If you were to hired to conduct a strict penetration test for a school how would

Question

If you were to hired to conduct a strict penetration test for a school how would you answer these briefly? A. What is the objective of our penetration testing services? Why do clients need a penetration test? What are the advantages? B. What is the scope of our penetration testing services? (Web applications, internal network, external networks, mobile devices, Wi-Fi, VPNs, etc.) C. What is the pricing for our services? D. What types of cyber attacks will we offer when performing our penetration test? (Spear-phishing, whaling, SQL injection, social engineering, etc.) E. What time of the day will be performing our services? (Day, pight,working hours or non-working hours, etc.) F. What is the general timeframe from start to finish of our services? (one day, one week, one month, etc.) G. What information will we ask up-front from the client? (Network drawings, IP addresses, applications and processes they are running, domain names, etc

Explanation / Answer

Ans.1 The main objective of penetration testing will determine security weaknesses in the school networking system. Clients need penetration testing to know the level of security of their system, the areas where they need to upgrade their system, etc.

Ans.2 For a school the scope of our penetration service will be limited to school's website, wifi network inside the school, Computer systems connected to LAN in school, Server of school's website and school's database. It is because in a school only these kinds of things may have vulnerabilities.

Ans.3. The Pricing for the test will be:

Wifi -> 100$

Website -> 500$

Computer Systems -> 200$

Database Server -> 300$

The prices are low because a school's system will be a small scale as compared to an industry otherwise these proces could have been upto 10 folds for an industry.

Ans.4. The types of attacks we will be offering are:

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

---