CST 610 RANK Achievement Education--cst610rank.com

CST 610 All Project (Project 1-6)
FOR MORE CLASSES VISIT
www.cst610rank.com
CST 610 Project 1 Information Systems and Identity Management
CST 610 Project 2 Operating Systems Vulnerabilities (Windows and
Linux) CST 610 Project 3 Assessing Information System
Vulnerabilities and Risk CST 610 Project 4 Threat Analysis and
Exploitation CST 610 Project 5 Cryptography CST 610 Project 6
Digital Forensics Analysis
==============================================
CST 610 Project 1 Information Systems and Identity
Management
www.cst610rank.com
Project 1 Information Systems and Identity Management Video
transcript CYB 610 Project 1 You are a systems administrator in the
IT department of a major metropolitan hospital. Your duties are to
ensure the confidentiality, availability, and integrity of patient
records, as well as the other files and databases used throughout the
hospital. Your work affects several departments, including Human
Resources, Finance, Billing, Accounting, and Scheduling. You also
apply security controls on passwords for user accounts. Just before
clocking out for the day, you notice something strange in the
hospital's computer system. Some person, or group, has accessed user

accounts and conducted unauthorized activities. Recently, the hospital
experienced intrusion into one of its patient's billing accounts. After
validating user profiles in Active Directory and matching them with
user credentials, you suspect several user's passwords have been
compromised to gain access to the hospital's computer network. You
schedule an emergency meeting with the director of IT and the
hospital board. In light of this security breach, they ask you to
examine the security posture of the hospital's information systems
infrastructure and implement defense techniques. This must be done
quickly, your director says. The hospital board is less knowledgeable
about information system security. The board makes it clear that it has
a limited cybersecurity budget. However, if you can make a strong
case to the board, it is likely that they will increase your budget and
implement your recommended tool company¬wide. You will share
your findings on the hospital's security posture. Your findings will be
brought to the director of IT in a technical report. You will also
provide a non¬technical assessment of the overall identity
management system of the hospital and define practices to restrict and
permit access to information. You will share this assessment with the
hospital board in the form of a narrated slide show presentation. You
know that identity management will increase the security of the
overall information system's infrastructure for the hospital. You also
know that, with a good identity management system, the security and
productivity benefits will outweigh costs incurred. This is the
argument you must make to those stakeholders. Daily life requires us
to have access to a lot of information, and information systems help
us access that information. Desktop computers, laptops, and mobile
devices keep us connected to the information we need through
processes that work via hardware and software components.
Information systems infrastructure makes this possible. However, our
easy access to communication and information also creates security
and privacy risks. Laws, regulations, policies, and guidelines exist to
protect information and information owners. Cybersecurity ensures

the confidentiality, integrity, and availability of the information.
Identity management is a fundamental practice. Part of identity
management is the governance of access, authorization, and
authentication of users to information systems, Identity management
is one part of a layered security defense strategy within the
information systems infrastructure. Your work in this project will
enable you to produce a technical report and nontechnical
presentation that addresses these requirements. There are five steps
that will help you create your final deliverables. The deliverables for
this project are as follows: 1. Nontechnical presentation: This is
an 8-10 slide PowerPoint presentation for business executives and
board members. 2. Technical report: Your report should be a 6-7
page double-spaced Word document with citations in APA format.
The page count does not include figures, diagrams, tables or citations.
3. Executive summary: This should be a 2-3 page double-spaced
Word document. 4. In a Word document, share your lab experience
and provide screen prints to demonstrate that you performed the lab.
When you submit your project, your work will be evaluated using the
competencies listed below. You can use the list below to self-check
your work before submission. • 1.1: Organize document or
presentation clearly in a manner that promotes understanding and
meets the requirements of the assignment. • 2.3: Evaluate the
information in a logical and organized manner to determine its value
and relevance to the problem. • 6.2: Creating a roadmap for
organizations to use in development of an Identity Access
Management program (to address gaps in their current offerings). •
Step 1: Defining the Information System Infrastructure Select a
hospital or healthcare organization to research. You may choose an
organization you are familiar with or can readily obtain information
about. To maintain confidentiality, you do not need to mention the
name of the organization. You may also choose a
hypothetical/fictitious healthcare organization. Others have
researched several healthcare organizations, which have suffered

major security breaches, extensively. 1. Describe the
organization and structure including the different business units and
their functions. You may use an organizational chart to provide this
information. 2. Choose one or more mission-critical systems of the
healthcare organization. Define the information protection needs for
the organization's mission-critical protected health information (PHI).
This information is stored in database medical records for doctors,
nurses, and insurance claims billing systems, which are used to fulfill
the organizational information needs. 3. Define the workflows
and processes for the high-level information systems that you have
just identified that will store PHI. Workflows and processes for
healthcare organizations define how the organization gets its work
done. They describe the movement of patient information to the
business units that have needs to process and manage that
information, from billing to physician care. All these organizations
have hardware and software implementations of their information
systems, and it is critical to understand these components, and how
they are connected (known as their topology), so the appropriate
protections can be applied. Your research may produce instances and
examples of how an information system is connected, to include
cybersecurity components like firewalls, in the information system
and network diagram. Be sure you understand the benefits and
weaknesses for the different network topologies. You may incorporate
what you find in your research, in your definition for workflows and
processes for the high-level information systems and provide
explanation of how that topology fulfills the mission for the health
care organization. Your definition should include a high-level
description of information systems hardware and software
components and their interactions. Take time to read the following
resources. They will help you construct your definition. o
Information systems hardware o Information systems software
You may supply this information as a diagram with inputs, outputs,
and technologies identified. Consider how you might restrict access

and protect billing and PHI information. 4. The links shown below
provide access to essential information you’ll need to complete this
part of the hospital’s information system infrastructure definition.
Click each link, review its resources, and refer to them as you
compose this part of the definition. o Open Systems
Interconnections (OSI) Model o TCP/IP protocols o network
protocols You will include these definitions in your report. Step 2:
Threats Now that you have defined the hospital's information system
infrastructure, you will have to understand what are the threats to
those systems and describe the types of measures that could address
those threats. In this section, you will learn about different types of
identity access management solutions and how they protect against
the threat of unauthorized access. To complete this section of the
report, you’ll brush up on your knowledge of threats by reading the
following resources: web security issues, insider threats, intrusion
motives/hacker psychology, and CIA triad. Take what you learned
from these resources to convey the threats to the hospital's
information systems infrastructure. Include a brief summary of insider
threats, intrusion motives, and hacker psychology in your report as it
relates to your hospital data processing systems. Relate these threats
to the vulnerabilities in the CIA triad. This section of your report will
also include a description of the purpose and components of an
identity management system to include authentication, authorization,
and access control. Include a discussion of possible use of laptop
devices by doctors who visit their patients at the hospital, and need
access to hospital PHI data. Review the content of the following
resources. As you’re reading, take any notes you think will help you
develop your description. 1.Authorization 2. Access control 3.
Passwords 4. Multi-factor authentication Next, expand upon
your description. Define the types of access control management to
include access control lists in operating systems, role-based access
controls, files, and database access controls. Define types of
authorization and authentication and the use of passwords, password

management, and password protection in an identity management
system. Describe common factor authentication mechanisms to
include multi-factor authentication. You will include this information
in your report. Step 3: Password Cracking Tools You have
successfully examined the threats to a healthcare organization's
information systems infrastructure. Now, you must begin your
research into password cracking software. Do some quick
independent research on password cracking as it applies to your
organization. You can click on this link to find the instructions for
Navigating the Workspace and the Lab Setup. Enter Workspace and
complete the lab activities outlined in the Project 1 Workspace
Exercise Instructions. There are additional password cracking tool
resources, tutorials, and user guides to continue your familiarity with
the tools. Click here to access the Project 1 Workspace Exercise
Instructions. After completing the lab, you will have successfully
tested more than one password cracking tool. Not all password
cracking tools will necessarily perform with the same speed,
precision, and results, making it important to test a few different
products. Compare the password cracking tools based on these
characteristics, and include as part of your assessment and
recommendations on the use of such tools. You will test the
organization's systems for password strength and complexity and
complete validation testing. You will compare the results obtained
from your first and second tool. You have tested and made
comparisons of the performance of various password cracking tools
and you have the data to support your recommendations for the use of
such tools. Not all password cracking tools will necessarily perform
with the same speed, precision, and results, making it important to test
a few different products. The comparison will be part of your
assessment and help you make recommendations on the use of such
tools. You will test the organization's systems for password strength
and complexity and complete validation testing. You will compare the
results comparing the various tools. 1. Read this article about

cyberattacks, perform two different types of cyberattacks in the first,
and in the second tool, crack user account passwords. Describe them
in simple nontechnical terms for the leadership. You can identify
which tool is the most effective and why for your organization's IT
environment 2. Compare and contrast the results from the two
methods used to crack the accounts for the three passwords (each
encrypted by the two hash algorithms). Show their benefits. You can
make certain conclusions that help your company's cybersecurity
posture after using these methods. 3. Explain to the director of IT
and the members of the board that the healthcare organization’s anti-
virus software will detect password cracking tools as malware. Also
explain how this impacts the effectiveness of testing security controls
like password strength. Help the leadership understand the risks and
benefits of using password cracking tools, through persuasive
arguments in your report and presentation. If any of the tools take
longer than 4-5 minutes to guess a password, record the estimated
length of time the tool anticipates to guess it. Include this information
in your presentation. Step 4: The Non-Technical Presentation You
now have the information you need to prepare your product for
stakeholders. Based on the research and work you've completed in
Workspace, you will develop two items: a technical report for the
director of IT, and a nontechnical slide show presentation for the
members of the board. You will tailor the language of your reports
appropriately to the different audiences. The nontechnical
presentation: Your upper-level management team consists of technical
and nontechnical leadership, and they are interested in the bottom
line. You must help these leaders understand the identity management
system vulnerabilities you discovered in password cracking and
access control. They need to clearly see what actions they must either
take or approve. The following are a few questions to consider when
creating your presentation: 1. How do you present your technical
findings succinctly to a non-technical audience? Your technical report
for IT will span many pages; but you will probably be afforded no

more than 30 minutes or 8-10 slides for your presentation and the
following discussion with leadership. 2. How do you describe the
most serious risks factually but without sounding too temperamental?
No one likes to hear that their entire network has been hacked, data
has been stolen, and the attackers have won. You will need to
describe the seriousness of your findings while also assuring upper-
level management that these are not uncommon occurrences today. 3.
How do your results affect business operations? Make sure you
are presenting these very technical password cracking results in
business terms upper-level management will understand. 4. What do
you propose? Management will not only want to understand what you
have discovered; they will want to know what you propose as a
solution. Step 5: The Technical Report and Executive Summary The
technical report and the nontechnical presentation will identify
compromises and vulnerabilities in the information systems
infrastructure of the healthcare organization, and identify risks to the
organization's data. You will propose a way to prioritize these risks
and include possible remediation actions. The technical report:
Provide recommendations for access control and authentication
mechanisms to increase the security within the identity management
system. Review the mission and organization structure of this
healthcare organization. Review the roles within the organization, and
recommend the accesses, restrictions, and conditions for each role.
Present these in a tabular format as part of your list of
recommendations. Provide a comparison of risk scenarios to include
the following: 1.What will happen if the CIO and the leadership do
nothing, and decide to accept the risks? 2. Are there possible ways
the CIO can transfer the risks? 3. Are there possible ways to mitigate
the risks? 4. Are there possible ways to eliminate the risks? 5.
What are the projected costs to address these risks? Provide an
overall recommendation, with technical details to the director of IT.
The executive summary: In addition to your technical report, also
create a nontechnical report as an executive summary. The

deliverables for this project are as follows: 1. Nontechnical
presentation: This is a 8-10 slide PowerPoint presentation for business
executives and board members. 2. Technical report: Your report
should be a 6-7 page double-spaced Word document with citations in
APA format. The page count does not include figures, diagrams,
tables or citations. 3. Executive summary: This should be a 2-3 page
double-spaced Word document. 4. In a Word document, share
your lab experience and provide screen prints to demonstrate that you
performed the lab. Submit your deliverables to the assignment folder.
Before you submit your assignment, review the competencies below,
which your instructor will use to evaluate your work. A good practice
would be to use each competency as a self-check to confirm you have
incorporated all of them in your work. • 1.1: Organize document or
and relevance to the problem. • 6.2: Creating a roadmap for
organizations to use in development of an Identity Access
Management program (to address gaps in their current offerings).
==============================================
CST 610 Project 2 Operating Systems Vulnerabilities
(Windows and Linux)
www.cst610rank.com
CYB 610 Project 2 Congratulations, you are the newly appointed lead
cybersecurity engineer with your company in the oil and natural gas
sector. This is a senior¬level position. You were hired two months
ago based on your successful cybersecurity experience with a

previous employer. Your technical knowledge of cybersecurity is
solid. However, you have a lot to learn about this company's culture,
processes, and IT funding decisions, which are made by higher
management. You have recently come across numerous anomalies
and incidents leading to security breaches. The incidents took place
separately, and it has not been determined if they were caused by a
single source or multiple related sources. First, a month ago, a set of
three corporate database servers crashed suddenly. Then, a week ago,
anomalies were found in the configuration of certain server and router
systems of your company. You immediately recognized that
something with your IT resources was not right. You suspect that
someone, or some group, has been regularly accessing your user
account and conducting unauthorized configuration changes. You
meet with your leadership to discuss the vulnerabilities. They would
like you to provide a security assessment report, or SAR, on the state
of the operating systems within the organization. You're also tasked
with creating a non-technical narrated presentation summarizing your
thoughts. The organization uses multiple operating systems that are
Microsoft-based and Linux¬based. You will have to understand these
technologies for vulnerability scanning using the tools that work best
for the systems in the corporate network. You know that identity
management will increase the security of the overall information
systems infrastructure for the company. You also know that with a
good identity management system, the security and productivity
benefits will outweigh costs incurred. This is the argument you must
make to the stakeholders The operating system (OS) of an
information system contains the software that executes the critical
functions of the information system. The OS manages the computer's
memory, processes, and all of its software and hardware. It allows
different programs to run simultaneously and access the computer's
memory, central processing unit, and storage. The OS coordinates all
these activities and ensures that sufficient resources are applied.
These are the fundamental processes of the information system and if

they are violated by a security breach or exploited vulnerability it has
the potential to have the biggest impact on your organization. Security
for operating systems consists of protecting the OS components from
attacks that could cause deletion, modification, or destruction of the
operating system. Threats to an OS could consist of a breach of
confidential information, unauthorized modification of data, or
unauthorized destruction of data. It is the job of the cybersecurity
engineer to understand the operations and vulnerabilities of the OS
(whether it is a Microsoft, Linux, or another type of OS), and to
provide mitigation, remediation, and defense against threats that
would expose those vulnerabilities or attack the OS. There are six
steps that will help you create your final deliverables. The
deliverables for this project are as follows: 1. Security
Assessment Report (SAR): This report should be a 7-8 page double-
spaced Word document with citations in APA format. The page count
does not include figures, diagrams, tables, or citations. 2.
Nontechnical presentation: This is a set of 8-10 PowerPoint
slides for upper management that summarizes your thoughts
regarding the findings in your SAR. 3. In a Word document, share
your lab experience and provide screen prints to demonstrate that you
performed the lab. When you submit your project, your work will be
evaluated using the competencies listed below. You can use the list
below to self-check your work before submission. • 1.1: Organize
document or presentation clearly in a manner that promotes
understanding and meets the requirements of the assignment. •
2.3: Evaluate the information in a logical and organized manner
to determine its value and relevance to the problem. • 5.4: Identify
potential threats to operating systems and the security features
necessary to guard against them. Step 1: Defining the OS The
audience for your security assessment report (SAR) is the leadership
of your organization, which is made up of technical and nontechnical
staff. Some of your audience will be unfamiliar with operating
systems (OS). As such, you will begin your report with a brief

explanation of operating systems fundamentals and the types of
information systems. Click on and read the following resources that
provide essential information you need to know before creating a
thorough and accurate OS explanation: • operating systems
fundamentals • the applications of the OS • The Embedded OS •
information system architecture • cloud computing • web
architecture After reviewing the resources, begin drafting the OS
overview to incorporate the following: 1. Explain the user's role in
an OS. 2. Explain the differences between kernel applications of the
OS and the applications installed by an organization or user. 3.
Describe the embedded OS. 4. Describe how the systems fit
in the overall information system architecture, of which cloud
computing is an emerging, distributed computing network
architecture.. Include a brief definition of operating systems and
information systems in your SAR. Step 2: OS Vulnerabilities You just
summarized operating systems and information systems for
leadership. In your mind, you can already hear leadership saying "So
what?" The organization's leaders are not well versed in operating
systems and the threats and vulnerabilities in operating systems, so in
your SAR, you decide to include an explanation of advantages and
disadvantages of the different operating systems and their known
vulnerabilities. Prepare by first reviewing the different types of
vulnerabilities and intrusions explained in these resources: •
Windows vulnerabilities • Linux vulnerabilities •Mac OS
vulnerabilities • SQL PL/SQL, XML and other injections Based on
what you gathered from the resources, compose the OS vulnerability
section of the SAR. Be sure to: 1. Explain Windows vulnerabilities
and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities,
and vulnerabilities of mobile devices. 3. Explain the motives and
methods for intrusion of the MS and Linux operating systems; 4.
Explain the types of security awareness technologies such as
intrusion detection and intrusion prevention systems. 5. Describe how
and why different corporate and government systems are targets. 6.

Describe different types of intrusions such as SQL PL/SQL,
XML, and other injections You will provide leadership with a brief
overview of vulnerabilities in your SAR. Step 3: Preparing for the
Vulnerability Scan You have just finished defining the vulnerabilities
an OS can have. Soon you will perform vulnerability scanning and
vulnerability assessments on the security posture of the organization's
operating systems. But first, consider your plan of action. Read these
two resources to be sure you fully grasp the purpose, goals,
objectives, and execution of vulnerability assessments and security
updates: • Vulnerability assessments • Patches Then provide the
leadership with the following: 1. Include a description of the
methodology you proposed to assess the vulnerabilities of the
operating systems. Provide an explanation and reasoning of how the
methodology you propose, will determine the existence of those
vulnerabilities in the organization’s OS. 2. Include a description of
the applicable tools to be used, and the limitations of the tools and
analyses, if any. Provide an explanation and reasoning of how the
applicable tools to be used, you propose, will determine the existence
of those vulnerabilities in the organization’s OS. 3. Include the
projected findings from using these vulnerability assessment tools. In
your report, discuss the strength of passwords, any Internet
Information Services' administrative vulnerabilities, SQL server
administrative vulnerabilities, and other security updates and
management of patches, as they relate to OS vulnerabilities. Step 4:
Vulnerability Assessment Tools for OS and Applications Note: You
will use the tools in Workspace for this step. If you need help outside
the classroom, register for the CLAB 699 Cyber Computing Lab
Assistance (go to the Discussions List for registration information).
Primary lab assistance is available from a team of lab assistants. Lab
assistants are professionals and are trained to help you. Click here to
access the instructions for Navigating the Workspace and the Lab
Setup. Enter Workspace and complete the lab activities related to
operating system vulnerabilities. Click here to access the Project 2

Workspace Exercise Instructions. Explore the tutorials and user
guides to learn more about the tools you will use. You've prepared for
your assessment; now it's time to perform. Security and vulnerability
assessment analysis tools, such as Microsoft Baseline Security
Analyzer (MBSA) for Windows OS and OpenVAS for Linux OS, are
stand-alone tools designed to provide a streamlined method for
identifying common security misconfigurations and missing security
updates for the operating systems and applications. These tools work
on layers 5-7 of the Open System Interconnection (OSI) model. Your
leadership will want to understand the differences and commonalities
in the capabilities of both tools and will want this included in the
SAR. Use the tools' built-in checks to complete the following for
Windows OS (e.g., using Microsoft Baseline Security Analyzer,
MBSA): 1.Determine if Windows administrative vulnerabilities are
present. 2. Determine if weak passwords are being used on Windows
accounts. 3. Report which security updates are required on each
individual system. 4. You noticed that the tool you used for
Windows OS (i.e., MBSA) provides dynamic assessment of missing
security updates. MBSA provides dynamic assessment of missing
security updates. Scan one or more computers by domain, IP address
range, or other grouping. 5. Once complete, provide a detailed report
and recommendations on how to make your system a more secure
working environment. In this case, a tool such as MBSA will create
and store individual XML security reports for each computer scanned
and will display the reports in the graphical user interface in HTML.
You will also complete a similar exercise for Linux OS (e.g., using
the OpenVAS tool). Select the following links to learn more about
OpenVAS and computer networks: • OpenVAS • Computer
Networks Utilize the OpenVAS tool to complete the following: 1.
Determine if Linux vulnerabilities are present. 2. Determine if
weak passwords are being used on Linux systems. 3. Determine
which security updates are required for the Linux systems. 4. You
noticed that the tool you used for Linux OS (i.e., OpenVAS) provides

dynamic assessment of missing security updates. MBSA provides
dynamic assessment of missing security updates. Scan one or more
computers by domain, IP address range, or other grouping. 5. Once
complete, provide a detailed report and recommendations on how to
make your system a more secure working environment Knowledge
acquired from this Workspace exercise and capability of this tool will
help your company's client organizations secure the computer
networks’ resources and protect corporate data from being stolen.
Validate and record the benefits of using these types of tools. You
will include this in the SAR. Step 5: The Security Assessment Report
By utilizing security vulnerability assessment tools, such as MBSA
and OpenVAS, you now have a better understanding of your system's
security status. Based on the results provided by these tools, as well as
your learning from the previous steps, you will create the Security
Assessment Report (SAR). In your report to the leadership, emphasize
the benefits of using a free security tool such as MBSA. Then make a
recommendation for using these types of tools (i.e., MBSA and
OpenVAS), including the results you found for both. Remember to
include these analyses and conclusions in the SAR deliverable: 1.
After you provide a description of the methodology you used to
make your security assessment, you will provide the actual data from
the tools, the status of security and patch updates, security
recommendations, and offer specific remediation guidance, to your
senior leadership. 2. You will include any risk assessments
associated with the security recommendations, and propose ways to
address the risk either by accepting the risk, transferring the risk,
mitigating the risk, or eliminating the risk. Include your SAR in your
final deliverable to leadership. Step 6: The Presentation Based on
what you have learned in the previous steps and your SAR, you will
also develop a presentation for your company's leadership. Your
upper-level management team is not interested in the technical report
you generated from your Workspace exercise. They are more
interested in the bottom line. You must help these non¬technical

leaders understand the very technical vulnerabilities you have
discovered. They need to clearly see what actions they must either
take or approve. The following are a few questions to consider when
creating your non-technical presentation: 1. How do you present your
technical findings succinctly to a non-technical audience? Your
Workspace exercise report will span many pages, but you will
probably not have more than 30 minutes for your presentation and
follow-up discussion. 2. How do you describe the most serious
risks factually but without sounding too temperamental? No one likes
to hear that their entire network has been hacked, data has been
stolen, and the attackers have won. You will need to describe the
seriousness of your findings while also assuring upper-level
management that these are not uncommon occurrences today. 3. How
do your Workspace exercise results affect business operations? Make
sure you are presenting these very technical results in business terms
that upper-level management will understand. 4. Be very clear on
what you propose or recommend. Upper-level management will want
to not only understand what you discovered; they will want to know
what you propose as a solution. They will want to know what
decisions they need to make based on your findings. Your goal for the
presentation is to convince the leadership that adopting a security
vulnerability assessment tool (such as MBSA) and providing an extra
security layer is a must for the company. The deliverables for this
project are as follows: 1. Security Assessment Report (SAR): This
report should be a 7-8 page double-spaced Word document with
citations in APA format. The page count does not include figures,
diagrams, tables, or citations. 2. Nontechnical presentation: This is a
set of 8-10 PowerPoint slides for upper management that summarizes
your thoughts regarding the findings in your SAR. 3. In a Word
document, share your lab experience and provide screen prints to
demonstrate that you performed the lab. Submit your deliverables to
the assignment folder. Before you submit your assignment, review the
competencies below, which your instructor will use to evaluate your

work. A good practice would be to use each competency as a self-
check to confirm you have incorporated all of them in your work. •
1.1: Organize document or presentation clearly in a manner that
promotes understanding and meets the requirements of the
assignment. • 2.3: Evaluate the information in a logical and
organized manner to determine its value and relevance to the problem.
• 5.4: Identify potential threats to operating systems and the
security features necessary to guard against them.
==============================================
CST 610 Project 3 Assessing Information System
Vulnerabilities and Risk
www.cst610rank.com
Project 3 Assessing Information System Vulnerabilities and Risk
CYB 610 Project 3 You are an Information Assurance Management
Officer, IAMO, at an organization of your choosing. One morning, as
you're getting ready for work, you see an email from Karen, your
manager. She asks you to come to her office as soon as you get in.
When you arrive to your work, you head straight to Karen's office.
“Sorry for the impromptu meeting,” she says, “but we have a bit of an
emergency. There's been a security breach at the Office of Personnel
Management.” We don't know how this happened, but we need to
make sure it doesn't happen again, says Karen. You'll be receiving an
email with more information on the security breach. Use this info to
assess the information system vulnerabilities of the Office of
Personnel Management. At your desk, you open Karen's email. She's
given you an OPM report from the Office of the Inspector General, or
OIG. You have studied the OPM OIG report and found that the

hackers were able to gain access through compromised credentials.
The security breach could have been prevented, if the Office of
Personnel Management, or OPM, had abided by previous auditing
reports and security findings. In addition, access to the databases
could have been prevented by implementing various encryption
schemas and could have been identified after running regularly
scheduled scans of the systems. Karen and the rest of the leadership
team want you to compile your findings into a Security Assessment
Report or SAR. You will also create a Risk Assessment Report, or
RAR, in which you identify threats, vulnerabilities, risks, and
likelihood of exploitation and suggested remediation The security
posture of the information systems infrastructure of an organization
should be regularly monitored and assessed (including software,
hardware, firmware components, governance policies, and
implementation of security controls). The monitoring and assessment
of the infrastructure and its components, policies, and processes
should also account for changes and new procurements that are sure
to follow in order to stay in step with ever-changing information
system technologies. The data breach at the Office of Personnel
Management (OPM) is one of the largest in US government history. It
provides a series of lessons learned for other organizations in industry
and the public sector. Some critical security practices, such as lack of
diligence to security controls and management of changes to the
information systems infrastructure were cited as contributors to the
massive data breach in the OPM Office of the Inspector General's
(OIG) Final Audit Report, which can be found in open source
searches. Some of the findings in the report include: weak
authentication mechanisms; lack of a plan for life-cycle management
of the information systems; lack of a configuration management and
change management plan; lack of inventory of systems, servers,
databases, and network devices; lack of mature vulnerability scanning
tools; lack of valid authorizations for many systems, and lack of plans
of action to remedy the findings of previous audits. The breach

ultimately resulted in removal of OPM's top leadership. The impact of
the breach on the livelihoods of millions of people is ongoing and
may never be fully known. There is a critical need for security
programs that can assess vulnerabilities and provide mitigations.
There are nine steps that will help you create your final deliverables.
The deliverables for this project are as follows: 1. Security
Assessment Report (SAR): This should be an 8-10 page double-
does not include figures, diagrams, tables, or citations. 2. Risk
Assessment Report (RAR): This report should be a 5-6 page double-
does not include figures, diagrams, tables, or citations. 3. In a Word
document, share your lab experience and provide screen prints to
demonstrate that you performed the lab. When you submit your
project, your work will be evaluated using the competencies listed
below. You can use the list below to self-check your work before
submission. • 1.1: Organize document or presentation clearly in a
manner that promotes understanding and meets the requirements of
the assignment. • 1.2: Develop coherent paragraphs or points so
that each is internally unified and so that each functions as part of the
whole document or presentation. • 1.3: Provide sufficient,
correctly cited support that substantiates the writer’s ideas. • 1.4:
Tailor communications to the audience. • 1.5: Use sentence
structure appropriate to the task, message and audience. • 1.6:
Follow conventions of Standard Written English. • 5.2:
Knowledge of architectural methodologies used in the design and
development of information systems and knowledge of standards that
either are compliant with or derived from established standards or
guidelines. • 5.6: Explore and address cybersecurity concerns,
promote awareness, best practice, and emerging technology. •7.3:
Knowledge of methods and tools used for risk management and
mitigation of risk. • 8.1: Demonstrate the abilities to detect,
identify, and resolve host and network intrusion incidents. • 8.2:

Possess knowledge and skills to categorize, characterize, and
prioritize an incident as well as to handle relevant digital evidence
appropriately. Step 1: Enterprise Network Diagram During Project
One, you researched a hypothetical or actual organization of your
choice. You had to understand the goals of the organization and the
types of systems that would fulfill those goals. You will now research
and learn about types of networks and their secure constructs that may
be used in organizations to accomplish the functions of the
organization’s mission. You will propose a local area network (LAN)
and a wide area network (WAN) for the organization, define the
systems environment, and incorporate this information in a network
diagram. Discuss the security benefits of your chosen network design.
Read about the following computing platforms available for networks
and discuss how these platforms could be implemented in your
organization. Include the rationale for all platforms you choose to
include in your network design. • common computing platforms •
cloud computing • distributed computing • centralized
computing • secure programming fundamentals • Step 2:
Enterprise Threats • Review the OIG report on the OPM breach that
you were asked to research and read about at the beginning of the
project. The OIG report included numerous security deficiencies that
likely left OPM networks vulnerable to being breached. In addition to
those external threats, the report also describes the ways OPM was
vulnerable to insider threats. The information about the breach could
be classified as threat intelligence. Define threat intelligence and
explain what kind of threat intelligence is known about the OPM
breach. • You just provided detailed background information on
your organization. Next, you’ll describe threats to your organization’s
system. Before you get started, select and explore the contents of the
following link: insider threats (also known as internal threats). As
you’re reading, take note of which insider threats are a risk to your
organization. • Now, differentiate between the external threats to the
system and the insider threats. Identify where these threats can occur

in the previously created diagrams. Relate the OPM threat intelligence
to your organization. How likely is it that a similar attack will occur at
your organization? Step 3: Scanning the Network Note: You will use
the tools in Workspace for this step. If you need help outside the
classroom to complete this project, register for CLAB 699 Cyber
Computing Lab Assistance (go to the Discussions List for registration
information). Primary lab assistance is available from a team of lab
assistants. Lab assistants are professionals and are trained to help you.
Click here to access the instructions for Navigating the Workspace
and the Lab Setup. Select the following link to enter Workspace. and
complete the lab activities related to network vulnerabilities. You will
now investigate network traffic, and the security of the network and
information system infrastructure overall. Past network data has been
logged and stored, as collected by a network analyzer tool such as
Wireshark. Explore the tutorials and user guides to learn more about
the tools you will use. Click the following link to read more about
these network monitoring tools: Tools to Monitor and Analyze
Network Activities. You will perform a network analysis on the
Wireshark files provided to you in Workspace and assess the network
posture and any vulnerability or suspicious information you are able
to obtain. Include this information in the SAR. You will then return to
the lab in order to identify any suspicious activities on the network,
through port scanning and other techniques. You will revisit the lab
and lab instructions in Step 7: Suspicious Activity. Click here to
access the Project 3 Workspace Exercise Instructions. In order to
validate the assets and devices on the organization's network, run
scans using security and vulnerability assessment analysis tools such
as MBSA, OpenVAS, Nmap, or Nessus depending on the operating
systems of your organization's networks. Live network traffic can also
be sampled and scanned using Wireshark on either the Linux or
Windows systems. Wireshark allows you to inspect all OSI layers of
traffic information. Further analyze the packet capture for network
performance, behavior, and any suspicious source and destination

addresses on the networks. In the previously created Wireshark files,
identify if any databases had been accessed. What are the IP addresses
associated with that activity? Include this information in the SAR.
Step 4: Identifying Security Issues You have a suite of security tools,
techniques, and procedures that can be used to assess the security
posture of your organization's network in a SAR. Now it's time to
identify the security issues in your organization's networks. You have
already used password cracking tools to crack weak and vulnerable
passwords. Provide an analysis of the strength of passwords used by
the employees in your organization. Are weak passwords a security
issue for your organization? Step 5: Firewalls and Encryption Next,
examine these resources on firewalls and auditing–RDBMS related to
the use of the Relational Database Management System (i.e., the
database system and data) RDBMS. Also review these resources
related to access control. Determine the role of firewalls and
encryption, and auditing – RDBMS that could assist in protecting
information and monitoring the confidentiality, integrity, and
availability of the information in the information systems. Reflect any
weaknesses found in the network and information system diagrams
previously created, as well as in the developing SAR. Step 6: Threat
Identification You know of the weaknesses in your organization's
network and information system. Now you will determine various
known threats to the organization's network architecture and IT assets.
Get acquainted with the following types of threats and attack
techniques. Which are a risk to your organization? • IP address
spoofing/cache poisoning attacks • denial of service attacks (DoS)
• packet analysis/sniffing • session hijacking attacks •
distributed denial of service attacks In identifying the different
threats, complete the following tasks: 1. Identify the potential
hacking actors of these threat attacks on vulnerabilities in networks
and information systems and the types of remediation and mitigation
techniques available in your industry, and for your organization. 2.
Identify the purpose and function of firewalls for organization

network systems, and how they address the threats and vulnerabilities
you have identified. 3.Also discuss the value of using access control,
database transaction and firewall log files. 4.Identify the purpose and
function of encryption, as it relates to files and databases and other
information assets on the organization's networks. Include these in the
SAR. Step 7: Suspicious Activity Note: You will utilize the tools in
Workspace for this step. Hackers frequently scan the Internet for
computers or networks to exploit. An effective firewall can prevent
hackers from detecting the existence of networks. Hackers continue to
scan ports, but if the hacker finds there is no response from the port
and no connection, the hacker will move on. The firewall can block
unwanted traffic and NMap can be used to self-scan to test the
responsiveness of the organization's network to would-be hackers.
Select the following link to enter Workspace and conduct the port
scanning. Return to the lab instructions by clicking here to access the
Project 3 Workspace Exercise Instructions. Step 8: Risk and
Remediation What is the risk and what is the remediation? What is
the security exploitation? You can use the OPM OIG Final Audit
Report findings and recommendations as a possible source for
methods to remediate vulnerabilities. Read this risk assessment
resource to get familiar with the process, then prepare the risk
assessment. Be sure to first list the threats, then the vulnerabilities,
and then pairwise comparisons for each threat and vulnerability, and
determine the likelihood of that event occurring, and the level of
impact it would have on the organization. Use the OPM OIG Final
Audit Report findings as a possible source for potential mitigations.
Include this in the risk assessment report (RAR). Step 9: Creating the
SAR and RAR Your research and Workspace exercise have led you to
this moment: creating your SAR and RAR. Consider what you have
learned in the previous steps as you create your reports for leadership.
Prepare a Security Assessment Report (SAR) with the following
sections: 1.Purpose 2. Organization 3. Scope 4. Methodology 5.
Data 6. Results 7. Findings The final SAR does not have to

stay within this framework, and can be designed to fulfill the goal of
the security assessment. Prepare a Risk Assessment Report (RAR)
with information on the threats, vulnerabilities, likelihood of
exploitation of security weaknesses, impact assessments for
exploitation of security weaknesses, remediation, and cost/benefit
analyses of remediation. Devise a high-level plan of action with
interim milestones (POAM), in a system methodology, to remedy
your findings. Include this high-level plan in the RAR. Summarize the
results you obtained from the vulnerability assessment tools (i.e.,
MBSA and OpenVas) in your report. The deliverables for this project
are as follows: 1. Security Assessment Report (SAR): This
should be an 8-10 page double-spaced Word document with citations
in APA format. The page count does not include figures, diagrams,
tables, or citations. 2. Risk Assessment Report (RAR): This report
should be a 5-6 page double-spaced Word document with citations in
APA format. The page count does not include figures, diagrams,
tables, or citations. 3. In a Word document, share your lab experience
and provide screen prints to demonstrate that you performed the lab.
Submit your deliverables to the assignment folder. Before you submit
your assignment, review the competencies below, which your
instructor will use to evaluate your work. A good practice would be to
use each competency as a self-check to confirm you have
incorporated all of them in your work. • 1.1: Organize document
or presentation clearly in a manner that promotes understanding and
meets the requirements of the assignment. • 1.2: Develop coherent
paragraphs or points so that each is internally unified and so that each
functions as part of the whole document or presentation. • 1.3:
Provide sufficient, correctly cited support that substantiates the
writer’s ideas. • 1.4: Tailor communications to the audience. •
1.5: Use sentence structure appropriate to the task, message and
audience. •1.6: Follow conventions of Standard Written English. •
5.2: Knowledge of architectural methodologies used in the
design and development of information systems and knowledge of

standards that either are compliant with or derived from established
standards or guidelines. • 5.6: Explore and address cybersecurity
concerns, promote awareness, best practice, and emerging technology.
• 7.3: Knowledge of methods and tools used for risk management
and mitigation of risk. • 8.1: Demonstrate the abilities to detect,
identify, and resolve host and network intrusion incidents. • 8.2:
Possess knowledge and skills to categorize, characterize, and
prioritize an incident as well as to handle relevant digital evidence
appropriately.
==============================================
CST 610 Project 4 Threat Analysis and Exploitation
www.cst610rank.com
Project 4 Threat Analysis and Exploitation CYB610 Project 4 You are
part of a collaborative team that was created to address cyber threats
and exploitation of US financial systems critical infrastructure. Your
team has been assembled by the White House Cyber National security
staff to provide situational awareness about a current network breach
and cyber attack against several financial service institutions. Your
team consists of four roles, a representative from the financial
services sector who has discovered the network breach and the cyber
attacks. These attacks include distributed denial of service attacks,
DDOS, web defacements, sensitive data exfiltration, and other attack
vectors typical of this nation state actor. A representative from law
enforcement who has provided additional evidence of network attacks
found using network defense tools. A representative from the
intelligence agency who has identified the nation state actor from
numerous public and government provided threat intelligence reports.

This representative will provide threat intelligence on the tools,
techniques, and procedures of this nation state actor. A representative
from the Department of Homeland Security who will provide the risk,
response, and recovery actions taken as a result of this cyber threat.
Your team will have to provide education and security awareness to
the financial services sector about the threats, vulnerabilities, risks,
and risk mitigation and remediation procedures to be implemented to
maintain a robust security posture. Finally, your team will take the
lessons learned from this cyber incident and share that knowledge
with the rest of the cyber threat analysis community. At the end of the
response to this cyber incident, your team will provide two
deliverables, a situational analysis report, or SAR, to the White House
Cyber National security staff and an After Action Report and lesson
learned to the cyber threat analyst community. US critical
infrastructure-power—water, oil and natural gas, military systems,
financial systems—have become the target of cyber and physical
attacks as more critical infrastructure systems are integrated with the
Internet and other digital controls systems. The lesson learned in
defending and mitigating cyberattacks is that no entity can prevent or
resolve cyberattacks on its own. Collaboration and information
sharing is key for success and survival. This is a group exercise,
representing collaboration across all sectors, to support and defend
US critical infrastructure. In the working world, a team like this
would include some agencies, some industrial partners, and some
private sector corporations. Each organization has different strengths
and skills, different access to information, and different authorities to
report to. When the sectors work together and leverage resources and
skills, the result is that everyone benefits from the defense and
protection of US IT infrastructure. In your teams, you can model the
same collaboration, leveraging each other's expertise, sharing each
other's knowledge, teaching each other, and providing contributions
specific to your role in the scenario. • Financial Services
Representative: special task in Step 3 • Law Enforcement

Representative: special task in Step 4 • Intelligence Agency
Representative: special task in Step 5 • Homeland Security
Representative: special task in Step 6 There are seven steps that will
help you create your final deliverables. The deliverables for this
project are as follows: 1. Security Assessment Report (SAR): This
diagrams, tables, or citations. 2. After Action Report (AAR): This
diagrams, tables, or citations. 3. This is a 5-8 slide PowerPoint
presentation for executives along with a narrated or In-Class
Presentation summarizing your SAR and AAR report. When you
submit your project, your work will be evaluated using the
your work before submission. • 1.1: Organize document or
and relevance to the problem. • 4.1: Lead and/or participate in a
diverse group to accomplish projects and assignments. •4.3:
Contribute to team projects, assignments, or organizational goals as
an engaged member of a team. • 8.4: Possess knowledge of proper
and effective communication in case of an incident or crisis. Step 1:
Establishing Roles As described in the scenario, you will be working
in a small team (usually five members). Your instructor has provided
an area for your group discussions, collaboration, and file sharing.
Take some time to learn about your teammates (introductions,
LinkedIn profiles and bios) to understand the experience and expertise
of the team members. Studies on teamwork outline the typical team
stages of forming, storming, norming, and performing (see Tuckman,
Bruce W. (1965), "Developmental sequence in small groups,"
Psychological Bulletin, 63, 384-399.)This guidance on teamwork

may be helpful. In order to do well, you and your team members must
start communicating or "forming" immediately and discuss how you
will divide the work. Review the project and if you have portions of
the work that play well to your strengths, make this known to your
team members. Then develop a project plan and schedule to get the
work done. Finally, agree on a communications plan, which allows
your team members to know where the project stands. During this
stage, you may have disagreements or differences of opinion about
roles and division of work. This is a normal aspect of "storming."
Once you start agreeing on roles and tasks, you are well on your way
to "norming." You should settle on a collaboration space and share
drafts of your work in your classroom team locker so your team
members and the instructor can see the work progression. All team
members must contribute, but the deliverables need to be cohesive.
Therefore, each of you will need to review each other's work and help
each other. While you may have to use collaborative tools outside the
classroom, maintain the key documents in the respective team project
locker in the classroom. Your team will use this area to establish
ground rules for communication and collaboration. Team members
will gain an overview of the entire project, establish roles, agree on
the division of work, and complete and sign the Team Project Charter.
If you decide to use Google Docs for your collaborative work, you
could also choose a Google drive with appropriate sharing with your
team members and your instructor, and provide information on this in
your team locker. Part of teamwork is looking at each other's work
and providing constructive feedback and improvements. If you sense
problems during your team communications sessions, discuss risk
management and project adjustments your team may need to make. If
you sense trouble, contact your instructor and request intervention as
soon as you recognize issues. After the plan is completed, elect one
person to attach or link the final document to the team project locker.
This step should have been completed early in the term between
Weeks 2 and 4. Setting up the team roles and expectations is an

important part of this project and completing the charter is critical to
the project's success. When you have completed this important step,
move to the next step. Step 2: Assessing Suspicious Activity Your
team is assembled and you have a plan. It's time to get to work. You
have a suite of tools at your disposal from your work in Project 1,
Project 2, and Project 3, which can be used together to create a full
common operating picture of the cyber threats and vulnerabilities that
are facing the US critical infrastructure. Begin by selecting the
following links to brush up on your knowledge: 1.network security 2.
mission critical systems 3. penetration testing To be completed
by all team members: Leverage the network security skills of using
port scans, network scanning tools, and analyzing Wireshark files, to
assess any suspicious network activity and network vulnerabilities.
Step 3: The Financial Sector To be completed by the Financial
Services Representative: Provide a description of the impact the threat
would have on the financial services sector. These impact statements
can include the loss of control of the systems, the loss of data integrity
or confidentiality, exfiltration of data, or something else. Also provide
impact assessments as a result of this security incident to the financial
services sector. To be completed by all team members: Provide
submissions from the Information Sharing Analysis Councils related
to the financial sector. You can also propose fictitious submissions.
Also, review the resources for Industrial Control Systems, and advise
the importance of them to the financial services sector. Explain the
risks associated with the Industrial Controls Systems. Step 4: Law
Enforcement To be completed by the Law Enforcement
Representative: Provide a description of the impact the threat would
have on the law enforcement sector. These impact statements can
include the loss of control of systems, the loss of data integrity or
confidentiality, exfiltration of data, or something else. Also provide
impact assessments as a result of this security incident to the law
enforcement sector. Step 5: The Intelligence Community To be
completed by all team members: Provide an overview of the life cycle

of a cyber threat. Explain the different threat vectors that cyber actors
use, and provide a possible list of nation-state actors that have
targeted the US financial services industry before. Review this threat
response and recovery resource and use what you learned from the
resource to provide or propose an analytical method in which you are
able to detect the threat, identify the threat, and perform threat
response and recovery. Identify the stage of the cyber threat life cycle
where you would observe different threat behaviors. Include ways to
defend against the threat, and protect against the threat. Provide this
information in the SAR and AAR. To be completed by the
Intelligence Community Representative: Provide intelligence on the
nation-state actor, their cyber tools, techniques, and procedures.
Leverage available threat reporting such as from FireEye, Mandiant,
and other companies and government entities that provide intelligence
reports. Also include the social engineering methods used by the
nation-state actor and their reasons for attacking US critical
infrastructure. Include this information in the SAR and AAR. Step 6:
Homeland Security To be completed by the Homeland Security
Representative: Use the US-CERT and other similar resources to
discuss the vulnerabilities and exploits that might have been used by
the attackers. Explore the resources for risk mitigation and provide the
risk, response, and risk mitigation steps that should be taken if an
entity suffers the same type of attack. To be completed by all team
members: Provide a risk-threat matrix and provide a current state
snapshot of the risk profile of the financial services sector. These
reports will be part of an overall risk assessment, which will be
included in the SAR and AAR. Review and refer to this risk
assessment resource to aid you in developing this section of the
report. Step 7: The SAR and AAR All team members: After you
compile your research, and your own critical assessments and
analysis, determine which information is appropriate for a Security
Assessment Report (SAR) that will be submitted to the White House,
and an After Action Report (AAR) that will be submitted to the rest of

the analyst community. 1. Prepare your SAR for the White House
Cyber National Security Staff, describing the threat, the motivations
of the threat actor, the vulnerabilities that are possible for the threat
actor to exploit, current and expected impact on US financial services
critical infrastructure, the path forward to eliminate or reduce the
risks, and the actions taken to defend and prevent against this threat in
the future. 2. Prepare the AAR. This knowledge management
report will be provided to the cyber threat analyst community, which
includes the intelligence community, the law enforcement
community, the defense and civilian community, the private sector,
and academia. The purpose of the AAR is to share the systems life
cycle methodology, rationale, and critical thinking used to resolve this
cyber incident. The deliverables for this project are as follows: 1.
Security Assessment Report (SAR): This report should be a 14-
15 page double-spaced Word document with citations in APA format.
The page count does not include figures, diagrams, tables, or
citations. 2. After Action Report (AAR): This report should be a
10-15 page double-spaced Word document with citations in APA
format. The page count does not include figures, diagrams, tables, or
citations. 3. A 5-8 slide PowerPoint presentation for executives
along with narration or In-Class presentation by each team member
summarizing a portion of your SAR and AAR report. Submit your
deliverables to the assignment folder. Before you submit your
assignment, review the competencies below, which your instructor
will use to evaluate your work. A good practice would be to use each
competency as a self-check to confirm you have incorporated all of
them in your work. • 1.1: Organize document or presentation clearly
in a manner that promotes understanding and meets the requirements
of the assignment. • 2.3: Evaluate the information in a logical and
organized manner to determine its value and relevance to the problem.
• 4.1: Lead and/or participate in a diverse group to accomplish
projects and assignments. • 4.3: Contribute to team projects,
assignments, or organizational goals as an engaged member of a team.

• 8.4: Possess knowledge of proper and effective communication
in case of an incident or crisis.
=============================================
CST 610 Project 5 Cryptography
www.cst610rank.com
Project 5 Cryptography CYB610 Project 5 You are an enterprise
security architect for a company in a semiconductor manufacturing
industry where maintaining competitive advantage and protecting
intellectual property is vital. You're in charge of security operations
and strategic security planning. Your responsibilities include devising
the security protocols for identification, access, and authorization
management. You recently implemented cryptography algorithms to
protect the information organization. Leadership is pleased with your
efforts and would like you to take protection methods even further.
They've asked you to study cyber-attacks against different
cryptography mechanisms and deploy access control programs to
prevent those types of attacks. We'd like you to create plans for future
security technology deployments, says one senior manager. And
provide documentation so that others can carry out the deployments.
A director chimes in, but you should also devise a method for
ensuring the identification, integrity, and non-repudiation of
information in transit at rest and in use within the organization. As the
enterprise security architect, you are responsible for providing the
following deliverables. Create a network security vulnerability and
threat table in which you outline the security architecture of the
organization, the cryptographic means of protecting the assets of the
organizations, the types of known attacks against those protections,

and means to ward off the attacks. This document will help you
manage the current configuration of the security architecture. Create a
Common Access Card, CAC deployment strategy, in which you
describe the CAC implementation and deployment and encryption
methodology for information security professionals. Create an email
security strategy in which you provide the public key, private key
hashing methodology to determine the best key management system
for your organization. These documents will provide a security
overview for the leadership in your company Encryption uses
cryptographic algorithms to obfuscate data. These complex
algorithms transform data from human readable plaintext into
encrypted cipher text. Encryption uses the principles of substitution
and permutation to ensure that data is transformed in a non-
deterministic manner by allowing the user to select the password or a
key to encrypt a message. The recipient must know the key in order to
decrypt the message, translating it back into the human readable
plaintext. There are six steps that will lead you through this project.
After beginning with the workplace scenario, continue to Step 1: "IT
Systems Architecture." The deliverables for this project are as
follows: 1. Create a single report in Word document format. This
report should be about 10 pages long, double-spaced, with citations in
APA format. Page count does not include diagrams or tables. The
report must cover the following: o network security and threat
table o Common Access Card deployment strategy o e-mail
security strategy 2. In a Word document, share your lab experience
and provide screenshots to demonstrate that you performed the lab.
When you submit your project, your work will be evaluated using the
your work before submission. • 1.5: Use sentence structure
appropriate to the task, message and audience. • 1.6: Follow
conventions of Standard Written English. • 1.7: Create neat and
professional looking documents appropriate for the project or
presentation. • 2.1: Identify and clearly explain the issue, question,

or problem under critical consideration. • 2.2: Locate and access
sufficient information to investigate the issue or problem. • 2.3:
Evaluate the information in a logical and organized manner to
determine its value and relevance to the problem. • 2.4: Consider
and analyze information in context to the issue or problem. • 3.2:
Employ mathematical or statistical operations and data analysis
techniques to arrive at a correct or optimal solution. • 5.1:
Knowledge of procedures, tools, and applications used to keep data or
information secure, including public key infrastructure, point-to-point
encryption, and smart cards. Step 1: IT Systems Architecture You are
a senior-level employee and you must tailor your deliverables to suit
your audience: the leadership of the organization. You may choose to
use a fictitious organization, or model your organization on an
existing organization, including proper citations. Leadership is not
familiar with the architecture of the IT systems, nor are they familiar
with the types of threats that are likely or the security mechanisms in
place to ward off those threats. You will provide this information in
tabular format and call it the Network Security and Vulnerability
Threat Table. Refer to this threat table template for guidance on
creating this document. Before you begin, select the links below to
review some material on information security. These resources will
help you complete the network security and vulnerability threat table.
• LAN security • Availability Now you’re ready to create your
table. Include and define the following components of security in the
architecture of your organization, and explain if threats to these
components are likely, or unlikely: • LAN security • identity
management • physical security • personal security • availability
• privacy Next, review the different types of cyberattacks
described in the following resource: cyberattacks. As you’re reading
take note of which attacks are most likely to affect your organization.
Then list the security defenses you employ in your organization to
mitigate these types of attacks. Include this information in your
Network Security and Vulnerability Threat Table. Step 2: Plan of

Protection Note: You will utilize the tools in Workspace for this step.
If you need help outside the classroom, you can register for the CLAB
699 Cyber Computing Lab Assistance (go to the Discussions List for
registration information). Primary lab assistance is available from a
team of lab assistants. Lab assistants are professionals and are trained
to help you. Click here to access the instructions for Navigating the
Workspace and the Lab Setup. Next, select the following link to enter
Workspace and complete the lab exercises. Click here to access the
Project 5 Workspace Exercise Instructions. Explore the tutorials and
user guides to learn more about the tools you will use. In this lab
exercise, you will learn more about the transmission of files that do
not seem suspicious but that actually have embedded malicious
payload, undetectable to human hearing or vision. This type of threat
can enter your organization’s networks and databases undetected
through the use of steganography or data hiding. You should include
this type of threat vector to an organization in your report to
leadership. Research how organizations can monitor, identify and
remedy those files with embedded files and data, and provide these as
recommendations for your leadership. You will have to provide the
leadership of your organization with your plan for protecting identity,
access, authorization and nonrepudiation of information transmission,
storage, and usage. Research scholarly works on nonrepudiation
measures and discuss options for protecting the integrity of an
organization's information assets, which include files, networks,
databases, and e-mail, and include this in your lab report. Step 3: Data
Hiding Technologies You will describe to your organization the
various cryptographic means of protecting its assets. Select the links
below to review encryption techniques and encryption technologies,
then provide your organization with a brief overview of each.
Encryption Technologies 1. Shift / Caesar cipher 2.
Polyalphabetic cipher 3. One time pad cipher/Vernam
cipher/perfect cipher 4. Block ciphers 5. triple DES 6. RSA 7.
Advanced Encryption Standard (AES) 8. Symmetric

encryption 9. Text block coding Data Hiding Technologies 1.
Information hiding and steganography 2. Digital
watermarking 3. Masks and filtering These descriptions will be
included in the network security vulnerability and threat table for
leadership. Step 4: Creating the Network Security Vulnerability and
Threat Table Using the information you've gathered from the previous
steps, prepare the network security vulnerability and threat table, in
which you outline the following: • security architecture of the
organization • the cryptographic means of protecting the assets of
the organization • the types of known attacks against those types
of protections • means to ward off the attacks Create your Network
Security Vulnerability and Threat Table, and include it in your
submission to the organization. Please refer to this threat table
template for guidance on creating this document. Step 5: Access
Control Based on Smart Card Strategies Smart cards use encryption
chips to identify the user, their identity, role, and sometimes use their
personal identifiable information (PII). Two examples of smart cards
are the federal government’s use of common access cards (CACs),
and the financial sector’s use of encryption chips in credit cards. You
have completed your threat table, and you've decided that you want to
modernize the access control methods for your organization. To that
end, you read the following resources to gather some background
information on access control and the various encryption schemas
associated with the Common Access Card (CAC): • Access
control • Common access Card (CAC) You plan to deploy CAC to
the company and you are tasked with devising that CAC deployment
strategy, which includes the cryptographic solutions used with the
CAC. In the Common Access Card Deployment Strategy final
deliverable, describe how identity management would be a part of
your overall security program and your CAC deployment plan: Create
your Common Access Card Deployment Strategy and include it in
your submission to the organization. Step 6: The Email Security
Strategy After completing the CAC, your next step is to build the

Secure Email Strategy for the organization. You will present this tool
to your leadership. Provide an overview of the types of public-private
key pairing, and show how this provides authentication and
nonrepudiation. You will also add hashing, and describe how this
added security benefit ensures the integrity of messaging. Begin
preparing your strategy by reviewing the following resources that will
aid you in becoming well informed on encryption technologies for e-
mail: • Public Key Infrastructure (PKI) • iOS encryption •
Blackberry encryption Then start developing your strategy. Define
these strong encryption technologies as general principles in secure
email: Pretty Good Policy (PGP algorithm) •GNU Privacy Guard
(GPG) • Public Key Infrastructure (PKI) • Digital signature •
Mobile device encryption (e.g., iOS encryption and Blackberry
encryption) In your report, also consider how the use of smart card
readers tied to computer systems might be beneficial in the future
enhancements to system and data access protection. This may help
you define long-term solutions for your leadership. Leadership does
not know the costs and technical complexity of these email encryption
strategies. To further their understanding, compare the complexities
of each in relation to the security benefits, and then make a
recommendation and a deployment plan. The deliverables for this
project are as follows: 1. Create a single report in Word document
format. This report should be about 10 pages long, double-spaced,
with citations in APA format. Page count does not include diagrams
or tables. The report must cover the following: o network security
and threat table o Common Access Card deployment strategy o
e-mail security strategy 2. In a Word document, share your lab
experience and provide screenshots to demonstrate that you
performed the lab. Submit your deliverables to the assignment folder.
incorporated all of them in your work. • 1.5: Use sentence

structure appropriate to the task, message and audience. • 1.6:
Follow conventions of Standard Written English. • 1.7: Create
neat and professional looking documents appropriate for the project or
presentation. • 2.1: Identify and clearly explain the issue, question,
or problem under critical consideration. • 2.2: Locate and access
sufficient information to investigate the issue or problem. • 2.3:
Evaluate the information in a logical and organized manner to
determine its value and relevance to the problem. • 2.4: Consider
and analyze information in context to the issue or problem. • 3.2:
Employ mathematical or statistical operations and data analysis
techniques to arrive at a correct or optimal solution. • 5.1:
Knowledge of procedures, tools, and applications used to keep data or
information secure, including public key infrastructure, point-to-point
encryption, and smart cards.
==============================================
CST 610 Project 6 Digital Forensics Analysis
www.cst610rank.com
• Project 6 Digital Forensics Analysis Project 6 Start Here This
project will provide an introduction to digital forensic analysis.
Digital forensic analysis is used to review and investigate data
collected through digital communications and computer networks.
The National Institute for Standards and Technology (NIST) has
defined four fundamental phases for forensic analysis: collection,
examination, analysis, and reporting. You will learn more about these
concepts as you navigate throughout the steps of this project and read
the literature and links found in each step. There are four steps that
will lead you through this project. Begin with Step 1: “Methodology.

The deliverables for this project are as follows: 1. Digital Forensic
Research Paper: This should be a five-page double-spaced Word
document with citations in APA format. The page count does not
include diagrams or tables. 2. In a Word document, share your lab
completed the lab. When you submit your project, your work will be
evaluated using the competencies listed below. You can use the list
below to self-check your work before submission. • 5.3: Uses
defensive measures and information collected from a variety of
sources to identify, analyze, and report events that occur or might
occur within the network in order to protect information, information
systems, and networks from threats. • 8.6: Provides professional
preparation for computer digital forensics, investigation of crime, and
preservation of digital evidence in criminal and civil investigations
and information security incident response. •8.7: Provide theoretical
basis and practical assistance for all aspects of digital investigation
and the use of computer evidence in forensics and law enforcement.
Step 1: Methodology The methodology includes following a systems
process. Identify the requirements, purpose, and objectives of the
investigation. Click the links below to review information that will aid
in conducting and documenting an investigation: •secure
programming fundamentals • forensics fundamentals Learn about
the investigation methodology. Consider secure programming
fundamentals. Define the digital forensics analysis methodology, and
the phases of the digital forensics fundamentals and methodology,
including the following: 1. preparation 2. extraction 3. identification
4. analysis This information will help you understand the process
you will use during an investigation. Step 2: Tools and Techniques
Select the following links to learn about forensics analysis tools,
methods, and techniques: 1. forensics analysis tools 2. web log and
session analysis 3. hash analysis Step 3: Exploring Forensic Tools
Note: You will utilize the tools in Workspace for this step. If you
need help outside the classroom, you can register for the CLAB 699

Cyber Computing Lab Assistance (go to the Discussions List for
registration information). Primary lab assistance is available from a
team of lab assistants. Lab assistants are professionals and are trained
to help you. Click here to access the instructions for Navigating the
Workspace and the Lab Setup. Select the following link to enter
Workspace. Complete the forensic tools exercise provided in this lab.
Explore the tutorials and user guides to learn more about various
types of digital forensic tools. Click here to access the Project 6
Workspace Exercise Instructions. You will learn about the different
types of tools, techniques, and analyses. Step 4: Digital Forensics
Research Paper Now that you have learned basics of digital forensics
analyses and methodology, and have experienced one of the common
forensic tools, use the material presented in this project as well as
research you've conducted outside of the course materials to write a
research paper that addresses the following: 1. digital forensic
methodology 2. the importance of using forensic tools to collect and
analyze evidence (e.g., FTK Imager and EnCase) 3. hashing in the
context of digital forensics 4. How do you ensure that the
evidence collected has not been tampered with (i.e., after collection)?
Why and how is this important to prove in a court of law? The
deliverables for this project are as follows: 1. Digital Forensic
Research Paper: This should be a five-page double-spaced Word
document with citations in APA format. The page count does not
include diagrams or tables. 2. In a Word document, share your lab
completed the lab. Submit your deliverables to the assignment folder.
incorporated all of them in your work. • 5.3: Uses defensive
measures and information collected from a variety of sources to
identify, analyze, and report events that occur or might occur within
the network in order to protect information, information systems, and

networks from threats. • 8.6: Provides professional preparation for
computer digital forensics, investigation of crime, and preservation of
digital evidence in criminal and civil investigations and information
security incident response. •8.7: Provide theoretical basis and
practical assistance for all aspects of digital investigation and the use
of computer evidence in forensics and law enforcement.
==============================================

CST 610 RANK Achievement Education--cst610rank.com

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Similar to CST 610 RANK Achievement Education--cst610rank.com

Similar to CST 610 RANK Achievement Education--cst610rank.com (12)

Recently uploaded

Recently uploaded (20)

CST 610 RANK Achievement Education--cst610rank.com