Scenario: You are a new IT security professional for a small police department. At first you did not see your agency as being a large target for attacks. However, the city recently appointed a new and very controversial police chief. Following the appoint
technical writing
Description
Scenario: You are a new IT security professional for a small police department. At first you did not see your agency as being a large target for attacks. However, the city recently appointed a new and very controversial police chief. Following the appointment of the new police chief, you discovered a plain text file in the root of the C: drive on a server that said "hacked by the KDC." You have reported this to your immediate supervisor, who has assigned you to perform a penetration test on the agency's network and to perform a vulnerability assessment. Although you strongly agree with your supervisor and realize that such measures are necessary, you believe that it would be much more appropriate to outsource this to a security consulting firm. To fulfill your supervisor's initial request, you are preparing to perform a preliminary network penetration test on your agency's network. However, you prefer to take an automated approach and are wondering if such network penetration tools exist. Task: A. Create a memo (suggested length of 4-5 pages) requesting permission to obtain a network penetration tool by doing the following: 1. Describe three possible network penetration testing tools that you deem to be most practical for the scenario. 2. Compare the limitations of each of these three tools. 3. Explain how you could use each of these three tools to perform a network penetration test. B. Create a multimedia presentation (e.g., PowerPoint, Keynote) (suggested length of 15-20 slides) explaining why the vulnerability assessment for the police department's network should be outsourced by doing the following:
