Cyber Security Analysis Report: Penetration Testing and Vulnerability

Verified

Added on 2023/06/10

AI Summary

This report provides an overview of cyber security, emphasizing the importance of securing information in the digital age. It discusses cyber attacks and details penetration testing and vulnerability assessment as key methods for analyzing and improving an organization's security posture. The report highlights two penetration testing methods: white hat (authorized) and black hat (unauthorized). A case study involving a penetration test on Baker McKenzie, a corporate law firm, is presented, outlining the tools used (Nessus and Metasploit), the systems tested, and the vulnerabilities discovered. The report concludes by stressing the need for organizations to prioritize cyber security, stay informed about cyber threats, and conduct regular penetration tests to protect their valuable data.

Running Head: Cyber Security 0
Cyber Security
A mini Report

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Cyber Security 1
Executive Summary
With the use of internet in every day to day work, it became to secure the information on
the internet. Cyber security deals with the security of information on internet. Penetration test and
vulnerability assessment are used to analyse the security of information of the company connected
to internet. Both of these tests are conducted and results are shown to the organization. Safety
measures and precautions are also shown.

Cyber Security 2
Contents
Introduction...........................................................................................................................................3
Cyber attacks.........................................................................................................................................3
Penetration test.....................................................................................................................................3
Conclusion.............................................................................................................................................3
References.............................................................................................................................................4

Cyber Security 3
Introduction
With growing internet technology each and every thing is connecting to the internet. Crucial
and important data of people and organizations are present on the internet. Hence, it becomes
important to maintain the security of that data. Most of the companies or organizations spend a lot
of money to secure their information. There are methods by which an organization can save their
information. Some of these methods are using updated firewall, encryption, back up, cloud
computing etc. One method is penetration test which is used to determine the vulnerability of
systems.
Cyber attacks
It is an attempt to steal the information from the system. There are many types of cyber-
attack like malware attack, SQL injection attacks, phishing, etc. All these attacks are designed to steal
the important information from the system (Renaud & Flowerday, 2017). If this information is stolen
it can be very crucial for any organization. Therefore it is always recommended to perform
penetration test timely and to follow all the precautions for the security of data (Lee, 2018).
Penetration test
The level of security of an organization can be known with the help of penetration test.
Generally there are two methods by which it can be done. The first method is called white hat
process in which the tester has the permission of the owner to test the security. They have the
authorization to access the information. In the second method, known as black hat process, the
tester does not have any permission. It is usually called hacking. They intend to steal the crucial
information and use it to fulfil their personal demands, ransom, etc. Hence, an organization need
white hat tester to save them from black hat hackers (Vacca, 2017).
A penetration test was conducted on Baker McKenzie which is a corporate law firm. Nessus
tool was used to gather the information about the targeted systems. Metasploit tool was used to do
the penetration test. 5 systems were chosen as a target to conduct the test. The operating system
and firewall was recognised. Out of these five systems two systems were uncompromised. These
two systems were not vulnerable. One system using out-dated firewall was compromised. The
remaining two systems using older operating systems were also compromised. Exploitation of these
assessments was done to find out the vulnerability of these compromised systems. Test sets were
created to find out the depth of vulnerability. Analysis reports were shared with the owners and
recommendation was given to them to protect them from cyber-attacks (Metheny, 2017).
Conclusion
From an organization point of view cyber threats are very important. If an organization
wants to grow to its full potential in present scenario, it must be prepared to deal with cyber-attacks.
A method to secure information from such attack was shown and it was successfully conducted on
targeted systems. It was recommended to be updated on information regarding cyber-attacks and
does penetration test on a regular basis.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Cyber Security 4
References
Lee, J. (2018). Making cyber-security a strategic business priority. Network Security, 2018(5), 6-8.
Metheny, M. (2017). Federal Cloud Computing (2nd ed.), Cambridge: Elsevier.
Renaud, K. & Flowerday, S. (2017). Human-centred cyber security. Journal of Information Security
and Applications, 34(1), 1.
Vacca, J.R. (2017). Computer and Information Security Handbook (3rd ed.). Cambridge: Elsevier.