It lab work plus step 4
Step 4: Conduct a Network Penetration Test
You’ve defined the penetration testing process, and in this step, you will scan the network for vulnerabilities. Though you have some preliminary information about the network, you will perform a black box test to assess the current security posture. Black box testing is performed with little or no information about the network and organization.
To complete this step, you will use industry tools to carry out simulated attacks to test the weaknesses of the network.
Your assessments within the lab will be reported in the SAR.
Complete This Lab
Here are some resources that will help you complete the lab:
After finding the security issues within the network, define which control families from the NIST 800-53 are violated by these issues. Explain in the SAR why each is a violation, support your arguments with a copy of your evidence, and then provide suggestions on improving the security posture of these violations.
This section should make up at least four of the 12 pages in the overall report.
After you’ve completed the penetration testing, move to the next step, where you will compile a risk management cost benefit analysis.