Vapt Scoping It

Uploaded by

staradeel

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

287 views1 page

Vapt Scoping It

Uploaded by

staradeel

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 1

IT Vulnerability Assessment and Penetration Testing Scoping Questionnaire

# Category / Question Response

General
1 Estimated Engagement Start Date: 01st Dec 2023
Frequency of testing (One Time/ Every Quarter as
2 02 / Year
per IS Audit / Nepra requirement)

0 Locations (offices, main and remote/ Nos. of sites) Plant and Head Office

Dealings with third parties Required? For example:

> Cloud Services
4 > ISP
> Web Hosting
> Countries where servers are hosted
A2Z for WebHosting
Which type of penetration testing would be
5 required in External? (Black-Box / Grey-Box / White- White-Box
Box)
Which type of penetration testing would be
6 White-Box
required in Internal? (Grey-Box, White-Box)
Role-Based Testing will be required? (Do we have to
7 bypass end-user domain and antivirus policies)? YES No
/ NO
No. of Roles Roles Description / Names
1. Network/ System Vulnerability Assessment.
8 How many roles are required for testing?
3 2. Identify system vulnerabilities. 3. Endpoints /
Assets /network devices and Device Hardening
Assessments.
Mobile App Pentest Required? Mobile App Platform(s) Quantity
Mobile application is available? Do you want to
9
include it in the PT scope as well? Yes Android & IOS 1

Network Security Configuration Required for

10 Yes
devices like firewall, router, switch?

11 End-Points Assessment Required? Yes

Would you require a re-test after issues have been

12 Yes
reported and remediated? YES / NO

Infrastructure Quantity Details

# Description / Details Quantity / Client Response

1 No. of External Penetration Testing Ips / Hosts 2

2 No. of Internal Penetration Testing Ips / Hosts 200

No. of Applications for Web Penetration Testing

3 5
(this can include any web based app or a website)

No. of Applications for White-Box / Credential Based

4 N/A
Testing (if required)
No. of Network Devices for Security Configuration
5 8
Review (if required)
6 No. of End-Points for Assessment (if required) 75
7 No. APIs N/A

Thrive Pitch Deck With MSSP PDF
No ratings yet
Thrive Pitch Deck With MSSP PDF
11 pages
Secure Software Architecture Guide
No ratings yet
Secure Software Architecture Guide
124 pages
Project Proposal Template
No ratings yet
Project Proposal Template
4 pages
Chap-9.8 To 9.10 Push - Pull - Architecture
No ratings yet
Chap-9.8 To 9.10 Push - Pull - Architecture
9 pages
Pen Test Questionnaire - Summit Consulting LTD
No ratings yet
Pen Test Questionnaire - Summit Consulting LTD
4 pages
Cyber Security Training Cum Certification Program
No ratings yet
Cyber Security Training Cum Certification Program
6 pages
Application Security & Code Review Guide
No ratings yet
Application Security & Code Review Guide
7 pages
Data Center Checklist: Company Profile Compliance Available
No ratings yet
Data Center Checklist: Company Profile Compliance Available
2 pages
Cyber Audit Self Assessment Audit Form
No ratings yet
Cyber Audit Self Assessment Audit Form
12 pages
Phishing Awareness
No ratings yet
Phishing Awareness
15 pages
Digital Marketing Quiz for Learners
100% (3)
Digital Marketing Quiz for Learners
4 pages
Sebi3 PDF
No ratings yet
Sebi3 PDF
5 pages
Pitch Deck - FortiMail and FortiMail Cloud
No ratings yet
Pitch Deck - FortiMail and FortiMail Cloud
76 pages
Frcs Pentest Checklist 12-07-2016
No ratings yet
Frcs Pentest Checklist 12-07-2016
42 pages
Foreman Implementing A Security Operations Center PDF
No ratings yet
Foreman Implementing A Security Operations Center PDF
4 pages
Demystifying Cyber Threat Intelligence - Debraj Dey Null - OWASP Kolkata
No ratings yet
Demystifying Cyber Threat Intelligence - Debraj Dey Null - OWASP Kolkata
18 pages
Differentiating Between Access Control Terms
No ratings yet
Differentiating Between Access Control Terms
12 pages
Ai Channel List
No ratings yet
Ai Channel List
7 pages
QRadar VFlow Brochure
No ratings yet
QRadar VFlow Brochure
2 pages
FortiSOAR Administrator PDF
No ratings yet
FortiSOAR Administrator PDF
2 pages
A Physical Security Guide To Nerc Cip Compliance
No ratings yet
A Physical Security Guide To Nerc Cip Compliance
25 pages
In Ra CSCRF For Sebi Regulated Entities Deloitte India 20.09 Noexp
No ratings yet
In Ra CSCRF For Sebi Regulated Entities Deloitte India 20.09 Noexp
9 pages
CDL - VAPT - Req Assessment Form-Website
100% (1)
CDL - VAPT - Req Assessment Form-Website
2 pages
CMMT-AS Manual 2023-11l 8204518g1-3
No ratings yet
CMMT-AS Manual 2023-11l 8204518g1-3
1 page
Odoo CRM Tcs
No ratings yet
Odoo CRM Tcs
6 pages
Linux Security Checklist
No ratings yet
Linux Security Checklist
5 pages
Mobile Banking Security Guide
100% (1)
Mobile Banking Security Guide
3 pages
Passing Unix Linux Audit With Power Broker
100% (2)
Passing Unix Linux Audit With Power Broker
11 pages
Web Application VAPT
No ratings yet
Web Application VAPT
31 pages
Information Security
No ratings yet
Information Security
138 pages
SEBI Cybersecurity Framework Guide
No ratings yet
SEBI Cybersecurity Framework Guide
19 pages
Perfrom A Wireless Audit
0% (1)
Perfrom A Wireless Audit
3 pages
Pen Testing Rules & Scope Guide
No ratings yet
Pen Testing Rules & Scope Guide
42 pages
Video Creation and Editing
No ratings yet
Video Creation and Editing
8 pages
ICS SICS Framework Infographic
100% (1)
ICS SICS Framework Infographic
1 page
Computer Science Grad's Resume
No ratings yet
Computer Science Grad's Resume
2 pages
NCA SlideDeck
No ratings yet
NCA SlideDeck
160 pages
GIAC Security Essentials
No ratings yet
GIAC Security Essentials
8 pages
OAF Items and Regions Theory
0% (1)
OAF Items and Regions Theory
23 pages
Ttkransomwareprotection 202309141694655795096
No ratings yet
Ttkransomwareprotection 202309141694655795096
62 pages
Cyber Security Workshop Lab File Complete
No ratings yet
Cyber Security Workshop Lab File Complete
43 pages
Securing Web Portals
No ratings yet
Securing Web Portals
12 pages
Automated Mobile Application Security Assessment With MobSF by Ajin Abraham
No ratings yet
Automated Mobile Application Security Assessment With MobSF by Ajin Abraham
38 pages
SOP for Investigating IP Alerts
No ratings yet
SOP for Investigating IP Alerts
4 pages
RSL SecureCodeReview Example Report
No ratings yet
RSL SecureCodeReview Example Report
28 pages
Chapter 17
No ratings yet
Chapter 17
20 pages
Software Security Maturity Guide
No ratings yet
Software Security Maturity Guide
32 pages
EFT Pro User Guide
No ratings yet
EFT Pro User Guide
46 pages
VMW Datasheet Vsphere Product Line Comparison
No ratings yet
VMW Datasheet Vsphere Product Line Comparison
11 pages
Guardsquare 2
No ratings yet
Guardsquare 2
10 pages
Risk Management for IT Security
No ratings yet
Risk Management for IT Security
31 pages
Android Lab Manual
No ratings yet
Android Lab Manual
39 pages
Disaster Recovery Guide
No ratings yet
Disaster Recovery Guide
15 pages
IBM Resilient SOAR Platform: Virtual Appliance Installation Guide V36
No ratings yet
IBM Resilient SOAR Platform: Virtual Appliance Installation Guide V36
58 pages
Dhillon - Gurpreet Singh
No ratings yet
Dhillon - Gurpreet Singh
12 pages
RHCC ProductSheet
No ratings yet
RHCC ProductSheet
2 pages
IT Audit Best Practices Guide
No ratings yet
IT Audit Best Practices Guide
7 pages
Industrial
100% (1)
Industrial
18 pages
Real-Time Systems: Frank Drews
No ratings yet
Real-Time Systems: Frank Drews
30 pages
Cybersecurity System Hardening Guide
No ratings yet
Cybersecurity System Hardening Guide
2 pages
OWASP MAS Checklist
No ratings yet
OWASP MAS Checklist
40 pages
NABARD CSF 06 Feb 2020
No ratings yet
NABARD CSF 06 Feb 2020
19 pages
Control Control Requirements: Statement of Applicability
No ratings yet
Control Control Requirements: Statement of Applicability
3 pages
7 Digital Marketing Strategies & How To Launch Yours in 2019
No ratings yet
7 Digital Marketing Strategies & How To Launch Yours in 2019
24 pages
Fisma Assignement (Template)
No ratings yet
Fisma Assignement (Template)
3 pages
AMOS Learning Center Guide
No ratings yet
AMOS Learning Center Guide
10 pages
Health-IsAC Risk-Based Approach To Vulnerability Prioritization (En)
No ratings yet
Health-IsAC Risk-Based Approach To Vulnerability Prioritization (En)
8 pages
E-Brochure Schneider Electric's Cybersecurity Services
No ratings yet
E-Brochure Schneider Electric's Cybersecurity Services
8 pages
AZ 140T00A ENU Powerpoint 02
No ratings yet
AZ 140T00A ENU Powerpoint 02
20 pages
DE1 SoC MTL2 User Manual
No ratings yet
DE1 SoC MTL2 User Manual
28 pages
Access Management & AAA Requirements
No ratings yet
Access Management & AAA Requirements
3 pages
SE571 Air Craft Solutions - Phase 1
No ratings yet
SE571 Air Craft Solutions - Phase 1
7 pages
Sebastián Ramirez: About Me
No ratings yet
Sebastián Ramirez: About Me
1 page
Skywatcher Firmware Update Guide
No ratings yet
Skywatcher Firmware Update Guide
1 page
Attachment "C" CIP Data List For Sampling: RFC Action Required
No ratings yet
Attachment "C" CIP Data List For Sampling: RFC Action Required
49 pages
Sample Network Audit Contract
No ratings yet
Sample Network Audit Contract
12 pages
Owners and Authorizations For BRTools
No ratings yet
Owners and Authorizations For BRTools
2 pages
Excel: Filter by Multiple Colors
No ratings yet
Excel: Filter by Multiple Colors
3 pages
ISO27k1 SMSI Declaration Applicabilite 2022
No ratings yet
ISO27k1 SMSI Declaration Applicabilite 2022
5 pages
Java Crash Log for Redmi App
No ratings yet
Java Crash Log for Redmi App
31 pages
Web Programming Assignment Guide
No ratings yet
Web Programming Assignment Guide
4 pages
Unreal Engine Components List
No ratings yet
Unreal Engine Components List
669 pages
Android Interview Prep Guide
No ratings yet
Android Interview Prep Guide
5 pages
Lab Proj.13 Netwitness
No ratings yet
Lab Proj.13 Netwitness
10 pages
Camagru 42 Subjects PDF
No ratings yet
Camagru 42 Subjects PDF
12 pages
How To Run Outbreak Online - Ali'S Very Easy No Bullshit-Ridden Tutorial
No ratings yet
How To Run Outbreak Online - Ali'S Very Easy No Bullshit-Ridden Tutorial
7 pages
AntiXSS v4.2
No ratings yet
AntiXSS v4.2
7 pages
KofaxVRSInstallationGuide en
No ratings yet
KofaxVRSInstallationGuide en
13 pages
Digital Marketing Portfolio Design F
No ratings yet
Digital Marketing Portfolio Design F
19 pages
Philips Sru5106 27 Dfu Aen Learning Remote
No ratings yet
Philips Sru5106 27 Dfu Aen Learning Remote
40 pages

Vapt Scoping It

Uploaded by

Vapt Scoping It

Uploaded by

IT Vulnerability Assessment and Penetration Testing Scoping Questionnaire

# Category / Question Response

Dealings with third parties Required? For example:

Network Security Configuration Required for

11 End-Points Assessment Required? Yes

Would you require a re-test after issues have been

Infrastructure Quantity Details

1 No. of External Penetration Testing Ips / Hosts 2

2 No. of Internal Penetration Testing Ips / Hosts 200

No. of Applications for Web Penetration Testing

No. of Applications for White-Box / Credential Based

You might also like