Pen test and BIA Report
Added on 2022-11-12
18 Pages4153 Words192 Views
Running Head: Pen test and BIA 0
Pen test
and BIA
Report
Student name
Pen test
and BIA
Report
Student name
Pen test and BIA 1
Table of Contents
Introduction................................................................................................................ 2
Task 1: Penetration testing......................................................................................... 2
1-(a)........................................................................................................................ 2
1-(b)........................................................................................................................ 3
2-(a) Role 3 (i)......................................................................................................... 3
2-(a) Role 3 (ii)........................................................................................................ 5
SQL Injections:..................................................................................................... 5
Cross Site Scripting (XSS).................................................................................... 5
Broken Authentication.......................................................................................... 5
3.............................................................................................................................. 5
Malware................................................................................................................ 5
DDoS.................................................................................................................... 6
Social engineering................................................................................................ 6
Phishing................................................................................................................ 6
Man-in-the-Middle................................................................................................ 7
Ransomware........................................................................................................ 7
Task 2: Secure Systems / Networks / Applications.....................................................8
1- Individual:........................................................................................................... 8
Remote access VPN:............................................................................................ 8
Site-to-site VPN:................................................................................................... 8
2- Role1:.................................................................................................................. 9
Task 3: Managing personnel security.......................................................................10
Task 4: Business Impact Analysis............................................................................. 10
Task 5: Report template........................................................................................... 13
References............................................................................................................... 14
Table of Contents
Introduction................................................................................................................ 2
Task 1: Penetration testing......................................................................................... 2
1-(a)........................................................................................................................ 2
1-(b)........................................................................................................................ 3
2-(a) Role 3 (i)......................................................................................................... 3
2-(a) Role 3 (ii)........................................................................................................ 5
SQL Injections:..................................................................................................... 5
Cross Site Scripting (XSS).................................................................................... 5
Broken Authentication.......................................................................................... 5
3.............................................................................................................................. 5
Malware................................................................................................................ 5
DDoS.................................................................................................................... 6
Social engineering................................................................................................ 6
Phishing................................................................................................................ 6
Man-in-the-Middle................................................................................................ 7
Ransomware........................................................................................................ 7
Task 2: Secure Systems / Networks / Applications.....................................................8
1- Individual:........................................................................................................... 8
Remote access VPN:............................................................................................ 8
Site-to-site VPN:................................................................................................... 8
2- Role1:.................................................................................................................. 9
Task 3: Managing personnel security.......................................................................10
Task 4: Business Impact Analysis............................................................................. 10
Task 5: Report template........................................................................................... 13
References............................................................................................................... 14
Pen test and BIA 2
Pen test and BIA 3
Introduction
Health sector companies provide different service to their clients using information
technologies. It is necessary to use information technology to increase the
efficiency of different processes, such as clinical services, patient’s appointments,
healthcare products, and many more. My health company provides healthcare
products, and clinical services as well as research of the cancer-related disease.
There are many other facilities for patients, which are provided by the company.
The company has many information assets to manage different facilities and
services. The company requires security policies to secure its information assets,
such as computer systems, servers, internetworking devices, databases, and many
others. In addition, the Australian government provides cybersecurity policies to
safe information assets from different types of cybercrime (ACSC, 2017).
Information assets are having many security risks. Therefore, it is necessary to
mitigate those risks through mitigation strategies, which are provided by the
government to all the companies, which are using information assets for their
various services (ACSC, 2019). Cyber-attacks make a huge impact on many things
on a company, such as reputation, financial loss, business continuity, and many
others. Information systems are required high security from the cyber-attacks
( Bradford, 2018). In addition, information assets are having huge value. Therefore,
it is highly required for strong security policies to make them secure (Andrijcic &
Horowitz, 2016).
Task 1: Penetration testing
1-(a)
Penetration testing uses to test websites to find different issues, which makes a
huge impact of the performance of websites, which is related to the reputation, and
business of a company (guru99.com, 2019). In addition, Penetration testing is a
type of security testing, which is used to find out insecure areas of the website,
system, and applications. It provides different vulnerabilities of the system, which
are the main cause of cyber-attacks (Arlitsch & Edelman, 2014). Vulnerability
Introduction
Health sector companies provide different service to their clients using information
technologies. It is necessary to use information technology to increase the
efficiency of different processes, such as clinical services, patient’s appointments,
healthcare products, and many more. My health company provides healthcare
products, and clinical services as well as research of the cancer-related disease.
There are many other facilities for patients, which are provided by the company.
The company has many information assets to manage different facilities and
services. The company requires security policies to secure its information assets,
such as computer systems, servers, internetworking devices, databases, and many
others. In addition, the Australian government provides cybersecurity policies to
safe information assets from different types of cybercrime (ACSC, 2017).
Information assets are having many security risks. Therefore, it is necessary to
mitigate those risks through mitigation strategies, which are provided by the
government to all the companies, which are using information assets for their
various services (ACSC, 2019). Cyber-attacks make a huge impact on many things
on a company, such as reputation, financial loss, business continuity, and many
others. Information systems are required high security from the cyber-attacks
( Bradford, 2018). In addition, information assets are having huge value. Therefore,
it is highly required for strong security policies to make them secure (Andrijcic &
Horowitz, 2016).
Task 1: Penetration testing
1-(a)
Penetration testing uses to test websites to find different issues, which makes a
huge impact of the performance of websites, which is related to the reputation, and
business of a company (guru99.com, 2019). In addition, Penetration testing is a
type of security testing, which is used to find out insecure areas of the website,
system, and applications. It provides different vulnerabilities of the system, which
are the main cause of cyber-attacks (Arlitsch & Edelman, 2014). Vulnerability
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Unit Cybersecurity Managementlg...
|14
|3497
|81
Information Assetslg...
|20
|3704
|91
Cyber-Security Tools in Using Automating Defense of Networkslg...
|4
|655
|77
Penetration Testing Report And Managementlg...
|12
|2862
|10
Penetration Testinglg...
|8
|1625
|478
Cyber Security.lg...
|13
|2534
|2