Alexander Rocco Corporation: A Case Study

487 Words1 Page

Commencing penetration tests within the infrastructure of Alexander Rocco Corporation may be a strenuous, yet beneficial process. However, before commencing penetration tests, much planning, strategizing, and research is necessary in order to ensure successful, seamless, and legal operations. Based on information provided by the SANS Institute, an initial meeting should be coordinated between those responsible for conducting the tests, along with the appropriate leadership personnel of the company (source). Within the meeting, the scope of the project should be established, classifying company data appropriately, and determining which components of the company’s infrastructure require penetration testing, which may include Alexander Rocco Corporation’s …show more content…

Nonetheless, establishing timing standards for the project, pertaining to an estimated date of completion, along with a schedule for conducting tests, is critical, according to information provided by the SANS Institute (source). For example, projects that exceed the estimated date of completion may become costly, and running tests during peak and/or critical hours may result in several technological inefficiencies for Alexander Rocco Corporation. Likewise, establishing future meetings or other form of communications for updates throughout the course of the project is also …show more content…

Based on information provided by the SANS Institute, obtaining as much information as possible, regarding the company’s network infrastructure, network topology, and even previously discovered vulnerabilities is important, in order to better-plan for executing various penetration tests (source). Also, with Alexander Rocco Corporation based in Hawaii, a legal analysis should be conducted, accounting for the following state laws regarding penetration testing and/or cybercrimes: • HB1778 - • HB2295 - • Computer Fraud (First or Second Degree) - • Computer Damage (First or Second Degree) - With Alexander Rocco Corporation based in the United States, another legal analysis should be conducted, accounting for the following federal laws regarding penetration testing and/or cybercrimes: • 18 USC 1029 - • 18 USC 1030 - • 18 USC 2510 (et seq) - • 18 USC 2701 (et seq) - • Cyber Security Enhancement Act of 2002

Open Document