The first deliverable of the Penetration Test Proposal is the rules of engagement (ROE) document, a formal document that outlines the objectives, scope, methodology, and overall test plan agreed upon by the penetration testers and client system administrators. Penetration testing can cause complications such as network traffic congestion, system downtime, and may cause the same vulnerabilities and compromises it was designed to prevent. Due to the potential consequences of penetration testing, it is vital to agree upon a comprehensive ROE before testing. For your ROE deliverable, consider the following:How will you identify Haverbrook Investment Group’s network characteristics, expectations, constraints, critical systems, and other relevant information?What are your preliminary engagement activities with regard to scheduling, scope, and key stakeholders?What will you use to establish a binding agreement between Centralia Security Lab and Haverbrook Investment Group?How will you determine the services, targets, expectations, and other logistics that will be covered during the Rules of Engagement section?How will you explain to Haverbrook that the tools and techniques to be used in the penetration test will not corrupt data, violate privacy, and are in compliance with industry standards and any applicable laws and regulations? Use the Rules of Engagement Template to record your work.
Unformatted Attachment Preview
Penetration Test Proposal
Deliverable 1: Rules of Engagement
Course Number and Section:
Rules of Engagement
Include a brief description of the penetration test project.
Discuss the scope of the penetration test (pen test).
Provide a list of the testing requirements.
Describe how you will apply appropriate ethical principles throughout the penetration testing process.
Purchase answer to see full