Cyber Security Assessments

Cyber Security Assessment Questionnaire

End User Information
Company Name:*
End Client Location or Headquarters Address (Required for Statement of Work):*

Street Address

Street Address Line 2

CityState / Province

Postal / Zip Code
Primary Reason for Security Assessment?
What is your timeline to have the test performed and completed by?

MonthDayYear
Date

External Network Penetration Test
Simulated Hack of client’s external network. Recommended to be performed annually at a minimum. Some compliance requirements may require more frequent testing.

Service includes:
- Client Research (Footprinting) to create a custom attack dictionary of passwords to launch a Brute Force Attack on the network
- Vulnerability Scanning for all current known vulnerabilities
- Attempted Exploitation or “Hacking” of identified Vulnerabilities
- Final Report & Presentation with Remediation Recommendations.
Count of “ACTIVE” External/Public IP addresses the end client subscribes to:
Do you require testing One-Time, Quarterly, Annually, other?
If other, please describe:
If you have an annual testing requirement, would you be interested in a quote to perform the service for (3) consecutive years for an additional discount per year?

YesNo
Would you like a quote for a Post Remediation Vulnerability Assessment Rescan?

YesNo

Internal Network Penetration Test
Simulated hack to identify and attempt to exploit internal network assets for vulnerabilities.

Option to perform an “Authenticated Test” to confirm employee/user access is secure beyond what level of access users have credentials for.

To give our security architects visibility to your client’s internal network, we will ship an appliance to connect to the network called a “Headless PC”. We can remotely walk any technical or non-technical person through attaching this appliance to the network.

Please note for Internal PEN Testing: It is recommended that if there are many internal IP’s that you run an Internal Network Penetration Test ONLY on “critical assets” (Servers, routers, firewalls) or assets that are required to be included for compliance reasons.

It is recommended that you run a Vulnerability Scan Assessment (with no attempt to exploit) on the rest of the IP’s. Workstations often show many vulnerabilities so you may want to consider a sampling of workstations as well.
Critical Asset IP Count (Servers, routers, firewalls, and devices required to be PEN tested for compliance) For Full PEN test- (Note- We will quote a Full Internal Network PEN Test Assessment with attempt to exploit vulnerabilities for number of “Critical assets” count)
Non-Critical Asset IP Count (Note- We will quote a Vulnerability Scan Assessment without an attempt to exploit identified vulnerabilities for “non-critical asset” count)

Web Application Vulnerability Assessment
Comprehensive test to evaluate web applications source code against known exploitable vulnerabilities. “Simulated hack of your website”

Service includes Analysis of vulnerabilities such as: SQL injection, Cross site scripting, Cross site request forgery, Buffer overflows, Weak authentication & improper data sanitization

Client Research (Footprinting) to create a custom attack dictionary of passwords to launch a Brute Force Attack on the network
Vulnerability Scanning for all current known vulnerabilities

Attempted Exploitation or “Hacking” of Web Application Source Code with known vulnerabilities

Final Report & Presentation with recommendations for strengthening the source code to reduce the possibility of exploits by an attacker are provided.
Please provide the number of URL’s in scope to be tested:
Does your website allow any type of User Login?

YesNo
Would you like us to deliver an authenticated test to try and gain access beyond “baseline user credentials”?

YesNo

Vulnerability Scan Assessment
Service includes Scanning for all known vulnerabilities with multiple paid subscription tools, remediation recommendations of identified vulnerabilities and a final report.

There is no attempt by the architects to exploit or gain access to identified vulnerabilities.

Vulnerability Scanning is recommended quarterly or at the mid-point in between PEN tests to identify any new vulnerabilities that may not have been know at the time of Penetration Test.

(Please Note that the Network PEN Test and Web Application Assessment already include a Vulnerability Scan as part of the Assessment, so you do not need to include the count of the items to be PEN Tested in this area if you have already listed them for a PEN Test or Web App Test.)
Please provide Number of External IP’s to be scanned for Vulnerabilities:
Please provide Number of Internal IP’s to be scanned for Vulnerabilities:
Please provide Number of URL’s to be scanned for Vulnerabilities:
Would you like a quote for recurring Quarterly Vuln Assessments?

YesNo

Social Engineering “People Hacking”
Service includes Development & Execution of scripts for targeted email and/or phone assessments to attempt to get employees to click on fake web links or divulge sensitive security information related to passwords. No passwords are collected.

Final report will provide end client with actionable data to properly educate their associates on the role they play in protecting their company’s data. Quoting is traditionally based on a sample size of the total number of employees.
Total Number of employees the end client would like tested:
-For Email Campaign (Recommended on all Employees)-
-For Phone Campaign (Recommended on a subset of employees- usually 5-10%)-
Would you like a quote for Employee Cyber Security Awareness Training course work?

YesNo

Wireless Penetration Testing
Services Overview
- Confirm AP Encryption method
- Scan for vulnerabilities if able to access network and Brute force attack of your wireless network
- Fake SSID’s may be set up to attempt to trick people into connecting to it
- “Optional” Wireless Controller Configuration review to confirm the controller is adhereing to best practices.
- “Optional” Onsite Passive Wireless Assessment to confirm signal bleed from the client’s facility and check for rogue AP’s no longer receiving Security Updates. To qualify for quote, will require Floor plans of facility.
Number of SSID’s to be tested:
Number of Access Point’s:
Please provide, # of wireless controllers:
Please advise if you would like us to review the Wireless Controller Configuration?

YesNo
Please provide the following information:
Wireless Controller Vendor?
Are there multiple controllers? If yes, how many?
How many Remote Sites?
Does your company VPN go through the controller or is there a separate device?

Firewall Rules Evaluation
The Firewall Rule Evaluation is performed by a certified security auditor. Using various automated and manual tests, the auditor will review current firewall rules and posture against four areas:

• Best practice security audit report

• Software vulnerability audit report

• SysAdmin Audit Network Security (SANS) policy compliance report

• Configuration report

The audit scope covers approved firewall configuration baselines, security standards, and policies used to support business deliverables. Each uncovered issue will be rated based on severity (critical, high, medium, low, and informational) and classification (administration, authentication, best practice, etc). A final Firewall Rule Evaluation Report is delivered with expert analysis of information collected from the firewalls, including a remediation plan based on level of severity for each deficiency.

The Firewall Rule Evaluation Assessment can be performed on Cisco, Meraki, Extreme Networks, Fortinet, Palo Alto Networks, Juniper Networks, WatchGuard, and Dell SonicWALL firewalls.
Please provide the number of Firewalls you would like to have reviewed?
Please list the Firewall Make, Model and Software version so we can confirm that we can audit the specific firewall:

Cybersecurity/Critical Security Controls Assessment
Interview/questionnaire to Identify current state of client environment across critical security access controls. Provide specific results and recommendations vs Best Practices for the Top CIS (Center for Internet Security) Critical Security Controls including:
- Authorized and Unauthorized devices and software.
- Continuous Monitoring and Automation
- Access Control for WiFi enabled devices
- Penetration Testing
- Secure configuration for servers, desktops and mobile devices
- Application Software Security
- Data Recovery Capabilities
- Data Leakage Protection
- Interview to include IT resources that would be able to comment on the state of: server infrastructure, network, firewall, virtual infrastructure, backup, and futures/planning.
Would you like a quote for the Critical Security Controls assessment?

YesNo

Additional Security Questions:
Are you attempting to meet any required compliance? If yes, please describe.
Do you currently have, or are you interested in ongoing 24x7x365 Security monitoring and management of your network?

YesNo
Do you require assistance with any implementation, configuration, and/or consulting for any security Vendor solutions?

YesNo
Do you have a full time or part time CISO (Chief Information Security Officer) assisting you with policy creation and a roadmap for protecting your company?

YesNo
What type of Incident Response measures do you have in place in the event of an attack?
Please verify that you are human*
Should be Empty:

Cyber Security Assessment Questionnaire

Please provide the following information: