Final Project Report (130 points) Purpose This course-wide project introduces you to a variety of tasks and skills that are required for entry-level penetration testers. You will become familiar with how an attacker would view and attack networks and systems, and you will learn to defend against them. The ultimate goal of this project is to gather information during your penetration testing activities and then express your findings in a penetration testing report document. Task You will be creating a professional Penetration Testing Report after completing all six activities (14-1 to 14-6) listed in MindTap Module 14: Hands-On Ethical Hacking Final Project. Feel free to revisit the previous lab setups to run tests that you previously completed throughout the semester again if more information is needed to complete the project deliverables. Deliverables Please complete all 8 sections given below and submit your report. 1: Table of Contents (5 points) - Since your report contains a lot of information and different sections, create a table of contents so that readers can quickly find what they are looking for. 2: Executive Summary (10 points) - Briefly summarize the scope of your testing and your findings, recommendations, and conclusions in a few short paragraphs. The target audience is executives and managers, so keep technical jargon to a minimum. 3: Introduction (10 points) - Introduce the topic of the report and its purpose. Discuss the goal of the penetration testing and how you will achieve and demonstrate the goal. In general, the topic and purpose of the report is to search for vulnerabilities in one or more computing systems. Identify the specific systems you are testing. The goal is to propose possible solutions for these vulnerabilities. 4: Scope (5 points) - If you are targeting only a specific system or set of systems, outline this information in the scope section. For penetration testing, scope details include the targets you are testing and the types of tests you are doing. For example, indicate whether you are performing a full Nessus scan for all vulnerabilities or testing only one web application. 5: Details (70 points) - The details section is the longest part of your report where you communicate all your work, discoveries, steps, results, and screenshots. - The convention is to organize and divide the details into multiple sections, subsections, and headings, as follows: o 5.1.Details Section One o 5.2.Details Section Two o 5.2.1.Details Section Two Subsection One - For penetration testing, you typically have a details section for each system you are testing (such as each computer). In the subsections, outline the details of specific activities (14-1 to 14-6) and findings (such as the results of a Nessus scan on that system). - If a single activity impacts many systems, such as an Nmap scan of an entire network, you can capture all those details in one details section and then repeat the results for a specific target in the subsection for that target. - Each details section should summarize results from the tool you used to gather the information. A complete listing of all the results gathered by a tool is not helpful and may be difficult for the reader to understand. Many tools provide summary reports and tables of findings. Extract this information and include it in the appropriate detail section. 6: Summary (10 points) - Summarize your findings and craft an overall message from the information contained in the details section. This is not your conclusion; this section includes a few summary paragraphs. For a penetrating testing report, this section could consist of statements highlighting the systems that urgently need security fixes and identifying the systems found to be well-secured. 7: Recommendations (10 points) - Based on your original goal, details, findings, and summary, make an organized set of recommendations. These recommendations should include steps to solve problems, simplify procedures, and improve security. In a penetrating testing report, the recommendations should outline steps to fix any vulnerabilities found during the testing. 8: Conclusion (10 points) - Wrap up the entire document with a paragraph or two that ties together what your goal, details, discoveries, and recommendations have revealed. Submission Requirements: ? Format: Microsoft Word ? Font: Arial, 12-Point, Double-Space ? Citation Style: APA ? Length: A minimum of 12 pages (excluding title page, screenshots, and bibliography).

Attachments:

doc-20230430-....pdf