SlideShare a Scribd company logo

Csc520 you are a senior level employee and you must tailor your deliverables to suit your audience

Download as DOCX, PDF
L
leonardjonh145

Csc520 is a truly special teacher is very wise and sees tomorrow in every student’s eyes

Education
1 of 8
CSC520You are a senior-level employee and you must tailor your deliverables to suit your audience: the leadership of the organization To Purchase This Material Click below Link http://www.tutorialoutlet.com/all-miscellaneous/csc- 520-you-are-a-senior-level-employee-and-you-must-tailor- your-deliverables-to-suit-your-audience-the-leadership-of- the-organization-you-may-choose-to-use-a-fictitious- organization-or-model-your-organization-on-an-existing- organization/ FOR MORE CLASSES VISIT www.tutorialoutlet.com You are a senior-level employee and you must tailor your deliverables to suit your audience: the leadership of the organization. You may choose to use a fictitious organization, or model your organization on an existing organization, including proper citations. Leadership is not familiar with the architecture of the IT systems, nor are they familiar with the types of threats that are likely or the security mechanisms in place to ward off those threats. You will provide this information in tabular format. Before you begin, select the links below to review some material on information security. These resources will help you complete the network security and vulnerability threat table. • LAN security • Availability
Now you’re ready to create your table. Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely: • LAN security • identity management • physical security • personal security • availability • privacy Next, review the different types of cyberattacks described in the following resource: cyberattacks. As you’re reading take note of which attacks are most likely to affect your organization. Then list the security defenses you employ in your organization to mitigate these types of attacks. Include this information in your Network Security and Vulnerability Threat Table. •LAN security References National Institute of Standards and Technology, US Department of Commerce. (1994). Specifications for guideline for the analysis local area network security (Federal Information Processing Standards Publication 191). Retrieved from http://www.nist.gov/itl/upload/fips191.pdf Souppaya, M., & Scarfone, K., National Institute of Standards and Technology, US Department of Commerce. (2012). Computer security: Guidelines for securing wireless local area networks (WLANs): Recommendations of the National Institute of Standards and Technology (NIST Special Publication 800¬153). Retrieved from
http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800 ¬153.pdf •Availability Reference National Institute of Standards and Technology. (2004). Standards for security categorization of federal information and information systems. Retrieved from http://csrc.nist.gov/publications/fips/fips199/FIPSPUB-199-final.pdf Now you’re ready to create your table. Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely: •LAN security •identity management •physical security •personal security •availability •privacy Next, review the different types of cyberattacks described in the following resource: cyberattacks. As you’re reading take note of which attacks are most likely to affect your organization. Then list the security defenses you employ in your organization to mitigate these types of attacks. Include this information in your Network Security and Vulnerability Threat Table. LINK below Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Computer security: Guide to
cyber threat information sharing.(NIST Special Publication 800-150, 2nd draft). Retrieved from http://csrc.nist.gov/publications/drafts/800- 150/sp800_150_second_draft.pdf Plan of Protections Describe and give your leadership a common picture of each. OpenStego QuickStego OurSecret VeraCrypt AxCrypt GPG Then, in your report, describe the cryptographic mechanisms available to your organization, and describe the benefits and risks of each. Also describe your file encryption tools, and provide the methods and results of encrypting files in your organization. Include this information in your deliverable to leadership. Data Hiding Technologies Provide your organization with a brief overview of each. Encryption Technologies 1.Shift / Caesar cipher 2.Polyalphabetic cipher 3.One time pad cipher/Vernam cipher/perfect cipher 4.Block ciphers
5.triple DES 6.RSA 7.Advanced Encryption Standard (AES) 8.Symmetric encryption 9.Text block coding Data Hiding Technologies 1.Information hiding and steganography 2.Digital watermarking 3.Masks and filtering These descriptions will be included in the network security vulnerability and threat table for leadership. Creating the Network Security Vulnerability and Threat Table Using the information you've gathered from the previous steps, prepare the network security vulnerability and threat table, in which you outline the following: •security architecture of the organization •the cryptographic means of protecting the assets of the organization •the types of known attacks against those types of protections means to ward offattacks Create your Network Security Vulnerability and Threat Table, and include it in your submission to the organization. Please refer to this threat table template for guidance on creating this document. http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf Access Control Based on Smart Card Strategies Smart cards use encryption chips to identify the user, their identity, role, and sometimes use their
personal identifiable information (PII). Two examples of smart cards are the federal government’s use of common access cards (CACs), and the financial sector’s use of encryption chips in credit cards. You have completed your threat table, and you've decided that you want to modernize the access control methods for your organization. To that end, you read the following resources to gather some background information on access control and the various encryption schemas associated with the Common Access Card (CAC): •Access control •Common access Card (CAC) Defense Human Resource Activity (DHRA). (n.d.). Common access card (CAC). Retrieved August 8, 2016, from http://www.cac.mil/common-access-card/ Defense Human Resource Activity (DHRA). (n.d.). Common access card (CAC) security. Retrieved August 8, 2016, from http://www.cac.mil/common-access-card/cac-security/ You plan to deploy CAC to the company and you are tasked with devising that CAC deployment strategy, which includes the cryptographic solutions used with the CAC. In the Common Access Card Deployment Strategy final deliverable, describe how identity management would be a part of your overall security program and your CAC deployment plan: Create your Common Access Card Deployment Strategy and include it in your submission to the organization. The Email Security Strategy
After completing the CAC, your next step is to build the Secure Email Strategy for the organization. You will present this tool to your leadership. Provide an overview of the types of public-private key pairing, and show how this provides authentication and nonrepudiation. You will also add hashing, and describe how this added security benefit ensures the integrity of messaging. Begin preparing your strategy by reviewing the following resources that will aid you in becoming well informed on encryption technologies for e-mail: •Public Key Infrastructure (PKI) Kuhn, D. R., Hu, V. C., Polk, W. T., & Chang, S., National Institute of Standards and Technology, U.S. Department of Commerce. (2001). Introduction to public key technology and the federal PKI infrastructure (SP 800-32). Retrieved from http://csrc.nist.gov/publications/nistpubs/800-32/sp80032.pdf •iOS encryption Apple Inc. (2016). iOS security. Retrieved from https://www.apple.com/business/docs/iOS_Security_Guide.pdf •Blackberry encryption BlackBerry. (2015). BBM security note. Retrieved from http://help.blackberry.com/en/bbmsecurity/latest/bbm-security- pdf/BBM-Security_Note-1336480397548-en.pdf BlackBerry. (n.d.). BBM Protected: Enterprise grade encryption for BBM messages between iPhone,
Android and BlackBerry smartphones.. Retrieved from http://us.blackberry.com/enterprise/products/bbm-protected.html Then start developing your strategy. Define these strong encryption technologies as general principles in secure email: Pretty Good Policy (PGP algorithm) •GNU Privacy Guard (GPG) •Public Key Infrastructure (PKI) •Digital signature •Mobile device encryption (e.g., iOS encryption and Blackberry encryption) In your report, also consider how the use of smart card readers tied to computer systems might be beneficial in the future enhancements to system and data access protection. This may help you define long-term solutions for your leadership. Leadership does not know the costs and technical complexity of these email encryption strategies. To further their understanding, compare the complexities of each in relation to the security benefits, and then make a recommendation and a deployment plan. The deliverables for this project are as follows: 1. Create a single report in Word document format. This report should be about 10 pages long, doublespaced, with citations in APA format*****IN TEXT CITATION IS A MUST. Page count does not include diagrams or tables. The report must cover the following:

Recommended

Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)
Rogerio Ferraz
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
ShivamSharma909
 
Still thinking your Ex(cel)? Here are some TIPs - SANS CTI Summit 2021
Still thinking your Ex(cel)? Here are some TIPs - SANS CTI Summit 2021Still thinking your Ex(cel)? Here are some TIPs - SANS CTI Summit 2021
Still thinking your Ex(cel)? Here are some TIPs - SANS CTI Summit 2021
Andreas Sfakianakis
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)
Dan Morrill
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)
Yuval Sinay, CISSP, C|CISO
 
Cyber Defense Matrix: Reloaded
Cyber Defense Matrix: ReloadedCyber Defense Matrix: Reloaded
Cyber Defense Matrix: Reloaded
Sounil Yu
 
Threat Intelligence with Open Source Tools - Cornerstones of Trust 2014
Threat Intelligence with Open Source Tools - Cornerstones of Trust 2014Threat Intelligence with Open Source Tools - Cornerstones of Trust 2014
Threat Intelligence with Open Source Tools - Cornerstones of Trust 2014
Santiago Bassett
 

Recommended

Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)Comptia security-sy0-601-exam-objectives-(2-0)
Comptia security-sy0-601-exam-objectives-(2-0)
Rogerio Ferraz
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
ShivamSharma909
 
Still thinking your Ex(cel)? Here are some TIPs - SANS CTI Summit 2021
Still thinking your Ex(cel)? Here are some TIPs - SANS CTI Summit 2021Still thinking your Ex(cel)? Here are some TIPs - SANS CTI Summit 2021
Still thinking your Ex(cel)? Here are some TIPs - SANS CTI Summit 2021
Andreas Sfakianakis
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)
Dan Morrill
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)
Yuval Sinay, CISSP, C|CISO
 
Cyber Defense Matrix: Reloaded
Cyber Defense Matrix: ReloadedCyber Defense Matrix: Reloaded
Cyber Defense Matrix: Reloaded
Sounil Yu
 
Threat Intelligence with Open Source Tools - Cornerstones of Trust 2014
Threat Intelligence with Open Source Tools - Cornerstones of Trust 2014Threat Intelligence with Open Source Tools - Cornerstones of Trust 2014
Threat Intelligence with Open Source Tools - Cornerstones of Trust 2014
Santiago Bassett
 
Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015
Marketing Türkiye
 
Threat hunting in cyber world
Threat hunting in cyber worldThreat hunting in cyber world
Threat hunting in cyber world
Akash Sarode
 
Cisco Annual Security Report
Cisco Annual Security ReportCisco Annual Security Report
Cisco Annual Security Report
The Internet of Things
 
Cisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportCisco 2016 Annual Security Report
Cisco 2016 Annual Security Report
James Gachie
 
Cisco Annual Security Report 2016
Cisco Annual Security Report 2016Cisco Annual Security Report 2016
Cisco Annual Security Report 2016
The Internet of Things
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
ShivamSharma909
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
InfinIT - Innovationsnetværket for it
 
How I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKWHow I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKW
Sounil Yu
 
Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
Advanced Persistent Threat: come muoversi tra il marketing e la realtà?Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
festival ICT 2016
 
Two-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanTwo-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _Zaman
Asad Zaman
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat hunting
Vikas Jain
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
 
IRJET- Ethical Hacking
IRJET- Ethical HackingIRJET- Ethical Hacking
IRJET- Ethical Hacking
IRJET Journal
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint Protection
Mustafa YÜKSEL
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
bdemchak
 
Keynote Session : Kill The Password
Keynote Session : Kill The PasswordKeynote Session : Kill The Password
Keynote Session : Kill The Password
Priyanka Aash
 
How to assign a CVE to yourself?
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?
Ramin Farajpour Cami
 
Pentest: footprinting & scan
Pentest: footprinting & scanPentest: footprinting & scan
Pentest: footprinting & scan
JUNIOR SORO
 
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
Shawn Riley
 
Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.com
amaranthbeg113
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.com
amaranthbeg73
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
amaranthbeg53
 

More Related Content

What's hot

Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
Advanced Persistent Threat: come muoversi tra il marketing e la realtà?Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
festival ICT 2016
 
Two-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanTwo-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _Zaman
Asad Zaman
 
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
Shawn Riley
 

What's hot (19)

Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015
 
Threat hunting in cyber world
Threat hunting in cyber worldThreat hunting in cyber world
Threat hunting in cyber world
 
Cisco Annual Security Report
Cisco Annual Security ReportCisco Annual Security Report
Cisco Annual Security Report
 
Cisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportCisco 2016 Annual Security Report
Cisco 2016 Annual Security Report
 
Cisco Annual Security Report 2016
Cisco Annual Security Report 2016Cisco Annual Security Report 2016
Cisco Annual Security Report 2016
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
How I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKWHow I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKW
 
Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
Advanced Persistent Threat: come muoversi tra il marketing e la realtà?Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
Advanced Persistent Threat: come muoversi tra il marketing e la realtà?
 
Two-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanTwo-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _Zaman
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat hunting
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
IRJET- Ethical Hacking
IRJET- Ethical HackingIRJET- Ethical Hacking
IRJET- Ethical Hacking
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint Protection
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
Keynote Session : Kill The Password
Keynote Session : Kill The PasswordKeynote Session : Kill The Password
Keynote Session : Kill The Password
 
How to assign a CVE to yourself?
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?
 
Pentest: footprinting & scan
Pentest: footprinting & scanPentest: footprinting & scan
Pentest: footprinting & scan
 
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
 

Similar to Csc520 you are a senior level employee and you must tailor your deliverables to suit your audience

1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
1Project 2 DeliverablesSecurity Assessment Report (SAR)I. 1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
lauvicuna8dw
 
1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
1Project 2 DeliverablesSecurity Assessment Report (SAR)I. 1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
drennanmicah
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident response
persons20ar
 
Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]
LinkedIn
 
2.Public Vulnerability Databases
2.Public Vulnerability Databases2.Public Vulnerability Databases
2.Public Vulnerability Databases
phanleson
 
Project 1CST630 Project ChecklistStudent Name DateNote This che
Project 1CST630 Project ChecklistStudent Name DateNote This cheProject 1CST630 Project ChecklistStudent Name DateNote This che
Project 1CST630 Project ChecklistStudent Name DateNote This che
davieec5f
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident response
persons20ar
 
u10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacobu10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacob
Beji Jacob
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident response
persons20ar
 

Similar to Csc520 you are a senior level employee and you must tailor your deliverables to suit your audience (20)

Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.com
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.com
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
 
1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
1Project 2 DeliverablesSecurity Assessment Report (SAR)I. 1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
 
1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
1Project 2 DeliverablesSecurity Assessment Report (SAR)I. 1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
1Project 2 DeliverablesSecurity Assessment Report (SAR)I.
 
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptxCompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident response
 
Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]
 
2.Public Vulnerability Databases
2.Public Vulnerability Databases2.Public Vulnerability Databases
2.Public Vulnerability Databases
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
 
Project 1CST630 Project ChecklistStudent Name DateNote This che
Project 1CST630 Project ChecklistStudent Name DateNote This cheProject 1CST630 Project ChecklistStudent Name DateNote This che
Project 1CST630 Project ChecklistStudent Name DateNote This che
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in Cybersecurity
 
cybersecurity-careers.pdf
cybersecurity-careers.pdfcybersecurity-careers.pdf
cybersecurity-careers.pdf
 
Ssdf nist
Ssdf nistSsdf nist
Ssdf nist
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident response
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
 
u10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacobu10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacob
 
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxCompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident response
 
Cisco asr-2016-160121231711
Cisco asr-2016-160121231711Cisco asr-2016-160121231711
Cisco asr-2016-160121231711
 

Recently uploaded

The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
SanaAli374401
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 

Recently uploaded (20)

Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 

Csc520 you are a senior level employee and you must tailor your deliverables to suit your audience

  • 1. CSC520You are a senior-level employee and you must tailor your deliverables to suit your audience: the leadership of the organization To Purchase This Material Click below Link http://www.tutorialoutlet.com/all-miscellaneous/csc- 520-you-are-a-senior-level-employee-and-you-must-tailor- your-deliverables-to-suit-your-audience-the-leadership-of- the-organization-you-may-choose-to-use-a-fictitious- organization-or-model-your-organization-on-an-existing- organization/ FOR MORE CLASSES VISIT www.tutorialoutlet.com You are a senior-level employee and you must tailor your deliverables to suit your audience: the leadership of the organization. You may choose to use a fictitious organization, or model your organization on an existing organization, including proper citations. Leadership is not familiar with the architecture of the IT systems, nor are they familiar with the types of threats that are likely or the security mechanisms in place to ward off those threats. You will provide this information in tabular format. Before you begin, select the links below to review some material on information security. These resources will help you complete the network security and vulnerability threat table. • LAN security • Availability
  • 2. Now you’re ready to create your table. Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely: • LAN security • identity management • physical security • personal security • availability • privacy Next, review the different types of cyberattacks described in the following resource: cyberattacks. As you’re reading take note of which attacks are most likely to affect your organization. Then list the security defenses you employ in your organization to mitigate these types of attacks. Include this information in your Network Security and Vulnerability Threat Table. •LAN security References National Institute of Standards and Technology, US Department of Commerce. (1994). Specifications for guideline for the analysis local area network security (Federal Information Processing Standards Publication 191). Retrieved from http://www.nist.gov/itl/upload/fips191.pdf Souppaya, M., & Scarfone, K., National Institute of Standards and Technology, US Department of Commerce. (2012). Computer security: Guidelines for securing wireless local area networks (WLANs): Recommendations of the National Institute of Standards and Technology (NIST Special Publication 800¬153). Retrieved from
  • 3. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800 ¬153.pdf •Availability Reference National Institute of Standards and Technology. (2004). Standards for security categorization of federal information and information systems. Retrieved from http://csrc.nist.gov/publications/fips/fips199/FIPSPUB-199-final.pdf Now you’re ready to create your table. Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely: •LAN security •identity management •physical security •personal security •availability •privacy Next, review the different types of cyberattacks described in the following resource: cyberattacks. As you’re reading take note of which attacks are most likely to affect your organization. Then list the security defenses you employ in your organization to mitigate these types of attacks. Include this information in your Network Security and Vulnerability Threat Table. LINK below Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Computer security: Guide to
  • 4. cyber threat information sharing.(NIST Special Publication 800-150, 2nd draft). Retrieved from http://csrc.nist.gov/publications/drafts/800- 150/sp800_150_second_draft.pdf Plan of Protections Describe and give your leadership a common picture of each. OpenStego QuickStego OurSecret VeraCrypt AxCrypt GPG Then, in your report, describe the cryptographic mechanisms available to your organization, and describe the benefits and risks of each. Also describe your file encryption tools, and provide the methods and results of encrypting files in your organization. Include this information in your deliverable to leadership. Data Hiding Technologies Provide your organization with a brief overview of each. Encryption Technologies 1.Shift / Caesar cipher 2.Polyalphabetic cipher 3.One time pad cipher/Vernam cipher/perfect cipher 4.Block ciphers
  • 5. 5.triple DES 6.RSA 7.Advanced Encryption Standard (AES) 8.Symmetric encryption 9.Text block coding Data Hiding Technologies 1.Information hiding and steganography 2.Digital watermarking 3.Masks and filtering These descriptions will be included in the network security vulnerability and threat table for leadership. Creating the Network Security Vulnerability and Threat Table Using the information you've gathered from the previous steps, prepare the network security vulnerability and threat table, in which you outline the following: •security architecture of the organization •the cryptographic means of protecting the assets of the organization •the types of known attacks against those types of protections means to ward offattacks Create your Network Security Vulnerability and Threat Table, and include it in your submission to the organization. Please refer to this threat table template for guidance on creating this document. http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf Access Control Based on Smart Card Strategies Smart cards use encryption chips to identify the user, their identity, role, and sometimes use their
  • 6. personal identifiable information (PII). Two examples of smart cards are the federal government’s use of common access cards (CACs), and the financial sector’s use of encryption chips in credit cards. You have completed your threat table, and you've decided that you want to modernize the access control methods for your organization. To that end, you read the following resources to gather some background information on access control and the various encryption schemas associated with the Common Access Card (CAC): •Access control •Common access Card (CAC) Defense Human Resource Activity (DHRA). (n.d.). Common access card (CAC). Retrieved August 8, 2016, from http://www.cac.mil/common-access-card/ Defense Human Resource Activity (DHRA). (n.d.). Common access card (CAC) security. Retrieved August 8, 2016, from http://www.cac.mil/common-access-card/cac-security/ You plan to deploy CAC to the company and you are tasked with devising that CAC deployment strategy, which includes the cryptographic solutions used with the CAC. In the Common Access Card Deployment Strategy final deliverable, describe how identity management would be a part of your overall security program and your CAC deployment plan: Create your Common Access Card Deployment Strategy and include it in your submission to the organization. The Email Security Strategy
  • 7. After completing the CAC, your next step is to build the Secure Email Strategy for the organization. You will present this tool to your leadership. Provide an overview of the types of public-private key pairing, and show how this provides authentication and nonrepudiation. You will also add hashing, and describe how this added security benefit ensures the integrity of messaging. Begin preparing your strategy by reviewing the following resources that will aid you in becoming well informed on encryption technologies for e-mail: •Public Key Infrastructure (PKI) Kuhn, D. R., Hu, V. C., Polk, W. T., & Chang, S., National Institute of Standards and Technology, U.S. Department of Commerce. (2001). Introduction to public key technology and the federal PKI infrastructure (SP 800-32). Retrieved from http://csrc.nist.gov/publications/nistpubs/800-32/sp80032.pdf •iOS encryption Apple Inc. (2016). iOS security. Retrieved from https://www.apple.com/business/docs/iOS_Security_Guide.pdf •Blackberry encryption BlackBerry. (2015). BBM security note. Retrieved from http://help.blackberry.com/en/bbmsecurity/latest/bbm-security- pdf/BBM-Security_Note-1336480397548-en.pdf BlackBerry. (n.d.). BBM Protected: Enterprise grade encryption for BBM messages between iPhone,
  • 8. Android and BlackBerry smartphones.. Retrieved from http://us.blackberry.com/enterprise/products/bbm-protected.html Then start developing your strategy. Define these strong encryption technologies as general principles in secure email: Pretty Good Policy (PGP algorithm) •GNU Privacy Guard (GPG) •Public Key Infrastructure (PKI) •Digital signature •Mobile device encryption (e.g., iOS encryption and Blackberry encryption) In your report, also consider how the use of smart card readers tied to computer systems might be beneficial in the future enhancements to system and data access protection. This may help you define long-term solutions for your leadership. Leadership does not know the costs and technical complexity of these email encryption strategies. To further their understanding, compare the complexities of each in relation to the security benefits, and then make a recommendation and a deployment plan. The deliverables for this project are as follows: 1. Create a single report in Word document format. This report should be about 10 pages long, doublespaced, with citations in APA format*****IN TEXT CITATION IS A MUST. Page count does not include diagrams or tables. The report must cover the following: