logo

ICT Ethical Hacking Exploits

Prepare an Analysis Plan for a hypothetical pen testing scenario, including proposed analytical process, ethical considerations, required resources, and timeframe.

11 Pages2470 Words1 Views
   

Added on  2022-12-21

About This Document

This document discusses the importance of conducting penetration testing to mitigate threats in information systems. It explores a case study on remote access interfaces and provides insights into the stages and considerations of penetration testing. The document also covers different types of penetration testing and common vulnerabilities. Legal issues related to penetration testing are also discussed.

ICT Ethical Hacking Exploits

Prepare an Analysis Plan for a hypothetical pen testing scenario, including proposed analytical process, ethical considerations, required resources, and timeframe.

   Added on 2022-12-21

ShareRelated Documents
Running head: ICT ETHICAL HACKING EXPLOITS 1
ICT Ethical Hacking Exploits
Student's Name
Institution Affiliation
Date of Submission
ICT Ethical Hacking Exploits_1
ICT ETHICAL HACKING EXPLOITS 2
Inline to the dangerous vulnerabilities that most organizations are facing within their
information systems, conducting penetration test has become vital to mitigate the threats that
such businesses are facing within their networks. There are major threats that organizations are
facing are due to numerous reasons. Such reasons include poor management of passwords and
accounts, poor user awareness on information securities issues, poor access control, among
others (Hoffmann, 2015). Pen testing refers to the assessments of the risks of specific
application, system, or even environment by use of known and reliable techniques.
There are numerous case study involving pen-testing. My analysis will take into account
the first scenario known as remote access interfaces that mitigate passwords attack. Due to poor
configuration and control access, ethical hacking has been a predominant scenario within the
business systems (Najera-Gutierrez & Ansari, 2018). In a keen analysis of the present case study,
it is profound to create intense attention on the fact that system administrators should make good
use of various protocols to minimize ethical hacking. A protocol such as RDP would create a
remote connection that makes filtering for the IDs connection possible. Such kind of process
should be adapted to mitigate the adverse effects.
There are various scopes and phases of examination of the remote access control. Such
stages involve creating of nodes on the network perimeters, filtering of connection by the IP
address, strengthening the available network nodes and mitigating telnet access such as root:
root. Concerning the test based provided, the black box is availed to support the key-based
authentication (Chen et al., 2018). Through this, a private key is created that highly mitigate
chances of hacking. There are numerous ethical considerations taken into account during the
development of the pen test.
ICT Ethical Hacking Exploits_2
ICT ETHICAL HACKING EXPLOITS 3
One key consideration is the developing of the administration of secure VPN connection,
which does not violate that set ethical principles and codes of conduct. Another key one is the
creation of reliable nodes via remote access that does not infringe the right of access to the right
users (Pozzobon et al., 2018). In developing this pen test, software application and programs will
be vital to take into account. Hardware components of computers can’t be left out in this
particular analysis. Developing this kind of test can take around two months to ensure that the
system is fully secure. Penetration testing is a practice of computer systems testing and web
applications used to check for areas that might be weak, and hackers could use them as entry
points to destroy or steal data. The process involves collecting data about the system and trying
to enter the system through the weak areas. The pen test will be used to check for flaws in the
company’s computer system and the effectiveness of the corporation’s security guiding principle.
Several strategies can be used to conduct a penetration test. Examples of these strategies
include battered testing, peripheral testing mechanisms, internal testing, black-box testing, as
well as white-box testing (Rouse, 2019). All these strategies are based on the key intention of the
test and the information available for the test to be conducted. For the penetration test to be
carried out for this company, blind testing will be used. Blind testing is done to assess the weak
points of a computer system that can be used by real external hackers to penetrate the computer
system and identify how much the hacker can access (Rouse, 2019). For blind testing, the hacker
is provided which as minimal information as possible about the company's computer system then
he or she is supposed to find his way into the system.
Penetration Testing - Method
ICT Ethical Hacking Exploits_3
ICT ETHICAL HACKING EXPLOITS 4
Penetration testing is an assortment of methods that address, analyzes and provides
alternatives to multiple system problems and tests. It is based on a structured operation
performing step-by-step penetration testing.
Steps of Penetration Testing Method
ICT Ethical Hacking Exploits_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
SOP for Penetration Testing
|26
|2681
|31

Ethical Hacking: Introduction, Pen Testing Approach, Results and Findings
|7
|1139
|93

Ethical Hacking & Countermeasures Report 2022
|25
|3747
|46

Speaking Cyber With Reference to Security Theories
|25
|4562
|16

Kali Linux Exploit using Metasploit
|4
|860
|293

Comparison of Metasploit and Hydra: Ethical Hacking Tools
|9
|779
|70