Your assignment is to write a penetration testing plan.
Be sure to adhere to the following requirements when completing your penetration testing plan:
The plan should contain an Executive Summary, Overview, Scope, Assumptions, Rule of Engagement and Signature.
The plan should be 8 – 10 pages
Be sure to focus on the structure, format and overall presentation of the testing plan.
When completing each section of the plan, be sure to address the following:
Does the summary address what this pen test is all about?
Â Does the plan represent the desires of the organization/leadership and address what they are hoping to achieve?
Overview (just like the template)
What are the purpose and goal?
Which laws are in play?
Which guidelines is the tester(s) going to use?
The Scope, where is the focus going to take place. (what systems, what network, what business functions)
The Assumptions, basically what is the viewpoint of the tester(s), from which perspective are they going to approach the plan.
Rule of engagement the most important section. What are the limits, what is the communication structure, is there a communications blackout