Penetration testing proposal using specific pen-testing tools and

Write a 3-5 page penetration testing proposal using specific Pen-testing tools and based on a DoS scenario. Guidelines and rubric for paper will be provided.


Project Deliverable 

·   Use the Case Study presented in this document, to complete an executive proposal.

·   Provide a 3 – 5 page proposal summarizing the purpose and benefit of the chosen security software to the executive management team.

·   You will evaluate and test security testing software for the purposes of testing corporate network security. The purpose of the software is to measure the security posture of the organization by identifying vulnerabilities and help prevent future attacks and deter any real-time unknown threats.

·   The proposal should effectively describe the software in a manner that will allow the executive team members to understand the purpose and benefits of the software to approve purchase.


·   Evaluate and select a security tool for recommendation from the provided list of tools.

·   The proposal document must be 3 to 5 pages long, conforming to APA standards.

·   The paper must include at least 3 authoritative, outside references (anonymous authors or web pages are not acceptable). These should be listed on the last page entitled “References.”

The proposal should include:

·         Detailed description of the software and benefits.

·         Include reviews, case studies and customer recommendations

·         Include your own hands-on experience with the tool and test results

·         Cost of the product. Include additional costs such as training or hardware software that might be needed in order to properly deploy manage and maintain the software.

How will the software impact the production environment? For example, the software may test for Denial of Service attacks. You need to explain any interruptions the test may have on business operations. You need to justify the need for such a test. Also explain how to you plan to minimize or prevent possible production outages.

Suggested Approach

·         Determine whether the tool would be beneficial in testing the security of a corporate network.

·         You may use the vendor’s website to collect necessary information about the tool to be able to explain its purpose and benefit better.

·         Include 3rd party endorsements and case studies about the tool.


Project Description

The purpose of project is to write an executive proposal for a fictitious company called Advanced Research Corporation. The goal of the proposal is to persuade the executive management team to approve the purchase of a security testing software that can benefit the company’s corporate network security by testing and identifying vulnerabilities before they are exploited by hackers. The proposal must include a detailed description of the software, its purpose and benefits.

Company Description


Advanced Research Corporation

Advanced Research is a startup medical research and development company. After five years of extraordinary success in the development of innovative medical and pharmaceutical products, Advanced Research is on its way to becoming a major player in the medical research and development industry. However, due to its success, Advanced Research has also become a major target of cybercriminals. Advanced Research has been the victim of cybercriminal attempts to steal intellectual property and sell it to Advanced Research’s competitors. It is suspected that the corporate network has been infiltrated from unauthorized sources more than once. In 2011, Advanced Research was falsely accused of unethical research and development practices. The false allegations resulted in the defacement of Advanced Research’s public website and several Denial of Service attacks at different times over a 9 month period that brought the corporate network to its knees. These attacks had a major impact on Advanced Research’s ability to conduct business and resulted in undesirable publicity for the company.

Regardless of its security problems, Advanced Research has continued to grow as a company. Its research and development departments have grown over the years, due to the expansion of the company, in proportion to the increase in its business making up over 40% of the human resources. Advanced Research’s innovative research and development information is paramount to its continued success as a company. Although, no known attacks have occurred in last 18 months, the security of its network and intellectual property is still a major concern for the company. Because Advanced Research is a still fairly young company, management has been hesitant to budget for expensive security projects. However, this point of view is beginning to change. Particularly, because one of Advanced Research’s competitors, a major player in the medical research and development industry for over 40 years, experienced a loss of hundreds of millions of dollars in research data that was stolen from its corporate network by cyber thieves.


Background and your role

You are the IT Manager hired in 2012 to manage the physical and operational security of Advanced Research’s corporate information system. You understand information security issues better than anyone else in the company. You also know that the network is vulnerable to outside threats because it has experienced attacks in the past and because you haven’t had the resources to properly test the corporate information system to identify the vulnerabilities that might exist and take action prevent possible attacks. You have a responsibility to bring these concerns to the attention of the executive team and ask for approval to purchase the necessary testing software.

Your education and training have introduced you to variety of security tools for testing computer and network security. The majority of these tools you either only read about or have practiced using in lab environment. You have decided to research some of these tools and test them out in your own lab environment and choose one for recommendation to executive team.

You will need to present information that proves the chosen tool will be beneficial to the security of corporate information system. To accomplish this you will need to research the product, if possible, test the product in a virtual lab environment. If the tool is part of your iLab exercise, it is recommended that you practice using and testing the tool beyond the scope of the lab exercise. Based on your research and analysis, you will include this information in your proposal in way that the executive staff can understand and allowing them to make an informed decision to approve purchase of the product.


The executive management team of Advanced Research:


The software should test for one or more of the following types of attacks:

  • Denial of Service (DoS)
  • Cross Site Scripting (XSS)
  • Authentication Bypass
  • Directory Traversal
  • Session Management
  • SQL injection
  • Database Attacks
  • Password Attacks
  • Firewall/Router Attacks
  • Operating System Attacks


Choose one or more tools to use in this scenario from the list of available security tools:

  • N-Stalker Tool
  • hping3 (used in DoS attacks)
  • LCP
  • NTFS Streams
  • ADS Spy
  • Stealth Files
  • PWdump7
  • Snow Steganography
  • Spytech SpyAgent
  • Power Spy 2013
  • QuickStego
  • RainbowCrack
  • Ophcrack
  • LOphtCrack
  • Snort
  • KFSensor Honeypot IDS
  • Aircrack-ng for Windows
  • OmniPeek Network Analyzer
  • httprecon Tool
  • CurrPorts Tool
  • Advanced IP Scanner
  • ID Serve
  • Nmap
  • NetScan Tools Pro
  • LANSurveyor
  • Friendly Pinger
  • Global Network Inventory
  • Nessus Tool
  • Proxy Workbench
  • MegaPing
  • Colasoft Packet Builder
  • The Dude


Corporate Office Network Topology

The Advanced Research main research and development facility is located in Reston Virginia. You have concerns about the sensitive information that is stored at this location as well as data that transmitted over the WAN to Advanced Research’s New York City headquarters location, business partners and clients. The Reston facility is also where the Advanced Research data center is located. The data center is where Advanced Research’s public website, email, databases and corporate intranet are hosted. The environment contains a mix of Microsoft and *NIX technologies.

·         45 Windows 2008 Servers

·         13 Windows 2003 Servers

·         15 UNIX Servers

·         2200 Windows XP and 7 Desktops

·         Web Servers: Apache and IIS

·         Services: FTP, SMTP, DNS, DHCP, VPN

·         Database: SQL, Oracle and MySQL

·         Network: Cisco Routers and Firewalls



Grading Rubrics

Final Deliverable






Documentation and Formatting



 Appropriate APA citations/referenced sources and formats of characters/content.

Software Research



Accurate Completion of Software Research

Software Analysis



Accurate Completion of Software Analysis

Executive Proposal



 Provide proposal for purchase




 A quality paper will meet or exceed all of the above requirements.







Documentation and formatting

7-10 points

At least 3 Appropriate APA citations/referenced sources and formats of characters/ content.


3-6 points

Included 3 references but incorrect formatting or referencing/ citation

0-2 points

Does not include at least 3 references

Software Research

15-20 points

Effectively describes the purpose of the software that will allow the Senior Management to understand the organizational need and make the appropriate decisions to purchase.

Research is supported with documentation and evidence. 


8-14 points

Describes the software to Senior Management but not enough to understand an organizational need and make the appropriate decisions to enforce. And/or is not sufficiently supported with documentation and evidence.  And/or the description is somewhat unclear.

0-7 points

Describes the software in a manner that is unclear to the Senior Management. The research Is not sufficiently supported with documentation and evidence.  Senior management would not have enough detail to make appropriate decisions.

Software Analysis

15-20 points

Effectively provides analysis results that demonstrate the effectiveness of the software to meet to meet the organizations objectives

8-14 points

Provides analysis results that demonstrate the purpose of the software but does not demonstrate effectiveness to meet the organization’s objectives.

0-7 points

Provides analysis results that fail to demonstrate the purpose of the software and does not demonstrate effectiveness to meet the organization’s objectives.

Executive Proposal

36-50 points

Effectively explains the benefit of the software. Cost of the software and any costs. Includes all key points of the analysis and allows the senior management to understand the organizational need enough to make an appropriate choice.



18-35 points

Describes software in a manner that allows the Senior Management to understand the purpose of the software but not enough to make a decision to purchase. Key information is left out or not made clear.

0-17 points

Describes the software in a manner that is unclear and/or insufficient. Proposal is difficult to follow or does not include key information and details.



Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
The price is based on these factors:
Academic level
Number of pages
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more