SlideShare a Scribd company logo

Cst 630 Extraordinary Success/newtonhelp.com

Download as DOC, PDF
A
amaranthbeg113

The document outlines a series of projects in a cybersecurity course focused on risk management, incident response, network security, secure videoconferencing, and data loss prevention. Each project includes steps for conducting analyses, developing security plans, and identifying vulnerabilities within networks and systems, emphasizing the importance of compliance with standards such as NIST and PCI DSS. The final deliverables consist of comprehensive reports, proposals, presentations, and lab exercises aimed at enhancing organizational security posture.

Education
1 of 15
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
CST 630 Project 1Risk, Threat, and Vulnerability Management For more course tutorials visit www.newtonhelp.com Project 1 Step 1: Conduct a Security Analysis Baseline In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR). You will get your information from a data-flow diagram and report from the Microsoft Threat Modeling Tool 2016. The scope should include network IT security for the whole organization. Click the following to view the data-flow diagram: [diagram and report] Include the following areas in this portion of the SAR: a. Security requirements and goals for the preliminary security baseline activity. b. Typical attacks to enterprise networks and their descriptions. Include Trojans, viruses, worms, denial of service, session hijacking, and social engineering. Include the impacts these attacks have on an organization. c. Network infrastructure and diagram, including configuration and connections. Describe the security posture with respect to these components and the security employed: LAN, MAN, WAN, enterprise. Use these questions to guide you:
a. What are the security risks and concerns? b. What are ways to get real-time understanding of the security posture at any time? c. How regularly should the security of the enterprise network be tested, and what type of tests should be used? d. What are the processes in play, or to be established to respond to an incident? e. Workforce skill is a critical success factor in any security program, and any security assessment must also review this component. Lack of a skilled workforce could also be a security vulnerability. Does the security workforce have the requisite technical skills and command of the necessary toolsets to do the job required? f. Is there an adequate professional development roadmap in place to maintain and/or improve the skill set as needed? g. Describe the ways to detect these malicious code and what tactics bad actors use for evading detection. d. Public and private access areas, web access points. Include in the network diagram the delineation of open and closed networks, where they co-exist. In the open network and closed network portion, show the connections to the Internet. e. Physical hardware components. Include routers and switches. What security weaknesses or vulnerabilities are within these devices? f. Operating systems, servers, network management systems. a. data in transit vulnerabilities 1. endpoint access vulnerabilities 2. external storage vulnerabilities 3. virtual private network vulnerabilities 4. media access control vulnerabilities 5. ethernet vulnerabilities b. Possible applications. This network will incorporate a BYOD (bring your own device) policy in the near future. The IT auditing team and leadership need to understand current mobile applications
and possible future applications and other wireless integrations. You will use some of this information in Project 2 and also in Project 5. The overall SAR should detail the security measures needed, or implementations status of those in progress, to address the identified vulnerabilities. Include: a. remediation b. mitigation c. countermeasure d. recovery Through your research, provide the methods used to provide the protections and defenses. From the identification of risk factors in the risk model, identify the appropriate security controls from NIST SP 800-53A and determine their applicability to the risks identified. The baseline should make up at least three of the 12 pages of the overall report. When you have completed your security analysis baseline, move on to the next step, in which you will use testing procedures that will help determine the company's overall network defense strategy. Step 2: Determine a Network Defense Strategy You've completed your initial assessment of the company's security with your baseline analysis. Now it's time to determine the best defenses for your network. Start by reading a publication by the National Institute of Standards and Technology, NIST-SP-800-115 Technical Guide to Information Security Testing and Assessment, and outline how you would test violations. Identify how you will assess the effectiveness of these controls and write test procedures that could be used to test for effectiveness. Write them in a manner to allow a future information systems security officer to use
them in preparing for an IT security audit or IT certification and accreditation. Within this portion of the SAR, explain the different testing types (black box testing, white box testing). Include these test plans in the SAR. The strategy should take up at least two of the 12 pages of the overall report. Click the following link to learn more about cybersecurity for process control systems: Cybersecurity for Process Control Systems After you've completed this step, it's time to define the process of penetration testing. In the next step, you'll develop rules of engagement (ROE). Step 3: Plan the Penetration Testing Engagement Now that you've completed your test plans, it's time to define your penetration testing process. Include all involved processes, people, and timeframe. Develop a letter of intent to the organization, and within the letter, include some formal rules of engagement (ROE). The process and any documents can be notional or can refer to actual use cases. If actual use cases are included, cite them using APA format. This portion should be about two pages of the overall 12-page report. After you have outlined the steps of a penetration testing process, in the next step you will perform penetration testing. During the testing, you will determine if the security components are updated and if the latest patches are implemented, and if not, determine where the security gaps are. Step 4: Conduct a Network Penetration Test You've defined the penetration testing process, and in this step, you will scan the network for vulnerabilities. Though you have some preliminary information about the network, you will perform a black box test to assess the current security posture. Black box testing is performed with little or no information about the network and organization. ---------------------------------------------------------------------------------------------------------
CST 630 Project 2 Incident Response For more course tutorials visit www.newtonhelp.com Project 2 Step 1: Develop a Wireless and BYOD Security Plan Since the company you work for has instituted a bring your own device (BYOD) policy, security attitudes have been lax and all sorts of devices, authorized and unauthorized, have been found connected to the company's wireless infrastructure. In this first step, you will develop a wireless and BYOD security plan for the company. Use the NIST Guidelines for Securing Wireless Local Area Networks (WLANs) Special Publication 800-153 to provide an executive summary to answer other security concerns related to BYOD and wireless. Within your cybersecurity incident report, provide answers to the threat of unauthorized equipment or rogue access points on the company wireless network and the methods to find other rogue access points. Describe how to detect rogue access points and how they can actually connect to the network. Describe how to identify authorized access points within your network.
Within your plan, include how the Cyber Kill Chain framework and approach could be used to improve the incident response times for networks. Include this at the beginning of your CIR as the basis for all wireless- and BYOD-related problems within the network. Title the section "Wireless and BYOD Security Plan." Click the following link to learn more about security management: Security Management. In the next step, you will explore a scenario on suspicious behavior, and your report will provide another section of your CIR. Step 2: Track Suspicious Behavior You've completed your wireless and BYOD security plan. Now it's time to take a look at another workplace situation. You have been notified of an employee exhibiting suspicious behavior. You decide to track the employee's movements by using various tools and techniques. You know the location and time stamps associated with the employee's mobile device.
How would you track the location of the company asset? Explain how identity theft could occur and how MAC spoofing could take place in the workplace. How would you protect against both identity theft and MAC spoofing? Address if it is feasible to determine if MAC spoofing and identity theft has taken place in the workplace. Include a whitelist of approved devices for this network. Examples may include authorized access points, firewalls, and other similar devices. Are there any legal issues, problems, or concerns with your actions? What should be conducted before starting this investigation? Were your actions authorized, was the notification valid, or are there any other concerns? Include your responses as part of the CIR with the title "Tracking Suspicious Behavior." In the next step, you will explore another workplace scenario, and your responses will help you formulate a continuous improvement plan, which will become another part of your CIR. --------------------------------------------------------------------------------------------------------- CST 630 Project 3 Enterprise Network Security For more course tutorials visit www.newtonhelp.com
Project 3 Step 1: Conduct a Policy Gap Analysis As you begin Step 1 of your system security report on cybersecurity for mergers and acquisitions, keep in mind that the networks of companies going through an M&A can be subject to cyberattack. As you work through this step and the others, keep these questions in mind: Are companies going through an M&A prone to more attacks or more focused attacks? If so, what is the appropriate course of action? Should the M&A activities be kept confidential? Now, look at the existing security policies in regard to the acquisition of the media streaming company. You have to explain to the executives that before any systems are integrated, their security policies will need to be reviewed. Conduct a policy gap analysis to ensure the target company's security policies follow relevant industry standards as well as local, state, and national laws and regulations. In other words, you need to make sure the new company will not inherit any statutory or regulatory noncompliance from either of the two original companies. This step would also identify what, if any, laws and regulations the target company is subject to. If those are different from the laws and regulations the acquiring company is subject to, then this document should answer the following questions:
How would you identify the differences? How would you learn about the relevant laws and regulations? How would you ensure compliance with those laws and regulations? The streaming company that is being acquired has a current customer base of 150,000 users, who on average pay $14.99 in monthly fees. Based on the overall income, use PCI Standards DSS 12 requirements, and the PCI DSS Quick Reference Guide to identify a secure strategy, and operating system protections to protect the credit card data. Select at least two appropriate requirements from the PCI Standards DSS 12 set of requirements and explain how the controls should be implemented, how they will change the current network, and any costs associated with implementing the change. In the next step, you will review the streaming protocols that the companies are using. Step 2: Review Protocols for Streaming Services After reviewing the policies from the company and the policy gap analysis, the M&A leader asks you about the protocols used by the streaming company. He wants to know if the protocols used would affect the current state of cybersecurity within the current company environment. For this section, review the protocols, explain how they work along with any known vulnerabilities, and how to secure the company from cyberattacks. Start with researching the commonly
known streaming protocols and the vulnerabilities of those protocols. Some examples are the Real-Time Streaming Protocol (RTSP), Real- Time Transport Protocol (RTP) and the Real-Time Transport Control Protocol (RTCP). Additionally, the leadership wants to know if any vulnerabilities identified would or could lead to a no-go on the M&A. In other words: You need to identify what streaming the companies are doing and the specific technology they are leveraging. What are the technical vulnerabilities associated with the protocols involved? Have those been mitigated? And to what extent (i.e., has the risk been reduced to zero, reduced somewhat, shifted to a third party, etc.)? What residual risk to the target company's assets and IP remain? Would those risks extend to the current (takeover) company after the merger? a. Would that be bad enough to cancel the M&A? If the response to #5 is yes, then, what should the target company do to further mitigate the risk? How should the takeover company mitigate the risk? --------------------------------------------------------------------------------------------------------
CST 630 Project 4Secure Videoconferencing Communications For more course tutorials visit www.newtonhelp.com Project 4 Step 1: Develop Functional Requirements for Videoconferencing The first step in your proposal for a secure videoconferencing system is to develop a set of functional requirements for videoconferencing that you believe the media company will nee based on its geographic dispersion and business needs. In developing those requirements, research three videoconferencing solutions such as Skype, GotoMeeting, Polycom, and Cisco Webex and explain their capabilities, advantages, and disadvantages. Identify costs as well as implementation and support requirements. The functional requirements and the three possible solutions will be a section of your Proposal for Secure Videoconferencing. In the next step, you will review the challenges of implementing those solutions. Step 2: Discuss Implementation Challenges In the previous step, you outlined the requirements for secure videoconferencing for the company and outlined three potential solutions. Part of your final proposal should also include the advantages and disadvantages of the implementation options for the three systems you selected. This section of the proposal also must include the changes the media company will need to make to implement the systems.
Additionally, explain how system administration or privileged identity management will operate with these systems. You will also need to examine how data exfiltration will occur with each of the new systems. The changes to the systems and challenges for the implementation of these potential solutions will be an important section of your Proposal for Secure Videoconferencing. In the next step, you will take a closer look at the track records of each of the potential videoconferencing vendors. Step 3: Identify Vendor Risks You've finished outlining the pros and cons of three videoconferencing systems. Now, it'S time to take a close look at how they serve their clients. This will take some research. Look at the systems' known vulnerabilities and exploits. Examine and explain the past history of each vendor with normal notification timelines, release of patches, or work-arounds (solutions within the system without using a patch). Your goal is to know the timeliness of response with each company in helping customers stay secure. This step will be a section of your Proposal for Secure Videoconferencing. In the next step, you will outline best practices for secure videoconferencing that will be part of your overall proposal to management Step 4: Develop Best Practices for Secure Videoconferencing The last few steps have been devoted to analyzing potential videoconferencing solutions. But obtaining a trusted vendor is just part of the security efforts. Another important step is to ensure that users and system administrators conduct the company's videoconferencing in a secure manner. In this step, outline security best practices for videoconferencing that you would like users and systems administrators to follow. Discuss how these best practices will improve security and minimize risks of data exfiltration as well as snooping.
This "best practices" section will be part of the overall Proposal for Secure Videoconferencing. In the next step, you will develop system integrity checks within a virtual lab environment. Step 5: Develop System Integrity Checks As part of the overall proposal, the CISO has asked you to develop system integrity checks for files shared between users of the videoconferencing systems. These checks will ensure file protection and prevent exfiltration of sensitive files. The lab exercise will show how this is done. In this step, you will generate a lab report that will be part of your final assignment. The lab instructions will tell you what the report needs to contain. Note: You will use the tools in Workspace for this step. If you need help outside the classroom, you can register for the CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration information). Lab assistants are available to help. Click here to access the instructions for Navigating the Workspace and the lab Setup. Click here to access the Project Workspace Exercise Instructions. Explore the tutorials and user guides to learn more about the tools you will use. Then, enter Workspace (http://virtualdesktop.umuc.edu/). This will be a section of your Proposal for Secure Videoconferencing. Now, you are ready for the final step, which will be to put all of the components of the proposal together for management. Remember, your task is to recommend the best videoconferencing system for the company. Part of that proposal includes a set of high-level executive briefing slides. Step 6: Submit Your Proposal for Secure Videoconferencing and All Related Materials
It’s time to prepare your materials on secure videoconferencing for management. Your task is to recommend a system that best meets the business functionality and security requirements of the company. As part of that recommendation, you will also prepare a set of high-level executive briefing slides to give the CEO and CIO an overview of your study. The assignments for this project are as follows: 1. Executive briefing: This is a three- to five-slide visual presentation for business executives and board members. 2. Executive summary: This is a one-page summary at the beginning of your Proposal for Secure Videoconferencing. 3. Proposal for Secure Videoconferencing: Your report should be a minimum six-page double- spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations. 4. Lab report: Generated from Workspace. Submit all four components to the assignment folder. --------------------------------------------------------------------------------------------------------- CST 630 Project 5 Data Loss Prevention (21 Pages + 10 slides + lab report) For more course tutorials visit www.newtonhelp.com
CST 630 Project 5 Data Loss Prevention (21 Pages + 10 slides + lab report) ---------------------------------------------------------------------------------------------------------

More Related Content

DOCX
CST 630 RANK Redefined Education--cst630rank.com
claric241
 
PDF
CST 630 RANK Introduction Education--cst630rank.com
agathachristie266
 
DOCX
CST 630 RANK Educational Specialist--cst630rank.com
VSNaipaul15
 
DOCX
CST 630 RANK Inspiring Innovation--cst630rank.com
KeatonJennings104
 
PDF
CST 630 RANK Become Exceptional--cst630rank.com
agathachristie113
 
PDF
CST 630 RANK Remember Education--cst630rank.com
chrysanthemu49
 
DOCX
Cst 630Education Specialist / snaptutorial.com
McdonaldRyan79
 
PDF
Cst 630 Believe Possibilities / snaptutorial.com
Davis11a
 
CST 630 RANK Redefined Education--cst630rank.com
claric241
 
CST 630 RANK Introduction Education--cst630rank.com
agathachristie266
 
CST 630 RANK Educational Specialist--cst630rank.com
VSNaipaul15
 
CST 630 RANK Inspiring Innovation--cst630rank.com
KeatonJennings104
 
CST 630 RANK Become Exceptional--cst630rank.com
agathachristie113
 
CST 630 RANK Remember Education--cst630rank.com
chrysanthemu49
 
Cst 630Education Specialist / snaptutorial.com
McdonaldRyan79
 
Cst 630 Believe Possibilities / snaptutorial.com
Davis11a
 

What's hot (19)

DOCX
CST 630 RANK Achievement Education--cst630rank.com
kopiko147
 
DOC
Cst 630 Inspiring Innovation--tutorialrank.com
PrescottLunt385
 
DOC
Cst 630 project 2 incident response
persons20ar
 
DOC
Cst 630 Enhance teaching / snaptutorial.com
Baileyabw
 
DOC
Cst 630 project 2 incident response
persons20ar
 
DOC
Cst 630 project 2 incident response
persons20ar
 
PDF
NIST CSD Cybersecurity Publications 20160417
James W. De Rienzo
 
PPTX
VAPT, Ethical Hacking and Laws in India by prashant mali
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
DOCX
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
 
DOCX
Backtrack manual Part1
Nutan Kumar Panda
 
PPTX
Enterprise IT Security Audit | Cyber Security Services
Akshay Kurhade
 
PDF
Oissg
Conferencias FIST
 
PDF
NASA OIG Report
Priyanka Aash
 
PDF
RAMNSS_2016_service_porfolio
Rhys A. Mossom
 
PDF
Vulnerability Assessment and Penetration Testing Report
Rishabh Upadhyay
 
PDF
Sample penetration testing agreement for core infrastructure
David Sweigert
 
PDF
Why Penetration Tests Are Important Cyber51
martinvoelk
 
PPTX
Vulnerability Assesment
Dedi Dwianto
 
PDF
Penetration Testing, Auditing & Standards Issue : 02_2012-1
Falgun Rathod
 
CST 630 RANK Achievement Education--cst630rank.com
kopiko147
 
Cst 630 Inspiring Innovation--tutorialrank.com
PrescottLunt385
 
Cst 630 project 2 incident response
persons20ar
 
Cst 630 Enhance teaching / snaptutorial.com
Baileyabw
 
Cst 630 project 2 incident response
persons20ar
 
Cst 630 project 2 incident response
persons20ar
 
NIST CSD Cybersecurity Publications 20160417
James W. De Rienzo
 
VAPT, Ethical Hacking and Laws in India by prashant mali
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
 
Backtrack manual Part1
Nutan Kumar Panda
 
Enterprise IT Security Audit | Cyber Security Services
Akshay Kurhade
 
Oissg
Conferencias FIST
 
NASA OIG Report
Priyanka Aash
 
RAMNSS_2016_service_porfolio
Rhys A. Mossom
 
Vulnerability Assessment and Penetration Testing Report
Rishabh Upadhyay
 
Sample penetration testing agreement for core infrastructure
David Sweigert
 
Why Penetration Tests Are Important Cyber51
martinvoelk
 
Vulnerability Assesment
Dedi Dwianto
 
Penetration Testing, Auditing & Standards Issue : 02_2012-1
Falgun Rathod
 
Ad

Similar to Cst 630 Extraordinary Success/newtonhelp.com (20)

DOCX
CST 630 Effective Communication - snaptutorial.com
donaldzs8
 
PDF
Cst 630 Education Organization-snaptutorial.com
robertlesew6
 
DOCX
CST 630 Exceptional Education - snaptutorial.com
DavisMurphyA97
 
DOCX
Many companies and agencies conduct IT audits to test and assess the.docx
tienboileau
 
DOCX
here has been an increase in the number of cybersecurity incident re.docx
simonithomas47935
 
DOCX
Project 1CST630 Project ChecklistStudent Name DateNote This che
davieec5f
 
PDF
Today's Cyber Challenges: Methodology to Secure Your Business
JoAnna Cheshire
 
PDF
CMIT 320 FINAL PROJECT NETWORK SECURITY.
HamesKellor
 
PDF
CMIT 320 FINAL PROJECT. NETWORK SECURITY
HamesKellor
 
PPTX
Dncybersecurity
Anne Starr
 
DOCX
College of Administrative and Financial SciencesAssignment 1.docx
mccormicknadine86
 
PDF
Information Security Risk Management
ipspat
 
PPTX
Cybersecurity Frameworks and You: The Perfect Match
McKonly & Asbury, LLP
 
PPT
Cyber crime with privention
Manish Dixit Ceh
 
DOCX
Running Head Security Assessment Repot (SAR) .docx
SUBHI7
 
PPTX
Phi 235 social media security users guide presentation
Alan Holyoke
 
PDF
Analysis on Common Network Attacks & Vulnerability Scanners
PROBOTEK
 
DOCX
ISE 620 Final Project Guidelines and Rubric Overview .docx
christiandean12115
 
DOCX
Part 1You have been recently hired as a network security analyst.docx
danhaley45372
 
PDF
Abb e guide3
Claricio Gobbo
 
CST 630 Effective Communication - snaptutorial.com
donaldzs8
 
Cst 630 Education Organization-snaptutorial.com
robertlesew6
 
CST 630 Exceptional Education - snaptutorial.com
DavisMurphyA97
 
Many companies and agencies conduct IT audits to test and assess the.docx
tienboileau
 
here has been an increase in the number of cybersecurity incident re.docx
simonithomas47935
 
Project 1CST630 Project ChecklistStudent Name DateNote This che
davieec5f
 
Today's Cyber Challenges: Methodology to Secure Your Business
JoAnna Cheshire
 
CMIT 320 FINAL PROJECT NETWORK SECURITY.
HamesKellor
 
CMIT 320 FINAL PROJECT. NETWORK SECURITY
HamesKellor
 
Dncybersecurity
Anne Starr
 
College of Administrative and Financial SciencesAssignment 1.docx
mccormicknadine86
 
Information Security Risk Management
ipspat
 
Cybersecurity Frameworks and You: The Perfect Match
McKonly & Asbury, LLP
 
Cyber crime with privention
Manish Dixit Ceh
 
Running Head Security Assessment Repot (SAR) .docx
SUBHI7
 
Phi 235 social media security users guide presentation
Alan Holyoke
 
Analysis on Common Network Attacks & Vulnerability Scanners
PROBOTEK
 
ISE 620 Final Project Guidelines and Rubric Overview .docx
christiandean12115
 
Part 1You have been recently hired as a network security analyst.docx
danhaley45372
 
Abb e guide3
Claricio Gobbo
 
Ad

Recently uploaded (20)

PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PDF
Business Ethics Teaching Materials for college
CynthiaCastillo40
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PDF
Mark Klimek Lecture Notes_240423 revision books _173037.pdf
pascalgumisiriza1
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PDF
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PDF
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
Insiders guide to clinical Medicine.pdf
AbhishekPatil315128
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PDF
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
Business Ethics Teaching Materials for college
CynthiaCastillo40
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
Mark Klimek Lecture Notes_240423 revision books _173037.pdf
pascalgumisiriza1
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
Insiders guide to clinical Medicine.pdf
AbhishekPatil315128
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 

Cst 630 Extraordinary Success/newtonhelp.com

  • 1. CST 630 Project 1Risk, Threat, and Vulnerability Management For more course tutorials visit www.newtonhelp.com Project 1 Step 1: Conduct a Security Analysis Baseline In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR). You will get your information from a data-flow diagram and report from the Microsoft Threat Modeling Tool 2016. The scope should include network IT security for the whole organization. Click the following to view the data-flow diagram: [diagram and report] Include the following areas in this portion of the SAR: a. Security requirements and goals for the preliminary security baseline activity. b. Typical attacks to enterprise networks and their descriptions. Include Trojans, viruses, worms, denial of service, session hijacking, and social engineering. Include the impacts these attacks have on an organization. c. Network infrastructure and diagram, including configuration and connections. Describe the security posture with respect to these components and the security employed: LAN, MAN, WAN, enterprise. Use these questions to guide you:
  • 2. a. What are the security risks and concerns? b. What are ways to get real-time understanding of the security posture at any time? c. How regularly should the security of the enterprise network be tested, and what type of tests should be used? d. What are the processes in play, or to be established to respond to an incident? e. Workforce skill is a critical success factor in any security program, and any security assessment must also review this component. Lack of a skilled workforce could also be a security vulnerability. Does the security workforce have the requisite technical skills and command of the necessary toolsets to do the job required? f. Is there an adequate professional development roadmap in place to maintain and/or improve the skill set as needed? g. Describe the ways to detect these malicious code and what tactics bad actors use for evading detection. d. Public and private access areas, web access points. Include in the network diagram the delineation of open and closed networks, where they co-exist. In the open network and closed network portion, show the connections to the Internet. e. Physical hardware components. Include routers and switches. What security weaknesses or vulnerabilities are within these devices? f. Operating systems, servers, network management systems. a. data in transit vulnerabilities 1. endpoint access vulnerabilities 2. external storage vulnerabilities 3. virtual private network vulnerabilities 4. media access control vulnerabilities 5. ethernet vulnerabilities b. Possible applications. This network will incorporate a BYOD (bring your own device) policy in the near future. The IT auditing team and leadership need to understand current mobile applications
  • 3. and possible future applications and other wireless integrations. You will use some of this information in Project 2 and also in Project 5. The overall SAR should detail the security measures needed, or implementations status of those in progress, to address the identified vulnerabilities. Include: a. remediation b. mitigation c. countermeasure d. recovery Through your research, provide the methods used to provide the protections and defenses. From the identification of risk factors in the risk model, identify the appropriate security controls from NIST SP 800-53A and determine their applicability to the risks identified. The baseline should make up at least three of the 12 pages of the overall report. When you have completed your security analysis baseline, move on to the next step, in which you will use testing procedures that will help determine the company's overall network defense strategy. Step 2: Determine a Network Defense Strategy You've completed your initial assessment of the company's security with your baseline analysis. Now it's time to determine the best defenses for your network. Start by reading a publication by the National Institute of Standards and Technology, NIST-SP-800-115 Technical Guide to Information Security Testing and Assessment, and outline how you would test violations. Identify how you will assess the effectiveness of these controls and write test procedures that could be used to test for effectiveness. Write them in a manner to allow a future information systems security officer to use
  • 4. them in preparing for an IT security audit or IT certification and accreditation. Within this portion of the SAR, explain the different testing types (black box testing, white box testing). Include these test plans in the SAR. The strategy should take up at least two of the 12 pages of the overall report. Click the following link to learn more about cybersecurity for process control systems: Cybersecurity for Process Control Systems After you've completed this step, it's time to define the process of penetration testing. In the next step, you'll develop rules of engagement (ROE). Step 3: Plan the Penetration Testing Engagement Now that you've completed your test plans, it's time to define your penetration testing process. Include all involved processes, people, and timeframe. Develop a letter of intent to the organization, and within the letter, include some formal rules of engagement (ROE). The process and any documents can be notional or can refer to actual use cases. If actual use cases are included, cite them using APA format. This portion should be about two pages of the overall 12-page report. After you have outlined the steps of a penetration testing process, in the next step you will perform penetration testing. During the testing, you will determine if the security components are updated and if the latest patches are implemented, and if not, determine where the security gaps are. Step 4: Conduct a Network Penetration Test You've defined the penetration testing process, and in this step, you will scan the network for vulnerabilities. Though you have some preliminary information about the network, you will perform a black box test to assess the current security posture. Black box testing is performed with little or no information about the network and organization. ---------------------------------------------------------------------------------------------------------
  • 5. CST 630 Project 2 Incident Response For more course tutorials visit www.newtonhelp.com Project 2 Step 1: Develop a Wireless and BYOD Security Plan Since the company you work for has instituted a bring your own device (BYOD) policy, security attitudes have been lax and all sorts of devices, authorized and unauthorized, have been found connected to the company's wireless infrastructure. In this first step, you will develop a wireless and BYOD security plan for the company. Use the NIST Guidelines for Securing Wireless Local Area Networks (WLANs) Special Publication 800-153 to provide an executive summary to answer other security concerns related to BYOD and wireless. Within your cybersecurity incident report, provide answers to the threat of unauthorized equipment or rogue access points on the company wireless network and the methods to find other rogue access points. Describe how to detect rogue access points and how they can actually connect to the network. Describe how to identify authorized access points within your network.
  • 6. Within your plan, include how the Cyber Kill Chain framework and approach could be used to improve the incident response times for networks. Include this at the beginning of your CIR as the basis for all wireless- and BYOD-related problems within the network. Title the section "Wireless and BYOD Security Plan." Click the following link to learn more about security management: Security Management. In the next step, you will explore a scenario on suspicious behavior, and your report will provide another section of your CIR. Step 2: Track Suspicious Behavior You've completed your wireless and BYOD security plan. Now it's time to take a look at another workplace situation. You have been notified of an employee exhibiting suspicious behavior. You decide to track the employee's movements by using various tools and techniques. You know the location and time stamps associated with the employee's mobile device.
  • 7. How would you track the location of the company asset? Explain how identity theft could occur and how MAC spoofing could take place in the workplace. How would you protect against both identity theft and MAC spoofing? Address if it is feasible to determine if MAC spoofing and identity theft has taken place in the workplace. Include a whitelist of approved devices for this network. Examples may include authorized access points, firewalls, and other similar devices. Are there any legal issues, problems, or concerns with your actions? What should be conducted before starting this investigation? Were your actions authorized, was the notification valid, or are there any other concerns? Include your responses as part of the CIR with the title "Tracking Suspicious Behavior." In the next step, you will explore another workplace scenario, and your responses will help you formulate a continuous improvement plan, which will become another part of your CIR. --------------------------------------------------------------------------------------------------------- CST 630 Project 3 Enterprise Network Security For more course tutorials visit www.newtonhelp.com
  • 8. Project 3 Step 1: Conduct a Policy Gap Analysis As you begin Step 1 of your system security report on cybersecurity for mergers and acquisitions, keep in mind that the networks of companies going through an M&A can be subject to cyberattack. As you work through this step and the others, keep these questions in mind: Are companies going through an M&A prone to more attacks or more focused attacks? If so, what is the appropriate course of action? Should the M&A activities be kept confidential? Now, look at the existing security policies in regard to the acquisition of the media streaming company. You have to explain to the executives that before any systems are integrated, their security policies will need to be reviewed. Conduct a policy gap analysis to ensure the target company's security policies follow relevant industry standards as well as local, state, and national laws and regulations. In other words, you need to make sure the new company will not inherit any statutory or regulatory noncompliance from either of the two original companies. This step would also identify what, if any, laws and regulations the target company is subject to. If those are different from the laws and regulations the acquiring company is subject to, then this document should answer the following questions:
  • 9. How would you identify the differences? How would you learn about the relevant laws and regulations? How would you ensure compliance with those laws and regulations? The streaming company that is being acquired has a current customer base of 150,000 users, who on average pay $14.99 in monthly fees. Based on the overall income, use PCI Standards DSS 12 requirements, and the PCI DSS Quick Reference Guide to identify a secure strategy, and operating system protections to protect the credit card data. Select at least two appropriate requirements from the PCI Standards DSS 12 set of requirements and explain how the controls should be implemented, how they will change the current network, and any costs associated with implementing the change. In the next step, you will review the streaming protocols that the companies are using. Step 2: Review Protocols for Streaming Services After reviewing the policies from the company and the policy gap analysis, the M&A leader asks you about the protocols used by the streaming company. He wants to know if the protocols used would affect the current state of cybersecurity within the current company environment. For this section, review the protocols, explain how they work along with any known vulnerabilities, and how to secure the company from cyberattacks. Start with researching the commonly
  • 10. known streaming protocols and the vulnerabilities of those protocols. Some examples are the Real-Time Streaming Protocol (RTSP), Real- Time Transport Protocol (RTP) and the Real-Time Transport Control Protocol (RTCP). Additionally, the leadership wants to know if any vulnerabilities identified would or could lead to a no-go on the M&A. In other words: You need to identify what streaming the companies are doing and the specific technology they are leveraging. What are the technical vulnerabilities associated with the protocols involved? Have those been mitigated? And to what extent (i.e., has the risk been reduced to zero, reduced somewhat, shifted to a third party, etc.)? What residual risk to the target company's assets and IP remain? Would those risks extend to the current (takeover) company after the merger? a. Would that be bad enough to cancel the M&A? If the response to #5 is yes, then, what should the target company do to further mitigate the risk? How should the takeover company mitigate the risk? --------------------------------------------------------------------------------------------------------
  • 11. CST 630 Project 4Secure Videoconferencing Communications For more course tutorials visit www.newtonhelp.com Project 4 Step 1: Develop Functional Requirements for Videoconferencing The first step in your proposal for a secure videoconferencing system is to develop a set of functional requirements for videoconferencing that you believe the media company will nee based on its geographic dispersion and business needs. In developing those requirements, research three videoconferencing solutions such as Skype, GotoMeeting, Polycom, and Cisco Webex and explain their capabilities, advantages, and disadvantages. Identify costs as well as implementation and support requirements. The functional requirements and the three possible solutions will be a section of your Proposal for Secure Videoconferencing. In the next step, you will review the challenges of implementing those solutions. Step 2: Discuss Implementation Challenges In the previous step, you outlined the requirements for secure videoconferencing for the company and outlined three potential solutions. Part of your final proposal should also include the advantages and disadvantages of the implementation options for the three systems you selected. This section of the proposal also must include the changes the media company will need to make to implement the systems.
  • 12. Additionally, explain how system administration or privileged identity management will operate with these systems. You will also need to examine how data exfiltration will occur with each of the new systems. The changes to the systems and challenges for the implementation of these potential solutions will be an important section of your Proposal for Secure Videoconferencing. In the next step, you will take a closer look at the track records of each of the potential videoconferencing vendors. Step 3: Identify Vendor Risks You've finished outlining the pros and cons of three videoconferencing systems. Now, it'S time to take a close look at how they serve their clients. This will take some research. Look at the systems' known vulnerabilities and exploits. Examine and explain the past history of each vendor with normal notification timelines, release of patches, or work-arounds (solutions within the system without using a patch). Your goal is to know the timeliness of response with each company in helping customers stay secure. This step will be a section of your Proposal for Secure Videoconferencing. In the next step, you will outline best practices for secure videoconferencing that will be part of your overall proposal to management Step 4: Develop Best Practices for Secure Videoconferencing The last few steps have been devoted to analyzing potential videoconferencing solutions. But obtaining a trusted vendor is just part of the security efforts. Another important step is to ensure that users and system administrators conduct the company's videoconferencing in a secure manner. In this step, outline security best practices for videoconferencing that you would like users and systems administrators to follow. Discuss how these best practices will improve security and minimize risks of data exfiltration as well as snooping.
  • 13. This "best practices" section will be part of the overall Proposal for Secure Videoconferencing. In the next step, you will develop system integrity checks within a virtual lab environment. Step 5: Develop System Integrity Checks As part of the overall proposal, the CISO has asked you to develop system integrity checks for files shared between users of the videoconferencing systems. These checks will ensure file protection and prevent exfiltration of sensitive files. The lab exercise will show how this is done. In this step, you will generate a lab report that will be part of your final assignment. The lab instructions will tell you what the report needs to contain. Note: You will use the tools in Workspace for this step. If you need help outside the classroom, you can register for the CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration information). Lab assistants are available to help. Click here to access the instructions for Navigating the Workspace and the lab Setup. Click here to access the Project Workspace Exercise Instructions. Explore the tutorials and user guides to learn more about the tools you will use. Then, enter Workspace (http://virtualdesktop.umuc.edu/). This will be a section of your Proposal for Secure Videoconferencing. Now, you are ready for the final step, which will be to put all of the components of the proposal together for management. Remember, your task is to recommend the best videoconferencing system for the company. Part of that proposal includes a set of high-level executive briefing slides. Step 6: Submit Your Proposal for Secure Videoconferencing and All Related Materials
  • 14. It’s time to prepare your materials on secure videoconferencing for management. Your task is to recommend a system that best meets the business functionality and security requirements of the company. As part of that recommendation, you will also prepare a set of high-level executive briefing slides to give the CEO and CIO an overview of your study. The assignments for this project are as follows: 1. Executive briefing: This is a three- to five-slide visual presentation for business executives and board members. 2. Executive summary: This is a one-page summary at the beginning of your Proposal for Secure Videoconferencing. 3. Proposal for Secure Videoconferencing: Your report should be a minimum six-page double- spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations. 4. Lab report: Generated from Workspace. Submit all four components to the assignment folder. --------------------------------------------------------------------------------------------------------- CST 630 Project 5 Data Loss Prevention (21 Pages + 10 slides + lab report) For more course tutorials visit www.newtonhelp.com
  • 15. CST 630 Project 5 Data Loss Prevention (21 Pages + 10 slides + lab report) ---------------------------------------------------------------------------------------------------------