Vapt Scoping It

Uploaded by

staradeel

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

287 views1 page

Vapt Scoping It

Uploaded by

staradeel

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 1

IT Vulnerability Assessment and Penetration Testing Scoping Questionnaire

# Category / Question Response

General
1 Estimated Engagement Start Date: 01st Dec 2023
Frequency of testing (One Time/ Every Quarter as
2 02 / Year
per IS Audit / Nepra requirement)

0 Locations (offices, main and remote/ Nos. of sites) Plant and Head Office

Dealings with third parties Required? For example:

> Cloud Services
4 > ISP
> Web Hosting
> Countries where servers are hosted
A2Z for WebHosting
Which type of penetration testing would be
5 required in External? (Black-Box / Grey-Box / White- White-Box
Box)
Which type of penetration testing would be
6 White-Box
required in Internal? (Grey-Box, White-Box)
Role-Based Testing will be required? (Do we have to
7 bypass end-user domain and antivirus policies)? YES No
/ NO
No. of Roles Roles Description / Names
1. Network/ System Vulnerability Assessment.
8 How many roles are required for testing?
3 2. Identify system vulnerabilities. 3. Endpoints /
Assets /network devices and Device Hardening
Assessments.
Mobile App Pentest Required? Mobile App Platform(s) Quantity
Mobile application is available? Do you want to
9
include it in the PT scope as well? Yes Android & IOS 1

Network Security Configuration Required for

10 Yes
devices like firewall, router, switch?

11 End-Points Assessment Required? Yes

Would you require a re-test after issues have been

12 Yes
reported and remediated? YES / NO

Infrastructure Quantity Details

# Description / Details Quantity / Client Response

1 No. of External Penetration Testing Ips / Hosts 2

2 No. of Internal Penetration Testing Ips / Hosts 200

No. of Applications for Web Penetration Testing

3 5
(this can include any web based app or a website)

No. of Applications for White-Box / Credential Based

4 N/A
Testing (if required)
No. of Network Devices for Security Configuration
5 8
Review (if required)
6 No. of End-Points for Assessment (if required) 75
7 No. APIs N/A

1xbit Database Vulnerability
No ratings yet
1xbit Database Vulnerability
5 pages
Browse Thomason Tracts - EEBO
No ratings yet
Browse Thomason Tracts - EEBO
2 pages
Domain and Web Hosting
100% (3)
Domain and Web Hosting
20 pages
The Connection Between Media and Globalization
100% (1)
The Connection Between Media and Globalization
9 pages
Internet Banking Satisfaction Study
100% (3)
Internet Banking Satisfaction Study
60 pages
Phishing Awareness
No ratings yet
Phishing Awareness
15 pages
In Ra CSCRF For Sebi Regulated Entities Deloitte India 20.09 Noexp
No ratings yet
In Ra CSCRF For Sebi Regulated Entities Deloitte India 20.09 Noexp
9 pages
Lesson 7 Onlineplatformsforictcontentdevelopment
No ratings yet
Lesson 7 Onlineplatformsforictcontentdevelopment
35 pages
10.1.4.8 Lab - Configure ASA 5506-X Basic Settings and Firewall Using ASDM - Instructor
No ratings yet
10.1.4.8 Lab - Configure ASA 5506-X Basic Settings and Firewall Using ASDM - Instructor
26 pages
Application Security & Code Review Guide
No ratings yet
Application Security & Code Review Guide
7 pages
Fisma Assignement (Template)
No ratings yet
Fisma Assignement (Template)
3 pages
Differentiating Between Access Control Terms
No ratings yet
Differentiating Between Access Control Terms
12 pages
SOP for Investigating IP Alerts
No ratings yet
SOP for Investigating IP Alerts
4 pages
PUC II CS Previous Year QPs
No ratings yet
PUC II CS Previous Year QPs
178 pages
Pen Test Questionnaire - Summit Consulting LTD
No ratings yet
Pen Test Questionnaire - Summit Consulting LTD
4 pages
The Internet and Its Uses
No ratings yet
The Internet and Its Uses
23 pages
Demystifying Cyber Threat Intelligence - Debraj Dey Null - OWASP Kolkata
No ratings yet
Demystifying Cyber Threat Intelligence - Debraj Dey Null - OWASP Kolkata
18 pages
A Physical Security Guide To Nerc Cip Compliance
No ratings yet
A Physical Security Guide To Nerc Cip Compliance
25 pages
SSH Command - Usage, Options, Configuration
No ratings yet
SSH Command - Usage, Options, Configuration
5 pages
Sebi3 PDF
No ratings yet
Sebi3 PDF
5 pages
FortiSOAR Administrator PDF
No ratings yet
FortiSOAR Administrator PDF
2 pages
Secure Software Architecture Guide
No ratings yet
Secure Software Architecture Guide
124 pages
Women & Social Media Trends
No ratings yet
Women & Social Media Trends
33 pages
Tutorial Letter 101/3/2020: Commercial Law 1A
No ratings yet
Tutorial Letter 101/3/2020: Commercial Law 1A
25 pages
Pitch Deck - FortiMail and FortiMail Cloud
No ratings yet
Pitch Deck - FortiMail and FortiMail Cloud
76 pages
SD Wan Admin
No ratings yet
SD Wan Admin
220 pages
Frcs Pentest Checklist 12-07-2016
No ratings yet
Frcs Pentest Checklist 12-07-2016
42 pages
Thrive Pitch Deck With MSSP PDF
No ratings yet
Thrive Pitch Deck With MSSP PDF
11 pages
ISO27k1 SMSI Declaration Applicabilite 2022
No ratings yet
ISO27k1 SMSI Declaration Applicabilite 2022
5 pages
Mobile Banking Security Guide
100% (1)
Mobile Banking Security Guide
3 pages
Project Proposal Template
No ratings yet
Project Proposal Template
4 pages
CDL - VAPT - Req Assessment Form-Website
100% (1)
CDL - VAPT - Req Assessment Form-Website
2 pages
CCNA Training in Chennai
No ratings yet
CCNA Training in Chennai
4 pages
HNS Best Quiz-1
No ratings yet
HNS Best Quiz-1
3 pages
SEBI Cybersecurity Framework Guide
No ratings yet
SEBI Cybersecurity Framework Guide
19 pages
Foreman Implementing A Security Operations Center PDF
No ratings yet
Foreman Implementing A Security Operations Center PDF
4 pages
GIAC Security Essentials
No ratings yet
GIAC Security Essentials
8 pages
Information Security
No ratings yet
Information Security
138 pages
Cyber Security Training Cum Certification Program
No ratings yet
Cyber Security Training Cum Certification Program
6 pages
11.3.1.2 Lab - CCNA Security ASA 5506-X Comprehensive
No ratings yet
11.3.1.2 Lab - CCNA Security ASA 5506-X Comprehensive
19 pages
Firewall Configuration Guide
No ratings yet
Firewall Configuration Guide
3 pages
Web Application VAPT
No ratings yet
Web Application VAPT
31 pages
Data Center Checklist: Company Profile Compliance Available
No ratings yet
Data Center Checklist: Company Profile Compliance Available
2 pages
Disaster Recovery Guide
No ratings yet
Disaster Recovery Guide
15 pages
Securing Web Portals
No ratings yet
Securing Web Portals
12 pages
Innovative Solutions by Integrating GPS, Video and Google Map
No ratings yet
Innovative Solutions by Integrating GPS, Video and Google Map
7 pages
Passing Unix Linux Audit With Power Broker
100% (2)
Passing Unix Linux Audit With Power Broker
11 pages
QRadar VFlow Brochure
No ratings yet
QRadar VFlow Brochure
2 pages
VMW Datasheet Vsphere Product Line Comparison
No ratings yet
VMW Datasheet Vsphere Product Line Comparison
11 pages
E-Commerce Basics for Students
No ratings yet
E-Commerce Basics for Students
14 pages
Dhillon - Gurpreet Singh
No ratings yet
Dhillon - Gurpreet Singh
12 pages
Cyber Security Workshop Lab File Complete
No ratings yet
Cyber Security Workshop Lab File Complete
43 pages
Cybersecurity System Hardening Guide
No ratings yet
Cybersecurity System Hardening Guide
2 pages
RSL SecureCodeReview Example Report
No ratings yet
RSL SecureCodeReview Example Report
28 pages
Chapter 17
No ratings yet
Chapter 17
20 pages
Guardsquare 2
No ratings yet
Guardsquare 2
10 pages
Pen Testing Rules & Scope Guide
No ratings yet
Pen Testing Rules & Scope Guide
42 pages
Cyber Audit Self Assessment Audit Form
No ratings yet
Cyber Audit Self Assessment Audit Form
12 pages
IT Audit Best Practices Guide
No ratings yet
IT Audit Best Practices Guide
7 pages
Question BankMANET
No ratings yet
Question BankMANET
11 pages
Ttkransomwareprotection 202309141694655795096
No ratings yet
Ttkransomwareprotection 202309141694655795096
62 pages
NCA SlideDeck
No ratings yet
NCA SlideDeck
160 pages
Risk Management for IT Security
No ratings yet
Risk Management for IT Security
31 pages
Real-Time Systems: Frank Drews
No ratings yet
Real-Time Systems: Frank Drews
30 pages
IBM Resilient SOAR Platform: Virtual Appliance Installation Guide V36
No ratings yet
IBM Resilient SOAR Platform: Virtual Appliance Installation Guide V36
58 pages
ICS SICS Framework Infographic
100% (1)
ICS SICS Framework Infographic
1 page
Tle 6 Ict Q4 M6
No ratings yet
Tle 6 Ict Q4 M6
11 pages
Julia Ridgway Resume
No ratings yet
Julia Ridgway Resume
1 page
View Journal
No ratings yet
View Journal
148 pages
Mobile Control II EN Manual
No ratings yet
Mobile Control II EN Manual
24 pages
OWASP MAS Checklist
No ratings yet
OWASP MAS Checklist
40 pages
Automated Mobile Application Security Assessment With MobSF by Ajin Abraham
No ratings yet
Automated Mobile Application Security Assessment With MobSF by Ajin Abraham
38 pages
Linux Security Checklist
No ratings yet
Linux Security Checklist
5 pages
Flame Detection Network Camera
No ratings yet
Flame Detection Network Camera
3 pages
Software Security Maturity Guide
No ratings yet
Software Security Maturity Guide
32 pages
E-Brochure Schneider Electric's Cybersecurity Services
No ratings yet
E-Brochure Schneider Electric's Cybersecurity Services
8 pages
Control Control Requirements: Statement of Applicability
No ratings yet
Control Control Requirements: Statement of Applicability
3 pages
VPC Project
No ratings yet
VPC Project
2 pages
NABARD CSF 06 Feb 2020
No ratings yet
NABARD CSF 06 Feb 2020
19 pages
Emtech 1st Exam
No ratings yet
Emtech 1st Exam
9 pages
Perfrom A Wireless Audit
0% (1)
Perfrom A Wireless Audit
3 pages
Log
No ratings yet
Log
848 pages
Health-IsAC Risk-Based Approach To Vulnerability Prioritization (En)
No ratings yet
Health-IsAC Risk-Based Approach To Vulnerability Prioritization (En)
8 pages
Upload A Document To Access Your Download: VK+Formula Calculation +sample
No ratings yet
Upload A Document To Access Your Download: VK+Formula Calculation +sample
3 pages
G2e Pass
No ratings yet
G2e Pass
3 pages
SE571 Air Craft Solutions - Phase 1
No ratings yet
SE571 Air Craft Solutions - Phase 1
7 pages
Access Management & AAA Requirements
No ratings yet
Access Management & AAA Requirements
3 pages
DE1 SoC MTL2 User Manual
No ratings yet
DE1 SoC MTL2 User Manual
28 pages
Sample Network Audit Contract
No ratings yet
Sample Network Audit Contract
12 pages
Attachment "C" CIP Data List For Sampling: RFC Action Required
No ratings yet
Attachment "C" CIP Data List For Sampling: RFC Action Required
49 pages

Vapt Scoping It

Uploaded by

Vapt Scoping It

Uploaded by

IT Vulnerability Assessment and Penetration Testing Scoping Questionnaire

# Category / Question Response

Dealings with third parties Required? For example:

Network Security Configuration Required for

11 End-Points Assessment Required? Yes

Would you require a re-test after issues have been

Infrastructure Quantity Details

1 No. of External Penetration Testing Ips / Hosts 2

2 No. of Internal Penetration Testing Ips / Hosts 200

No. of Applications for Web Penetration Testing

No. of Applications for White-Box / Credential Based

You might also like