2. Will the testing be done after business hours?
3. The scope covers the type of testing one need to do like load testing. The scope defines what will be done in the testing process.
4. Define what will be tested and when.
5. Define what we test first.
6. Define what passed and what failed.
7. Define what day and time testing will begin and end.
1. Foot printing, Scanning and Enumeration, System Hacking, Deploy Payload and cover tracks.
2. The first step would be reconnaissance to gather information quietly.
3. Google would be the first and foremost tool.
4. Phishing and baiting would be the most common.
5. Refers to scanning a system for vulnerabilities and reveals information about the target that is needed to access it. 6. By deleting all traces of information that the attacker was there, being careful not to delete too much which could also prove someone was there. 7. Most hackers would leave a backdoor into the system.
8. Stop here and report it.
9. NIST 800-42 Guideline on Network Security testing.
10. Planning, Discovery, attack, and reporting.
11. To show what an attacker would have access to if they were in the system.
12. The tester should only penetrate areas that the client has informed and told them to.
1. Because the data was modified.
2. Because the file did not change. If it were different then the file would be changed.
3. Make sure it’s password protected.
4. There are several