EduCheer!

Free Samples and Examples of Essays, Homeworks and any Papers


  • Absolutely free
  • Perfect homeworks
  • Fast relevant search
  • No registration and Anonymous

The Information System Security

Filed Under: Essays Tagged With:

2 pages, 566 words

1. List the five (5) steps of the Hacking process.

Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks

2. In order to exploit or attack the targeted systems, what can you do as an initial first step to collect as much information as possible about the targets prior to devising an attack and penetration test plan?

The first step would be the reconnaissance or footprinting step of the hacking process.

3. What applications and tools can be used to perform this initial reconnaissance and probing step?

Whois query, ping sweeps, Nmap, etc

4. How can social engineering be used to gather information or data about the organization’s IT infrastructure?

Social engineering is being used to by tricking people into giving out information that is not normally publicly available.

5. What does the enumeration step of the five (5) step hacking process entail and how is it vital to the hacker’s objective?

Enumeration is used to extract more-detailed and useful information from a victim’s system.

6. Explain how an attacker will avoid being detected following a successful penetration attack?

Attacker would avoid detection by covering tracks step of the hacking process where they cover up their tracks in the system they hacked into.

7. What method does an attacker use to regain access to an already penetrated system?

1 page, 391 words

The Essay on An ironical due process system

More often than not, we get to see or read the news. We get to glance at the headlines or top stories. After that, we often come away with a feeling of sadness or revolt in us. We feel that due process has often not been served in the events that we witness in the news. But is the statement of due process advocates right? That it is better to let ten people go free rather than convict one innocent ...

The hacker will use a backdoor into the system

8. As a security professional, you have been asked to perform an intrusive penetration test which involves cracking into the organization’s WLAN for a company. While performing this task, you are able to retrieve the authentication key. Should you use this and continue testing, or stop here and report your findings to the client?

You should follow the plan that was laid out in the planning stage of the penetration test

9. Which NIST standards document encompasses security testing and penetrating testing?

NIST 800-42 guideline on network security testing

10. According to the NIST document, what are the four phases of penetration testing?

Planning, Discovery, Attack, Reporting

11. Why would an organization want to conduct an internal penetration test?

By having the test done internally you don’t have to have an external company come in and test/see things about your network.

12. What constitutes a situation in which penetration tester should not compromise or access a system as part of a controlled penetration test?

Any situation where the testing can interfere with the companies operation

13. Why would an organization hire an outside consulting firm to perform an intrusive penetration test without the IT department’s knowledge?

Without the IT department’s knowledge of the test you would get a better understanding on how the system is day to day instead of having a test done on the network after the IT department puts effort into making the network more secure for the test.

14. How does a web application penetration test differ from a network penetration test?

A web application penetration test only deals with the web application or things that directly tie into the web application while the network penetration test you are testing every aspect of the network which could include the web application.

4 pages, 1558 words

The Term Paper on Risks, Threats And Vulnerabilitites Of Social Networks And Web Applications

CERTIFICATION OF AUTHORSHIP: I certify that I am the author of this paper/project and that any assistance I received in its preparation is fully acknowledged and disclosed in the paper. I have also cited any sources from which I used data, ideas, or words, either quoted directly or paraphrased. I also certify that this paper/project was prepared by me specifically for this course. Student ...

15. Explain both the information systems security practitioner and hacker perspectives for performing a penetration test.

The Information system security practitioner perspective of performing a penetration test is to try to increase or verify the security of the network while the hacker is trying to break into the network by using a penetration test.

Similar Papers

The Need for Information Security Management for Small to Medium Size Enterprises

... to perform social engineering, blackmailing, lure of monetary gains are hard to prevent. (Podszywalow, 2011) Personnel Issues in Information Security Human related security issues ...

Information Security Policy

... remain effective. 2 Security of the information systems 1 Workplace ... testing This type of testing will re-enforce what is learned during simulations with an actual test of the system ... the user. Network Security Policy 1 Data network overview Sunica ...

The Role of Information Security Policy

... Information security and management cannot do the job alone. An effective system should be distributed, taught, tested, ... application. System ... network. If implemented correctly RBAC allows the user to access areas of the system they need to perform ... steps ...

The Role of Information Security Policy 2

... security levels. The four levels of the bulls-eye are: policies, networks, systems, and applications ... information security need at each level of security and how this relates to the information security policy (ISP) content. Information Security ...

How To Achieve Business Information Security In Cyberspace

... important to information security: employee management and training; information systems; and managing system failures. (Federal ... need for network connections and information systems. Small businesses rely on information systems for several ...

The Role of Information Security Policy 3

... system. Polices and Standards ”Policies outlines security roles and responsibilities, defines the scope of information ... to a network, also an explanation of how security measurements will ... views security is the first step in composing a security policy. ...

All Papers Are For Research And Reference Purposes Only. You must cite our web site as your source.