ECH PART NEED TO BE DONE FULLY PLEASE
ETHICAL HACKING The unit 1 individual project will have you develop a vulnerability assessment / penetration plan that describes the 5 phases of the ethical hacking methodology. Please review the template. You are to provide a 3 page MS Word document that contains a cover page and references, and a completed vulnerability assessment following the format provided below. All citations should also be properly referenced using APA style. Note the cover page and references are not included in the page count. You have been asked to develop a vulnerability assessment/penetration testing plan and describe the hacking process. After all, the goal of white hat hacking is to ensure the security of the company resources, and documentation is always part of the process. In a 3-page MS Word document, develop a vulnerability assessment for an organization that has a single data center with 3 Unix servers, 3 Windows Servers, an IIS server for website and e-commerce traffic, and an email server. The network infrastructure is made up of Cisco routers and switches and there are 500 end user host computers running Windows 10, 1 host computer running Windows 95, 100 WIFI 802.11ac routers with WPA2 encryption, and 10 WIFI 802.11b routers running WEP. Develop your paper using the vulnerability assessment template below and also include answers to the following questions: · What is the hacking methodology and what are its phases? · How scope is established and why the agreement of the scope is important? · How ethics come into play when conducting ethical hacking? Vulnerability Assessment Template How One of the first items to consider is the type of test to be performed, internal or external. An internal test focuses on systems that reside behind the firewall. This would probably be a white box test. An external test focuses on systems that exist outside the firewall, such as a web server. This would, more than likely, be a black box test. Who Determine if the penetration tester is allowed to use social engineering attacks that target users. It's common knowledge that users are generally the weakest link in any security system. Often, a penetration test can target users to gain access. You should also pre-determine who will know when the test is taking place. What The organization and the penetration tester need to agree on which systems will be targeted. The penetration tester needs to know exactly which systems are being tested, and as they cannot target any area that isn't specified by documentation. For example, the organization may have a website they do not want targeted or tested. Some other systems that need to look at include wireless networks and applications. When Scheduling the test is very important. Should the test be run during business hours? If so, this may result in an interruption of normal business procedures. Running the tests when the business is closed (during weekends, holidays, or after-hours) may be better, but might limit the test. Where Finally, will the test be run on site, or remotely? An on-site test allows better testing results, but may be more expensive than a remote test. Cover page and reference page are not included in page count. Document formatting, citations, and references must follow APA format. The AIU APA Guide includes sections for paper formatting, UNIT2 Research and discuss 4 information gathering techniques, explain each technique and recommend countermeasures you would implement to reduce the effectiveness of these tools by hackers. Provide a MS Word document of 4 pages in length to include a cover page and references. Cover page and reference page are not included in page count. Document formatting, citations, and references must follow APA format UNIT3 During this week’s LabSim modules you learned how to apply scanning techniques to perform an internal scan, external scan using Zen map and scan with Nmap Scripts. Compare and contrast results. Perform Enumeration with NMAP and Metasploit and compare and contrast results and apply enumerations countermeasures to prevent zone transfer. Submit a 3 page, MS Word document plus cover page and references. Cover page and reference page are not included in page count. Document formatting, citations, and references must follow APA format UNIT4 During this week’s LabSim assignment (8.1) you had the opportunity to apply key logging and password cracking tools. Create a presentation of 10 content slides to show your findings and recommended countermeasures for strong passwords and use of tools to identify and exploit vulnerabilities on end points. Your presentation should contain the following: 0. Cover slide with name, course information, unit number and date. 1. Summary of findings from the use of key logging and password cracking tools. 2. Recommendations for creating and remembering strong passwords to include password size and complexity recommendations. 3. Recommendations for reducing the risks of key logging. 4. References in APA style Note that the cover slide and reference slide(s) are not included in the slide count. UNIT5 As your final assignment of the term, you should imagine that you are the manager of information security for a mid-sized company and have been asked to deliver a 10-slide presentation to the company’s leadership team related to the information security risks related to WIFI, mobile, Bluetooth and IOT devices. Discuss the unique risks to each of these technologies and your recommendations for countermeasure to their common and well-known risks. Your leadership team has also asked for you to include a slide which will update the vulnerability assessment created in unit 1 to reflect new categories for evaluation that would include the addition of Bluetooth and IOT devices (this slide will summarize the changes you would make to the vulnerability assessment completed in unit 1). Please provide a 10 slide PowerPoint presentation that includes a cover slide with your name and unit number, content slides, and reference slide(s). Note that the cover slide and reference slide(s) are not included in the slide count.