CST 610 Project Guide for Healthcare Info Systems

CST 610 All Project (Project 1-6)
FOR MORE CLASSES VISIT
www.cst610rank.com
CST 610 Project 1 Information Systems and Identity Management CST
610 Project 2 Operating Systems Vulnerabilities (Windows and Linux)
CST 610 Project 3 Assessing Information System Vulnerabilities and
Risk CST 610 Project 4 Threat Analysis and Exploitation CST 610
Project 5 Cryptography CST 610 Project 6 Digital Forensics Analysis
==============================================
CST 610 Project 1 Information Systems and Identity
Management
www.cst610rank.com
Project 1 Information Systems and Identity Management Video
transcript CYB 610 Project 1 You are a systems administrator in the IT
department of a major metropolitan hospital. Your duties are to ensure
the confidentiality, availability, and integrity of patient records, as well

as the other files and databases used throughout the hospital. Your work
affects several departments, including Human Resources, Finance,
Billing, Accounting, and Scheduling. You also apply security controls
on passwords for user accounts. Just before clocking out for the day, you
notice something strange in the hospital's computer system. Some
person, or group, has accessed user accounts and conducted
unauthorized activities. Recently, the hospital experienced intrusion into
one of its patient's billing accounts. After validating user profiles in
Active Directory and matching them with user credentials, you suspect
several user's passwords have been compromised to gain access to the
hospital's computer network. You schedule an emergency meeting with
the director of IT and the hospital board. In light of this security breach,
they ask you to examine the security posture of the hospital's
information systems infrastructure and implement defense techniques.
This must be done quickly, your director says. The hospital board is less
knowledgeable about information system security. The board makes it
clear that it has a limited cybersecurity budget. However, if you can
make a strong case to the board, it is likely that they will increase your
budget and implement your recommended tool company¬wide. You will
share your findings on the hospital's security posture. Your findings will
be brought to the director of IT in a technical report. You will also
provide a non¬technical assessment of the overall identity management
system of the hospital and define practices to restrict and permit access
to information. You will share this assessment with the hospital board in
the form of a narrated slide show presentation. You know that identity
management will increase the security of the overall information
system's infrastructure for the hospital. You also know that, with a good
identity management system, the security and productivity benefits will
outweigh costs incurred. This is the argument you must make to those
stakeholders. Daily life requires us to have access to a lot of information,

and information systems help us access that information. Desktop
computers, laptops, and mobile devices keep us connected to the
information we need through processes that work via hardware and
software components. Information systems infrastructure makes this
possible. However, our easy access to communication and information
also creates security and privacy risks. Laws, regulations, policies, and
guidelines exist to protect information and information owners.
Cybersecurity ensures the confidentiality, integrity, and availability of
the information. Identity management is a fundamental practice. Part of
identity management is the governance of access, authorization, and
authentication of users to information systems, Identity management is
one part of a layered security defense strategy within the information
systems infrastructure. Your work in this project will enable you to
produce a technical report and nontechnical presentation that addresses
these requirements. There are five steps that will help you create your
final deliverables. The deliverables for this project are as follows: 1.
Nontechnical presentation: This is an 8-10 slide PowerPoint
presentation for business executives and board members. 2. Technical
report: Your report should be a 6-7 page double-spaced Word document
with citations in APA format. The page count does not include figures,
diagrams, tables or citations. 3. Executive summary: This should be a
2-3 page double-spaced Word document. 4. In a Word document, share
your lab experience and provide screen prints to demonstrate that you
performed the lab. When you submit your project, your work will be
evaluated using the competencies listed below. You can use the list
below to self-check your work before submission. • 1.1: Organize
document or presentation clearly in a manner that promotes
understanding and meets the requirements of the assignment. • 2.3:
Evaluate the information in a logical and organized manner to determine
its value and relevance to the problem. • 6.2: Creating a roadmap for

organizations to use in development of an Identity Access Management
program (to address gaps in their current offerings). • Step 1: Defining
the Information System Infrastructure Select a hospital or healthcare
organization to research. You may choose an organization you are
familiar with or can readily obtain information about. To maintain
confidentiality, you do not need to mention the name of the organization.
You may also choose a hypothetical/fictitious healthcare organization.
Others have researched several healthcare organizations, which have
suffered major security breaches, extensively. 1. Describe the
organization and structure including the different business units and their
functions. You may use an organizational chart to provide this
information. 2. Choose one or more mission-critical systems of the
healthcare organization. Define the information protection needs for the
organization's mission-critical protected health information (PHI). This
information is stored in database medical records for doctors, nurses,
and insurance claims billing systems, which are used to fulfill the
organizational information needs. 3. Define the workflows and
processes for the high-level information systems that you have just
identified that will store PHI. Workflows and processes for healthcare
organizations define how the organization gets its work done. They
describe the movement of patient information to the business units that
have needs to process and manage that information, from billing to
physician care. All these organizations have hardware and software
implementations of their information systems, and it is critical to
understand these components, and how they are connected (known as
their topology), so the appropriate protections can be applied. Your
research may produce instances and examples of how an information
system is connected, to include cybersecurity components like firewalls,
in the information system and network diagram. Be sure you understand
the benefits and weaknesses for the different network topologies. You

may incorporate what you find in your research, in your definition for
workflows and processes for the high-level information systems and
provide explanation of how that topology fulfills the mission for the
health care organization. Your definition should include a high-level
description of information systems hardware and software components
and their interactions. Take time to read the following resources. They
will help you construct your definition. o Information systems
hardware oInformation systems software You may supply this
information as a diagram with inputs, outputs, and technologies
identified. Consider how you might restrict access and protect billing
and PHI information. 4. The links shown below provide access to
essential information you’ll need to complete this part of the hospital’s
information system infrastructure definition. Click each link, review its
resources, and refer to them as you compose this part of the definition. o
Open Systems Interconnections (OSI) Model o TCP/IP protocols o
network protocols You will include these definitions in your
report. Step 2: Threats Now that you have defined the hospital's
information system infrastructure, you will have to understand what are
the threats to those systems and describe the types of measures that
could address those threats. In this section, you will learn about different
types of identity access management solutions and how they protect
against the threat of unauthorized access. To complete this section of the
report, you’ll brush up on your knowledge of threats by reading the
following resources: web security issues, insider threats, intrusion
motives/hacker psychology, and CIA triad. Take what you learned from
these resources to convey the threats to the hospital's information
systems infrastructure. Include a brief summary of insider threats,
intrusion motives, and hacker psychology in your report as it relates to
your hospital data processing systems. Relate these threats to the
vulnerabilities in the CIA triad. This section of your report will also

include a description of the purpose and components of an identity
management system to include authentication, authorization, and access
control. Include a discussion of possible use of laptop devices by doctors
who visit their patients at the hospital, and need access to hospital PHI
data. Review the content of the following resources. As you’re reading,
take any notes you think will help you develop your description. 1.
Authorization 2. Access control 3. Passwords 4. Multi-
factor authentication Next, expand upon your description. Define the
types of access control management to include access control lists in
operating systems, role-based access controls, files, and database access
controls. Define types of authorization and authentication and the use of
passwords, password management, and password protection in an
identity management system. Describe common factor authentication
mechanisms to include multi-factor authentication. You will include this
information in your report. Step 3: Password Cracking Tools You have
successfully examined the threats to a healthcare organization's
information systems infrastructure. Now, you must begin your research
into password cracking software. Do some quick independent research
on password cracking as it applies to your organization. You can click
on this link to find the instructions for Navigating the Workspace and
the Lab Setup. Enter Workspace and complete the lab activities outlined
in the Project 1 Workspace Exercise Instructions. There are additional
password cracking tool resources, tutorials, and user guides to continue
your familiarity with the tools. Click here to access the Project 1
Workspace Exercise Instructions. After completing the lab, you will
have successfully tested more than one password cracking tool. Not all
password cracking tools will necessarily perform with the same speed,
precision, and results, making it important to test a few different
products. Compare the password cracking tools based on these
characteristics, and include as part of your assessment and

recommendations on the use of such tools. You will test the
organization's systems for password strength and complexity and
complete validation testing. You will compare the results obtained from
your first and second tool. You have tested and made comparisons of the
performance of various password cracking tools and you have the data to
support your recommendations for the use of such tools. Not all
password cracking tools will necessarily perform with the same speed,
precision, and results, making it important to test a few different
products. The comparison will be part of your assessment and help you
make recommendations on the use of such tools. You will test the
organization's systems for password strength and complexity and
complete validation testing. You will compare the results comparing the
various tools. 1. Read this article about cyberattacks, perform two
different types of cyberattacks in the first, and in the second tool, crack
user account passwords. Describe them in simple nontechnical terms for
the leadership. You can identify which tool is the most effective and
why for your organization's IT environment 2. Compare and contrast
the results from the two methods used to crack the accounts for the three
passwords (each encrypted by the two hash algorithms). Show their
benefits. You can make certain conclusions that help your company's
cybersecurity posture after using these methods. 3. Explain to the
director of IT and the members of the board that the healthcare
organization’s anti-virus software will detect password cracking tools as
malware. Also explain how this impacts the effectiveness of testing
security controls like password strength. Help the leadership understand
the risks and benefits of using password cracking tools, through
persuasive arguments in your report and presentation. If any of the tools
take longer than 4-5 minutes to guess a password, record the estimated
length of time the tool anticipates to guess it. Include this information in
your presentation. Step 4: The Non-Technical Presentation You now

have the information you need to prepare your product for stakeholders.
Based on the research and work you've completed in Workspace, you
will develop two items: a technical report for the director of IT, and a
nontechnical slide show presentation for the members of the board. You
will tailor the language of your reports appropriately to the different
audiences. The nontechnical presentation: Your upper-level management
team consists of technical and nontechnical leadership, and they are
interested in the bottom line. You must help these leaders understand the
identity management system vulnerabilities you discovered in password
cracking and access control. They need to clearly see what actions they
must either take or approve. The following are a few questions to
consider when creating your presentation: 1. How do you present your
technical findings succinctly to a non-technical audience? Your
technical report for IT will span many pages; but you will probably be
afforded no more than 30 minutes or 8-10 slides for your presentation
and the following discussion with leadership. 2. How do you describe
the most serious risks factually but without sounding too
temperamental? No one likes to hear that their entire network has been
hacked, data has been stolen, and the attackers have won. You will need
to describe the seriousness of your findings while also assuring upper-
level management that these are not uncommon occurrences today. 3.
How do your results affect business operations? Make sure you are
presenting these very technical password cracking results in business
terms upper-level management will understand. 4.What do you
propose? Management will not only want to understand what you have
discovered; they will want to know what you propose as a solution. Step
5: The Technical Report and Executive Summary The technical report
and the nontechnical presentation will identify compromises and
vulnerabilities in the information systems infrastructure of the healthcare
organization, and identify risks to the organization's data. You will

propose a way to prioritize these risks and include possible remediation
actions. The technical report: Provide recommendations for access
control and authentication mechanisms to increase the security within
the identity management system. Review the mission and organization
structure of this healthcare organization. Review the roles within the
organization, and recommend the accesses, restrictions, and conditions
for each role. Present these in a tabular format as part of your list of
recommendations. Provide a comparison of risk scenarios to include the
following: 1. What will happen if the CIO and the leadership do
nothing, and decide to accept the risks? 2. Are there possible ways the
CIO can transfer the risks? 3. Are there possible ways to mitigate the
risks? 4. Are there possible ways to eliminate the risks? 5. What are
the projected costs to address these risks? Provide an overall
recommendation, with technical details to the director of IT. The
executive summary: In addition to your technical report, also create a
nontechnical report as an executive summary. The deliverables for this
project are as follows: 1. Nontechnical presentation: This is a 8-10
slide PowerPoint presentation for business executives and board
members. 2. Technical report: Your report should be a 6-7 page
double-spaced Word document with citations in APA format. The page
count does not include figures, diagrams, tables or citations. 3.
Executive summary: This should be a 2-3 page double-spaced Word
document. 4. In a Word document, share your lab experience and
provide screen prints to demonstrate that you performed the lab. Submit
your deliverables to the assignment folder. Before you submit your
assignment, review the competencies below, which your instructor will
use to evaluate your work. A good practice would be to use each
competency as a self-check to confirm you have incorporated all of them
in your work. • 1.1: Organize document or presentation clearly in a
manner that promotes understanding and meets the requirements of the

assignment. • 2.3: Evaluate the information in a logical and organized
manner to determine its value and relevance to the problem. • 6.2:
Creating a roadmap for organizations to use in development of an
Identity Access Management program (to address gaps in their current
offerings).
==============================================
CST 610 Project 2 Operating Systems Vulnerabilities
(Windows and Linux)
www.cst610rank.com
CYB 610 Project 2 Congratulations, you are the newly appointed lead
cybersecurity engineer with your company in the oil and natural gas
sector. This is a senior¬level position. You were hired two months ago
based on your successful cybersecurity experience with a previous
employer. Your technical knowledge of cybersecurity is solid. However,
you have a lot to learn about this company's culture, processes, and IT
funding decisions, which are made by higher management. You have
recently come across numerous anomalies and incidents leading to
security breaches. The incidents took place separately, and it has not
been determined if they were caused by a single source or multiple
related sources. First, a month ago, a set of three corporate database
servers crashed suddenly. Then, a week ago, anomalies were found in

the configuration of certain server and router systems of your company.
You immediately recognized that something with your IT resources was
not right. You suspect that someone, or some group, has been regularly
accessing your user account and conducting unauthorized configuration
changes. You meet with your leadership to discuss the vulnerabilities.
They would like you to provide a security assessment report, or SAR, on
the state of the operating systems within the organization. You're also
tasked with creating a non-technical narrated presentation summarizing
your thoughts. The organization uses multiple operating systems that are
Microsoft-based and Linux¬based. You will have to understand these
technologies for vulnerability scanning using the tools that work best for
the systems in the corporate network. You know that identity
management will increase the security of the overall information
systems infrastructure for the company. You also know that with a good
identity management system, the security and productivity benefits will
outweigh costs incurred. This is the argument you must make to the
stakeholders The operating system (OS) of an information system
contains the software that executes the critical functions of the
information system. The OS manages the computer's memory,
processes, and all of its software and hardware. It allows different
programs to run simultaneously and access the computer's memory,
central processing unit, and storage. The OS coordinates all these
activities and ensures that sufficient resources are applied. These are the
fundamental processes of the information system and if they are violated
by a security breach or exploited vulnerability it has the potential to have
the biggest impact on your organization. Security for operating systems
consists of protecting the OS components from attacks that could cause
deletion, modification, or destruction of the operating system. Threats to
an OS could consist of a breach of confidential information,
unauthorized modification of data, or unauthorized destruction of data. It

is the job of the cybersecurity engineer to understand the operations and
vulnerabilities of the OS (whether it is a Microsoft, Linux, or another
type of OS), and to provide mitigation, remediation, and defense against
threats that would expose those vulnerabilities or attack the OS. There
are six steps that will help you create your final deliverables. The
deliverables for this project are as follows: 1. Security Assessment
Report (SAR): This report should be a 7-8 page double-spaced Word
document with citations in APA format. The page count does not
include figures, diagrams, tables, or citations. 2. Nontechnical
presentation: This is a set of 8-10 PowerPoint slides for upper
management that summarizes your thoughts regarding the findings in
your SAR. 3. In a Word document, share your lab experience and
provide screen prints to demonstrate that you performed the lab. When
you submit your project, your work will be evaluated using the
competencies listed below. You can use the list below to self-check your
work before submission. • 1.1: Organize document or presentation
clearly in a manner that promotes understanding and meets the
requirements of the assignment. • 2.3: Evaluate the information in a
logical and organized manner to determine its value and relevance to the
problem. • 5.4: Identify potential threats to operating systems and the
security features necessary to guard against them. Step 1: Defining the
OS The audience for your security assessment report (SAR) is the
leadership of your organization, which is made up of technical and
nontechnical staff. Some of your audience will be unfamiliar with
operating systems (OS). As such, you will begin your report with a brief
explanation of operating systems fundamentals and the types of
information systems. Click on and read the following resources that
provide essential information you need to know before creating a
thorough and accurate OS explanation: • operating systems
fundamentals • the applications of the OS • The Embedded OS •

information system architecture • cloud computing • web
architecture After reviewing the resources, begin drafting the OS
overview to incorporate the following: 1. Explain the user's role in an
OS. 2. Explain the differences between kernel applications of the
OS and the applications installed by an organization or user. 3.
Describe the embedded OS. 4. Describe how the systems fit in
the overall information system architecture, of which cloud computing is
an emerging, distributed computing network architecture.. Include a
brief definition of operating systems and information systems in your
SAR. Step 2: OS Vulnerabilities You just summarized operating systems
and information systems for leadership. In your mind, you can already
hear leadership saying "So what?" The organization's leaders are not
well versed in operating systems and the threats and vulnerabilities in
operating systems, so in your SAR, you decide to include an explanation
of advantages and disadvantages of the different operating systems and
their known vulnerabilities. Prepare by first reviewing the different types
of vulnerabilities and intrusions explained in these resources: •
Windows vulnerabilities • Linux vulnerabilities •Mac OS
vulnerabilities • SQL PL/SQL, XML and other injections Based on what
you gathered from the resources, compose the OS vulnerability section
of the SAR. Be sure to: 1. Explain Windows vulnerabilities and Linux
vulnerabilities. 2. Explain the Mac OS vulnerabilities, and
vulnerabilities of mobile devices. 3. Explain the motives and methods
for intrusion of the MS and Linux operating systems; 4. Explain the
types of security awareness technologies such as intrusion detection and
intrusion prevention systems. 5. Describe how and why different
corporate and government systems are targets. 6. Describe different
types of intrusions such as SQL PL/SQL, XML, and other injections
You will provide leadership with a brief overview of vulnerabilities in
your SAR. Step 3: Preparing for the Vulnerability Scan You have just

finished defining the vulnerabilities an OS can have. Soon you will
perform vulnerability scanning and vulnerability assessments on the
security posture of the organization's operating systems. But first,
consider your plan of action. Read these two resources to be sure you
fully grasp the purpose, goals, objectives, and execution of vulnerability
assessments and security updates: • Vulnerability assessments •
Patches Then provide the leadership with the following: 1.
Include a description of the methodology you proposed to assess
the vulnerabilities of the operating systems. Provide an explanation and
reasoning of how the methodology you propose, will determine the
existence of those vulnerabilities in the organization’s OS. 2. Include a
description of the applicable tools to be used, and the limitations of the
tools and analyses, if any. Provide an explanation and reasoning of how
the applicable tools to be used, you propose, will determine the existence
of those vulnerabilities in the organization’s OS. 3. Include the
projected findings from using these vulnerability assessment tools. In
your report, discuss the strength of passwords, any Internet Information
Services' administrative vulnerabilities, SQL server administrative
vulnerabilities, and other security updates and management of patches,
as they relate to OS vulnerabilities. Step 4: Vulnerability Assessment
Tools for OS and Applications Note: You will use the tools in
Workspace for this step. If you need help outside the classroom, register
for the CLAB 699 Cyber Computing Lab Assistance (go to the
Discussions List for registration information). Primary lab assistance is
available from a team of lab assistants. Lab assistants are professionals
and are trained to help you. Click here to access the instructions for
Navigating the Workspace and the Lab Setup. Enter Workspace and
complete the lab activities related to operating system vulnerabilities.
Click here to access the Project 2 Workspace Exercise Instructions.
Explore the tutorials and user guides to learn more about the tools you

will use. You've prepared for your assessment; now it's time to perform.
Security and vulnerability assessment analysis tools, such as Microsoft
Baseline Security Analyzer (MBSA) for Windows OS and OpenVAS for
Linux OS, are stand-alone tools designed to provide a streamlined
method for identifying common security misconfigurations and missing
security updates for the operating systems and applications. These tools
work on layers 5-7 of the Open System Interconnection (OSI) model.
Your leadership will want to understand the differences and
commonalities in the capabilities of both tools and will want this
included in the SAR. Use the tools' built-in checks to complete the
following for Windows OS (e.g., using Microsoft Baseline Security
Analyzer, MBSA): 1. Determine if Windows administrative
vulnerabilities are present. 2. Determine if weak passwords are
being used on Windows accounts. 3. Report which security updates
are required on each individual system. 4. You noticed that the tool
you used for Windows OS (i.e., MBSA) provides dynamic assessment of
missing security updates. MBSA provides dynamic assessment of
missing security updates. Scan one or more computers by domain, IP
address range, or other grouping. 5. Once complete, provide a
detailed report and recommendations on how to make your system a
more secure working environment. In this case, a tool such as MBSA
will create and store individual XML security reports for each computer
scanned and will display the reports in the graphical user interface in
HTML. You will also complete a similar exercise for Linux OS (e.g.,
using the OpenVAS tool). Select the following links to learn more about
OpenVAS and computer networks: • OpenVAS • Computer
Networks Utilize the OpenVAS tool to complete the following: 1.
Determine if Linux vulnerabilities are present. 2. Determine if
weak passwords are being used on Linux systems. 3. Determine
which security updates are required for the Linux systems. 4. You

noticed that the tool you used for Linux OS (i.e., OpenVAS) provides
dynamic assessment of missing security updates. MBSA provides
dynamic assessment of missing security updates. Scan one or more
computers by domain, IP address range, or other grouping. 5. Once
complete, provide a detailed report and recommendations on how to
make your system a more secure working environment Knowledge
acquired from this Workspace exercise and capability of this tool will
help your company's client organizations secure the computer networks’
resources and protect corporate data from being stolen. Validate and
record the benefits of using these types of tools. You will include this in
the SAR. Step 5: The Security Assessment Report By utilizing security
vulnerability assessment tools, such as MBSA and OpenVAS, you now
have a better understanding of your system's security status. Based on
the results provided by these tools, as well as your learning from the
previous steps, you will create the Security Assessment Report (SAR).
In your report to the leadership, emphasize the benefits of using a free
security tool such as MBSA. Then make a recommendation for using
these types of tools (i.e., MBSA and OpenVAS), including the results
you found for both. Remember to include these analyses and conclusions
in the SAR deliverable: 1. After you provide a description of the
methodology you used to make your security assessment, you will
provide the actual data from the tools, the status of security and patch
updates, security recommendations, and offer specific remediation
guidance, to your senior leadership. 2. You will include any risk
assessments associated with the security recommendations, and propose
ways to address the risk either by accepting the risk, transferring the
risk, mitigating the risk, or eliminating the risk. Include your SAR in
your final deliverable to leadership. Step 6: The Presentation Based on
what you have learned in the previous steps and your SAR, you will also
develop a presentation for your company's leadership. Your upper-level

management team is not interested in the technical report you generated
from your Workspace exercise. They are more interested in the bottom
line. You must help these non¬technical leaders understand the very
technical vulnerabilities you have discovered. They need to clearly see
what actions they must either take or approve. The following are a few
questions to consider when creating your non-technical presentation: 1.
How do you present your technical findings succinctly to a non-
technical audience? Your Workspace exercise report will span many
pages, but you will probably not have more than 30 minutes for your
presentation and follow-up discussion. 2. How do you describe the
most serious risks factually but without sounding too temperamental?
No one likes to hear that their entire network has been hacked, data has
been stolen, and the attackers have won. You will need to describe the
seriousness of your findings while also assuring upper-level
management that these are not uncommon occurrences today. 3. How do
your Workspace exercise results affect business operations? Make sure
you are presenting these very technical results in business terms that
upper-level management will understand. 4. Be very clear on what you
propose or recommend. Upper-level management will want to not only
understand what you discovered; they will want to know what you
propose as a solution. They will want to know what decisions they need
to make based on your findings. Your goal for the presentation is to
convince the leadership that adopting a security vulnerability assessment
tool (such as MBSA) and providing an extra security layer is a must for
the company. The deliverables for this project are as follows: 1.
Security Assessment Report (SAR): This report should be a 7-8
page double-spaced Word document with citations in APA format. The
page count does not include figures, diagrams, tables, or citations. 2.
Nontechnical presentation: This is a set of 8-10 PowerPoint slides
for upper management that summarizes your thoughts regarding the

findings in your SAR. 3. In a Word document, share your lab
experience and provide screen prints to demonstrate that you performed
the lab. Submit your deliverables to the assignment folder. Before you
submit your assignment, review the competencies below, which your
instructor will use to evaluate your work. A good practice would be to
use each competency as a self-check to confirm you have incorporated
all of them in your work. • 1.1: Organize document or presentation
clearly in a manner that promotes understanding and meets the
requirements of the assignment. • 2.3: Evaluate the information in a
problem. • 5.4: Identify potential threats to operating systems and the
security features necessary to guard against them.
==============================================
CST 610 Project 3 Assessing Information System
Vulnerabilities and Risk
www.cst610rank.com
Project 3 Assessing Information System Vulnerabilities and Risk CYB
610 Project 3 You are an Information Assurance Management Officer,
IAMO, at an organization of your choosing. One morning, as you're
getting ready for work, you see an email from Karen, your manager. She
asks you to come to her office as soon as you get in. When you arrive to

your work, you head straight to Karen's office. “Sorry for the impromptu
meeting,” she says, “but we have a bit of an emergency. There's been a
security breach at the Office of Personnel Management.” We don't know
how this happened, but we need to make sure it doesn't happen again,
says Karen. You'll be receiving an email with more information on the
security breach. Use this info to assess the information system
vulnerabilities of the Office of Personnel Management. At your desk,
you open Karen's email. She's given you an OPM report from the Office
of the Inspector General, or OIG. You have studied the OPM OIG report
and found that the hackers were able to gain access through
compromised credentials. The security breach could have been
prevented, if the Office of Personnel Management, or OPM, had abided
by previous auditing reports and security findings. In addition, access to
the databases could have been prevented by implementing various
encryption schemas and could have been identified after running
regularly scheduled scans of the systems. Karen and the rest of the
leadership team want you to compile your findings into a Security
Assessment Report or SAR. You will also create a Risk Assessment
Report, or RAR, in which you identify threats, vulnerabilities, risks, and
likelihood of exploitation and suggested remediation The security
posture of the information systems infrastructure of an organization
should be regularly monitored and assessed (including software,
hardware, firmware components, governance policies, and
implementation of security controls). The monitoring and assessment of
the infrastructure and its components, policies, and processes should also
account for changes and new procurements that are sure to follow in
order to stay in step with ever-changing information system
technologies. The data breach at the Office of Personnel Management
(OPM) is one of the largest in US government history. It provides a
series of lessons learned for other organizations in industry and the

public sector. Some critical security practices, such as lack of diligence
to security controls and management of changes to the information
systems infrastructure were cited as contributors to the massive data
breach in the OPM Office of the Inspector General's (OIG) Final Audit
Report, which can be found in open source searches. Some of the
findings in the report include: weak authentication mechanisms; lack of
a plan for life-cycle management of the information systems; lack of a
configuration management and change management plan; lack of
inventory of systems, servers, databases, and network devices; lack of
mature vulnerability scanning tools; lack of valid authorizations for
many systems, and lack of plans of action to remedy the findings of
previous audits. The breach ultimately resulted in removal of OPM's top
leadership. The impact of the breach on the livelihoods of millions of
people is ongoing and may never be fully known. There is a critical need
for security programs that can assess vulnerabilities and provide
mitigations. There are nine steps that will help you create your final
deliverables. The deliverables for this project are as follows: 1.
Security Assessment Report (SAR): This should be an 8-10 page
count does not include figures, diagrams, tables, or citations. 2. Risk
Assessment Report (RAR): This report should be a 5-6 page double-
spaced Word document with citations in APA format. The page count
does not include figures, diagrams, tables, or citations. 3. In a Word
document, share your lab experience and provide screen prints to
demonstrate that you performed the lab. When you submit your project,
your work will be evaluated using the competencies listed below. You
can use the list below to self-check your work before submission. • 1.1:
Organize document or presentation clearly in a manner that promotes
Develop coherent paragraphs or points so that each is internally unified

and so that each functions as part of the whole document or presentation.
• 1.3: Provide sufficient, correctly cited support that substantiates the
writer’s ideas. • 1.4: Tailor communications to the audience. • 1.5:
Use sentence structure appropriate to the task, message and audience. •
1.6: Follow conventions of Standard Written English. • 5.2:
Knowledge of architectural methodologies used in the design and
development of information systems and knowledge of standards that
either are compliant with or derived from established standards or
guidelines. • 5.6: Explore and address cybersecurity concerns,
promote awareness, best practice, and emerging technology. •7.3:
Knowledge of methods and tools used for risk management and
mitigation of risk. • 8.1: Demonstrate the abilities to detect, identify,
and resolve host and network intrusion incidents. •8.2: Possess
knowledge and skills to categorize, characterize, and prioritize an
incident as well as to handle relevant digital evidence appropriately. Step
1: Enterprise Network Diagram During Project One, you researched a
hypothetical or actual organization of your choice. You had to
understand the goals of the organization and the types of systems that
would fulfill those goals. You will now research and learn about types of
networks and their secure constructs that may be used in organizations to
accomplish the functions of the organization’s mission. You will
propose a local area network (LAN) and a wide area network (WAN) for
the organization, define the systems environment, and incorporate this
information in a network diagram. Discuss the security benefits of your
chosen network design. Read about the following computing platforms
available for networks and discuss how these platforms could be
implemented in your organization. Include the rationale for all platforms
you choose to include in your network design. • common computing
platforms •cloud computing • distributed computing • centralized
computing • secure programming fundamentals • Step 2:

Enterprise Threats • Review the OIG report on the OPM breach that
you were asked to research and read about at the beginning of the
project. The OIG report included numerous security deficiencies that
likely left OPM networks vulnerable to being breached. In addition to
those external threats, the report also describes the ways OPM was
vulnerable to insider threats. The information about the breach could be
classified as threat intelligence. Define threat intelligence and explain
what kind of threat intelligence is known about the OPM breach. • You
just provided detailed background information on your organization.
Next, you’ll describe threats to your organization’s system. Before you
get started, select and explore the contents of the following link: insider
threats (also known as internal threats). As you’re reading, take note of
which insider threats are a risk to your organization. • Now,
differentiate between the external threats to the system and the insider
threats. Identify where these threats can occur in the previously created
diagrams. Relate the OPM threat intelligence to your organization. How
likely is it that a similar attack will occur at your organization? Step 3:
Scanning the Network Note: You will use the tools in Workspace for
this step. If you need help outside the classroom to complete this project,
register for CLAB 699 Cyber Computing Lab Assistance (go to the
Discussions List for registration information). Primary lab assistance is
available from a team of lab assistants. Lab assistants are professionals
and are trained to help you. Click here to access the instructions for
Navigating the Workspace and the Lab Setup. Select the following link
to enter Workspace. and complete the lab activities related to network
vulnerabilities. You will now investigate network traffic, and the
security of the network and information system infrastructure overall.
Past network data has been logged and stored, as collected by a network
analyzer tool such as Wireshark. Explore the tutorials and user guides to
learn more about the tools you will use. Click the following link to read

more about these network monitoring tools: Tools to Monitor and
Analyze Network Activities. You will perform a network analysis on the
Wireshark files provided to you in Workspace and assess the network
posture and any vulnerability or suspicious information you are able to
obtain. Include this information in the SAR. You will then return to the
lab in order to identify any suspicious activities on the network, through
port scanning and other techniques. You will revisit the lab and lab
instructions in Step 7: Suspicious Activity. Click here to access the
Project 3 Workspace Exercise Instructions. In order to validate the assets
and devices on the organization's network, run scans using security and
vulnerability assessment analysis tools such as MBSA, OpenVAS,
Nmap, or Nessus depending on the operating systems of your
organization's networks. Live network traffic can also be sampled and
scanned using Wireshark on either the Linux or Windows systems.
Wireshark allows you to inspect all OSI layers of traffic information.
Further analyze the packet capture for network performance, behavior,
and any suspicious source and destination addresses on the networks. In
the previously created Wireshark files, identify if any databases had
been accessed. What are the IP addresses associated with that activity?
Include this information in the SAR. Step 4: Identifying Security Issues
You have a suite of security tools, techniques, and procedures that can
be used to assess the security posture of your organization's network in a
SAR. Now it's time to identify the security issues in your organization's
networks. You have already used password cracking tools to crack weak
and vulnerable passwords. Provide an analysis of the strength of
passwords used by the employees in your organization. Are weak
passwords a security issue for your organization? Step 5: Firewalls and
Encryption Next, examine these resources on firewalls and auditing–
RDBMS related to the use of the Relational Database Management
System (i.e., the database system and data) RDBMS. Also review these

resources related to access control. Determine the role of firewalls and
encryption, and auditing – RDBMS that could assist in protecting
information and monitoring the confidentiality, integrity, and availability
of the information in the information systems. Reflect any weaknesses
found in the network and information system diagrams previously
created, as well as in the developing SAR. Step 6: Threat Identification
You know of the weaknesses in your organization's network and
information system. Now you will determine various known threats to
the organization's network architecture and IT assets. Get acquainted
with the following types of threats and attack techniques. Which are a
risk to your organization? • IP address spoofing/cache poisoning attacks
• denial of service attacks (DoS) • packet analysis/sniffing •
session hijacking attacks • distributed denial of service attacks In
identifying the different threats, complete the following tasks: 1.
Identify the potential hacking actors of these threat attacks on
vulnerabilities in networks and information systems and the types of
remediation and mitigation techniques available in your industry, and for
your organization. 2. Identify the purpose and function of firewalls for
organization network systems, and how they address the threats and
vulnerabilities you have identified. 3. Also discuss the value of using
access control, database transaction and firewall log files. 4. Identify
the purpose and function of encryption, as it relates to files and
databases and other information assets on the organization's networks.
Include these in the SAR. Step 7: Suspicious Activity Note: You will
utilize the tools in Workspace for this step. Hackers frequently scan the
Internet for computers or networks to exploit. An effective firewall can
prevent hackers from detecting the existence of networks. Hackers
continue to scan ports, but if the hacker finds there is no response from
the port and no connection, the hacker will move on. The firewall can
block unwanted traffic and NMap can be used to self-scan to test the

responsiveness of the organization's network to would-be hackers. Select
the following link to enter Workspace and conduct the port scanning.
Return to the lab instructions by clicking here to access the Project 3
Workspace Exercise Instructions. Step 8: Risk and Remediation What is
the risk and what is the remediation? What is the security exploitation?
You can use the OPM OIG Final Audit Report findings and
recommendations as a possible source for methods to remediate
vulnerabilities. Read this risk assessment resource to get familiar with
the process, then prepare the risk assessment. Be sure to first list the
threats, then the vulnerabilities, and then pairwise comparisons for each
threat and vulnerability, and determine the likelihood of that event
occurring, and the level of impact it would have on the organization. Use
the OPM OIG Final Audit Report findings as a possible source for
potential mitigations. Include this in the risk assessment report (RAR).
Step 9: Creating the SAR and RAR Your research and Workspace
exercise have led you to this moment: creating your SAR and RAR.
Consider what you have learned in the previous steps as you create your
reports for leadership. Prepare a Security Assessment Report (SAR) with
the following sections: 1. Purpose 2. Organization 3. Scope 4.
Methodology 5. Data 6. Results 7. Findings The final SAR
does not have to stay within this framework, and can be designed to
fulfill the goal of the security assessment. Prepare a Risk Assessment
Report (RAR) with information on the threats, vulnerabilities, likelihood
of exploitation of security weaknesses, impact assessments for
exploitation of security weaknesses, remediation, and cost/benefit
analyses of remediation. Devise a high-level plan of action with interim
milestones (POAM), in a system methodology, to remedy your findings.
Include this high-level plan in the RAR. Summarize the results you
obtained from the vulnerability assessment tools (i.e., MBSA and
OpenVas) in your report. The deliverables for this project are as follows:

1. Security Assessment Report (SAR): This should be an 8-10 page
count does not include figures, diagrams, tables, or citations. 2. Risk
Assessment Report (RAR): This report should be a 5-6 page double-
spaced Word document with citations in APA format. The page count
does not include figures, diagrams, tables, or citations. 3. In a Word
document, share your lab experience and provide screen prints to
demonstrate that you performed the lab. Submit your deliverables to the
assignment folder. Before you submit your assignment, review the
competencies below, which your instructor will use to evaluate your
work. A good practice would be to use each competency as a self-check
to confirm you have incorporated all of them in your work. • 1.1:
Organize document or presentation clearly in a manner that promotes
Develop coherent paragraphs or points so that each is internally unified
and so that each functions as part of the whole document or presentation.
• 1.3: Provide sufficient, correctly cited support that substantiates the
writer’s ideas. • 1.4: Tailor communications to the audience. • 1.5:
Use sentence structure appropriate to the task, message and audience. •
1.6: Follow conventions of Standard Written English. • 5.2:
Knowledge of architectural methodologies used in the design and
development of information systems and knowledge of standards that
either are compliant with or derived from established standards or
guidelines. • 5.6: Explore and address cybersecurity concerns,
promote awareness, best practice, and emerging technology. •7.3:
Knowledge of methods and tools used for risk management and
mitigation of risk. • 8.1: Demonstrate the abilities to detect, identify,
and resolve host and network intrusion incidents. •8.2: Possess
knowledge and skills to categorize, characterize, and prioritize an
incident as well as to handle relevant digital evidence appropriately.

==============================================
CST 610 Project 4 Threat Analysis and Exploitation
www.cst610rank.com
Project 4 Threat Analysis and Exploitation CYB610 Project 4 You are
part of a collaborative team that was created to address cyber threats and
exploitation of US financial systems critical infrastructure. Your team
has been assembled by the White House Cyber National security staff to
provide situational awareness about a current network breach and cyber
attack against several financial service institutions. Your team consists
of four roles, a representative from the financial services sector who has
discovered the network breach and the cyber attacks. These attacks
include distributed denial of service attacks, DDOS, web defacements,
sensitive data exfiltration, and other attack vectors typical of this nation
state actor. A representative from law enforcement who has provided
additional evidence of network attacks found using network defense
tools. A representative from the intelligence agency who has identified
the nation state actor from numerous public and government provided
threat intelligence reports. This representative will provide threat
intelligence on the tools, techniques, and procedures of this nation state
actor. A representative from the Department of Homeland Security who
will provide the risk, response, and recovery actions taken as a result of
this cyber threat. Your team will have to provide education and security

awareness to the financial services sector about the threats,
vulnerabilities, risks, and risk mitigation and remediation procedures to
be implemented to maintain a robust security posture. Finally, your team
will take the lessons learned from this cyber incident and share that
knowledge with the rest of the cyber threat analysis community. At the
end of the response to this cyber incident, your team will provide two
deliverables, a situational analysis report, or SAR, to the White House
Cyber National security staff and an After Action Report and lesson
learned to the cyber threat analyst community. US critical infrastructure-
power—water, oil and natural gas, military systems, financial systems—
have become the target of cyber and physical attacks as more critical
infrastructure systems are integrated with the Internet and other digital
controls systems. The lesson learned in defending and mitigating
cyberattacks is that no entity can prevent or resolve cyberattacks on its
own. Collaboration and information sharing is key for success and
survival. This is a group exercise, representing collaboration across all
sectors, to support and defend US critical infrastructure. In the working
world, a team like this would include some agencies, some industrial
partners, and some private sector corporations. Each organization has
different strengths and skills, different access to information, and
different authorities to report to. When the sectors work together and
leverage resources and skills, the result is that everyone benefits from
the defense and protection of US IT infrastructure. In your teams, you
can model the same collaboration, leveraging each other's expertise,
sharing each other's knowledge, teaching each other, and providing
contributions specific to your role in the scenario. • Financial
Services Representative: special task in Step 3 • Law Enforcement
Representative: special task in Step 4 • Intelligence Agency
Representative: special task in Step 5 • Homeland Security
Representative: special task in Step 6 There are seven steps that will

help you create your final deliverables. The deliverables for this project
are as follows: 1. Security Assessment Report (SAR): This report
should be a 14-15 page double-spaced Word document with citations in
APA format. The page count does not include figures, diagrams, tables,
or citations. 2. After Action Report (AAR): This report should be a 10-
15 page double-spaced Word document with citations in APA format.
The page count does not include figures, diagrams, tables, or citations. 3.
This is a 5-8 slide PowerPoint presentation for executives along
with a narrated or In-Class Presentation summarizing your SAR and
AAR report. When you submit your project, your work will be evaluated
using the competencies listed below. You can use the list below to self-
check your work before submission. • 1.1: Organize document or
presentation clearly in a manner that promotes understanding and meets
the requirements of the assignment. • 2.3: Evaluate the information in a
problem. • 4.1: Lead and/or participate in a diverse group to accomplish
projects and assignments. • 4.3: Contribute to team projects,
assignments, or organizational goals as an engaged member of a team. •
8.4: Possess knowledge of proper and effective communication in
case of an incident or crisis. Step 1: Establishing Roles As described in
the scenario, you will be working in a small team (usually five
members). Your instructor has provided an area for your group
discussions, collaboration, and file sharing. Take some time to learn
about your teammates (introductions, LinkedIn profiles and bios) to
understand the experience and expertise of the team members. Studies
on teamwork outline the typical team stages of forming, storming,
norming, and performing (see Tuckman, Bruce W. (1965),
"Developmental sequence in small groups," Psychological Bulletin, 63,
384-399.) This guidance on teamwork may be helpful. In order to do
well, you and your team members must start communicating or

"forming" immediately and discuss how you will divide the work.
Review the project and if you have portions of the work that play well to
your strengths, make this known to your team members. Then develop a
project plan and schedule to get the work done. Finally, agree on a
communications plan, which allows your team members to know where
the project stands. During this stage, you may have disagreements or
differences of opinion about roles and division of work. This is a normal
aspect of "storming." Once you start agreeing on roles and tasks, you are
well on your way to "norming." You should settle on a collaboration
space and share drafts of your work in your classroom team locker so
your team members and the instructor can see the work progression. All
team members must contribute, but the deliverables need to be cohesive.
Therefore, each of you will need to review each other's work and help
each other. While you may have to use collaborative tools outside the
classroom, maintain the key documents in the respective team project
locker in the classroom. Your team will use this area to establish ground
rules for communication and collaboration. Team members will gain an
overview of the entire project, establish roles, agree on the division of
work, and complete and sign the Team Project Charter. If you decide to
use Google Docs for your collaborative work, you could also choose a
Google drive with appropriate sharing with your team members and
your instructor, and provide information on this in your team locker. Part
of teamwork is looking at each other's work and providing constructive
feedback and improvements. If you sense problems during your team
communications sessions, discuss risk management and project
adjustments your team may need to make. If you sense trouble, contact
your instructor and request intervention as soon as you recognize issues.
After the plan is completed, elect one person to attach or link the final
document to the team project locker. This step should have been
completed early in the term between Weeks 2 and 4. Setting up the team

roles and expectations is an important part of this project and completing
the charter is critical to the project's success. When you have completed
this important step, move to the next step. Step 2: Assessing Suspicious
Activity Your team is assembled and you have a plan. It's time to get to
work. You have a suite of tools at your disposal from your work in
Project 1, Project 2, and Project 3, which can be used together to create a
full common operating picture of the cyber threats and vulnerabilities
that are facing the US critical infrastructure. Begin by selecting the
following links to brush up on your knowledge: 1.network security 2.
mission critical systems 3. penetration testing To be completed by
all team members: Leverage the network security skills of using port
scans, network scanning tools, and analyzing Wireshark files, to assess
any suspicious network activity and network vulnerabilities. Step 3: The
Financial Sector To be completed by the Financial Services
Representative: Provide a description of the impact the threat would
have on the financial services sector. These impact statements can
include the loss of control of the systems, the loss of data integrity or
confidentiality, exfiltration of data, or something else. Also provide
impact assessments as a result of this security incident to the financial
services sector. To be completed by all team members: Provide
submissions from the Information Sharing Analysis Councils related to
the financial sector. You can also propose fictitious submissions. Also,
review the resources for Industrial Control Systems, and advise the
importance of them to the financial services sector. Explain the risks
associated with the Industrial Controls Systems. Step 4: Law
Enforcement To be completed by the Law Enforcement Representative:
Provide a description of the impact the threat would have on the law
enforcement sector. These impact statements can include the loss of
control of systems, the loss of data integrity or confidentiality,
exfiltration of data, or something else. Also provide impact assessments

as a result of this security incident to the law enforcement sector. Step 5:
The Intelligence Community To be completed by all team members:
Provide an overview of the life cycle of a cyber threat. Explain the
different threat vectors that cyber actors use, and provide a possible list
of nation-state actors that have targeted the US financial services
industry before. Review this threat response and recovery resource and
use what you learned from the resource to provide or propose an
analytical method in which you are able to detect the threat, identify the
threat, and perform threat response and recovery. Identify the stage of
the cyber threat life cycle where you would observe different threat
behaviors. Include ways to defend against the threat, and protect against
the threat. Provide this information in the SAR and AAR. To be
completed by the Intelligence Community Representative: Provide
intelligence on the nation-state actor, their cyber tools, techniques, and
procedures. Leverage available threat reporting such as from FireEye,
Mandiant, and other companies and government entities that provide
intelligence reports. Also include the social engineering methods used
by the nation-state actor and their reasons for attacking US critical
infrastructure. Include this information in the SAR and AAR. Step 6:
Homeland Security To be completed by the Homeland Security
Representative: Use the US-CERT and other similar resources to discuss
the vulnerabilities and exploits that might have been used by the
attackers. Explore the resources for risk mitigation and provide the risk,
response, and risk mitigation steps that should be taken if an entity
suffers the same type of attack. To be completed by all team members:
Provide a risk-threat matrix and provide a current state snapshot of the
risk profile of the financial services sector. These reports will be part of
an overall risk assessment, which will be included in the SAR and AAR.
Review and refer to this risk assessment resource to aid you in
developing this section of the report. Step 7: The SAR and AAR All

team members: After you compile your research, and your own critical
assessments and analysis, determine which information is appropriate
for a Security Assessment Report (SAR) that will be submitted to the
White House, and an After Action Report (AAR) that will be submitted
to the rest of the analyst community. 1.Prepare your SAR for the White
House Cyber National Security Staff, describing the threat, the
motivations of the threat actor, the vulnerabilities that are possible for
the threat actor to exploit, current and expected impact on US financial
services critical infrastructure, the path forward to eliminate or reduce
the risks, and the actions taken to defend and prevent against this threat
in the future. 2. Prepare the AAR. This knowledge management report
will be provided to the cyber threat analyst community, which includes
the intelligence community, the law enforcement community, the
defense and civilian community, the private sector, and academia. The
purpose of the AAR is to share the systems life cycle methodology,
rationale, and critical thinking used to resolve this cyber incident. The
deliverables for this project are as follows: 1. Security Assessment
Report (SAR): This report should be a 14-15 page double-spaced Word
include figures, diagrams, tables, or citations. 2. After Action Report
(AAR): This report should be a 10-15 page double-spaced Word
include figures, diagrams, tables, or citations. 3. A 5-8 slide
PowerPoint presentation for executives along with narration or In-Class
presentation by each team member summarizing a portion of your SAR
and AAR report. Submit your deliverables to the assignment folder.
Before you submit your assignment, review the competencies below,
which your instructor will use to evaluate your work. A good practice
would be to use each competency as a self-check to confirm you have
incorporated all of them in your work. • 1.1: Organize document or

presentation clearly in a manner that promotes understanding and meets
the requirements of the assignment. • 2.3: Evaluate the information in a
problem. • 4.1: Lead and/or participate in a diverse group to accomplish
projects and assignments. • 4.3: Contribute to team projects,
assignments, or organizational goals as an engaged member of a team. •
8.4: Possess knowledge of proper and effective communication in
case of an incident or crisis.
==============================================
CST 610 Project 5 Cryptography
www.cst610rank.com
Project 5 Cryptography CYB610 Project 5 You are an enterprise
security architect for a company in a semiconductor manufacturing
industry where maintaining competitive advantage and protecting
intellectual property is vital. You're in charge of security operations and
strategic security planning. Your responsibilities include devising the
security protocols for identification, access, and authorization
management. You recently implemented cryptography algorithms to
protect the information organization. Leadership is pleased with your
efforts and would like you to take protection methods even further.
They've asked you to study cyber-attacks against different cryptography

mechanisms and deploy access control programs to prevent those types
of attacks. We'd like you to create plans for future security technology
deployments, says one senior manager. And provide documentation so
that others can carry out the deployments. A director chimes in, but you
should also devise a method for ensuring the identification, integrity,
and non-repudiation of information in transit at rest and in use within the
organization. As the enterprise security architect, you are responsible for
providing the following deliverables. Create a network security
vulnerability and threat table in which you outline the security
architecture of the organization, the cryptographic means of protecting
the assets of the organizations, the types of known attacks against those
protections, and means to ward off the attacks. This document will help
you manage the current configuration of the security architecture. Create
a Common Access Card, CAC deployment strategy, in which you
describe the CAC implementation and deployment and encryption
methodology for information security professionals. Create an email
security strategy in which you provide the public key, private key
hashing methodology to determine the best key management system for
your organization. These documents will provide a security overview for
the leadership in your company Encryption uses cryptographic
algorithms to obfuscate data. These complex algorithms transform data
from human readable plaintext into encrypted cipher text. Encryption
uses the principles of substitution and permutation to ensure that data is
transformed in a non-deterministic manner by allowing the user to select
the password or a key to encrypt a message. The recipient must know
the key in order to decrypt the message, translating it back into the
human readable plaintext. There are six steps that will lead you through
this project. After beginning with the workplace scenario, continue to
Step 1: "IT Systems Architecture." The deliverables for this project are
as follows: 1. Create a single report in Word document format. This

report should be about 10 pages long, double-spaced, with citations in
APA format. Page count does not include diagrams or tables. The report
must cover the following: o network security and threat table o
Common Access Card deployment strategy o e-mail security
strategy 2. In a Word document, share your lab experience and provide
screenshots to demonstrate that you performed the lab. When you submit
your project, your work will be evaluated using the competencies listed
below. You can use the list below to self-check your work before
submission. • 1.5: Use sentence structure appropriate to the task,
message and audience. • 1.6: Follow conventions of Standard Written
English. • 1.7: Create neat and professional looking documents
appropriate for the project or presentation. • 2.1: Identify and clearly
explain the issue, question, or problem under critical consideration. •
2.2: Locate and access sufficient information to investigate the
issue or problem. • 2.3: Evaluate the information in a logical and
organized manner to determine its value and relevance to the problem. •
2.4: Consider and analyze information in context to the issue or
problem. • 3.2: Employ mathematical or statistical operations and data
analysis techniques to arrive at a correct or optimal solution. • 5.1:
Knowledge of procedures, tools, and applications used to keep data or
information secure, including public key infrastructure, point-to-point
encryption, and smart cards. Step 1: IT Systems Architecture You are a
senior-level employee and you must tailor your deliverables to suit your
audience: the leadership of the organization. You may choose to use a
fictitious organization, or model your organization on an existing
organization, including proper citations. Leadership is not familiar with
the architecture of the IT systems, nor are they familiar with the types of
threats that are likely or the security mechanisms in place to ward off
those threats. You will provide this information in tabular format and
call it the Network Security and Vulnerability Threat Table. Refer to this

threat table template for guidance on creating this document. Before you
begin, select the links below to review some material on information
security. These resources will help you complete the network security
and vulnerability threat table. • LAN security • Availability Now
you’re ready to create your table. Include and define the following
components of security in the architecture of your organization, and
explain if threats to these components are likely, or unlikely: • LAN
security • identity management • physical security • personal
security • availability • privacy Next, review the different types of
cyberattacks described in the following resource: cyberattacks. As
you’re reading take note of which attacks are most likely to affect your
organization. Then list the security defenses you employ in your
organization to mitigate these types of attacks. Include this information
in your Network Security and Vulnerability Threat Table. Step 2: Plan
of Protection Note: You will utilize the tools in Workspace for this step.
If you need help outside the classroom, you can register for the CLAB
699 Cyber Computing Lab Assistance (go to the Discussions List for
registration information). Primary lab assistance is available from a team
of lab assistants. Lab assistants are professionals and are trained to help
you. Click here to access the instructions for Navigating the Workspace
and the Lab Setup. Next, select the following link to enter Workspace
and complete the lab exercises. Click here to access the Project 5
Workspace Exercise Instructions. Explore the tutorials and user guides
to learn more about the tools you will use. In this lab exercise, you will
learn more about the transmission of files that do not seem suspicious
but that actually have embedded malicious payload, undetectable to
human hearing or vision. This type of threat can enter your
organization’s networks and databases undetected through the use of
steganography or data hiding. You should include this type of threat
vector to an organization in your report to leadership. Research how

organizations can monitor, identify and remedy those files with
embedded files and data, and provide these as recommendations for your
leadership. You will have to provide the leadership of your organization
with your plan for protecting identity, access, authorization and
nonrepudiation of information transmission, storage, and usage.
Research scholarly works on nonrepudiation measures and discuss
options for protecting the integrity of an organization's information
assets, which include files, networks, databases, and e-mail, and include
this in your lab report. Step 3: Data Hiding Technologies You will
describe to your organization the various cryptographic means of
protecting its assets. Select the links below to review encryption
techniques and encryption technologies, then provide your organization
with a brief overview of each. Encryption Technologies 1. Shift /
Caesar cipher 2. Polyalphabetic cipher 3. One time pad
cipher/Vernam cipher/perfect cipher 4. Block ciphers 5. triple DES 6.
RSA 7. Advanced Encryption Standard (AES) 8. Symmetric
encryption 9. Text block coding Data Hiding Technologies 1.
Information hiding and steganography 2. Digital watermarking
3. Masks and filtering These descriptions will be included in the
network security vulnerability and threat table for leadership. Step 4:
Creating the Network Security Vulnerability and Threat Table Using the
information you've gathered from the previous steps, prepare the
network security vulnerability and threat table, in which you outline the
following: • security architecture of the organization • the
cryptographic means of protecting the assets of the organization • the
types of known attacks against those types of protections • means to
ward off the attacks Create your Network Security Vulnerability and
Threat Table, and include it in your submission to the organization.
Please refer to this threat table template for guidance on creating this
document. Step 5: Access Control Based on Smart Card Strategies Smart

cards use encryption chips to identify the user, their identity, role, and
sometimes use their personal identifiable information (PII). Two
examples of smart cards are the federal government’s use of common
access cards (CACs), and the financial sector’s use of encryption chips
in credit cards. You have completed your threat table, and you've
decided that you want to modernize the access control methods for your
organization. To that end, you read the following resources to gather
some background information on access control and the various
encryption schemas associated with the Common Access Card (CAC): •
Access control • Common access Card (CAC) You plan to deploy
CAC to the company and you are tasked with devising that CAC
deployment strategy, which includes the cryptographic solutions used
with the CAC. In the Common Access Card Deployment Strategy final
deliverable, describe how identity management would be a part of your
overall security program and your CAC deployment plan: Create your
Common Access Card Deployment Strategy and include it in your
submission to the organization. Step 6: The Email Security Strategy
After completing the CAC, your next step is to build the Secure Email
Strategy for the organization. You will present this tool to your
leadership. Provide an overview of the types of public-private key
pairing, and show how this provides authentication and nonrepudiation.
You will also add hashing, and describe how this added security benefit
ensures the integrity of messaging. Begin preparing your strategy by
reviewing the following resources that will aid you in becoming well
informed on encryption technologies for e-mail: • Public Key
Infrastructure (PKI) • iOS encryption • Blackberry encryption Then start
developing your strategy. Define these strong encryption technologies as
general principles in secure email: Pretty Good Policy (PGP algorithm) •
GNU Privacy Guard (GPG) • Public Key Infrastructure (PKI) •
Digital signature • Mobile device encryption (e.g., iOS

encryption and Blackberry encryption) In your report, also consider how
the use of smart card readers tied to computer systems might be
beneficial in the future enhancements to system and data access
protection. This may help you define long-term solutions for your
leadership. Leadership does not know the costs and technical complexity
of these email encryption strategies. To further their understanding,
compare the complexities of each in relation to the security benefits, and
then make a recommendation and a deployment plan. The deliverables
for this project are as follows: 1. Create a single report in Word
document format. This report should be about 10 pages long, double-
spaced, with citations in APA format. Page count does not include
diagrams or tables. The report must cover the following: o network
security and threat table o Common Access Card deployment strategy
o e-mail security strategy 2. In a Word document, share your lab
experience and provide screenshots to demonstrate that you performed
the lab. Submit your deliverables to the assignment folder. Before you
submit your assignment, review the competencies below, which your
instructor will use to evaluate your work. A good practice would be to
use each competency as a self-check to confirm you have incorporated
all of them in your work. • 1.5: Use sentence structure appropriate to
the task, message and audience. • 1.6: Follow conventions of Standard
Written English. • 1.7: Create neat and professional looking
documents appropriate for the project or presentation. • 2.1: Identify and
clearly explain the issue, question, or problem under critical
consideration. • 2.2: Locate and access sufficient information to
investigate the issue or problem. • 2.3: Evaluate the information in a
problem. • 2.4: Consider and analyze information in context to the issue
or problem. • 3.2: Employ mathematical or statistical operations and
data analysis techniques to arrive at a correct or optimal solution. • 5.1:

Knowledge of procedures, tools, and applications used to keep data or
information secure, including public key infrastructure, point-to-point
encryption, and smart cards.
==============================================
CST 610 Project 6 Digital Forensics Analysis
www.cst610rank.com
• Project 6 Digital Forensics Analysis Project 6 Start Here This
project will provide an introduction to digital forensic analysis. Digital
forensic analysis is used to review and investigate data collected through
digital communications and computer networks. The National Institute
for Standards and Technology (NIST) has defined four fundamental
phases for forensic analysis: collection, examination, analysis, and
reporting. You will learn more about these concepts as you navigate
throughout the steps of this project and read the literature and links
found in each step. There are four steps that will lead you through this
project. Begin with Step 1: “Methodology. The deliverables for this
project are as follows: 1. Digital Forensic Research Paper: This
should be a five-page double-spaced Word document with citations in
APA format. The page count does not include diagrams or tables. 2.
In a Word document, share your lab experience and provide
screenshots to demonstrate that you completed the lab. When you submit

your project, your work will be evaluated using the competencies listed
below. You can use the list below to self-check your work before
submission. • 5.3: Uses defensive measures and information collected
from a variety of sources to identify, analyze, and report events that
occur or might occur within the network in order to protect information,
information systems, and networks from threats. • 8.6: Provides
professional preparation for computer digital forensics, investigation of
crime, and preservation of digital evidence in criminal and civil
investigations and information security incident response. • 8.7:
Provide theoretical basis and practical assistance for all aspects of digital
investigation and the use of computer evidence in forensics and law
enforcement. Step 1: Methodology The methodology includes following
a systems process. Identify the requirements, purpose, and objectives of
the investigation. Click the links below to review information that will
aid in conducting and documenting an investigation: • secure
programming fundamentals • forensics fundamentals Learn about
the investigation methodology. Consider secure programming
fundamentals. Define the digital forensics analysis methodology, and the
phases of the digital forensics fundamentals and methodology, including
the following: 1.preparation 2. extraction 3. identification 4. analysis
This information will help you understand the process you will use
during an investigation. Step 2: Tools and Techniques Select the
following links to learn about forensics analysis tools, methods, and
techniques: 1. forensics analysis tools 2. web log and session
analysis 3. hash analysis Step 3: Exploring Forensic Tools Note: You
will utilize the tools in Workspace for this step. If you need help outside
the classroom, you can register for the CLAB 699 Cyber Computing Lab
Assistance (go to the Discussions List for registration information).
Primary lab assistance is available from a team of lab assistants. Lab
assistants are professionals and are trained to help you. Click here to

access the instructions for Navigating the Workspace and the Lab Setup.
Select the following link to enter Workspace. Complete the forensic
tools exercise provided in this lab. Explore the tutorials and user guides
to learn more about various types of digital forensic tools. Click here to
access the Project 6 Workspace Exercise Instructions. You will learn
about the different types of tools, techniques, and analyses. Step 4:
Digital Forensics Research Paper Now that you have learned basics of
digital forensics analyses and methodology, and have experienced one of
the common forensic tools, use the material presented in this project as
well as research you've conducted outside of the course materials to
write a research paper that addresses the following: 1. digital forensic
methodology 2. the importance of using forensic tools to collect and
analyze evidence (e.g., FTK Imager and EnCase) 3. hashing in the
context of digital forensics 4. How do you ensure that the evidence
collected has not been tampered with (i.e., after collection)? Why and
how is this important to prove in a court of law? The deliverables for
this project are as follows: 1. Digital Forensic Research Paper: This
should be a five-page double-spaced Word document with citations in
APA format. The page count does not include diagrams or tables. 2.
In a Word document, share your lab experience and provide
screenshots to demonstrate that you completed the lab. Submit your
deliverables to the assignment folder. Before you submit your
assignment, review the competencies below, which your instructor will
use to evaluate your work. A good practice would be to use each
competency as a self-check to confirm you have incorporated all of them
in your work. • 5.3: Uses defensive measures and information collected
from a variety of sources to identify, analyze, and report events that
occur or might occur within the network in order to protect information,
information systems, and networks from threats. • 8.6: Provides
professional preparation for computer digital forensics, investigation of

crime, and preservation of digital evidence in criminal and civil
investigations and information security incident response. • 8.7:
Provide theoretical basis and practical assistance for all aspects of digital
investigation and the use of computer evidence in forensics and law
enforcement.
==============================================

CST 610 Project Guide for Healthcare Info Systems

Recommended

Recommended

More Related Content

What's hot

What's hot (17)

Similar to CST 610 Project Guide for Healthcare Info Systems

Similar to CST 610 Project Guide for Healthcare Info Systems (12)

Recently uploaded

Recently uploaded (20)

CST 610 Project Guide for Healthcare Info Systems