aPPendIx d: saMPle rules of engageMent
changed. Furthermore, this assessment is not likely to disable users
or deny service. For the purposes of this penetration procedure,
successful penetration is deﬁned by demonstrating any one of the
• Remotely or locally obtain the ability to copy, modify, or
delete system conﬁguration ﬁles.
(Note: Under no circumstances will any data or ﬁles be modiﬁed or
• Remotely or locally view, modify, or obtain password ﬁles.
• Obtain the ability to redirect traﬃc.
(Note: Under no circumstances will traﬃc be redirected.)
Evidence to support any weaknesses discovered will consist
primarily of screen prints, session logs, or automated tool reports. We
will evaluate vulnerabilities discovered during the scan and discuss
with agency system the potential for further penetration testing.
Use of Automated Tools
We will direct the use of the automated probing and scanning tools,
Nessus, WebSense, and Nmap, to determine system conﬁgurations,
default settings, security settings, network services, and open ports
on the agency resources. e tools will detect vulnerabilities on the
scanned resources, including those vulnerabilities published by the
Common Vulnerabilities and Exposures Database and the FBI/
SANS Top 20 List.
Vulnerabilities tested by agency’s scanning tools include, but are
not limited to
• SMTP weaknesses
• IP fragmentation checks
• ICMP checks
• Odd protocol checks
• Port checks
• NETBIOS vulnerabilities
• WC service vulnerabilities