Perform target information gathering reconnaissance.
Assessment Front Sheet
HR90 47— Ethical Hacking Fundamentals
|
Assessment Title |
HR90 47— Ethical Hacking Fundamentals |
|
Qualification |
Module Code and title |
|||
|
HND In Computer Science |
HR90 47— Ethical Hacking Fundamentals |
|||
|
Student ID. |
Assessor’s Name |
|||
|
|
|
|||
|
Cohort |
Date Issued |
Submitted on |
||
|
|
|
|
||
|
No. |
Learning Outcome |
|||
|
1 |
Perform target information gathering reconnaissance. |
|||
|
2 |
Perform system security vulnerability testing. |
|||
|
3 |
Perform system vulnerability exploit attacks. |
|||
|
4 |
Produce a security assessment report. |
|||
|
Learner Declaration |
|
I certify that the work submitted for this assessment is my own and research sources are fully acknowledged. Student Signature: ………………………………… Date: ……………….. |
The candidate should produce written evidence in the form of a security assessment report; the report must include as a minimum the following sections:
- Test Scope
- Rules of engagement
- An Executive Summary
- Vulnerability Report
- Proof of Exploit
- Remediation Report
The test scope should be determined by the lecturer, the candidate should obtain the scope by means of an interview or questionnaire.
During this process the candidate and lecturer should agree and sign off the rules of engagement.
The executive summary should be written with a target audience in mind of non advanced computer users at an executive level. Candidates may wish to make use of graphs, charts and other visual aids to identify business risks as a result of the vulnerabilities found. Perform target information gathering reconnaissance.
The vulnerability report should be written with a target audience in mind of advanced technical support/developers and should include appropriate references to standard classification systems such as MITRE CVE, WASC or OWASP.
The proof of exploit section should provide enough general information for the recipients of the report to carry out the attack in order to re-create the vulnerability.
The remediation report should include short term/long term remediation recommendations
