Consulting Audit - Vulneribility Assesment & Penetration Testing

Scope: 1. Check for the policies 2. Internal and external VAPT 3. Risk assessment 4. Incident management 5. Recording of Logs onsite and offsite 6. Vendor check- 3rd party contract 7. All equipment – whether safe to connect 8. IT audit and Information Security Compliance in line with ISO 270001(already ISMS certified) 9. ITIL standards Compliance In short we need to identify the GAP and fix those as per latest DOT Circular for ISPs. in scope elements 1. Total Number of Firewalls: 3 2. Total Number of Routers: 2 3. Total Number of workstations 250 4. Total Number of Switches 18 5. Total number of Servers: 47 6. Total WIFI access points 12 7. 7 Web Server 3 External PT 6. Total Number of Firewalls: 3 7. Total Number of WEB server 10 8. Total Number of Routers: 2 Internal PT 9. Total servers- 44 10. Total Work stations- 10 Network Architecture review: 1. Customer Network and Security Audit: ? LAN/WAN architecture review ? Technical Vulnerability assessment (servers, network devices, security devices) ? Physical cables verification ? Policy review ? Performance review 2. Customer Branch Network: • Review of network design • Performance of WAN Links