About this Assignment
Ethical hacking involves attempts by individuals to find flaws in a company’s security infrastructure so they can be remedied before someone with bad intentions tries to break in and steal critical information or crash systems. Hackers use enumeration to find security holes. For this final assignment, you will write a 1,500-2,000 word report outlining how a hacker could use enumeration and what tools or processes could be used to gain access to a company’s resources. Your report should also include the creation of a security improvement plan that outlines how to harden an environment to mitigate enumeration risk.
Scenario
The Bryan Hall Legal Group has been concerned for quite some time that confidential information on their active cases is leaking out to opposing counsel and to the media. As the city’s premier security consultant, they retain you to verify whether this is true or not. After conducting a full range of security tests in their environment, you discover that the company has very lax security policies and has been hacked multiple times through the use of enumeration. Based on this information, write a 1,500-2,000 word report to the Chief Security Information Officer (CISO) outlining enumeration and what processes and tools a hacker could use to gain access to the group’s resources. Create a security improvement plan that outlines your findings and steps to harden their security environment and mitigate enumeration risk.
Formatting & Sources
Please write your paper in the MLA format. You may refer to the course material for supporting evidence, but you must also use 3 other sources and cite them using the MLA format. Please include a mix of both primary and secondary sources, with at least one source from a security journal. If you use any Study.com lessons as sources, please also cite them in MLA (including the lesson title and instructor’s name).
Primary sources are first-hand accounts such as interviews, advertisements, speeches, company documents, statements, and press releases published by the company in question.
Secondary sources come from bodies such as the National Institute of Standards and Technology (NIST). You may use sources like JSTOR or Google Scholar to find articles from these journals. Secondary sources may also come from reputable websites with .gov, .edu, or .org in the domain. (Wikipedia is not a reputable source, though the sources listed in Wikipedia articles may be acceptable.)
If you’re unsure about how to use the MLA format to cite your sources, please see the following lessons:
What is MLA Format?
How To Format MLA Citations
