Question

1.   What are the important considerations in choosing a Red Team (or attack team) for your software system? Give examples to justify your position.

2.   How should you utilize the results of a static analysis of the system? What criteria should determine the level of action taken on any item?

3.   Why is it important to probe and attack a system both at rest and in action? Give examples of information that is provided by each that the other could not provide.

4.   What factors should influence the time frame and scope of a penetration test? Give examples to support your ranking.

5.   Why is a single system compromise insufficient for a penetration test? Justify your position.

6.   Why is it important to simulate the deployment environment as closely as possible when performing a penetration test? What could happen if the conditions vary significantly from the live environment?

7.   What external elements of a system environment play a role in the security of a software system? How should these be considered in a penetration testing environment?

8.   What advantages do actual attackers have over penetration testers in attempting to compromise a system? Justify your conclusions.

Answer 1

According to the Chegg policy we answer the first one but I answer 2 questions for you.

Answer 1)

Red Team is a team in the part of cyber security who make false attack to their own organization to check that the organization cyber security is able to handle attack from the outside world. The team will basically simulate attacks to the organization.

The consideration for choosing a Red Team are

1) Normally the Red Team will be a outsiders. Because internal team knows the cyber security measures which has taken. There are several organization who act as a Red Team for a company to measure the cyber security attacks.

2) Identify the risk. The Red Team must understand the process of the company and they should attack and verify the every aspect of the cuber security. And they should in a unknown time, because if the company cyber security person know when the attack will be happen they will be more careful.

3) The Red Team should be aware about the latest attack, because there are regular new technologies are developed to attack a company. And every aspect should be verified like phishing, SQL injection etc. As for example the Red Team should also check the web site pages for SQL Injection which can be used to enter to the database of the Company.

4) Aware of threats. The Red Team should check the Security threats like Trojan horse,spyware, DDOS attack etc. They should use the attacks to the organization , and should report that the organization is capable to face this types of attack properly.

Answer 2)

The static analysis of the system is required to check the code of the system is correct or not. Actually the code error or mathematical errors and also the vulnerabilities of the code are tested here. Before the system deployment this testing takes place.

The result of the static analysis are utilized for various ways.

1) The system has no code errors so it can be deployed successfully.
2) The code has no mathematical error, so at run time it can utilize the CPU properly.
3) Efficiency of the coding according to the standard mentioned.
4) The user Interface code written properly.

The level of action is based on the errors generated on the code by the static analysis or the level of action can also be taken if there are any vulnerabilities in the code.