Ethical Hacking > Report > Penetration Test Proposal Deliverable 2: Reconnaissance Plan and Scanning Plan CMIT 321 Ethical Hack (All)
Penetration Test Proposal Deliverable 2: Reconnaissance Plan and Scanning Plan CMIT 321 Ethical Hacking (2198) September 8, 2019 Statement of Work This document will serve as a Statement of Work ... (SOU) outlining Centralia Security Lab’s (CSL) proposed plan of action during the scanning phase of the penetration test. The below sections will detail the scope for both the reconnaissance plan as well as the scanning plan, to include tools to be used and mediation of vulnerabilities. The deliverables after this point of the penetration test will include a full technical report with details regarding all discovered vulnerabilities, the tools that were used, and what was gained or could be gained by exploiting said vulnerabilities. Reconnaissance Plan Overview The reconnaissance phase of a penetration test is one of the most important aspects. Reconnaissance is the act of gathering preliminary data or intelligence on your target. The data is gathered in order to better plan for your attack (Cybrary, 2015). There are two different types of reconnaissance, active and passive. Active reconnaissance involves gathering information about the target with direct contact, such as performing traceroute analysis, extracting DNS information, social engineering, etc. Passive reconnaissance involves information gathering with no direct contact, through means such as finding information from a search engine or social networking sites, monitoring website traffic, gathering financial information about the target through financial services, etc (EC-Council, 2019). Both means are important and can provide valuable information to help further down the road. The information gathered will help to form a strategy. Reconnaissance Methods References Cybrary. (2015). Summarizing The Five Phases of Penetration Testing. Retrieved from https://www.cybrary.it/2015/05/summarizing-the-five-phases-of-penetration-testing/ EC-Council. (2019). Ethical Hacking and Countermeasures, Version 10. Retrieved from https://evantage.gilmoreglobal.com/#/books/9781635672343/cfi/0!/4/2@100:0.00 Nmap. (2019). Introduction. Retrieved from https://www.nmap.org SecurityTrails. (2018). Retrieved from https://securitytrails.com/blog/top-20-intel-tools [Show More]
Last updated: 1 year ago
Preview 1 out of 4 pages
Connected school, study & course
About the document
Uploaded On
Nov 20, 2020
Number of pages
4
Written in
This document has been written for:
Uploaded
Nov 20, 2020
Downloads
0
Views
49
In Browsegrades, a student can earn by offering help to other student. Students can help other students with materials by upploading their notes and earn money.
We're available through e-mail, Twitter, Facebook, and live chat.
FAQ
Questions? Leave a message!
Copyright © Browsegrades · High quality services·