This website uses cookies to ensure you have the best experience. Learn more

Penetration Testing After A New Security System Is Implemented

1322 words - 6 pages

Any time a new security system is implemented it needs to be tested thoroughly. Part of the tests that are performed to ensure that the new or prosed system meets the goals set forth by the organization, is penetration testing. Penetration testing involves security professionals simulating “attacks by a malicious external source” (Whitman & Mattord, 2012, p. 551). These tests allow the security professionals to determine points of failure that may not have been identified in vulnerability testing, as well as the criticality of the items defined in the vulnerability tests. These tests can be performed in one of two ways, either with or without knowledge of the organizations information technology infrastructure. These two tests are known as white-box (with knowledge) or black-box (without) tests (Whitman & Mattord, 2012). Penetration testing can also refer to the probing and breaching of physical security in a test situation. There has been quite a bit of literature written on the subject of penetration testing, discussing primarily methods for performing these tests. Some literature deals with new methods of testing that yield the largest amount of data regarding security flaws, while other papers discuss how to perform penetration testing with the least impact on the organization as a whole.
In their 2010 paper for the Annual Computer Security Application Conference, Dimkov and associates discussed how to perform physical penetration using social engineering. Dimkov and associates recognized that certain social engineering situations used in physical penetration testing of an organization can lead to issues within the organization that could lead to lost time or resources. In order to avoid this, Dimkov and associates came up with two methodologies using social engineering to perform these physical penetration tests. The first proposed method is known as the “Environment-Focused Method” (Dimkov, van Cleeff, Pieters, & Hartel, 2010). In this method the custodian of the asset to be procured by the penetration tester is completely aware of the penetration test. However, standard employees are unaware of the test and become a functional part of the test. In this method the custodian will monitor the asset in such a way as to respect the privacy of all employees in the environment being tested, as well as providing a target asset that will not disrupt organizational function. The penetration tester will provide an attack scenario to the security officer and the asset custodian for approval before commencing the attack. During the attack the tester and target asset are monitored closely by these individuals (Dimkov, van Cleeff, Pieters, & Hartel, 2010).
Dimkov and associates’ second methodology, called the “Custodian-Focused Method” (Dimkov, van Cleeff, Pieters, & Hartel, 2010) expands upon the previous method by leaving the custodian out of the loop. In this method the asset custodian and surrounding employees are completely unaware of the...

Find Another Essay On Penetration Testing after a New Security System is Implemented

A New System Essay

728 words - 3 pages new and advanced classes. In this case, it depends on the student. Some students will try harder and others will slack off even more. Even if students take more advanced classes, students need to be exposed to the average material first. Many people have a lot of different opinions about the pass or fail system. In the other hand, a parent wants to know what subject their child is struggling or excelling in, do they not? How would

A High Security System For Databases

1855 words - 7 pages Abstract - The intent of this paper is to give users of database software, a basicunderstanding of the enhanced security capabilities achieved through Hard DiskShadowing over IP networks. The paper discusses the design and implementation of HardDisk Shadowing system over a packet switched Internet Protocol(IP) network. The systemcreates an accurate copy of critical information at two drives simultaneously thusproviding identical failover storage

The HR department of a city library decides to establish a sexual harassment policy after receiving complaints. Develop the Policy and how it should be implemented

709 words - 3 pages information and confidential advice.IMPLEMENTATIONWe will officially launch our policy at a special staff meeting, where we will endorse it and emphasise that all staff members are required to comply with it.We will schedule at least one day per month to interactive training on sexual harassment, which will be facilitated by an expert.We will ensure that the policy is broadcasted to all employees (including new hires), who will then sign it to

The Italian Renaissance: A New Era After the Middle ages

1463 words - 6 pages Renaissance. The Italian Renaissance was a result of many events that lead to one another. Even the least expected events, like the Black Death, contributed to the rise of the Renaissance. It’s greatness has been admired since the end of the Renaissance. It spurred fine arts and magnificent churches. New ideas surged and spread. It was a cultural evolution the defined the modern age. The Italian Renaissance is known throughout the world and will

Proposal For a New University Admissions System

2597 words - 10 pages places in September, and 5,000 applications in the days after A level results are announced." If the system was attacked or all data was lost around this time; not only could all the applications be lost; but applications could be compromised. It is equally important that back up of data is addressed. Security should extend beyond the traditional thinking of making the system hacker free; but also include the need for back up devices and the

American Schools Need a New System

1238 words - 5 pages been implemented for both teachers and students in an effort to make an environment conducive to learning. According to Connolly, “The legacy of good instruction, combined with laudable values, is one that, at its best, will continue to tug at the conscience and the inclination of a student long after he or she has left the classroom.” (Connolly P4) The school system should not make students of lower social class feel condemned, instead

Need for a New Health Care System

1411 words - 6 pages Need for a New Health Care System      One of the major problems nagging America is the need for a new health care system. The number of uninsured Americans needing medical treatment is rising. Medicare, a major part of the American health care system, is projected to go broke in 2019 according to USA Today?s article, 'Congress refuses to swallow cures for ailing Medicare.' I have seen this ruin people?s pursuit of happiness. I worked in a

Why we need a new election system

836 words - 3 pages majority of a state and thus was not awarded a single electoral vote.The electoral college has other, more indirect, impacts on the fate of third party candidates. Due to their repeated (and inevitable, under the current system) defeats, any momentum is quickly lost, for few will vote for a party that never wins. Not surprisingly, then, in the 1996 Presidential elections, Perot's popular vote winnings were cut approximately in half.But, even in

A Modified Approach for the Domain Name System Security

935 words - 4 pages due to hackers. It has become a risk to redirect the current page to any desired page, because one may be redirected to any unsafe page which may cause to lower the trust in security measures. So our objective is to develop such a system which provides more security while we are surfing on internet and make the path from source page to requested page more secure. This paper provides an idea through which we can overcome the disadvantages of

This is a policy paper. Social Security

1542 words - 6 pages just might not getthe promised return. What is needed is a way to stop using the social security fund to payoff other debts and a way to increase the funds without hurting the American people. Notenough people pay attention to what goes on in our government, nonetheless, understandit. We all know that the US spends a ton of money on national defense. I amnot saying that we should not spend a good deal of money, but is it entirely too much.Could

Cloud Computing Virtualization – A Threat to Security of the System

2040 words - 9 pages step is to launch a DoS attack on the system, so as soon as server which is running the genuine hypervisor will crash; all the VMs will be migrated to the server which is running infected hypervisor. The infected hypervisor will gain control of its VMs. d. Operating System: Running many operating systems (Guest OS) on a single operating system (Host OS) will bring new problems to existing ones. Every operating system has different security

Similar Essays

System Failure: Abandoning New Orleans Essay About Whether Or Not It Is Worth It To Rebuild New Orleans After The Hurricane Katrina

1117 words - 4 pages Orleans should not be rebuilt due to its ongoing health concerns, cost to the economy and its geological location. The first problem that needs to be looked at before anyone can even go back into New Orleans, is the contamination found in the flooded waters.New Orleans was a disaster waiting to happen. Hurricane and flood preparation in the city of New Orleans has always been an issue, even before Katrina struck. Its location is a huge threat, having

Penetration Testing A Vm Essay

2883 words - 12 pages ). Figure 10-2.2. Home and tmp directory login. After a lot of research it was found that Samba 3.0.23c is vulnerable to a symlink attack. Using a smylink attack enables the viewing of the servers root directory. The symlink attack is performed with Metasploit in msfconsole (msf). Metasploit is a penetration testing tool used to discover security vulnerabilities on a server. All the Samba vulnerabilities are searched using the search smb command

Resarch On Branding And Location Implemented On A New Venture

2642 words - 11 pages successful new German fast food restaurant in London, branding as well as choosing the location is an essential component for the business plan and the customer loyalty in the future. For that reason it is the aim of this report to clarify this matter by defining what do the terms brand and branding actually mean, why they are so important, what are the key parts in building a strong brand and how the location is determined. The theory, researched with

A New Way Of Testing Essay

1947 words - 8 pages not able to continue to teach the way they have for so many years, uniformity has sucked the creativity out of teachers. “People who advocate for the NCC standards miss the bigger picture…they come as a package deal with the new teacher evaluations, higher stakes, testing, and austerity measures, including school closings.” Said Jose Vilson, Math instructor in New York, New York. He is explains the NCC as a “series of politicized and insensitive