Nt1310 Unit 3 Penetration Test
To provide the quality that has customers returning for our service, we design the project by doing a penetration test at the end. This is because we assure all our jobs to be secured and free from exploitable vulnerabilities at the end. So, with the penetration test we will simulate a hacker and try everything to break into the network and steal information. If we are able to breach the network we will fix the vulnerability. This will continue until there is no more way for us to get in. The idea behind our strategy is that if we cannot get in, then hacker will not be able to get in either. This signifies a high standard of quality.
Solution Testing
The network infrastructure was first tested with Cisco packet tracer to test the configuration
and security settings before configuring the actual network. We then use Virtualbox virtualized environment along with Kali Linux security testing framework to simulate and test the security aspects of the machines. A similar security test were then done on the actual network but stopping short of action that would damage the devices.
Implementation Plan
Strategy for the Implementation
The project was implemented starting with phase one, where a Security Audit was done by a security auditor. So, we made sure to have an Auditor scheduled for phase one. For the second phase, we made sure to schedule a vulnerability assessor to do a necessary vulnerability assessment to identify vulnerabilities that need to be mitigated. For phase three, we purchased and installed all the required hardware devices. Therefore, a Technician was also needed to do the necessary removal and installation. A Security Analysis was needed for phase four; where we implemented security controls to instill best practices and procedures. A Security Analysis was also needed for phase five; where we conducted a risk assessment to identify the threats and risk factors. A Penetration Tester was needed for phase Six, where we did penetration testing to simulate foreign hackers and identify ways they could breach our network. A Security Analysis was needed again at phase Seven; where we did remediation to fix all the vulnerabilities that were uncovered by the penetration test. For the eighth phase, we needed the Security Analysis again to implement a disaster recovery plan to ensure normal operation is quickly restored if a breach should occur. We used this strategy because it guided us to achieve and test the network security.
Solution Testing
The network infrastructure was first tested with Cisco packet tracer to test the configuration
and security settings before configuring the actual network. We then use Virtualbox virtualized environment along with Kali Linux security testing framework to simulate and test the security aspects of the machines. A similar security test were then done on the actual network but stopping short of action that would damage the devices.
Implementation Plan
Strategy for the Implementation
The project was implemented starting with phase one, where a Security Audit was done by a security auditor. So, we made sure to have an Auditor scheduled for phase one. For the second phase, we made sure to schedule a vulnerability assessor to do a necessary vulnerability assessment to identify vulnerabilities that need to be mitigated. For phase three, we purchased and installed all the required hardware devices. Therefore, a Technician was also needed to do the necessary removal and installation. A Security Analysis was needed for phase four; where we implemented security controls to instill best practices and procedures. A Security Analysis was also needed for phase five; where we conducted a risk assessment to identify the threats and risk factors. A Penetration Tester was needed for phase Six, where we did penetration testing to simulate foreign hackers and identify ways they could breach our network. A Security Analysis was needed again at phase Seven; where we did remediation to fix all the vulnerabilities that were uncovered by the penetration test. For the eighth phase, we needed the Security Analysis again to implement a disaster recovery plan to ensure normal operation is quickly restored if a breach should occur. We used this strategy because it guided us to achieve and test the network security.