Ti aplicada ao negócio

666 palavras 3 páginas
Pen Test Methodology

02/11/2005

[pic]

Methodology Diagram:

[pic]

1. Planning the Test

The first stage sets the objectives of the penetration test and attackers’ profiles for the tests, ranging from what potential havoc an authorized user can effect on your network through to the most nefarious business-injuring destruction that a professional hacker can cause. From there, there must be agreement on the scope of the penetration test, including internal and external servers, components of the security architecture, remote-access devices, and shared workstations. And last, it is important to define success criteria, both positive and negative, so that your organization can measure our results against predetermined criteria, for both external and internal attacks.

Planning guide:

• Get the internet Link to do the test • Get the required tools • Define the internal and external tests • Prepare the letter of good

Work Hours: 1 day (8h)

2. Information Gathering

The SLB team gathers technical details, including identification of network access points, network mapping and OS fingerprinting, about the target hosts and gathers publicly available information on the owner of the network or application in question to plan a comprehensive attack.

Goal:

The point of this exercise is to find the number of reachable systems to be tested without exceeding the legal limits of what you may test. Therefore the network survey is just one way to begin a test; another way is to be given the IP range to test. In this module, no intrusion is being performed directly on the systems except in places considered a quasi-public domain.

[pic]

3. System Service Identification

Port scanning is the invasive probing of system ports on the transport and network level. Included here is also the validation of system reception to tunneled, encapsulated, or routing protocols. This module is to enumerate live or accessible Internet services

Relacionados

  • A Area de Ti e os negocios
    521 palavras | 3 páginas
  • Gestão da Tecnologia da Informação
    694 palavras | 3 páginas
  • TCC Douglas Louzada 2015 Final
    19756 palavras | 80 páginas
  • TRABALHO TI ULT
    593 palavras | 3 páginas
  • Governança de ti
    757 palavras | 4 páginas
  • sistema da informação
    8488 palavras | 34 páginas
  • Caso zara
    1407 palavras | 6 páginas
  • tech
    898 palavras | 4 páginas
  • Governança de ti
    734 palavras | 3 páginas
  • Gestão de processos de ti: a importância da ti nas organizações.
    1315 palavras | 6 páginas