In this assignment, students will understand the importance of evaluating and identifying organizational security vulnerabilities prior to assuming full control of the environment. They will learn the important information derived from the penetration test and how best to proceed with remediation and executive recommendations for next steps.
You are hired at a critical infrastructure organization (e.g., health care, legal, financial) and your first task is to conduct a penetration test from the white hat or black hat perspective. Select a publicly-traded organization of your choice within the industry of your choosing. Prepare a mini summary report of the findings to include proposed recommendations to be reviewed by executive leadership roles. Within the report, make sure to address the following by using academic and current (within 2 years) sources:
Evaluate how susceptible the business infrastructure is to certain kinds of attack and how to prevent this (such as models of countermeasures).
Assess the potential impact to the business and operations if a malicious attacker were to succeed.
Provide evidence to support increased security technology needs.
Suggest security best practices that the organization should follow.