SlideShare a Scribd company logo

Csec 610 Extraordinary Success/newtonhelp.com

Download as DOC, PDF
A
amaranthbeg112

For more course tutorials visit www.newtonhelp.com CSEC 610 Project 1 Information Systems and Identity Management CSEC 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) CSEC 610 Project 3 Assessing Information System Vulnerabilities and Risk CSEC 610 Project 4 Threat Analysis and Exploitation

Education
1 of 15
CSEC 610 All Project (Project 1-6) For more course tutorials visit www.newtonhelp.com CSEC 610 Project 1 Information Systems and Identity Management CSEC 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) CSEC 610 Project 3 Assessing Information System Vulnerabilities and Risk CSEC 610 Project 4 Threat Analysis and Exploitation CSEC 610 Project 5 Cryptography CSEC 610 Project 6 Digital Forensics Analysis --------------------------------------------------------------------------------------------------------- CSEC 610 Project 1 Information Systems and Identity Management For more course tutorials visit
www.newtonhelp.com Project 1 Information Systems and Identity Management Video transcript CSEC 610 Project 1 You are a systems administrator in the IT department of a major metropolitan hospital. Your duties are to ensure the confidentiality, availability, and integrity of patient records, as well as the other files and databases used throughout the hospital. Your work affects several departments, including Human Resources, Finance, Billing, Accounting, and Scheduling. You also apply security controls on passwords for user accounts. Just before clocking out for the day, you notice something strange in the hospital's computer system. Some person, or group, has accessed user accounts and conducted unauthorized activities. Recently, the hospital experienced intrusion into one of its patient's billing accounts. After validating user profiles in Active Directory and matching them with user credentials, you suspect several user's passwords have been compromised to gain access to the hospital's computer network. You schedule an emergency meeting with the director of IT and the hospital board. In light of this security breach, they ask you to examine the security posture of the hospital's information systems infrastructure and implement defense techniques. This must be done quickly, your director says. The hospital board is less knowledgeable about information system security. The board makes it clear that it has a limited cybersecurity budget. However, if you can make a strong case to the board, it is likely that they will increase your budget and implement your recommended tool company¬wide. You will share your findings on the hospital's security posture. Your findings will be brought to the director of IT in a technical report. You will also provide a non¬technical assessment of the overall identity management system of the hospital and define practices to restrict and permit access
to information. You will share this assessment with the hospital board in the form of a narrated slide show presentation. You know that identity management will increase the security of the overall information system's infrastructure for the hospital. You also know that, with a good identity management system, the security and productivity benefits will outweigh costs incurred. This is the argument you must make to those stakeholders. Daily life requires us to have access to a lot of information, and information systems help us access that information. Desktop computers, laptops, and mobile devices keep us connected to the information we need through processes that work via hardware and software components. Information systems infrastructure makes this possible. However, our easy access to communication and information also creates security and privacy risks. Laws, regulations, policies, and guidelines exist to protect information and information owners. Cybersecurity ensures the confidentiality, integrity, and availability of the information. Identity management is a fundamental practice. Part of identity management is the governance of access, authorization, and authentication of users to information systems, Identity management is one part of a layered security defense strategy within the information systems infrastructure. Your work in this project will enable you to produce a technical report and nontechnical presentation that addresses these requirements. There are five steps that will help you create your final deliverables. The deliverables for this project are as follows: 1. Nontechnical presentation: This is an 8-10 slide PowerPoint presentation for business executives and board members. 2. Technical report: Your report should be a 6-7 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations. 3. Executive summary: This should be a 2-3 page double-spaced Word document. 4. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab. ---------------------------------------------------------------------------------------------------------
CSEC 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) For more course tutorials visit www.newtonhelp.com CYB 610 Project 2 Congratulations, you are the newly appointed lead cybersecurity engineer with your company in the oil and natural gas sector. This is a senior¬level position. You were hired two months ago based on your successful cybersecurity experience with a previous employer. Your technical knowledge of cybersecurity is solid. However, you have a lot to learn about this company's culture, processes, and IT funding decisions, which are made by higher management. You have recently come across numerous anomalies and incidents leading to security breaches. The incidents took place separately, and it has not been determined if they were caused by a single source or multiple related sources. First, a month ago, a set of three corporate database servers crashed suddenly. Then, a week ago, anomalies were found in the configuration of certain server and router systems of your company. You immediately recognized that something with your IT resources was not right. You suspect that someone, or some group, has been regularly accessing your user account and conducting unauthorized configuration changes. You meet with your leadership to discuss the vulnerabilities. They would like you to provide a security assessment report, or SAR, on the state of the operating systems within the organization. You're also tasked with creating a non-technical narrated presentation summarizing your thoughts. The organization uses multiple operating systems that are
Microsoft-based and Linux¬based. You will have to understand these technologies for vulnerability scanning using the tools that work best for the systems in the corporate network. You know that identity management will increase the security of the overall information systems infrastructure for the company. You also know that with a good identity management system, the security and productivity benefits will --------------------------------------------------------------------------------------------------------- CSEC 610 Project 3 Assessing Information System Vulnerabilities and Risk For more course tutorials visit www.newtonhelp.com Project 3 Assessing Information System Vulnerabilities and Risk CYB 610 Project 3 You are an Information Assurance Management Officer, IAMO, at an organization of your choosing. One morning, as you're getting ready for work, you see an email from Karen, your manager. She asks you to come to her office as soon as you get in. When you arrive to your work, you head straight to Karen's office. “Sorry for the impromptu meeting,” she says, “but we have a bit of an emergency. There's been a security breach at the Office of Personnel Management.” We don't know how this happened, but we need to make sure it doesn't happen again, says Karen. You'll be receiving an email with more information on the security breach. Use this info to assess the information system vulnerabilities of the Office of Personnel Management. At your desk, you open Karen's email. She's given you an
OPM report from the Office of the Inspector General, or OIG. You have studied the OPM OIG report and found that the hackers were able to gain access through compromised credentials. The security breach could have been prevented, if the Office of Personnel Management, or OPM, had abided by previous auditing reports and security findings. In addition, access to the databases could have been prevented by implementing various encryption schemas and could have been identified after running regularly scheduled scans of the systems. Karen and the rest of the leadership team want you to compile your findings into a Security Assessment Report or SAR. You will also create a Risk Assessment Report, or RAR, in which you identify threats, vulnerabilities, risks, and likelihood of exploitation and suggested remediation The security posture of the information systems infrastructure of an organization should be regularly monitored and assessed (including software, hardware, firmware components, governance policies, and implementation of security controls). The monitoring and assessment of the infrastructure and its components, policies, and processes should also account for changes and new procurements that are sure to follow in order to stay in step with ever-changing information system technologies. The data breach at the Office of Personnel Management (OPM) is one of the largest in US government history. It provides a series of lessons learned for other organizations in industry and the public sector. Some critical security practices, such as lack of diligence to security controls and management of changes to the information systems infrastructure were cited as contributors to the massive data breach in the OPM Office of the Inspector General's (OIG) Final Audit Report, which can be found in open source searches. Some of the findings in the report include: --------------------------------------------------------------------------------------------------------- CSEC 610 Project 4 Threat Analysis and Exploitation
For more course tutorials visit www.newtonhelp.com Project 4 Threat Analysis and Exploitation CYB610 Project 4 You are part of a collaborative team that was created to address cyber threats and exploitation of US financial systems critical infrastructure. Your team has been assembled by the White House Cyber National security staff to provide situational awareness about a current network breach and cyber attack against several financial service institutions. Your team consists of four roles, a representative from the financial services sector who has discovered the network breach and the cyber attacks. These attacks include distributed denial of service attacks, DDOS, web defacements, sensitive data exfiltration, and other attack vectors typical of this nation state actor. A representative from law enforcement who has provided additional evidence of network attacks found using network defense tools. A representative from the intelligence agency who has identified the nation state actor from numerous public and government provided threat intelligence reports. This representative will provide threat intelligence on the tools, techniques, and procedures of this nation state actor. A representative from the Department of Homeland Security who will provide the risk, response, and recovery actions taken as a result of this cyber threat. Your team will have to provide education and security awareness to the financial services sector about the threats, vulnerabilities, risks, and risk mitigation and remediation procedures to be implemented to maintain a robust security posture. Finally, your team will take the lessons learned from this cyber incident and share that knowledge with the rest of the
cyber threat analysis community. At the end of the response to this cyber incident, your team will provide two deliverables, a situational analysis report, or SAR, to the White House Cyber National security staff and an After Action Report and lesson learned to the cyber threat analyst community. US critical infrastructure-power—water, oil and natural gas, military systems, financial systems—have become the target of cyber and physical attacks as more critical infrastructure systems are integrated with the Internet and other digital controls systems. The lesson learned in defending and mitigating cyberattacks is that no entity can prevent or • 4.1: Lead and/or participate in a diverse group to accomplish projects and assignments. • 4.3: Contribute to team projects, assignments, or organizational goals as an engaged member of a team. • 8.4: Possess knowledge of proper and effective communication in case of an incident or crisis. Step 1: Establishing Roles As described in the scenario, you will be working in a small team (usually five members). Your instructor has provided an area for your group discussions, collaboration, and file sharing. Take some time to learn about your teammates (introductions, LinkedIn profiles and bios) to understand the experience and expertise of the team members. Studies on teamwork outline the typical team stages of forming, storming, norming, and performing (see Tuckman, Bruce W. (1965), "Developmental sequence in small groups," Psychological Bulletin, 63, 384-399.) This guidance on teamwork may be helpful. In order to do well, you and your team members must start communicating or "forming" immediately and discuss how you will divide the work. Review the project and if you have portions of the work that play well to your strengths, make this known to your team members. Then develop a project plan and schedule to get the work done. Finally, agree on a communications plan, which allows your team members to know where the project stands. During this stage, you may
have disagreements or differences of opinion about roles and division of work. This is a normal aspect of "storming." Once you start agreeing on roles and tasks, you are well on your way to "norming." You should settle on a collaboration space and share drafts of your work in your classroom team locker so your team members and the instructor can see the work progression. All team members must contribute, but the deliverables need to be cohesive. Therefore, each of you will need to review each other's work and help each other. While you may have to use collaborative tools outside the classroom, maintain the key documents in the respective team project locker in the classroom. Your team will use this area to establish ground rules for --------------------------------------------------------------------------------------------------------- CSEC 610 Project 5 Cryptography For more course tutorials visit www.newtonhelp.com Project 5 Cryptography CYB610 Project 5 You are an enterprise security architect for a company in a semiconductor manufacturing industry where maintaining competitive advantage and protecting intellectual property is vital. You're in charge of security operations and strategic security planning. Your responsibilities include devising the security protocols for identification, access, and authorization management. You recently implemented cryptography algorithms to protect the information organization. Leadership is pleased with your efforts and would like you
to take protection methods even further. They've asked you to study cyber-attacks against different cryptography mechanisms and deploy access control programs to prevent those types of attacks. We'd like you to create plans for future security technology deployments, says one senior manager. And provide documentation so that others can carry out the deployments. A director chimes in, but you should also devise a method for ensuring the identification, integrity, and non-repudiation of information in transit at rest and in use within the organization. As the enterprise security architect, you are responsible for providing the following deliverables. Create a network security vulnerability and threat table in which you outline the security architecture of the organization, the cryptographic means of protecting the assets of the organizations, the types of known attacks against those protections, and means to ward off the attacks. This document will help you manage the current configuration of the security architecture. Create a Common Access Card, CAC deployment strategy, in which you describe the CAC implementation and deployment and encryption methodology for information security professionals. Create an email security strategy in which you provide the public key, private key hashing methodology to determine the best key management system for your organization. These documents will provide a security overview for the leadership in your company Encryption uses cryptographic algorithms to obfuscate data. These complex algorithms transform data from human readable plaintext into encrypted cipher text. Encryption uses the principles of substitution and permutation to ensure that data is transformed in a non-deterministic manner by allowing the user to select the password or a key to encrypt a message. The recipient must know the key in order to decrypt the message, translating it back into the human readable plaintext. There are six steps that will lead you through this project. After beginning with the workplace scenario, continue to Step 1: "IT Systems Architecture." The deliverables for this project are as follows: 1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format.
Page count does not include diagrams or tables. The report must cover the following: o network security and threat table o Common Access Card deployment strategy o e-mail security strategy 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.5: Use sentence structure appropriate to the task, message and audience. • 1.6: Follow conventions of Standard Written English. • 1.7: Create neat and professional looking documents appropriate for the project or presentation. • 2.1: Identify and clearly explain the issue, question, or problem under critical consideration. --------------------------------------------------------------------------------------------------------- CSEC 610 Project 6 Digital Forensics Analysis For more course tutorials visit www.newtonhelp.com • Project 6 Digital Forensics Analysis Project 6 Start Here
This project will provide an introduction to digital forensic analysis. Digital forensic analysis is used to review and investigate data collected through digital communications and computer networks. The National Institute for Standards and Technology (NIST) has defined four fundamental phases for forensic analysis: collection, examination, analysis, and reporting. You will learn more about these concepts as you navigate throughout the steps of this project and read the literature and links found in each step. There are four steps that will lead you through this project. Begin with Step 1: “Methodology. The deliverables for this project are as follows: 1. Digital Forensic Research Paper: This should be a five-page double- spaced Word document with citations in APA format. The page count does not include diagrams or tables. 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you completed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. • 8.6: Provides professional preparation for computer digital forensics, investigation of crime, and preservation of digital evidence in criminal and civil investigations and information security incident response. • 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. Step 1: Methodology The methodology includes following a systems process. Identify the requirements, purpose, and objectives of the investigation. Click the links below to review information that will aid in conducting and documenting an investigation: • secure programming fundamentals • forensics fundamentals
Learn about the investigation methodology. Consider secure programming fundamentals. Define the digital forensics analysis methodology, and the phases of the digital forensics fundamentals and methodology, including the following: 1. preparation 2. extraction 3. identification 4. analysis This information will help you understand the process you will use during an investigation. Step 2: Tools and Techniques Select the following links to learn about forensics analysis tools, methods, and techniques: 1. forensics analysis tools 2. web log and session analysis 3. hash analysis Step 3: Exploring Forensic Tools Note: You will utilize the tools in Workspace for this step. If you need help outside the classroom, you can register for the CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration information). Primary lab assistance is available from a team of lab assistants. Lab assistants are professionals and are trained to help you. Click here to access the instructions for Navigating the Workspace and the Lab Setup. Select the following link to enter Workspace. Complete the forensic tools exercise provided in this lab. Explore the tutorials and user guides to learn more about various types of digital forensic tools. Click here to access the Project 6 Workspace Exercise Instructions. You will learn about the different types of tools, techniques, and analyses. Step 4: Digital Forensics Research Paper Now that you have learned basics of digital forensics analyses and methodology, and have experienced one of the common forensic tools,
use the material presented in this project as well as research you've conducted outside of the course materials to write a research paper that addresses the following: 1. digital forensic methodology 2. the importance of using forensic tools to collect and analyze evidence (e.g., FTK Imager and EnCase) 3. hashing in the context of digital forensics 4. How do you ensure that the evidence collected has not been tampered with (i.e., after collection)? Why and how is this important to prove in a court of law? The deliverables for this project are as follows: 1. Digital Forensic Research Paper: This should be a five-page double- spaced Word document with citations in APA format. The page count does not include diagrams or tables. 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you completed the lab. Submit your deliverables to the assignment folder. Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work. • 5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. • 8.6: Provides professional preparation for computer digital forensics, investigation of crime, and preservation of digital evidence in criminal and civil investigations and information security incident response. • 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. ---------------------------------------------------------------------------------------------------------
Csec 610 Extraordinary Success/newtonhelp.com

Recommended

Csec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comCsec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comPrescottLunt384
 
Cyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comCyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comamaranthbeg55
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comamaranthbeg53
 
NASA OIG Report
NASA OIG ReportNASA OIG Report
NASA OIG ReportPriyanka Aash
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET Journal
 
IT-Audit C&A
IT-Audit C&AIT-Audit C&A
IT-Audit C&AMang Sum
 
3rd Party Outsourcing Information Security Assessment Questionnaire
3rd Party Outsourcing Information Security Assessment Questionnaire3rd Party Outsourcing Information Security Assessment Questionnaire
3rd Party Outsourcing Information Security Assessment QuestionnairePriyanka Aash
 

Recommended

Csec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comCsec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comPrescottLunt384
 
Cyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comCyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comamaranthbeg55
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comamaranthbeg53
 
NASA OIG Report
NASA OIG ReportNASA OIG Report
NASA OIG ReportPriyanka Aash
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET Journal
 
IT-Audit C&A
IT-Audit C&AIT-Audit C&A
IT-Audit C&AMang Sum
 
3rd Party Outsourcing Information Security Assessment Questionnaire
3rd Party Outsourcing Information Security Assessment Questionnaire3rd Party Outsourcing Information Security Assessment Questionnaire
3rd Party Outsourcing Information Security Assessment QuestionnairePriyanka Aash
 
Supplier security assessment questionnaire
Supplier security assessment questionnaireSupplier security assessment questionnaire
Supplier security assessment questionnairePriyanka Aash
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printjames morris
 
How to Secure Your Medical Devices
How to Secure Your Medical DevicesHow to Secure Your Medical Devices
How to Secure Your Medical DevicesSecurityMetrics
 
Sample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureSample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureDavid Sweigert
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS Accelerite
 
Disaster Proof
Disaster ProofDisaster Proof
Disaster ProofDigeratiGroup
 
Sap template 050312
Sap template 050312Sap template 050312
Sap template 050312GovCloud Network
 
Legal and ethical aspects
Legal and ethical aspectsLegal and ethical aspects
Legal and ethical aspectsCAS
 
3rd party information security assessment guideline
3rd party information security assessment guideline3rd party information security assessment guideline
3rd party information security assessment guidelinePriyanka Aash
 
NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417James W. De Rienzo
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodFalgun Rathod
 
Cyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comCyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comamaranthbeg95
 
Cst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comCst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comamaranthbeg93
 
Cst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comCst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comamaranthbeg73
 
CST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comCST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comclaric240
 
CSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comCSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comMcdonaldRyan78
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comkopiko146
 
Csec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comCsec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comrobertlesew5
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comBaileyaby
 
CST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comCST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comjonhson198
 
CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.com CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.comjonhson198
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comBaileyabv
 

More Related Content

What's hot

Supplier security assessment questionnaire
Supplier security assessment questionnaireSupplier security assessment questionnaire
Supplier security assessment questionnairePriyanka Aash
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printjames morris
 
How to Secure Your Medical Devices
How to Secure Your Medical DevicesHow to Secure Your Medical Devices
How to Secure Your Medical DevicesSecurityMetrics
 
Sample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureSample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureDavid Sweigert
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS Accelerite
 
Legal and ethical aspects
Legal and ethical aspectsLegal and ethical aspects
Legal and ethical aspectsCAS
 
3rd party information security assessment guideline
3rd party information security assessment guideline3rd party information security assessment guideline
3rd party information security assessment guidelinePriyanka Aash
 
NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417James W. De Rienzo
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodFalgun Rathod
 

What's hot (11)

Supplier security assessment questionnaire
Supplier security assessment questionnaireSupplier security assessment questionnaire
Supplier security assessment questionnaire
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
 
How to Secure Your Medical Devices
How to Secure Your Medical DevicesHow to Secure Your Medical Devices
How to Secure Your Medical Devices
 
Sample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureSample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructure
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
 
Disaster Proof
Disaster ProofDisaster Proof
Disaster Proof
 
Sap template 050312
Sap template 050312Sap template 050312
Sap template 050312
 
Legal and ethical aspects
Legal and ethical aspectsLegal and ethical aspects
Legal and ethical aspects
 
3rd party information security assessment guideline
3rd party information security assessment guideline3rd party information security assessment guideline
3rd party information security assessment guideline
 
NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
 

Similar to Csec 610 Extraordinary Success/newtonhelp.com

Cyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comCyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comamaranthbeg95
 
Cst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comCst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comamaranthbeg93
 
Cst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comCst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comamaranthbeg73
 
CST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comCST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comclaric240
 
CSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comCSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comMcdonaldRyan78
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comkopiko146
 
Csec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comCsec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comrobertlesew5
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comBaileyaby
 
CST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comCST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comjonhson198
 
CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.com CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.comjonhson198
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comBaileyabv
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comVSNaipaul15
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comagathachristie112
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comKeatonJennings104
 
CSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.comCSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.comdonaldzs7
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comagathachristie265
 
Cst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comCst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comBaileyabw
 
CST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.comCST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.comchrysanthemu49
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comrobertlesew8
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comdonaldzs9
 

Similar to Csec 610 Extraordinary Success/newtonhelp.com (20)

Cyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comCyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.com
 
Cst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comCst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.com
 
Cst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comCst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.com
 
CST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comCST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.com
 
CSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comCSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.com
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.com
 
Csec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comCsec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.com
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
 
CST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comCST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.com
 
CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.com CSEC 610 Effective Communication/tutorialrank.com
CSEC 610 Effective Communication/tutorialrank.com
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.com
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.com
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.com
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.com
 
CSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.comCSEC 610 Effective Communication - snaptutorial.com
CSEC 610 Effective Communication - snaptutorial.com
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.com
 
Cst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comCst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.com
 
CST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.comCST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.com
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.com
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.com
 

Recently uploaded

Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxRomantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxsqpmdrvczh
 
Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayMakMakNepo
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxChelloAnnAsuncion2
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationAadityaSharma884161
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 

Recently uploaded (20)

Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxRomantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptx
 
Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up Friday
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint Presentation
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 

Csec 610 Extraordinary Success/newtonhelp.com

  • 1. CSEC 610 All Project (Project 1-6) For more course tutorials visit www.newtonhelp.com CSEC 610 Project 1 Information Systems and Identity Management CSEC 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) CSEC 610 Project 3 Assessing Information System Vulnerabilities and Risk CSEC 610 Project 4 Threat Analysis and Exploitation CSEC 610 Project 5 Cryptography CSEC 610 Project 6 Digital Forensics Analysis --------------------------------------------------------------------------------------------------------- CSEC 610 Project 1 Information Systems and Identity Management For more course tutorials visit
  • 2. www.newtonhelp.com Project 1 Information Systems and Identity Management Video transcript CSEC 610 Project 1 You are a systems administrator in the IT department of a major metropolitan hospital. Your duties are to ensure the confidentiality, availability, and integrity of patient records, as well as the other files and databases used throughout the hospital. Your work affects several departments, including Human Resources, Finance, Billing, Accounting, and Scheduling. You also apply security controls on passwords for user accounts. Just before clocking out for the day, you notice something strange in the hospital's computer system. Some person, or group, has accessed user accounts and conducted unauthorized activities. Recently, the hospital experienced intrusion into one of its patient's billing accounts. After validating user profiles in Active Directory and matching them with user credentials, you suspect several user's passwords have been compromised to gain access to the hospital's computer network. You schedule an emergency meeting with the director of IT and the hospital board. In light of this security breach, they ask you to examine the security posture of the hospital's information systems infrastructure and implement defense techniques. This must be done quickly, your director says. The hospital board is less knowledgeable about information system security. The board makes it clear that it has a limited cybersecurity budget. However, if you can make a strong case to the board, it is likely that they will increase your budget and implement your recommended tool company¬wide. You will share your findings on the hospital's security posture. Your findings will be brought to the director of IT in a technical report. You will also provide a non¬technical assessment of the overall identity management system of the hospital and define practices to restrict and permit access
  • 3. to information. You will share this assessment with the hospital board in the form of a narrated slide show presentation. You know that identity management will increase the security of the overall information system's infrastructure for the hospital. You also know that, with a good identity management system, the security and productivity benefits will outweigh costs incurred. This is the argument you must make to those stakeholders. Daily life requires us to have access to a lot of information, and information systems help us access that information. Desktop computers, laptops, and mobile devices keep us connected to the information we need through processes that work via hardware and software components. Information systems infrastructure makes this possible. However, our easy access to communication and information also creates security and privacy risks. Laws, regulations, policies, and guidelines exist to protect information and information owners. Cybersecurity ensures the confidentiality, integrity, and availability of the information. Identity management is a fundamental practice. Part of identity management is the governance of access, authorization, and authentication of users to information systems, Identity management is one part of a layered security defense strategy within the information systems infrastructure. Your work in this project will enable you to produce a technical report and nontechnical presentation that addresses these requirements. There are five steps that will help you create your final deliverables. The deliverables for this project are as follows: 1. Nontechnical presentation: This is an 8-10 slide PowerPoint presentation for business executives and board members. 2. Technical report: Your report should be a 6-7 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations. 3. Executive summary: This should be a 2-3 page double-spaced Word document. 4. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab. ---------------------------------------------------------------------------------------------------------
  • 4. CSEC 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) For more course tutorials visit www.newtonhelp.com CYB 610 Project 2 Congratulations, you are the newly appointed lead cybersecurity engineer with your company in the oil and natural gas sector. This is a senior¬level position. You were hired two months ago based on your successful cybersecurity experience with a previous employer. Your technical knowledge of cybersecurity is solid. However, you have a lot to learn about this company's culture, processes, and IT funding decisions, which are made by higher management. You have recently come across numerous anomalies and incidents leading to security breaches. The incidents took place separately, and it has not been determined if they were caused by a single source or multiple related sources. First, a month ago, a set of three corporate database servers crashed suddenly. Then, a week ago, anomalies were found in the configuration of certain server and router systems of your company. You immediately recognized that something with your IT resources was not right. You suspect that someone, or some group, has been regularly accessing your user account and conducting unauthorized configuration changes. You meet with your leadership to discuss the vulnerabilities. They would like you to provide a security assessment report, or SAR, on the state of the operating systems within the organization. You're also tasked with creating a non-technical narrated presentation summarizing your thoughts. The organization uses multiple operating systems that are
  • 5. Microsoft-based and Linux¬based. You will have to understand these technologies for vulnerability scanning using the tools that work best for the systems in the corporate network. You know that identity management will increase the security of the overall information systems infrastructure for the company. You also know that with a good identity management system, the security and productivity benefits will --------------------------------------------------------------------------------------------------------- CSEC 610 Project 3 Assessing Information System Vulnerabilities and Risk For more course tutorials visit www.newtonhelp.com Project 3 Assessing Information System Vulnerabilities and Risk CYB 610 Project 3 You are an Information Assurance Management Officer, IAMO, at an organization of your choosing. One morning, as you're getting ready for work, you see an email from Karen, your manager. She asks you to come to her office as soon as you get in. When you arrive to your work, you head straight to Karen's office. “Sorry for the impromptu meeting,” she says, “but we have a bit of an emergency. There's been a security breach at the Office of Personnel Management.” We don't know how this happened, but we need to make sure it doesn't happen again, says Karen. You'll be receiving an email with more information on the security breach. Use this info to assess the information system vulnerabilities of the Office of Personnel Management. At your desk, you open Karen's email. She's given you an
  • 6. OPM report from the Office of the Inspector General, or OIG. You have studied the OPM OIG report and found that the hackers were able to gain access through compromised credentials. The security breach could have been prevented, if the Office of Personnel Management, or OPM, had abided by previous auditing reports and security findings. In addition, access to the databases could have been prevented by implementing various encryption schemas and could have been identified after running regularly scheduled scans of the systems. Karen and the rest of the leadership team want you to compile your findings into a Security Assessment Report or SAR. You will also create a Risk Assessment Report, or RAR, in which you identify threats, vulnerabilities, risks, and likelihood of exploitation and suggested remediation The security posture of the information systems infrastructure of an organization should be regularly monitored and assessed (including software, hardware, firmware components, governance policies, and implementation of security controls). The monitoring and assessment of the infrastructure and its components, policies, and processes should also account for changes and new procurements that are sure to follow in order to stay in step with ever-changing information system technologies. The data breach at the Office of Personnel Management (OPM) is one of the largest in US government history. It provides a series of lessons learned for other organizations in industry and the public sector. Some critical security practices, such as lack of diligence to security controls and management of changes to the information systems infrastructure were cited as contributors to the massive data breach in the OPM Office of the Inspector General's (OIG) Final Audit Report, which can be found in open source searches. Some of the findings in the report include: --------------------------------------------------------------------------------------------------------- CSEC 610 Project 4 Threat Analysis and Exploitation
  • 7. For more course tutorials visit www.newtonhelp.com Project 4 Threat Analysis and Exploitation CYB610 Project 4 You are part of a collaborative team that was created to address cyber threats and exploitation of US financial systems critical infrastructure. Your team has been assembled by the White House Cyber National security staff to provide situational awareness about a current network breach and cyber attack against several financial service institutions. Your team consists of four roles, a representative from the financial services sector who has discovered the network breach and the cyber attacks. These attacks include distributed denial of service attacks, DDOS, web defacements, sensitive data exfiltration, and other attack vectors typical of this nation state actor. A representative from law enforcement who has provided additional evidence of network attacks found using network defense tools. A representative from the intelligence agency who has identified the nation state actor from numerous public and government provided threat intelligence reports. This representative will provide threat intelligence on the tools, techniques, and procedures of this nation state actor. A representative from the Department of Homeland Security who will provide the risk, response, and recovery actions taken as a result of this cyber threat. Your team will have to provide education and security awareness to the financial services sector about the threats, vulnerabilities, risks, and risk mitigation and remediation procedures to be implemented to maintain a robust security posture. Finally, your team will take the lessons learned from this cyber incident and share that knowledge with the rest of the
  • 8. cyber threat analysis community. At the end of the response to this cyber incident, your team will provide two deliverables, a situational analysis report, or SAR, to the White House Cyber National security staff and an After Action Report and lesson learned to the cyber threat analyst community. US critical infrastructure-power—water, oil and natural gas, military systems, financial systems—have become the target of cyber and physical attacks as more critical infrastructure systems are integrated with the Internet and other digital controls systems. The lesson learned in defending and mitigating cyberattacks is that no entity can prevent or • 4.1: Lead and/or participate in a diverse group to accomplish projects and assignments. • 4.3: Contribute to team projects, assignments, or organizational goals as an engaged member of a team. • 8.4: Possess knowledge of proper and effective communication in case of an incident or crisis. Step 1: Establishing Roles As described in the scenario, you will be working in a small team (usually five members). Your instructor has provided an area for your group discussions, collaboration, and file sharing. Take some time to learn about your teammates (introductions, LinkedIn profiles and bios) to understand the experience and expertise of the team members. Studies on teamwork outline the typical team stages of forming, storming, norming, and performing (see Tuckman, Bruce W. (1965), "Developmental sequence in small groups," Psychological Bulletin, 63, 384-399.) This guidance on teamwork may be helpful. In order to do well, you and your team members must start communicating or "forming" immediately and discuss how you will divide the work. Review the project and if you have portions of the work that play well to your strengths, make this known to your team members. Then develop a project plan and schedule to get the work done. Finally, agree on a communications plan, which allows your team members to know where the project stands. During this stage, you may
  • 9. have disagreements or differences of opinion about roles and division of work. This is a normal aspect of "storming." Once you start agreeing on roles and tasks, you are well on your way to "norming." You should settle on a collaboration space and share drafts of your work in your classroom team locker so your team members and the instructor can see the work progression. All team members must contribute, but the deliverables need to be cohesive. Therefore, each of you will need to review each other's work and help each other. While you may have to use collaborative tools outside the classroom, maintain the key documents in the respective team project locker in the classroom. Your team will use this area to establish ground rules for --------------------------------------------------------------------------------------------------------- CSEC 610 Project 5 Cryptography For more course tutorials visit www.newtonhelp.com Project 5 Cryptography CYB610 Project 5 You are an enterprise security architect for a company in a semiconductor manufacturing industry where maintaining competitive advantage and protecting intellectual property is vital. You're in charge of security operations and strategic security planning. Your responsibilities include devising the security protocols for identification, access, and authorization management. You recently implemented cryptography algorithms to protect the information organization. Leadership is pleased with your efforts and would like you
  • 10. to take protection methods even further. They've asked you to study cyber-attacks against different cryptography mechanisms and deploy access control programs to prevent those types of attacks. We'd like you to create plans for future security technology deployments, says one senior manager. And provide documentation so that others can carry out the deployments. A director chimes in, but you should also devise a method for ensuring the identification, integrity, and non-repudiation of information in transit at rest and in use within the organization. As the enterprise security architect, you are responsible for providing the following deliverables. Create a network security vulnerability and threat table in which you outline the security architecture of the organization, the cryptographic means of protecting the assets of the organizations, the types of known attacks against those protections, and means to ward off the attacks. This document will help you manage the current configuration of the security architecture. Create a Common Access Card, CAC deployment strategy, in which you describe the CAC implementation and deployment and encryption methodology for information security professionals. Create an email security strategy in which you provide the public key, private key hashing methodology to determine the best key management system for your organization. These documents will provide a security overview for the leadership in your company Encryption uses cryptographic algorithms to obfuscate data. These complex algorithms transform data from human readable plaintext into encrypted cipher text. Encryption uses the principles of substitution and permutation to ensure that data is transformed in a non-deterministic manner by allowing the user to select the password or a key to encrypt a message. The recipient must know the key in order to decrypt the message, translating it back into the human readable plaintext. There are six steps that will lead you through this project. After beginning with the workplace scenario, continue to Step 1: "IT Systems Architecture." The deliverables for this project are as follows: 1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format.
  • 11. Page count does not include diagrams or tables. The report must cover the following: o network security and threat table o Common Access Card deployment strategy o e-mail security strategy 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.5: Use sentence structure appropriate to the task, message and audience. • 1.6: Follow conventions of Standard Written English. • 1.7: Create neat and professional looking documents appropriate for the project or presentation. • 2.1: Identify and clearly explain the issue, question, or problem under critical consideration. --------------------------------------------------------------------------------------------------------- CSEC 610 Project 6 Digital Forensics Analysis For more course tutorials visit www.newtonhelp.com • Project 6 Digital Forensics Analysis Project 6 Start Here
  • 12. This project will provide an introduction to digital forensic analysis. Digital forensic analysis is used to review and investigate data collected through digital communications and computer networks. The National Institute for Standards and Technology (NIST) has defined four fundamental phases for forensic analysis: collection, examination, analysis, and reporting. You will learn more about these concepts as you navigate throughout the steps of this project and read the literature and links found in each step. There are four steps that will lead you through this project. Begin with Step 1: “Methodology. The deliverables for this project are as follows: 1. Digital Forensic Research Paper: This should be a five-page double- spaced Word document with citations in APA format. The page count does not include diagrams or tables. 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you completed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. • 8.6: Provides professional preparation for computer digital forensics, investigation of crime, and preservation of digital evidence in criminal and civil investigations and information security incident response. • 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. Step 1: Methodology The methodology includes following a systems process. Identify the requirements, purpose, and objectives of the investigation. Click the links below to review information that will aid in conducting and documenting an investigation: • secure programming fundamentals • forensics fundamentals
  • 13. Learn about the investigation methodology. Consider secure programming fundamentals. Define the digital forensics analysis methodology, and the phases of the digital forensics fundamentals and methodology, including the following: 1. preparation 2. extraction 3. identification 4. analysis This information will help you understand the process you will use during an investigation. Step 2: Tools and Techniques Select the following links to learn about forensics analysis tools, methods, and techniques: 1. forensics analysis tools 2. web log and session analysis 3. hash analysis Step 3: Exploring Forensic Tools Note: You will utilize the tools in Workspace for this step. If you need help outside the classroom, you can register for the CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration information). Primary lab assistance is available from a team of lab assistants. Lab assistants are professionals and are trained to help you. Click here to access the instructions for Navigating the Workspace and the Lab Setup. Select the following link to enter Workspace. Complete the forensic tools exercise provided in this lab. Explore the tutorials and user guides to learn more about various types of digital forensic tools. Click here to access the Project 6 Workspace Exercise Instructions. You will learn about the different types of tools, techniques, and analyses. Step 4: Digital Forensics Research Paper Now that you have learned basics of digital forensics analyses and methodology, and have experienced one of the common forensic tools,
  • 14. use the material presented in this project as well as research you've conducted outside of the course materials to write a research paper that addresses the following: 1. digital forensic methodology 2. the importance of using forensic tools to collect and analyze evidence (e.g., FTK Imager and EnCase) 3. hashing in the context of digital forensics 4. How do you ensure that the evidence collected has not been tampered with (i.e., after collection)? Why and how is this important to prove in a court of law? The deliverables for this project are as follows: 1. Digital Forensic Research Paper: This should be a five-page double- spaced Word document with citations in APA format. The page count does not include diagrams or tables. 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you completed the lab. Submit your deliverables to the assignment folder. Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work. • 5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. • 8.6: Provides professional preparation for computer digital forensics, investigation of crime, and preservation of digital evidence in criminal and civil investigations and information security incident response. • 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. ---------------------------------------------------------------------------------------------------------