Writing Homework Help

Reconnaissance is the first phase of compromise and considered the most important. An attacker will use publicly-available information known as Open Source Intelligence (OSINT), often referred to as digital footprint, to identify possible target services on a network for exploitation. A security professional using the same search looks for potential security leaks.

1. Select one company from “List of Fortune 500 Companies and Their Websites,” provided in the required readings, and perform a passive information recon.
2. Provide a brief overview of your selected company.
3. Using Google or another public search engine, collect OSINT that can be used to identify corporate identifiable information and potential computing systems for exploitation (e.g., web, e-mail, FTP, DNS services), as well as employee names, email addresses, and PPI.
4. Document your findings under Phase Testing in the “PEN Testing Report Guidelines,” located in the Course Materials. Refer to the SANS Institute industry-standard “Writing a Penetration Testing Report,” for examples of PEN Testing Reports.