NAME: KANAD MISHRA REGISTERATION NUMBER: 11708027 SECTION: KM029

ROLL NO: RKM029A31

Ques 1: Suppose you are the leader of penetration testing team and you have to describe
different team activities roles in more detail with organization’s manager.
Answer 1:
In today’s world of penetration testing, there is no set method dictating how the teams are
actually organized. The number of actual penetration testers involved in a project will depend
primarily on key three factors:

1. The types of penetration tests being performed

2. The size of the business or corporation in question (this can be a direct function of
employee size)
3. The complexity of the IT Infrastructure to be tested

The Red Team

This is the penetration testing team that actually launches the mock attack against the
business’s lines of defence. This team simulates real types of cyberattacks in order to
discover any unknown security vulnerabilities or weaknesses. The testing would typically
include both the hardware and software sides.

The Blue Team

This is the penetration testing team that takes on the mock role of being the IT staff at the
business or corporation. The Blue Team will be the ones monitoring all alerts, anomalies and
any other forms of suspicious behaviour from within the IT infrastructure. In the end, their
job in the pen testing exercise is twofold: to fend off the cyberattack that’s being launched by
the Red Team and to give the real IT staff of the organization an idea of the required
vigilance and reactiveness

The Purple Team

The Purple Team is actually a combination of members from both the Red Team and the Blue
Team. One may be asking at this point: why is this combination even necessary? It’s
important to keep in mind that Purple Teams are not required for every penetration testing
engagement.

For example, if it was a much smaller business (again, using our example of the 20-size
employee company), then there would not be a need for a Purple Team.

This is a type of penetration testing team that is designed to ensure and maximize the efforts
of both the Red Team and the Blue Team. They combine the Blue Team’s defensive tactics
with the threats and vulnerabilities found by the Red Team.
NAME: KANAD MISHRA REGISTERATION NUMBER: 11708027 SECTION: KM029
ROLL NO: RKM029A31

Ques 2: You are working as a technical manager in Infotech department in Lovely

Professional University. Your role is to perform vulnerability scanning on different
project. And your friend is also work under same department. He has a complete
knowledge about penetatation testing. If you are already performing vulnerability
scanning, why should your friend perform a penetration test? Explain in detail.
Answer 2:
A vulnerability scan looks for known vulnerabilities in your systems and reports potential
exposures. A penetration test is intended to exploit weaknesses in the architecture of your IT
network and determine the degree to which a malicious attacker can gain unauthorized access
to your assets. A vulnerability scan is typically automated, while a penetration test is a
manual test performed by a security professional. Here’s a good analogy: A vulnerability
scan is like walking up to a door, checking to see if it is unlocked and stopping there. A
penetration test goes a bit further. It not only checks to see if the door is unlocked, but it also
opens the door and walks right in.

Vulnerability: A vulnerability scan looks for known vulnerabilities in your systems and
reports potential exposures that, if exploited, could result in a compromise of a system. The
scan ranks and reports each vulnerability. An external vulnerability scan is conducted from
outside the organization. An internal vulnerability scan is conducted from inside the
organization.

Penetration Testing: A penetration test is a simulated attack against your network

infrastructure or information systems that attempts to evade or overthrow the security features
of system components. It is designed to exploit discovered weaknesses and determine your
level of risk. It can be performed internally or externally.
Vulnerability scans identify areas of risk either within your network or areas outside of your
network that could be exploited by a hacker.
A penetration test identifies your risk exposure and gives you full visibility into how
malicious entities may be attacking your systems and to what extent they are at risk.
1. Manual exploitation of identified vulnerabilities
2. Performs “attacks” on external or internal systems (tries fake passwords, manipulates
code, “tricks” web servers into giving sensitive information)
3. Provides assurance on segmentation within a network or environment

Ques 3: How Will You Protect The Data During And After Testing?
Answer 3:

1. Identify Sensitive Information

The first thing to do is to determine what data is sensitive enough to require protection. This
could include items like names, addresses, social security numbers, and birth dates. Leaks of
NAME: KANAD MISHRA REGISTERATION NUMBER: 11708027 SECTION: KM029
ROLL NO: RKM029A31

this information could lead to identity theft, fraud, and other such consequences for
unsuspecting users.

Quality assurance management must protect information that lives under the regulations set
by industry standards. HIPAA rules are essential to follow for any medical or patient data,
while PCI security standards governs any financial transactions and information, making it
one of the most common laws that organizations must comply with.

2. Use Masking Techniques

With all of the data at a team’s disposal, they’ll want to use it, but how can they do so without
putting sensitive information at risk? Masking is an easy way to convert these sets into non-
sensitive data that can be leveraged for analysis or testing.

Computer Weekly contributor noted that the de-identification strategy must make sense to
developers and testers alike. Any fields should be substituted out with their appropriate
counterparts.

For example, alphanumeric characters must be replaced with other alphanumeric characters.
This will help teams understand what type of information went there and still transform
sensitive data into something that’s usable.

“These technologies are effective, scalable and easy if performed properly,” Gupta wrote.
“For example, only sensitive data must be masked, the masked data must not be reversible,
and the masked data must represent real data.”

3. Leverage the Right pentester Tools

Testers must be provisioned with the best tools that will not only keep their test cases
straight, but will also integrate well with data masking and protection solutions, and will
provide a comprehensive overview. Agile test management tools could be the answer here.

Jira Software, together with Zephyr test management and eazyBI reporting, make a powerful
set of agile software management tools. Together these tools not only enable groups to
collaborate effectively across projects and see updates in real time, but they can also help
teams assign and track all test cases down to the smallest detail.

The security from bringing these forces together will ease the minds of users as well as
developers and testers. These types of tools will also lead to a greater accuracy, better
security and overall improved quality while delivering applications faster than ever before.
NAME: KANAD MISHRA REGISTERATION NUMBER: 11708027 SECTION: KM029
ROLL NO: RKM029A31