Module 2 Assignment Short

Uploaded by

arslanmm425

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

19 views2 pages

Module 2 Assignment Short

Uploaded by

arslanmm425

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 2

Assignment – Module 2: Threat Management and

Cybersecurity Resources

Module Objectives

- Explain penetration testing. - Identify rules of engagement and steps in pen testing. - Define
vulnerability scanning. - Describe cybersecurity resources.

1. Penetration Testing

Definition: Simulated attack to exploit vulnerabilities and test security. Purpose: - Discover hidden
vulnerabilities. - Understand their impact. - Strengthen defenses. Importance of Planning: Prevents
scope creep and legal issues. Why Conduct a Pen Test? - Goes deeper than automated scans. -
Mimics real threat actor techniques. Who Performs the Test? - Internal Security Team: Low cost,
quick, but limited expertise. - External Consultants: Skilled and experienced, but may risk data
misuse. - Crowdsourced Testers (Bug Bounty): Fast, diverse testing, multiple perspectives.

2. Rules of Engagement

- Timing: When tests occur (business hours, start–end dates). - Scope: Defines boundaries
(internal/external targets, locations). - Authorization: Written approval required. - Exploitation: Level
of attack agreed in advance. - Communication: During initiation, status updates, incidents,
emergencies. - Cleanup: Remove scripts, tools, credentials, restore systems. - Reporting:
Executive summary (non-technical) + detailed technical report.

3. Performing a Pen Test

Phase 1: Reconnaissance (Footprinting) - Active: Probing systems, war driving/flying. - Passive:

Open-source intelligence (OSINT). Phase 2: Penetration - Simulates attacker behavior. - Pivoting:
Using one system as gateway. - Requires patience and persistence.

4. Vulnerability Scanning

Definition: Continuous, automated process to identify weaknesses. Differences from Pen Test:
Ongoing, frequent vs. one-time manual test. Conducting Scans: - Decide what/when to scan. -
Interpret results. - Focus on high-value systems. Threat Hunting: Proactive search for undetected
threats using feeds, advisories, and intelligence sources.

5. Cybersecurity Resources

- Frameworks: Guidelines for managing security (NIST, ISO, AICPA, CIS, CSA). - Regulations:
Industry/government compliance (broad, industry-specific, state, international). - Legislation: Laws
on data protection and breach notifications. - Standards: Industry-approved rules, e.g., PCI DSS. -
Benchmarks/Guides: Secure configuration references. - Information Sources: Threat feeds,
bulletins, fusion centers.

Conclusion

- Penetration testing and vulnerability scanning complement each other. - Rules of engagement
ensure safe, legal, and effective testing. - Cybersecurity resources (frameworks, regulations,
standards) provide structured defense. - Together, these practices strengthen organizational
security posture.

Penetration Testing Overview and Frameworks
No ratings yet
Penetration Testing Overview and Frameworks
74 pages
CYSA CertMaster Notes
No ratings yet
CYSA CertMaster Notes
72 pages
Lecture 2 - Penetration Testing, Rules of Engagement and Vulnerability Scanning
No ratings yet
Lecture 2 - Penetration Testing, Rules of Engagement and Vulnerability Scanning
37 pages
George G. McBride - RSA03-The Art of Penetration Testing
No ratings yet
George G. McBride - RSA03-The Art of Penetration Testing
59 pages
Penetration Testing
No ratings yet
Penetration Testing
1 page
Metasploit Penetration Testing Overview
No ratings yet
Metasploit Penetration Testing Overview
28 pages
pt0 002 02
No ratings yet
pt0 002 02
24 pages
pt0 002 01
No ratings yet
pt0 002 01
28 pages
Cissp Domain 6
No ratings yet
Cissp Domain 6
9 pages
Cybersecurity Threat Actors
No ratings yet
Cybersecurity Threat Actors
14 pages
Penetration Testing Essentials
100% (1)
Penetration Testing Essentials
33 pages
CISSP Domain 6: Security Testing
No ratings yet
CISSP Domain 6: Security Testing
11 pages
Ethical Hacking and Penetration Testing Lecture 1
100% (1)
Ethical Hacking and Penetration Testing Lecture 1
19 pages
Evaluating Caldera's RPC Node Services
No ratings yet
Evaluating Caldera's RPC Node Services
25 pages
Unit 5
No ratings yet
Unit 5
4 pages
2-Ethical Hacking Methodology
No ratings yet
2-Ethical Hacking Methodology
21 pages
FNS BCT 2301 Cybersecurity
No ratings yet
FNS BCT 2301 Cybersecurity
4 pages
Vulnerability Assessment Tools
No ratings yet
Vulnerability Assessment Tools
12 pages
Penetration Testing
No ratings yet
Penetration Testing
3 pages
Penetration Testing - Report
No ratings yet
Penetration Testing - Report
3 pages
Nufuzetme 1
No ratings yet
Nufuzetme 1
6 pages
MSE - Pen Testing - Honors - HJ
No ratings yet
MSE - Pen Testing - Honors - HJ
40 pages
Penetration Testing Guide & Compliance
No ratings yet
Penetration Testing Guide & Compliance
96 pages
Cybersecurity Guide: Scanning & Zero Trust
No ratings yet
Cybersecurity Guide: Scanning & Zero Trust
22 pages
Penetration Testing Guide
No ratings yet
Penetration Testing Guide
3 pages
Penetration Testing: A Vital Practice For Strengthening Cybersecurity
No ratings yet
Penetration Testing: A Vital Practice For Strengthening Cybersecurity
3 pages
Student Guide
No ratings yet
Student Guide
18 pages
Comptia Cyber
0% (1)
Comptia Cyber
552 pages
CONDUCT SECURITY ASSESSMENT AND TESTING - Unit Outline
No ratings yet
CONDUCT SECURITY ASSESSMENT AND TESTING - Unit Outline
2 pages
Ethical Hacking for IT Students
No ratings yet
Ethical Hacking for IT Students
8 pages
Fundamentals of Cybersecurity Syllabus
No ratings yet
Fundamentals of Cybersecurity Syllabus
8 pages
Cyber Security
No ratings yet
Cyber Security
73 pages
Chapter 5: Reporting and Communications: Comptia Pentest+ Exam Prep (Pt0-001)
No ratings yet
Chapter 5: Reporting and Communications: Comptia Pentest+ Exam Prep (Pt0-001)
23 pages
Downloadable Official CompTIA PenTest+ Student Guide
100% (3)
Downloadable Official CompTIA PenTest+ Student Guide
552 pages
Cybersecurity Essentials: IDS, IPS, and Policies
No ratings yet
Cybersecurity Essentials: IDS, IPS, and Policies
8 pages
Comprehensive Cybersecurity Guide Final 10PlusPages
No ratings yet
Comprehensive Cybersecurity Guide Final 10PlusPages
3 pages
Penetration Testing Fundamentals
No ratings yet
Penetration Testing Fundamentals
7 pages
CompTIA Pentest Study Guide PDF
100% (1)
CompTIA Pentest Study Guide PDF
71 pages
Tryhackme
No ratings yet
Tryhackme
5 pages
Penetration Testing
No ratings yet
Penetration Testing
2 pages
Penetration Testing: Key Concepts Explained
No ratings yet
Penetration Testing: Key Concepts Explained
2 pages
Penetration Testing Overview and Phases
No ratings yet
Penetration Testing Overview and Phases
2 pages
Cybersecurity Course Content
No ratings yet
Cybersecurity Course Content
2 pages
Module 2 Threat Management and Cybersecurity Resources
No ratings yet
Module 2 Threat Management and Cybersecurity Resources
47 pages
Security-Implementing Penetration Testing-062719
No ratings yet
Security-Implementing Penetration Testing-062719
3 pages
PenTest+ 2024: Social Engineering Guide
No ratings yet
PenTest+ 2024: Social Engineering Guide
4 pages
Assignment of Cyber Forensic
No ratings yet
Assignment of Cyber Forensic
4 pages
Pentest Studyguide Pt0-002 Samplelesson
No ratings yet
Pentest Studyguide Pt0-002 Samplelesson
32 pages
RSRCH Pentesting
No ratings yet
RSRCH Pentesting
3 pages
Module 4. Protecting The Organization
No ratings yet
Module 4. Protecting The Organization
5 pages
Penetration Testing Methodology Overview
No ratings yet
Penetration Testing Methodology Overview
6 pages
CyberSecurity Curriculm
No ratings yet
CyberSecurity Curriculm
4 pages
Cybersecurity Interview Preparation Guide
No ratings yet
Cybersecurity Interview Preparation Guide
4 pages
LECTURE NOTE FIVE - Cybersecurity - Auditing
No ratings yet
LECTURE NOTE FIVE - Cybersecurity - Auditing
6 pages
COCS71151 Assignment 2022-23 2
No ratings yet
COCS71151 Assignment 2022-23 2
4 pages
EH Notes
No ratings yet
EH Notes
22 pages
Final Lab
No ratings yet
Final Lab
10 pages
Trimax CR Machine
No ratings yet
Trimax CR Machine
55 pages
47 Backorder Processing in AATP - SAP S4 HANA
No ratings yet
47 Backorder Processing in AATP - SAP S4 HANA
7 pages
Previous Question Papers
No ratings yet
Previous Question Papers
4 pages
1.0 System Analysis and Design 9th Edition - Shelly Cashman-56-57
No ratings yet
1.0 System Analysis and Design 9th Edition - Shelly Cashman-56-57
2 pages
AlgoFuturesTrader Downloads
No ratings yet
AlgoFuturesTrader Downloads
7 pages
Visual Analytic Based Ship Collision Probability Modeling For Ship Navigation Safety
No ratings yet
Visual Analytic Based Ship Collision Probability Modeling For Ship Navigation Safety
17 pages
M.Sc. Cyber Security Syllabus 2023-24
No ratings yet
M.Sc. Cyber Security Syllabus 2023-24
66 pages
Solaris 11 Virtualization Ds 2243038
No ratings yet
Solaris 11 Virtualization Ds 2243038
5 pages
Coal - Lab Sol, 4
No ratings yet
Coal - Lab Sol, 4
7 pages
ETCS
No ratings yet
ETCS
3 pages
Harbor Freight Cen-Tech CAN OBD II Code Reader EOBD Scanner 98614
75% (8)
Harbor Freight Cen-Tech CAN OBD II Code Reader EOBD Scanner 98614
73 pages
Elements and Types of Communication
No ratings yet
Elements and Types of Communication
25 pages
Opc Da Client Manual
No ratings yet
Opc Da Client Manual
30 pages
Neovolt Battery Inverters Parallel Wiring Diagram.
No ratings yet
Neovolt Battery Inverters Parallel Wiring Diagram.
2 pages
Artificial Neural Networks
No ratings yet
Artificial Neural Networks
7 pages
L16 Multicycle MIPS
No ratings yet
L16 Multicycle MIPS
38 pages
Skills Lab Mulago
No ratings yet
Skills Lab Mulago
37 pages
How To Clone An 11.2.0.3 Grid Infrastructure Home and Clusterware
No ratings yet
How To Clone An 11.2.0.3 Grid Infrastructure Home and Clusterware
9 pages
Roblox Automation Script Overview
No ratings yet
Roblox Automation Script Overview
3 pages
9 PLC Program To Implement Binary To Gray Code Conversion
No ratings yet
9 PLC Program To Implement Binary To Gray Code Conversion
5 pages
Ai Assignment 1
No ratings yet
Ai Assignment 1
5 pages
Drones For Defence: Catalogue
100% (3)
Drones For Defence: Catalogue
14 pages
Boxer Marlin - User Manual
No ratings yet
Boxer Marlin - User Manual
43 pages
Ap900 Manual - en
No ratings yet
Ap900 Manual - en
32 pages
3D Printed Diesel Engine Model Using PLA
No ratings yet
3D Printed Diesel Engine Model Using PLA
15 pages
Kawaii Onnanoko Ni Kouryaku Sareru No Wa Suki Desu Ka Vol 5
0% (1)
Kawaii Onnanoko Ni Kouryaku Sareru No Wa Suki Desu Ka Vol 5
186 pages
Sample MCQ ETI Test1
No ratings yet
Sample MCQ ETI Test1
2 pages
A Study On 3D Printer Design With Con Veyor in Industrial Applications
No ratings yet
A Study On 3D Printer Design With Con Veyor in Industrial Applications
19 pages
An4908 stm32 Usart Automatic Baud Rate Detection Stmicroelectronics
No ratings yet
An4908 stm32 Usart Automatic Baud Rate Detection Stmicroelectronics
23 pages
Thesis For Web Development
100% (3)
Thesis For Web Development
4 pages