Rohit Bajaj
asked on
Clarifying penetration testing proposal
Hi,
This is an academic sort of exercise, and I need help with some comments from experts on it.
The following is a sample request for proposal by a client for penetration testing:
I have to come up with some questions for the client which will clarify things and an action-list to be given to the client for penetration testing.
My Thoughts:
1) It's not clear from the requirements which servers need to be tested. So client needs to provide me the Ip addresses of the machine that need to be tested.
2) Ask the client for a safe time window in which the client servers are used minimum.
3) What way does the client provides access to remote users who are working from home..
I am not sure if I am headed in the right direction.
For action-list I guess there could be tools which could perform Network Penetration Test,
Remote Access, Web Application Testing.
Any thoughts or ideas on how to proceed with it.
This is an academic sort of exercise, and I need help with some comments from experts on it.
The following is a sample request for proposal by a client for penetration testing:
I have to come up with some questions for the client which will clarify things and an action-list to be given to the client for penetration testing.
My Thoughts:
1) It's not clear from the requirements which servers need to be tested. So client needs to provide me the Ip addresses of the machine that need to be tested.
2) Ask the client for a safe time window in which the client servers are used minimum.
3) What way does the client provides access to remote users who are working from home..
I am not sure if I am headed in the right direction.
For action-list I guess there could be tools which could perform Network Penetration Test,
Remote Access, Web Application Testing.
Any thoughts or ideas on how to proceed with it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.