security Threat Analyst for the organization you select. Use the Threats, Attacks, and Vulnerability Assessment Template to create a 3- to 4-page assessment document.
NOTE - this first assignment can be a little intimidating, so I have posted a sample document for your review, and to give you a sense of what such an assessment might look like.
Research and include the following:
· Tangible assets:
- Include an assessment scope. The scope must include virtualization, cloud, database, network, mobile, and information system.
· Asset descriptions:
-Include a system model, A diagram and descriptions of each asset included in the assessment scope, and existing countermeasures already in place. (Microsoft® Visio® or Lucidhart®)
· Threat agents and possible attacks
· Exploitable vulnerabilities
· Threat history
· Evaluation of threats or impact of threats on the business
· A prioritized list of identified risks
· Countermeasures to reduce threat
Submit the assignment.