SCOPE OF THE SERVICE

IT NETWORK ASSESSMENT
SGS IT Network Assessment service provides the organization with a comprehensive enumeration of the vulnerabilities of its
networks. This is achieved by assessing the cybersecurity status of all the technologies and components in the network.
On the other hand, IT Network Assessment service does not include the exploitation and post-exploitation of the identified vulnera-
bilities (see Penetration testing and Red Team Operations) and assessment of web applications.
The scope of the services is focused on covering the common technologies and components used in corporate IT Networks in an
ordered and methodical way. The methodology used to cover all the technologies is the PTES Standard1. Out of the 7 stages that
PTES operations organized, SGS IT Network Assessment service does execute 5 of them, leaving out of the scope the Exploitation
and Post Exploitation phases.
• Pre-engagement Interactions.
• Intelligence Gathering.
• Threat Modelling.
• Vulnerability Analysis.
• (Exploitation – only Penetration Testing and Red Team).
• (Post Exploitation – only Penetration Testing and Red Team).
• Reporting.
The components and technologies and actions over them within the scope are:

Component Details
External and internal To identify vulnerabilities that can be exploited externally and internally on the IT infrastructure.
network The tests are:
• Password Cracking. • Ensuring optimum performance of the system.
• Router Testing. • Email phishing and social engineering tests.
• Denial of Service (DoS) Testing. • Physical security testing for critical information
• Distributed DoS (DDoS) testing. areas (if requested).

• Containment Measures Testing. • Review network resilience against lateral

movement during compromise.

Wireless Network Tests
Firewall and IPS
diagnostic review
DMZ environment review
• Review of wireless network for vulnerabilities.
• Review the authentication and association
process at the access points.
• Review the open ports and note any threats,
vulnerabilities and security issues.
• Review the administrative interfaces available.
• Check the status of the AP, test if it can stand
DOS attacks.
• Check consistency of the security parameters
• Check the effectiveness of the current net-
work defenders in place.
• Review the running services for vulnerabilities.
• Review the employed IP protocols.
• Review the software versions in place and
version management.
• Check the exposure of running services to vulnerabilities.
to the security policies in place.
• Review implemented authentication filters
used to block users.
• Review the protocols attached to the wireless
network.
• Review the patch updates status.
• Check for rogue access policies.
• Check for rogue access points existence and
detection.
• Verify that there is scanning of the traffic in
the network.
• Check for IP spoofing.
• Review source porting and source routing.
• Review TLS decryption and identification.

1
http://www.pentest-standard.org
Server Configuration • Review the configuration and report any vulnerabilities on the following servers: Domain controllers,
review Internet, different servers, Branch Servers,
• Review the usernames and password and the encryption employed.
• Review the servers for latest software patches updates.
• Carry out script scanning on the list of servers for vulnerabilities.
• Review the log management practices in place.
Network Architecture • Network Scanning – scan routers and firewalls IPs.
Designs reviews • Review the architecture from the security perspective.
• Network Infrastructure Review.
• Secure Data Transmission checks.
Virtual Infrastructure • In depth assessment of the virtual environments.
assessment • Review the administrative interfaces available.
• Review the environment for latest software patches updates.
• Review the implemented security policies and configuration in place.
VPN Configurations • Review the VPN configurations and set up.
Reviews • Review running services and open ports.
• Review the authentication management for any vulnerabilities.
• Secure Data Transmission checks.
Voice over IP assessment • Review the services running.
• Review the authentication process.
• Review the protocols and standards in use.
• Review and note threats that may cause unavailability, confidentiality and integrity of calls.
• Check for vulnerabilities that can lead to DoS, End point Admin Privileges exploits, signalling attacks
and IP PBX and server exploits.
Incidence Response • Test capability of internal intrusion detection to identify attack vectors.
Capability – • Test overall mean time between attack detection and response.
ONLY RED TEAM • Test the actual capacity to respond to an actual attack.
Security policies • Review Cyber security readiness compliance to applicable security policies and security manage-
ment guidelines.
Reporting • Provide an overview of assessment methodology, vulnerabilities and threat findings.
• Provide recommendation and corrective action on all identified data.

CYBER
LAB