Scribd
Upload
120 views4 pages

Penetration Test Parameters Questionnaire

The document outlines the parameters for a penetration test, including restrictions on testing hours, guidelines to follow, IP addresses and systems to test, and specific examination requested like password cracking and application source code review. Testing is restricted to after-hours and includes light network scans, heavy network scans, point scanning, denial-of-service testing, and configuration audits. A list of IP addresses and systems across various operating systems are identified for testing, along with guidelines around firewalls and cryptographic analysis. Password cracking is requested for various systems and character sets. Application source code review is also requested for listed applications.

Uploaded by

SYED JUNAID AHMED
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
120 views4 pages

Penetration Test Parameters Questionnaire

The document outlines the parameters for a penetration test, including restrictions on testing hours, guidelines to follow, IP addresses and systems to test, and specific examination requested like password cracking and application source code review. Testing is restricted to after-hours and includes light network scans, heavy network scans, point scanning, denial-of-service testing, and configuration audits. A list of IP addresses and systems across various operating systems are identified for testing, along with guidelines around firewalls and cryptographic analysis. Password cracking is requested for various systems and character sets. Application source code review is also requested for listed applications.

Uploaded by

SYED JUNAID AHMED
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 4

Penetration Test Parameters Questionnaire

The test team is restricted to after-hours testing as follows: Light network scans Heavy network scans oint scan testing !enial-of-service testing "onfiguration audits #ar dialing [Yes/No] [Yes/No] [Yes/No] [Yes/No] [Yes/No] [Yes/No] [Time range] [Time range] [Time range] [Time range] [Time range] [Time range]

The test team has $een re%uested to follow additional guidelines while testing: [&'ecify any additional guidelines] IP Addresses List of ( addresses to $e tested: [List ( addresses and ranges to $e tested] &'ecific ( addresses targeted for 'oint scans "hosen $y client: [List ( addresses and ranges to $e tested] "hosen $y the test team: [List ( addresses and ranges to $e tested] &'ecific ( addresses to $e used for the )&* +)nter'rise &ecurity *anager, configuration audit "hosen $y client: [List ( addresses and ranges to $e tested] "hosen $y the test team: [List ( addresses and ranges to $e tested] Configuration Audit

Num$er of &ysLog &ervers: Windows 2000 Num$er of servers: ercentage of servers to $e tested: Num$er of workstations: ercentage of workstations to $e tested: Num$er of domain controllers: Sun Solaris Num$er of servers: ercentage of servers to $e tested: Num$er of workstations: ercentage of workstations to $e tested: Other UNIX Num$er of servers: ercentage of servers to $e tested: Num$er of workstations: ercentage of workstations to $e tested: VAX/VMS Num$er of servers: ercentage of servers to $e tested: Num$er of workstations: ercentage of workstations to $e tested: inu! Num$er of servers: ercentage of servers to $e tested: Num$er of workstations: ercentage of workstations to $e tested: Win2000 Num$er of servers: ercentage of servers to $e tested: Num$er of workstations: ercentage of workstations to $e tested:

[-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-]

Other O"erating S#ste$s Num$er of servers: ercentage of servers to $e tested: Num$er of workstations: ercentage of workstations to $e tested: %irewalls .oundary firewall+s, ty'e: Num$er of $oundary firewall+s,: (nternal firewall+s, ty'e: Num$er of internal firewall+s,: Cr#"togra"hi& Anal#sis "lient has re%uested that the test team e-amine the design of the following cry'tosystems: [List cry'tosystems/ such as 0( system or ( &ec/ that have $een re%uested] Password Cra&'ing Windows 2000 &*. ca'ture 'asswords: 1etrieve from domain controller: .rute-force standard al'ha$et: .rute-force all characters: Time to run: No(ell NetWare .rute-force standard al'ha$et: .rute-force all characters: Time to run: UNIX .rute-force standard al'ha$et: .rute-force all characters: Time to run: inu! .rute-force standard al'ha$et: .rute-force all characters: [Yes/No] [Yes/No] [Yes/No] [Yes/No] [Hours/ u' to 23] [Yes/No] [Yes/No] [Hours/ u' to 23] [Yes/No] [Yes/No] [Yes/No] [Yes/No] [Hours/ u' to 23] [list] [-] [list] [-] [-] [-] [-] [-]

Time to run: Win2000 .rute-force standard al'ha$et: .rute-force all characters: Time to run: A""li&ation )!a$ination

[Hours/ u' to 23] [Yes/No] [Yes/No] [Hours/ u' to 23]

"lient has re%uested that the test team e-amine the source code of the following a''lications for vulnera$ilities: [List a''lications re%uested] War *ialing [List 'hone num$er ranges]

You might also like