Penetration Testing - Threats, Attacks, and Vulnerability Assessment

profilewillymax93
PenetrationTesting.docx

Throughout this course you will study the different roles that contribute to an organization's information security and assurance.

Part A:

Select an organization you wish to explore and use throughout the course.

As you make your selection, keep in mind that you will explore the following roles in the organization: Cyber Security Threat Analyst, Penetration Tester, Cyber Security Engineer, Risk Management Analyst, and Software Engineer. You need sufficient knowledge of the organization you select to complete these security assignments.

Part B:

A Cyber Security Threat Analyst conducts analysis, digital forensics, and targeting to identify, monitor, assess, and counter cyber-attack threats against information systems, critical infrastructure, and cyber-related interests.

Take on the role of a Cyber Security Threat Analyst for the organization you select. Use the Threats, Attacks, and Vulnerability Assessment Template to create a 3- to 4-page assessment document.

NOTE - this first assignment can be a little intimidating, so I have posted a sample document for your review, and to give you a sense of what such an assessment might look like.

Research and include the following:

· Tangible assets:

- Include an assessment scope. The scope must include virtualization, cloud, database, network, mobile, and information system.

· Asset descriptions:

-Include a system model, A diagram and descriptions of each asset included in the assessment scope, and existing countermeasures already in place. (Microsoft® Visio® or Lucidhart®)

· Threat agents and possible attacks

· Exploitable vulnerabilities

· Threat history

· Evaluation of threats or impact of threats on the business

· A prioritized list of identified risks

· Countermeasures to reduce threat

Submit the assignment.