Cyber Security

  Scenario You have been hired as a junior security consultant and have been tasked with performing an in-house penetration test to demonstrate your readiness to support the audit of a large corporate client that has employed your firm’s services. Conducting a penetration test consists of 1) planning the test, 2) preparing your test tools, 3) performing the test, 4) analyzing the data, and 5) writing up and communicating your findings. The project will document your notional penetration test. Project OVERVIEW Your project will be submitted in four sections. The final deliverable will include all combined sections: Pre-Test: Deployment of attack tools and victim host Testing (Mapping and Scanning): Mapping the target environment and conducting a vulnerability scan Testing (Exploitation): Gaining Access through a vulnerability identified during the vuln scan Analysis and Reporting: Communicating findings and providing mitigation recommendation Supporting Details The purpose of this project is to evaluate the student’s ability to: Build and deploy an attack OS (Kali Linux or other similar operating system (OS)) Configure and deploy a victim host (Metasploitable, Broken Web Apps, Mutillidae, other exploitable OS or virtual machine (VM)) Conduct a vulnerability scan Research a hardware or software vulnerability Discuss how the vulnerability can be exploited Exploit the vulnerability Evaluate the risk posed by this vulnerability Provide a recommended compensating control to mitigate the vulnerability