Intelligence Gathering Plan
Intelligence gathering is one of the aspects that are included in penetration testing, which aims at identifying the ease of violating the security system of an organization. One of the organizations that are likely to be targeted by attackers and, therefore, requires the execution of a penetration test is Target Corporation. As one of the largest retail corporations in America, Target Corporation is likely to become a victim of cyberattacks. Our assignment writing services will allow you to attend to more important tasks as our experts handle your task.
Passive intelligence gathering involves the collection of information about an organization without any interaction between the organization and the penetration tester. This lack of contact between the penetration tester and the organization means that the organization is responsible for preventing passive information gathering by managing the information that is made public (Chapple & Seidl, 2017). One way to collect passive data is by identifying publicly available information about the organization. Examples of publicly available information can include the subdomains of the organization’s website and even the public IP addresses. Another way of obtaining passive information is identifying the leaked confidential information of the company. In some cases, some of the organization’s employees might unknowingly publicize the organization’s confidential information, such as the usernames and passwords used for authentication. Tools such as WHOIS, NETCRAFT, and search engines such as Google can be used to collect passive information. Another tool that can be useful in the collection of passive data includes The Harvester, which is used to collect information such as the names of the employees of the company, the emails used in the organization, and the subdomains of the organization’s website. Additionally, social media can be used to collect information about the employees of the organization.
Reference
Chapple, M., & Seidl, D. (2017). CompTIA CySA+ Study Guide: Exam CS0-001. John Wiley & Sons.
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question 
Intelligence Gathering Plan
Write an Intelligence Gathering Plan for this activity, design a passive intelligence gathering plan for an organization of your choice. you may want to reference a resource like OSSTMM, NIST SP 800-115, or pentes-standard.org before you write a plan.
Intelligence Gathering Plan
Your intelligence-gathering plan should identify the following:
- target,
- how would you gather passive data, including what data you would look for,
- what tools you would use.
You can check pg. 153 (Activity 2.2)