The Vulnerability Assessment and Penetration Testing of Two Networks

Author

Steven L. Simpson, Regis University

First Advisor

Likarish, Daniel M.

Second Advisor

Mason, Robert T.

Third Advisor

Birkenheuer, Nancy

College

College for Professional Studies

Degree Name

MS Systems Engineering

School

School of Computer & Information Science

Document Type

Thesis - Open Access

Number of Pages

133 pages

Abstract

Vulnerability assessments and penetration testing are two approaches available for use by internet security practitioners to determine the security posture of information networks. By assessing network vulnerabilities and attempting to exploit found vulnerabilities through penetration testing security professionals are able to evaluate the effectiveness of their network defenses by identifying defense weaknesses, affirming the defense mechanisms in place, or some combination of the two. This project is a discussion of the methods and tools used during the vulnerability assessment and penetration testing, and the respective test results of two varied and unique networks. The assessment and testing of the first network occurred from an internal perspective, while the assessment and testing of the second occurred from an external perspective. While the tools and methodologies used across both networks were consistent, the test results differed significantly. The paper concludes with a series of recommendations regarding practical methods and tools that may prove useful to anyone interested in network security, and vulnerability assessments and penetration testing in particular.

Date of Award

Fall 2011

Location (Creation)

Colorado (state); Denver (county); Denver (inhabited place)

Copyright

© Steven Simpson

Rights Statement

All content in this Collection is owned by and subject to the exclusive control of Regis University and the authors of the materials. It is available only for research purposes and may not be used in violation of copyright laws or for unlawful purposes. The materials may not be downloaded in whole or in part without permission of the copyright holder or as otherwise authorized in the “fair use” standards of the U.S. copyright laws and regulations.

Recommended Citation

Simpson, Steven L., "The Vulnerability Assessment and Penetration Testing of Two Networks" (2011). Regis University Student Publications (comprehensive collection). 633.
https://epublications.regis.edu/theses/633