rules-worksheet.rtf

(33 KB) Pobierz

Rules of Engagement Worksheet:

Penetration Testing Team Contact Information:

Primary Contact: ____________________________________________

Mobile Phone: ____________________________________________

Pager: ____________________________________________

Secondary Contact: _______________________________________________

Mobile Phone: ________________________________________________

Pager: ________________________________________________

Target Organization Contact Information:

Primary Contact: ____________________________________________

Mobile Phone: ____________________________________________

Pager: ____________________________________________

Secondary Contact: _______________________________________________

Mobile Phone: ________________________________________________

Pager: ________________________________________________

"Daily Debriefing" Frequency: _____________________________________________

"Daily Debriefing" Time/Location: __________________________________________

Start Date of Penetration Test: ______________________________________________

End Date of Penetration Test: ______________________________________________

Testing Occurs at Following Times: __________________________________________

Will test be announced to target personnel: ____________________________________

Will target organization shun IP addresses of attack systems: _____________________

Does target organization's network have automatic shunning capabilities that might disrupt access in unforeseen ways (i.e. create a denial-of-service condition), and if so, what steps will be taken to mitigate the risk:

____________________________________________________________________

Would the shunning of attack systems conclude the test: _______________________

If not, what steps will be taken to continue if systems get shunned and what approval (if any) will be required:

_______________________________________________________________________

IP addresses of penetration testing team's attack systems:

_______________________________________________________________________

Is this a "black box" test: __________________________________________________

What is the policy regarding viewing data (including potentially sensitive/confidential data) on compromised hosts:

_______________________________________________________________________

Will target personnel observe the testing team: _________________________________

______________________________________________________________

Signature of Primary Contact representing Target Organization

____________________________

Date

______________________________________________________________

Signature of Head of Penetration Testing Team

____________________________

Date

If necessary, signatures of individual testers:

______________________________________________________________

Signature

____________________________

Date

______________________________________________________________

Signature

____________________________

Date

______________________________________________________________

Signature

____________________________

Date

______________________________________________________________

Signature

____________________________

Date

Plik z chomika:

art.w

Inne pliki z tego folderu:

CEH Ethical Hacking Course.iso (3465722 KB)
a-resource-guide.pdf (114 KB)
CEH Exam practice questions 312-50.pdf (333 KB)
gray-hat-hacking.pdf (12500 KB)
professor-messer-comptia-220-901-a-plus-course-notes-v017.pdf (9530 KB)

rules-worksheet.rtf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: