You are on page 1of 3

FRONTIER BUSINESS SYSTEMS PVT LTD

INFORMATION GATHERING QUESTIONNAIRE FOR VA & PT


CONSULTING ASSIGNMENT
Information Security Consulting Division of Frontier Business Systems (P) Ltd is very happy
to respond to initial inquiry on Information Security Consulting. Further to our discussions
we request you to kindly fill up the Questionnaire below which will help us understand
your environment and arrive at an effort estimate. If you have any queries on the
questionnaire, do leave those columns blank, and we will help you fill it after a discussion
with us.

Business Profile
Name of the
Company/Organization
Contact Address of the
Company/Organization
Name of the Designated
Official to Contact
Designation of the Official
Position
Contact Phone Numbers
(Land Line and Mobile)
E Mail Address
Company Web Site

Internal Vulnerability Assessment


Number of Servers/Desktops/Networking Devices for which Internal Vulnerability Scan is to
be performed (If there are more than one location, please mention the number for each
location separately)
Description
Number of Servers in the Internal Network
for which Vulnerability Assessment is to be
carried out
Number of Desktops for which Vulnerability
Assessment is to be carried out
Number of Laptops for which Vulnerability
Assessment is to be carried out
Number of Networking Devices for which
Vulnerability Assessment is to be carried
out
Routers

Location 1

Location 2

Location 3

Firewalls
Manageable Switches
CONFIDENTIAL

QUESTIONNAIRE

PAGE 1

OF

FRONTIER BUSINESS SYSTEMS PVT LTD


IPS / IDS
VPN Boxes

CONFIDENTIAL

QUESTIONNAIRE

PAGE 2

OF

FRONTIER BUSINESS SYSTEMS PVT LTD

External Penetration Testing


Number of Servers in the External Domain for which Penetration Testing needs to be
carried out. Frontier Business Systems, Information Security Practice Division shall be
performing a Partial Knowledge Testing, whereby the Client will be informing the IP
Address of the machines for which the Penetration Testing is to be carried out.
Description
Number of Public IP addresses (Servers and Networking
devices) for which Penetration Testing is to be carried out
Is there any Filtering applied at the ISP level?
(Pl specify IPs of those devices / servers which are critical and connected to Public
Network (accessible from outside); If more than one IP is configured on the same
device/server, pl. provide only one IP (Pl. mention only the IP count here and do not
mention the IP addresses here)
The information supplied above will be used to provide you with a quotation for
our consulting services. This quotation is totally dependent upon the
information given above. We must therefore reserve the right to amend our
quote should the information be found to be inaccurate or incomplete.
Name:

Position:

E Mail Id

Contact
Phone
Number

Non Disclosure Agreement


Information captured above is used by Frontier Business Systems Information Security
Practice Division for the limited purpose of submitting a proposal for Network Security
Audit. This information will not be disclosed or used for any purpose other than the
purpose for which the same has been collected.
Names of our Primary and Secondary Contacts (Please feel free to contact for any
clarification which you may have in filling up the form)
Name:

1.

E Mail Id

2.
1.
2.

CONFIDENTIAL

Position:
Contact
Phone
Number

QUESTIONNAIRE

1.
2.
1.
2.

PAGE 3

OF