The Readiness Level On Conducting Penetration Testing Among Network Admin In Kolej Poly Tech Mara
Nowadays, most of Malaysian cannot live without internet. Malaysia become one of the country which used internet widely. However, the number of attack, suspicious event and vulnerabilities in internet increases day by day. The network administrator have to observe and monitor the network to find the...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English English |
| Published: |
2016
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/18842/1/The%20Readiness%20Level%20On%20Conducting%20Penetration%20Testing%20Among%20Network%20Admin%20In%20Kolej%20Poly%20Tech%20Mara%2024%20Pages.pdf http://eprints.utem.edu.my/id/eprint/18842/2/The%20Readiness%20Level%20On%20Conducting%20Penetration%20Testing%20Among%20Network%20Admin%20In%20Kolej%20Poly%20Tech%20Mara.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utem-ep.18842 |
|---|---|
| record_format |
uketd_dc |
| institution |
Universiti Teknikal Malaysia Melaka |
| collection |
UTeM Repository |
| language |
English English |
| topic |
T Technology (General) T Technology (General) |
| spellingShingle |
T Technology (General) T Technology (General) Ibrahim, Mimi Dalina The Readiness Level On Conducting Penetration Testing Among Network Admin In Kolej Poly Tech Mara |
| description |
Nowadays, most of Malaysian cannot live without internet. Malaysia become one of the country which used internet widely. However, the number of attack, suspicious event and vulnerabilities in internet increases day by day. The network administrator have to observe and monitor the network to find the suspicious event and weakness that may occur in network under their supervision. This research focus to investigate the readiness level on conducting penetration testing among network administrator in Kolej Poly-Tech MARA (KPTM). This research aimed to investigate the factors which may contribute to the readiness on conducting penetration testing among user Information Technology (IT) focus to Network Administrator in Kolej Poly-Tech MARA (KPTM), design and develop a questionnaire that cover about factors which relate to readiness in using penetration testing and analyse the relationship between dependent and independent variable towards readiness level on using penetration testing. The selected factors which are experience, knowledge and organization was explored through literature survey and interviews with IT expert. A total of 22 respondents from different level of network administrator in KPTM around Malaysia are selected for the purpose of this study. For the analysis, one way ANOVA, Pearson Correlation Coefficient and Regression was adopted to analyse the results. The result shown that all the factors have positive linear relationship between organization, experience and knowledge. This study also provides contribution from the study, limitation of the study and recommendations for future research in penetration testing. |
| format |
Thesis |
| qualification_name |
Master of Philosophy (M.Phil.) |
| qualification_level |
Master's degree |
| author |
Ibrahim, Mimi Dalina |
| author_facet |
Ibrahim, Mimi Dalina |
| author_sort |
Ibrahim, Mimi Dalina |
| title |
The Readiness Level On Conducting Penetration Testing Among Network Admin In Kolej Poly Tech Mara |
| title_short |
The Readiness Level On Conducting Penetration Testing Among Network Admin In Kolej Poly Tech Mara |
| title_full |
The Readiness Level On Conducting Penetration Testing Among Network Admin In Kolej Poly Tech Mara |
| title_fullStr |
The Readiness Level On Conducting Penetration Testing Among Network Admin In Kolej Poly Tech Mara |
| title_full_unstemmed |
The Readiness Level On Conducting Penetration Testing Among Network Admin In Kolej Poly Tech Mara |
| title_sort |
readiness level on conducting penetration testing among network admin in kolej poly tech mara |
| granting_institution |
Universiti Teknikal Malaysia Melaka |
| granting_department |
Faculty of Information and Communication Technology |
| publishDate |
2016 |
| url |
http://eprints.utem.edu.my/id/eprint/18842/1/The%20Readiness%20Level%20On%20Conducting%20Penetration%20Testing%20Among%20Network%20Admin%20In%20Kolej%20Poly%20Tech%20Mara%2024%20Pages.pdf http://eprints.utem.edu.my/id/eprint/18842/2/The%20Readiness%20Level%20On%20Conducting%20Penetration%20Testing%20Among%20Network%20Admin%20In%20Kolej%20Poly%20Tech%20Mara.pdf |
| _version_ |
1747833953874608128 |
| spelling |
my-utem-ep.188422021-10-08T16:08:52Z The Readiness Level On Conducting Penetration Testing Among Network Admin In Kolej Poly Tech Mara 2016 Ibrahim, Mimi Dalina T Technology (General) TK Electrical engineering. Electronics Nuclear engineering Nowadays, most of Malaysian cannot live without internet. Malaysia become one of the country which used internet widely. However, the number of attack, suspicious event and vulnerabilities in internet increases day by day. The network administrator have to observe and monitor the network to find the suspicious event and weakness that may occur in network under their supervision. This research focus to investigate the readiness level on conducting penetration testing among network administrator in Kolej Poly-Tech MARA (KPTM). This research aimed to investigate the factors which may contribute to the readiness on conducting penetration testing among user Information Technology (IT) focus to Network Administrator in Kolej Poly-Tech MARA (KPTM), design and develop a questionnaire that cover about factors which relate to readiness in using penetration testing and analyse the relationship between dependent and independent variable towards readiness level on using penetration testing. The selected factors which are experience, knowledge and organization was explored through literature survey and interviews with IT expert. A total of 22 respondents from different level of network administrator in KPTM around Malaysia are selected for the purpose of this study. For the analysis, one way ANOVA, Pearson Correlation Coefficient and Regression was adopted to analyse the results. The result shown that all the factors have positive linear relationship between organization, experience and knowledge. This study also provides contribution from the study, limitation of the study and recommendations for future research in penetration testing. UTeM 2016 Thesis http://eprints.utem.edu.my/id/eprint/18842/ http://eprints.utem.edu.my/id/eprint/18842/1/The%20Readiness%20Level%20On%20Conducting%20Penetration%20Testing%20Among%20Network%20Admin%20In%20Kolej%20Poly%20Tech%20Mara%2024%20Pages.pdf text en public http://eprints.utem.edu.my/id/eprint/18842/2/The%20Readiness%20Level%20On%20Conducting%20Penetration%20Testing%20Among%20Network%20Admin%20In%20Kolej%20Poly%20Tech%20Mara.pdf text en validuser https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=101686 mphil masters Universiti Teknikal Malaysia Melaka Faculty of Information and Communication Technology 1. Aliaga, M. & Gunderson, B. (2005). Interactive statistics (3rd edition.). New Jersey: Pearson Prentice Hall 2. Alqahtani, A.H. and Iftikhar, M., 2013. TCP / IP Attacks , Defenses and Security Tools. International Journal of Science and Modern Engineering (IJISME), (10), pp.42–47. 3. Arachchilage, N.A.G. and Love, S., 2014. Security awareness of computer users: A phishing threat avoidance perspective. Computers in Human Behavior, 38, pp.304–312. 4. Bassill, P., 2013. The holistic approach to security. Network Security, 2013 (3), pp.14–17. 5. Carayon, P. and Kraemer, S., 2002. Macroergonomics in WWDU : What about computer and information system security ? World, (1), pp.87–89. 6. Carayon, P., Kraemer, S., Carayon, P., and Clem, J., 2016. Human and organizational factors in computer and information security : Pathways to vulnerabilities Human and organizational factors in computer and information security : Pathways to vulnerabilities, (October 2009). 7. Carrier, B. and Spafford, E., 2003. Getting physical with the digital investigation process. International Journal of Digital Evidence, 2 (2), pp.1–20. 8. Chu, B.-T.B., Jones, M., Bacudio, A.G., and Yuan, X., 2011. An Overview of Penetration Testing. International Journal of Network Security & Its Applications, 3 (6), pp.19–38. 9. Clark Weissman, 2011. Penetration testing. pp.269. 10. D, R.R.P., 2004. A Ten Step Process for Forensic Readiness. International Journal, 2 (3), pp.1–28. 11. Deka, R.K., Kalita, K.P., Bhattacharya, D.K., and Kalita, J.K., 2015. Network defense: Approaches, methods and techniques. Journal of Network and Computer Applications, 57, pp.71–84. 12. Dutta, S. and Jain, A., 2003. The Networked Readiness of Nations. Development. 13. Grobler, C.P., Louwrens, C.P., and Von Solms, S.H., 2010. A framework to guide the implementation of proactive digital forensics in organizations. ARES 2010 - 5th International Conference on Availability, Reliability, and Security, pp.677–682. 14. Hassan, R.I., Hayaati, N., and Mohd, B., 2013. Penetration Testing for Libyan Government. Proceedings of the 4th International Conference on Computing and Informatics, ICOCI 2013, (048), pp.286–297. 15. Institute, S., 2002. InfoSec Reading Room tu , A ho ll r igh. Sans Institute. 16. Jones, A., 1997a. Penetration testing and system audit - Experience gained during the investigation of systems within the UK. Defence Evaluation and Research Agency, CIS3 Department, St. Andrews Road, Maloern, Worcestershire, wR14 3PS. UK., 16, pp.595–602. 17. Jones, A., 1997b. Penetration testing and system audit - Experience gained during the investigation of systems within the UK. Defense Evaluation and Research Agency, CIS3 Department, St. Andrews Road, Malvern, Worcestershire, 16, pp.595–602. 18. Kraemer, S. and Carayon, P., 2007. Human errors and violations in computer and information security: The viewpoint of network administrators and security specialists. Applied Ergonomics, 38 (2), pp.143–154. 19. Lu, L., Xu, Z., Wang, W., and Sun, Y., 2013. A new fault detection method for computer networks. 20. Mainka, C., Somorovsky, J., and Schwenk, J., 2012. Penetration Testing Tool for Web Services Security. 2012 IEEE Eighth World Congress on Services, pp.163–170. 21. Mcdermott, J.P., 2001. Attack Net Penetration Testing. ACM, pp.15–21. 22. Mr. Nitin A. Naik, Mr. Gajanan D. Kurundkar, Dr. Santosh D. Khamitkar, D.N.V.K., 2009. Penetration Testing : A Roadmap to Network, 1 (1), pp.187–190. 23. Parsons, K., Mccormac, A., Butavicius, M., Pattinson, M., and Jerram, C., 2014. Determining employee awareness using the Human Aspects of Information Security Questionnaire ( HAIS-Q ). Computers & Security, 42, pp.165–176. 24. Pooe, a and Labuschagne, L., 2012. A conceptual model for digital forensic readiness. … Security for South Africa (ISSA), 2012. 25. Quarterly, M.I.S. and Global, I., 1989. Validating Instruments In MIS Research / sup 1. 26. Rahmat Budiarto, Sureswaran Ramadass, Azman Samsudin, S.N., 2004. Development of Penetration Testing Model for Increasing Network Security. IEEE, pp.1–5. 27. S., R., M., C., Ramirez-Marquez, and Emmanuel, J., 2011. Vulnerability metrics and analysis for communities in complex networks. Reliability Engineering and System Safety, 96, pp.1360–1366. 28. Schreurs, J., Ehler, U., and Moreau, R., 2008. Measuring e-learning readiness, (Powell). 29. Shi, H.S.H., Chen, B.C.B., and Yu, L.Y.L., 2010. Analysis of Web Security Comprehensive Evaluation Tools. Networks Security Wireless Communications and Trusted Computing (NSWCTC), 2010 Second International Conference on, 1, pp.285–289. 30. Shivayogimath, C.N., 2014. an Overview of Network Penetration Testing. IJRET: International Journal of Research in Engineering and Technology, pp.408–413. 31. Shorter, J.D., Smith, J.K., Aukerman, R.A., Pires, D.E., Mankelwicz, J., Kitahara, R., and Westfall, F., 2012. Journal of Information Systems Technology and Planning. Intellectbase International Consortium (IIC), 5 (12). 32. Smith, J.K., Texas, A., Shorter, J.D., and Texas, A., 2010. Penetration Testing : A Vital Component Of An Information Security Strategy. 33. Society, I., 2014. Internet Society Global Internet Report 2014. 34. Streubel, J., 2003. What is Computer Science ? Department of Computer Science, pp.1–2. 35. Tang, A., 2014. A guide to penetration testing. Network Security, 2014 (8), pp.8–11. 36. Vaughn Jr, R.B., Sira, A., and Dampier, D.A., 2002. Information Security System Rating and Ranking. The Journal of Defense Software Engineering, pp.30–32. 37. Warkentin, M. and Willison, R., 2009. Behavioral and policy issues in information systems security: the insider threat. European Journal of Information Systems, 18 (2), pp.101–105. 38. Zhou, A.T., Blustein, J., and Zincir-Heywood, N., 2003. The State of Network Security Management: Issues and Directions. |