security

Sample – Internet Footprint Intelligence Review

November 7, 2009

Purpose

Scouting and scavenged information from a Network and Internet presence that can be analyzed as business intelligence.

Objective
Size and scope of the Internet presence

Task

  1. A measurement of the security policy to future network plans
  2. Tasks to perform for a thorough Competitive Intelligence Scouting
  3. Map and measure the directory structure of the web servers
  4. Map the measure the directory structure of the FTP servers
  5. Examine the WHOIS database for business services relating to registered host names
  6. Determine the IT cost of the Internet infrastructure based on OS, Applications, and Hardware.
  7. Determine the cost of support infrastructure based on regional salary requirements for.
  8. IT professionals, job postings, number of personnel, published resumes, and responsibilities
  9. Measure the buzz (feedback) of the organization based on newsgroups, web boards, and industry feedback sites
  10. Record the number of products being sold electronically (for download)
  11. Record the number of products found in P2P sources, wares sites, available cracks

Purpose

Privacy Review

Objective

The privacy review is the focal point of the legal and ethical storage, transmission, and control of data based on employee and customer privacy.

The use of this data is a concern to many private persons and legislation is unveiling specific rules regarding privacy.

Although some of these laws are local, all of them apply to the Internet and therefore affect security testers internationally.

Expected Results

List any disclosures

List compliance failures between public policy and actual practice

Outcomes

  1. List systems involved in data gathering.
  2. Compare publicly accessible policy to actual practice
  3. List data gathering techniques.
  4. Compare actual practice to regional fraud and privacy laws or compliancy
  5. List data gathered.
  6. Identify database type and size for storing data
  7. Tasks to perform for a thorough Privacy Policy review.
  8. Identify data collected by the organization
  9. Compare publicly accessible policy to actual practice.
  10. Identify storage location of data
  11. Compare actual practice to regional fraud and privacy laws or compliancy.
  12. Identify cookie types
  13. Identify database type and size for storing data.
  14. Identify cookie expiration times
  15. Identify data collected by the organization.
  16. Identify information stored in cookie
  17. Identify storage location of data.
  18. Verify cookie encryption methods
  19. Identify cookie types.
  20. Identify server location of web bug(s)
    Identify cookie expiration times.
  21. Identify web bug data gathered and returned to server
  22. Identify information stored in cookie
  23. Verify cookie encryption methods
  24. Identify server location of web bug(s)
  25. Identify web bug data gathered and returned to server

www.bestitdocuments.com