CyberSecC@ptBlackb3ard
  • 🦜Welcome
  • Cyber Security
    • Offensive Security
      • Penetration Testing Methodology
      • Pre-Engagement Interaction
      • Reconnaissance (Information Gathering)
        • Open-Source Intelligence (OSINT)
      • Scanning and Enumeration
        • Domain Enumeration
        • Network Enumeration
          • Network Mapper (nmap)
          • Port/Protocol & Service Enumeration & Attack
            • File Transfer Protocol (FTP): 20, 21
              • Trivial File Transfer Protocol (TFTP): 69
              • FTP over SSL/TLS (FTPS): 989, 990
            • Secure Shell (SSH): 22
            • Telnet: 23
            • Simple Mail Transfer Protocol (SMTP): 25
              • SMTP Secure (SMTPS): 587
            • Domain Name System (DNS):53
            • Dynamic Host Configuration Protocol (DHCP): 67, 68
            • Hyper Text Transfer Protocol (HTTP): 80
              • HTTP over SSL/TLS (HTTPS): 443
            • Kerberos: 88
            • Post Office Protocol version 3 (POP3): 110
            • Network Time Protocol (NTP): 123
            • Remote Procedure Call (RPC): 135
            • NetBIOS: 137, 138, 139
            • Internet Message Access Protocol (IMAP): 143
            • IMAP over SSL/TLS: 933
            • Internet Relay Chat (IRC): 194
            • Light Weight Directory Access Protocol (LDAP): 389
              • LDAP over SSL/TLS (LDAPS): 636
            • Server Message Block (SMB): 445
              • Hostname
              • Shared Folders
            • Network File System (NFS): 2049
            • Microsoft SQL Server: 1433
            • MySQL Server: 3306
            • PostgreSQL Server: 5432
            • Remote Desktop Protocol (RDP): 3389
            • Border Gateway Protocol (BGP): 179
            • Remote Authentication Dial-In User Service (RADIUS): 1812, 1813
        • Web Enumeration
      • Security Assessment Report Writing
      • Tools
        • Cryptography & Encoding
          • Password Recovery
        • Network Tools
  • Networking
    • OSI and TCP/IP Model
      • Common Network Ports & Protocols
  • Cloud
    • Cloud Computing
  • General
    • Cyber Security Theory
      • Information Security
      • Cybersecurity Resilience
      • Cybersecurity Posture
    • Terms and Acronyms
    • Database Cheat Sheets
Powered by GitBook
On this page
  • Initial Engagement/Sales
  • Pre-Assessment
  • Post-Assessment
  1. Cyber Security
  2. Offensive Security

Pre-Engagement Interaction

PreviousPenetration Testing MethodologyNextReconnaissance (Information Gathering)

Last updated 5 months ago

The security assessment process can be broken down into three high-level stages - Initial Engagement/Sales, Pre-Assessment, and Post-Assessment. Each stage includes a set of documents that must be defined and agreed upon by the client and service provider (security professional).

Initial Engagement/Sales

The three key documents the client and security professional must sign are a Master Service Agreement, a Statement of Work, and a Mutual Non-Disclosure Agreement.

Consider providing the client with sample reports, recommendation letters, certifications, etc.

Mutual Non-Disclosure Agreement (NDA)

  • Shortly after reviewing the high-level requirements of the assessment (initial meeting), both parties should sign this document.

  • A legally binding contract establishes a confidential relationship between the client and the security professional.

  • AIM: protect any sensitive ideas or information shared by either party during the rest of the discussion and assessment.

  • After signing this document, the rest of the initial engagement discussions will generate the two remaining documents.

Master Service Agreement

  • A contractual document that specifies the performance objectives and outlines the responsibilities of both parties.

  • Sample:

Statement of Work (SOW)

  • A contract that specifies activities, deliverables (ROE, Findings, Report, etc.), timelines, and cost of the project.

  • The contract will include details of the security assessment, such as type, stakeholders, etc.

Pre-Assessment

A Rule of Engagement meeting must be conducted before the security assessment begins to define the corresponding document.

Rules of Engagement (ROE)

It is essential that the ROE is defined and agreed upon and should clearly outline and document the Engagement Scope.

The client will identify the systems, networks, and assets that will be assessed during the engagement and those that will not. These will include but are not limited to:

  • IP Addresses/Ranges (CIDR notation),

  • Domains and Sub-Domains,

  • Virtual Hosts,

  • Cloud Systems and Assets,

  • API endpoints, etc

Ensure the assets, systems, or networks that should be assessed are clearly documented and communicated to the security assessment team.

The types of simulated attacks permitted and not permitted should also be clearly defined and documented. Examples of attacks not permitted may include social engineering and denial of service attacks.

Post-Assessment

During the security assessment, it is vital to document and track all exploited and non-exploited vulnerabilities and the attack vector (path) followed to gain access to the system.

This information will be compiled and presented to the client in the .

Rapid 7 Master Service Agreement
Assessment Report