StudyDaddy Information Systems Final Capstone Portfolio Project If you completed the written portions during the previous modules, this is the appropriate option for you. This is the culmination of your portfolio project. Utilize a

Final Capstone Portfolio Project If you completed the written portions during the previous modules, this is the appropriate option for you. This is the culmination of your portfolio project. Utilize a

Penetration Testing and Footprinting

Sarah Ray

Cybersecurity Capstone

CSU Global

Professor Ofori Boateng

08/25/2022








Penetration Testing and Footprinting

Before attempting to secure a network adequately, it is essential first to understand the potential risks posed by the network. Testing for network penetration and leaving a digital footprint are two required methods that may be utilized to evaluate the level of security provided by a network. The process of assessing a computer system, network, or web application to locate weaknesses that an adversary could exploit is called penetration testing or pen testing. Footprinting, on the other hand, refers to the act of gathering knowledge about a target system to have a better understanding of the vulnerabilities that it possesses (More & Rohela, 2018). Both penetration testing and footprinting can be used to collect information about the target system. Penetration testing is used to find vulnerabilities, and footprinting is used to learn about the target system. When used in conjunction with one another, these two technologies make it possible to get a complete picture of the state of security within a given system.

When testing for vulnerabilities, many different approaches may be taken. Social engineering is a common strategy that a lot of people use. Accessing a system is attempting to guess passwords or other information to gain access. To accomplish this, one must deceive another individual into divulging knowledge that can be utilized to break into a computer system. Using what is known as brute force attacks is yet another common strategy.

When conducting penetration testing and footprinting, you can choose from various tool and method options. Metasploit, Nmap, and Burp Suite are some of the most prominent tools utilized in penetration testing. Metasploit is a robust framework for exploiting software vulnerabilities, and it can be used to launch attacks against a target computer or network. Nmap is a tool for network exploration that may be used to search a network for systems susceptible to attack. Burp Suite is a web application security testing tool that may be used to locate vulnerabilities in online applications. This can be accomplished by using the device (Koster, 2016).

When carrying out a penetration test, it is essential to use the appropriate tools and approaches for the particular system being tested. For this illustration, let's say that the target system is a web application. In this case, the primary objective of the penetration test should be to identify any flaws in the online application. If the target system is a network, the penetration test's primary goal should be to identify weak spots in the network's security.

The process of footprinting can be carried out utilizing a vast number of tools and approaches. Whois, traceroute, and DNS enumeration are three of the most common techniques utilized throughout the footprinting process. Whois is a tool that may be used to acquire information about a domain name, such as the contact information for the owner, registrar, and other relevant parties. Traceroute is a tool that can be utilized to map the path that data travels from its origin to its final destination. DNS enumeration is a method that can be used to gather data regarding a domain's DNS records (Shinde & Ardhapurkar, 2016). This data may include the name servers and MX records.

Footprinting is a method that can be utilized to collect a wide variety of information concerning the target system. This information may include the system's IP address, the type of software installed on it, and the operating system currently being used by the system. This information can determine the most effective way to launch an attack on a particular system.


References

Koster, K. (2016). Cone penetration testing: a sound method for urban archaeological prospection. Archaeological prospection23(1), 55-69.

More, S., & Rohela, A. (2018). Vulnerability Assessment and Penetration Testing through Artificial Intelligence. International Journal of Recent Trends in Engineering & Research4(1), 217-224.

Shinde, P. S., & Ardhapurkar, S. B. (2016, February). Cyber security analysis using vulnerability assessment and penetration testing. In 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave) (pp. 1-5). IEEE.

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!