Uploaded byamaranthbeg93
DOC, PDF27 views

Cst 610 Your world/newtonhelp.com

This document outlines 6 projects for a cybersecurity course (CST 610). Project 1 involves assessing an organization's information systems infrastructure and identity management. Project 2 involves evaluating operating system vulnerabilities in Windows and Linux. Project 3 involves assessing vulnerabilities and risks after a security breach at the Office of Personnel Management. Project 4 involves threat analysis and exploitation. Project 5 involves cryptography. Project 6 involves digital forensics analysis. Each project provides details on required deliverables and evaluation criteria.

Embed presentation

Download to read offline
CST 610 All Project (Project 1-6) For more course tutorials visit www.newtonhelp.com CST 610 Project 1 Information Systems and Identity Management CST 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) CST 610 Project 3 Assessing Information System Vulnerabilities and Risk CST 610 Project 4 Threat Analysis and Exploitation CST 610 Project 5 Cryptography CST 610 Project 6 Digital Forensics Analysis ---------------------------------------------------------------------------------------------------------
CST 610 Project 1 Information Systems and Identity Management For more course tutorials visit www.newtonhelp.com Project 1 Information Systems and Identity Management Video transcript CYB 610 Project 1 You are a systems administrator in the IT department of a major metropolitan hospital. Your duties are to ensure the confidentiality, availability, and integrity of patient records, as well as the other files and databases used throughout the hospital. Your work affects several departments, including Human Resources, Finance, Billing, Accounting, and Scheduling. You also apply security controls on passwords for user accounts. Just before clocking out for the day, you notice something strange in the hospital's computer system. Some person, or group, has accessed user accounts and conducted unauthorized activities. Recently, the hospital experienced intrusion into one of its patient's billing accounts. After validating user profiles in Active Directory and matching them with user credentials, you suspect several user's passwords have been compromised to gain access to the hospital's computer network. You schedule an emergency meeting with
the director of IT and the hospital board. In light of this security breach, they ask you to examine the security posture of the hospital's information systems infrastructure and implement defense techniques. This must be done quickly, your director says. The hospital board is less knowledgeable about information system security. The board makes it clear that it has a limited cybersecurity budget. However, if you can make a strong case to the board, it is likely that they will increase your budget and implement your recommended tool company¬wide. You will share your findings on the hospital's security posture. Your findings will be brought to the director of IT in a technical report. You will also provide a non¬technical assessment of the overall identity management system of the hospital and define practices to restrict and permit access to information. You will share this assessment with the hospital board in the form of a narrated slide show presentation. You know that identity management will increase the security of the overall information system's infrastructure for the hospital. You also know that, with a good identity management system, the security and productivity benefits will outweigh costs incurred. This is the argument you must make to those stakeholders. Daily life requires us to have access to a lot of information, and information systems help us access that information. Desktop computers, laptops, and mobile devices keep us connected to the information we need through processes that work via hardware and software components. Information systems infrastructure makes this possible. However, our easy access to communication and information also creates security and privacy risks. Laws, regulations, policies, and guidelines exist to protect information and information owners. Cybersecurity ensures the confidentiality, integrity, and availability of the information. Identity management is a fundamental practice. Part of identity management is the governance of access, authorization, and authentication of users to information systems, Identity management is one part of a layered security defense strategy within the information systems infrastructure. Your work in this project will enable you to
produce a technical report and nontechnical presentation that addresses these requirements. There are five steps that will help you create your final deliverables. The deliverables for this project are as follows: 1. Nontechnical presentation: This is an 8-10 slide PowerPoint presentation for business executives and board members. 2. Technical report: Your report should be a 6-7 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations. 3. Executive summary: This should be a 2-3 page double-spaced Word document. 4. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. • 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. • 6.2: Creating a roadmap for organizations to use in development of an Identity Access Management program (to address gaps in their current offerings). • Step 1: Defining the Information System Infrastructure Select a hospital or healthcare organization to research. You may choose an organization you are familiar with or can readily obtain information
about. To maintain confidentiality, you do not need to mention the name of the organization. You may also choose a hypothetical/fictitious healthcare organization. Others have researched several healthcare organizations, which have suffered major security breaches, extensively. 1. Describe the organization and structure including the different business units and their functions. You may use an organizational chart to provide this information. 2. Choose one or more mission-critical systems of the healthcare organization. Define the information protection needs for the organization's mission-critical protected health information (PHI). This information is stored in database medical records for doctors, nurses, and insurance claims billing systems, which are used to fulfill the organizational information needs. 3. Define the workflows and processes for the high-level information systems that you have just identified that will store PHI. Workflows and processes for healthcare organizations define how the organization gets its work done. They describe the movement of patient information to the business units that have needs to process and manage that information, from billing to physician care. All these organizations have hardware and software implementations of their information systems, and it is critical to understand these components, and how they are connected (known as their topology), so the appropriate protections can be applied. Your research may produce instances and examples of how an information system is connected, to include cybersecurity components like firewalls, in the information system and network diagram. Be sure you understand the benefits and weaknesses for the different network topologies. ---------------------------------------------------------------------------------------------------------
CST 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) For more course tutorials visit www.newtonhelp.com CYB 610 Project 2 Congratulations, you are the newly appointed lead cybersecurity engineer with your company in the oil and natural gas sector. This is a senior¬level position. You were hired two months ago based on your successful cybersecurity experience with a previous employer. Your technical knowledge of cybersecurity is solid. However, you have a lot to learn about this company's culture, processes, and IT funding decisions, which are made by higher management. You have recently come across numerous anomalies and incidents leading to security breaches. The incidents took place separately, and it has not been determined if they were caused by a single source or multiple related sources. First, a month ago, a set of three corporate database servers crashed suddenly. Then, a week ago, anomalies were found in the configuration of certain server and router systems of your company. You immediately recognized that something with your IT resources was not right. You suspect that someone, or some group, has been regularly accessing your user account and conducting unauthorized configuration changes. You meet with your leadership to discuss the vulnerabilities. They would like you to provide a security assessment report, or SAR, on the state of the operating systems within the organization. You're also
tasked with creating a non-technical narrated presentation summarizing your thoughts. The organization uses multiple operating systems that are Microsoft-based and Linux¬based. You will have to understand these technologies for vulnerability scanning using the tools that work best for the systems in the corporate network. You know that identity management will increase the security of the overall information systems infrastructure for the company. You also know that with a good identity management system, the security and productivity benefits will outweigh costs incurred. This is the argument you must make to the stakeholders The operating system (OS) of an information system contains the software that executes the critical functions of the information system. The OS manages the computer's memory, processes, and all of its software and hardware. It allows different programs to run simultaneously and access the computer's memory, central processing unit, and storage. The OS coordinates all these activities and ensures that sufficient resources are applied. These are the fundamental processes of the information system and if they are violated by a security breach or exploited vulnerability it has the potential to have the biggest impact on your organization. Security for operating systems consists of protecting the OS components from attacks that could cause deletion, modification, or destruction of the operating system. Threats to an OS could consist of a breach of confidential information, unauthorized modification of data, or unauthorized destruction of data. It is the job of the cybersecurity engineer to understand the operations and vulnerabilities of the OS (whether it is a Microsoft, Linux, or another type of OS), and to provide mitigation, remediation, and defense against threats that would expose those vulnerabilities or attack the OS. There are six steps that will help you create your final deliverables. The deliverables for this project are as follows:
1. Security Assessment Report (SAR): This report should be a 7-8 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. 2. Nontechnical presentation: This is a set of 8-10 PowerPoint slides for upper management that summarizes your thoughts regarding the findings in your SAR. 3. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. • 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. • 5.4: Identify potential threats to operating systems and the security features necessary to guard against them. Step 1: Defining the OS The audience for your security assessment report (SAR) is the leadership of your organization, which is made up of technical and nontechnical staff. Some of your audience will be unfamiliar with operating systems (OS). As such, you will begin your report with a brief explanation of operating systems fundamentals and the types of information systems. Click on and read the following resources that provide essential information you need to know before creating a thorough and accurate OS explanation: • operating systems fundamentals
• the applications of the OS • The Embedded OS --------------------------------------------------------------------------------------------------------- CST 610 Project 3 Assessing Information System Vulnerabilities and Risk For more course tutorials visit www.newtonhelp.com Project 3 Assessing Information System Vulnerabilities and Risk CYB 610 Project 3 You are an Information Assurance Management Officer, IAMO, at an organization of your choosing. One morning, as you're getting ready for work, you see an email from Karen, your manager. She asks you to come to her office as soon as you get in. When you arrive to your work, you head straight to Karen's office. “Sorry for the impromptu meeting,” she says, “but we have a bit of an emergency. There's been a security breach at the Office of Personnel Management.” We don't know how this happened, but we need to make sure it doesn't happen again, says Karen. You'll be receiving an email with more information on the security breach. Use this info to assess the information system vulnerabilities of the Office of Personnel Management. At your desk, you open Karen's email. She's given you an
OPM report from the Office of the Inspector General, or OIG. You have studied the OPM OIG report and found that the hackers were able to gain access through compromised credentials. The security breach could have been prevented, if the Office of Personnel Management, or OPM, had abided by previous auditing reports and security findings. In addition, access to the databases could have been prevented by implementing various encryption schemas and could have been identified after running regularly scheduled scans of the systems. Karen and the rest of the leadership team want you to compile your findings into a Security Assessment Report or SAR. You will also create a Risk Assessment Report, or RAR, in which you identify threats, vulnerabilities, risks, and likelihood of exploitation and suggested remediation The security posture of the information systems infrastructure of an organization should be regularly monitored and assessed (including software, hardware, firmware components, governance policies, and implementation of security controls). The monitoring and assessment of the infrastructure and its components, policies, and processes should also account for changes and new procurements that are sure to follow in order to stay in step with ever-changing information system technologies. The data breach at the Office of Personnel Management (OPM) is one of the largest in US government history. It provides a series of lessons learned for other organizations in industry and the public sector. Some critical security practices, such as lack of diligence to security controls and management of changes to the information systems infrastructure were cited as contributors to the massive data breach in the OPM Office of the Inspector General's (OIG) Final Audit Report, which can be found in open source searches. Some of the findings in the report include: weak authentication mechanisms; lack of a plan for life-cycle management of the information systems; lack of a configuration management and change management plan; lack of inventory of systems, servers, databases, and network devices; lack of mature
vulnerability scanning tools; lack of valid authorizations for many systems, and lack of plans of action to remedy the findings of previous audits. The breach ultimately resulted in removal of OPM's top leadership. The impact of the breach on the livelihoods of millions of people is ongoing and may never be fully known. There is a critical need for security programs that can assess vulnerabilities and provide mitigations. There are nine steps that will help you create your final deliverables. The deliverables for this project are as follows: 1. Security Assessment Report (SAR): This should be an 8-10 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. 2. Risk Assessment Report (RAR): This report should be a 5-6 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. 3. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. • 1.2: Develop coherent paragraphs or points so that each is internally unified and so that each functions as part of the whole document or presentation. • 1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.
• 1.4: Tailor communications to the audience. • 1.5: Use sentence structure appropriate to the task, message and audience. • 1.6: Follow conventions of Standard Written English. • 5.2: Knowledge of architectural methodologies used in the design and development of information systems and knowledge of standards that either are compliant with or derived from established standards or guidelines. • 5.6: Explore and address cybersecurity concerns, promote awareness, best practice, and emerging technology. • 7.3: Knowledge of methods and tools used for risk management and mitigation of risk. • 8.1: Demonstrate the abilities to detect, identify, and resolve host and network intrusion incidents. • 8.2: Possess knowledge and skills to categorize, characterize, and prioritize an incident as well as to handle relevant digital evidence appropriately. Step 1: Enterprise Network Diagram During Project One, you researched a hypothetical or actual organization of your choice. You had to understand the goals of the organization and the types of systems that would fulfill those goals. You will now research and learn about types of networks and their secure constructs that may be used in organizations to accomplish the functions of the organization’s mission. You will propose a local area network (LAN) and a wide area network (WAN) for the organization, define the systems
environment, and incorporate this information in a network diagram. Discuss the security benefits of your chosen network design. Read about the following computing platforms available for networks and discuss how these platforms could be implemented in your organization. Include the rationale for all platforms you choose to include in your network design. • common computing platforms • cloud computing • distributed computing • centralized computing • secure programming fundamentals • Step 2: Enterprise Threats • Review the OIG report on the OPM breach that you were asked to research and read about at the beginning of the project. The OIG report --------------------------------------------------------------------------------------------------------- CST 610 Project 4 Threat Analysis and Exploitation For more course tutorials visit www.newtonhelp.com
Project 4 Threat Analysis and Exploitation CYB610 Project 4 You are part of a collaborative team that was created to address cyber threats and exploitation of US financial systems critical infrastructure. Your team has been assembled by the White House Cyber National security staff to provide situational awareness about a current network breach and cyber attack against several financial service institutions. Your team consists of four roles, a representative from the financial services sector who has discovered the network breach and the cyber attacks. These attacks include distributed denial of service attacks, DDOS, web defacements, sensitive data exfiltration, and other attack vectors typical of this nation state actor. A representative from law enforcement who has provided additional evidence of network attacks found using network defense tools. A representative from the intelligence agency who has identified the nation state actor from numerous public and government provided threat intelligence reports. This representative will provide threat intelligence on the tools, techniques, and procedures of this nation state actor. A representative from the Department of Homeland Security who will provide the risk, response, and recovery actions taken as a result of this cyber threat. Your team will have to provide education and security awareness to the financial services sector about the threats, vulnerabilities, risks, and risk mitigation and remediation procedures to be implemented to maintain a robust security posture. Finally, your team will take the lessons learned from this cyber incident and share that knowledge with the rest of the cyber threat analysis community. At the end of the response to this cyber incident, your team will provide two deliverables, a situational analysis report, or SAR, to the White House Cyber National security staff and an After Action Report and lesson learned to the cyber threat analyst community.
US critical infrastructure-power—water, oil and natural gas, military systems, financial systems—have become the target of cyber and physical attacks as more critical infrastructure systems are integrated with the Internet and other digital controls systems. The lesson learned in defending and mitigating cyberattacks is that no entity can prevent or resolve cyberattacks on its own. Collaboration and information sharing is key for success and survival. This is a group exercise, representing collaboration across all sectors, to support and defend US critical infrastructure. In the working world, a team like this would include some agencies, some industrial partners, and some private sector corporations. Each organization has different strengths and skills, different access to information, and different authorities to report to. When the sectors work together and leverage resources and skills, the result is that everyone benefits from the defense and protection of US IT infrastructure. In your teams, you can model the same collaboration, leveraging each other's expertise, sharing each other's knowledge, teaching each other, and providing contributions specific to your role in the scenario. • Financial Services Representative: special task in Step 3 • Law Enforcement Representative: special task in Step 4 • Intelligence Agency Representative: special task in Step 5 • Homeland Security Representative: special task in Step 6 There are seven steps that will help you create your final deliverables. The deliverables for this project are as follows: 1. Security Assessment Report (SAR): This report should be a 14-15 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
2. After Action Report (AAR): This report should be a 10-15 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. 3. This is a 5-8 slide PowerPoint presentation for executives along with a narrated or In-Class Presentation summarizing your SAR and AAR report. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. --------------------------------------------------------------------------------------------------------- CST 610 Project 5 Cryptography For more course tutorials visit www.newtonhelp.com Project 5 Cryptography
CYB610 Project 5 You are an enterprise security architect for a company in a semiconductor manufacturing industry where maintaining competitive advantage and protecting intellectual property is vital. You're in charge of security operations and strategic security planning. Your responsibilities include devising the security protocols for identification, access, and authorization management. You recently implemented cryptography algorithms to protect the information organization. Leadership is pleased with your efforts and would like you to take protection methods even further. They've asked you to study cyber-attacks against different cryptography mechanisms and deploy access control programs to prevent those types of attacks. We'd like you to create plans for future security technology deployments, says one senior manager. And provide documentation so that others can carry out the deployments. A director chimes in, but you should also devise a method for ensuring the identification, integrity, and non-repudiation of information in transit at rest and in use within the organization. As the enterprise security architect, you are responsible for providing the following deliverables. Create a network security vulnerability and threat table in which you outline the security architecture of the organization, the cryptographic means of protecting the assets of the organizations, the types of known attacks against those protections, and means to ward off the attacks. This document will help you manage the current configuration of the security architecture. Create a Common Access Card, CAC deployment strategy, in which you describe the CAC implementation and deployment and encryption methodology for information security professionals. Create an email security strategy in which you provide the public key, private key hashing methodology to determine the best key management system for your organization. These documents will provide a security overview for the leadership in your company Encryption uses cryptographic algorithms to obfuscate data. These complex algorithms transform data from human readable plaintext into encrypted cipher text. Encryption uses the principles of substitution and permutation to ensure that data is transformed in a non-deterministic
manner by allowing the user to select the password or a key to encrypt a message. The recipient must know the key in order to decrypt the message, translating it back into the human readable plaintext. There are six steps that will lead you through this project. After beginning with the workplace scenario, continue to Step 1: "IT Systems Architecture." The deliverables for this project are as follows: 1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format. Page count does not include diagrams or tables. The report must cover the following: o network security and threat table o Common Access Card deployment strategy o e-mail security strategy 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.5: Use sentence structure appropriate to the task, message and audience. • 1.6: Follow conventions of Standard Written English. • 1.7: Create neat and professional looking documents appropriate for the project or presentation. • 2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
• 2.2: Locate and access sufficient information to investigate the issue or problem. • 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. • 2.4: Consider and analyze information in context to the issue or --------------------------------------------------------------------------------------------------------- CST 610 Project 6 Digital Forensics Analysis For more course tutorials visit www.newtonhelp.com • Project 6 Digital Forensics Analysis Project 6 Start Here This project will provide an introduction to digital forensic analysis. Digital forensic analysis is used to review and investigate data collected through digital communications and computer networks. The National Institute for Standards and Technology (NIST) has defined four fundamental phases for forensic analysis: collection, examination, analysis, and reporting. You will learn more about these concepts as you
navigate throughout the steps of this project and read the literature and links found in each step. There are four steps that will lead you through this project. Begin with Step 1: “Methodology. The deliverables for this project are as follows: 1. Digital Forensic Research Paper: This should be a five-page double- spaced Word document with citations in APA format. The page count does not include diagrams or tables. 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you completed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. • 8.6: Provides professional preparation for computer digital forensics, investigation of crime, and preservation of digital evidence in criminal and civil investigations and information security incident response. • 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. Step 1: Methodology The methodology includes following a systems process. Identify the requirements, purpose, and objectives of the investigation. Click the links below to review information that will aid in conducting and documenting an investigation:
• secure programming fundamentals • forensics fundamentals Learn about the investigation methodology. Consider secure programming fundamentals. Define the digital forensics analysis methodology, and the phases of the digital forensics fundamentals and methodology, including the following: 1. preparation 2. extraction 3. identification 4. analysis This information will help you understand the process you will use during an investigation. Step 2: Tools and Techniques Select the following links to learn about forensics analysis tools, methods, and techniques: 1. forensics analysis tools 2. web log and session analysis 3. hash analysis Step 3: Exploring Forensic Tools Note: You will utilize the tools in Workspace for this step. If you need help outside the classroom, you can register for the CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration
information). Primary lab assistance is available from a team of lab assistants. Lab assistants are professionals and are trained to help you. Click here to access the instructions for Navigating the Workspace and the Lab Setup. Select the following link to enter Workspace. Complete the forensic tools exercise provided in this lab. Explore the tutorials and user guides to learn more about various types of digital forensic tools. Click here to access the Project 6 Workspace Exercise Instructions. You will learn about the different types of tools, techniques, and analyses. Step 4: Digital Forensics Research Paper Now that you have learned basics of digital forensics analyses and methodology, and have experienced one of the common forensic tools, use the material presented in this project as well as research you've conducted outside of the course materials to write a research paper that addresses the following: ---------------------------------------------------------------------------------------------------------

More Related Content

DOCX
CST 610 RANK Redefined Education--cst610rank.com
byclaric240
 
DOC
Cst 610 Enhance teaching / snaptutorial.com
byBaileyabw
 
DOC
Csec 610 Enhance teaching / snaptutorial.com
byBaileyabv
 
DOCX
CST 610 RANK Achievement Education--cst610rank.com
bykopiko146
 
PDF
Csec 610 Education Organization-snaptutorial.com
byrobertlesew5
 
DOCX
CSEC 610 Education Specialist / snaptutorial.com
byMcdonaldRyan78
 
DOCX
CST 610 Effective Communication/tutorialrank.com
byjonhson198
 
DOCX
CSEC 610 Effective Communication/tutorialrank.com
byjonhson198
 
CST 610 RANK Redefined Education--cst610rank.com
byclaric240
 
Cst 610 Enhance teaching / snaptutorial.com
byBaileyabw
 
Csec 610 Enhance teaching / snaptutorial.com
byBaileyabv
 
CST 610 RANK Achievement Education--cst610rank.com
bykopiko146
 
Csec 610 Education Organization-snaptutorial.com
byrobertlesew5
 
CSEC 610 Education Specialist / snaptutorial.com
byMcdonaldRyan78
 
CST 610 Effective Communication/tutorialrank.com
byjonhson198
 
CSEC 610 Effective Communication/tutorialrank.com
byjonhson198
 

What's hot

DOC
Cyb 610 Inspiring Innovation--tutorialrank.com
byPrescottLunt386
 
DOCX
CST 610 Effective Communication - snaptutorial.com
bydonaldzs7
 
DOCX
CSEC 610 Effective Communication - snaptutorial.com
bydonaldzs7
 
DOCX
CST 610 Exceptional Education - snaptutorial.com
byDavisMurphyA97
 
DOCX
CST 610 RANK Educational Specialist--cst610rank.com
byVSNaipaul15
 
PDF
CST 610 RANK Become Exceptional--cst610rank.com
byagathachristie112
 
DOCX
CST 610 RANK Inspiring Innovation--cst610rank.com
byKeatonJennings104
 
DOC
Cyb 610 Enhance teaching / snaptutorial.com
byBaileyaby
 
PDF
CST 610 RANK Remember Education--cst610rank.com
bychrysanthemu49
 
PDF
CST 610 RANK Introduction Education--cst610rank.com
byagathachristie265
 
PDF
Csec 610 Believe Possibilities / snaptutorial.com
byDavis10a
 
PDF
Cst 610 Believe Possibilities / snaptutorial.com
byDavis10a
 
DOCX
CYB 610 Effective Communication - snaptutorial.com
bydonaldzs9
 
DOCX
CYB 610 Exceptional Education - snaptutorial.com
byDavisMurphyA98
 
PDF
Cyb 610 Believe Possibilities / snaptutorial.com
byDavis12a
 
PDF
Cyb 610 Education Organization-snaptutorial.com
byrobertlesew8
 
DOCX
CYB 610 Effective Communication/tutorialrank.com
byjonhson199
 
DOC
Cyb 610 Motivated Minds/newtonhelp.com
byamaranthbeg55
 
Cyb 610 Inspiring Innovation--tutorialrank.com
byPrescottLunt386
 
CST 610 Effective Communication - snaptutorial.com
bydonaldzs7
 
CSEC 610 Effective Communication - snaptutorial.com
bydonaldzs7
 
CST 610 Exceptional Education - snaptutorial.com
byDavisMurphyA97
 
CST 610 RANK Educational Specialist--cst610rank.com
byVSNaipaul15
 
CST 610 RANK Become Exceptional--cst610rank.com
byagathachristie112
 
CST 610 RANK Inspiring Innovation--cst610rank.com
byKeatonJennings104
 
Cyb 610 Enhance teaching / snaptutorial.com
byBaileyaby
 
CST 610 RANK Remember Education--cst610rank.com
bychrysanthemu49
 
CST 610 RANK Introduction Education--cst610rank.com
byagathachristie265
 
Csec 610 Believe Possibilities / snaptutorial.com
byDavis10a
 
Cst 610 Believe Possibilities / snaptutorial.com
byDavis10a
 
CYB 610 Effective Communication - snaptutorial.com
bydonaldzs9
 
CYB 610 Exceptional Education - snaptutorial.com
byDavisMurphyA98
 
Cyb 610 Believe Possibilities / snaptutorial.com
byDavis12a
 
Cyb 610 Education Organization-snaptutorial.com
byrobertlesew8
 
CYB 610 Effective Communication/tutorialrank.com
byjonhson199
 
Cyb 610 Motivated Minds/newtonhelp.com
byamaranthbeg55
 

Similar to Cst 610 Your world/newtonhelp.com

DOC
Csec 610 Your world/newtonhelp.com
byamaranthbeg92
 
DOC
Csec 610 Motivated Minds/newtonhelp.com
byamaranthbeg52
 
DOC
Csec 610 Extraordinary Success/newtonhelp.com
byamaranthbeg112
 
DOC
Csec 610 Education is Power/newtonhelp.com
byamaranthbeg72
 
DOCX
Cyb 610Education Specialist / snaptutorial.com
byMcdonaldRyan80
 
DOC
Csec 610 Inspiring Innovation--tutorialrank.com
byPrescottLunt384
 
DOC
Cyb 610 Your world/newtonhelp.com
byamaranthbeg95
 
DOCX
Cain and AbelOphcrackStart H.docx
byRAHUL126667
 
DOCX
The Technical Report and Executive SummaryTechnical report Your.docx
bygloriab9
 
DOCX
CYB610 Project Common computing platforms.docx
bywrite5
 
DOCX
PurposeThis course project is intended to assess your abilit
byTakishaPeck109
 
Csec 610 Your world/newtonhelp.com
byamaranthbeg92
 
Csec 610 Motivated Minds/newtonhelp.com
byamaranthbeg52
 
Csec 610 Extraordinary Success/newtonhelp.com
byamaranthbeg112
 
Csec 610 Education is Power/newtonhelp.com
byamaranthbeg72
 
Cyb 610Education Specialist / snaptutorial.com
byMcdonaldRyan80
 
Csec 610 Inspiring Innovation--tutorialrank.com
byPrescottLunt384
 
Cyb 610 Your world/newtonhelp.com
byamaranthbeg95
 
Cain and AbelOphcrackStart H.docx
byRAHUL126667
 
The Technical Report and Executive SummaryTechnical report Your.docx
bygloriab9
 
CYB610 Project Common computing platforms.docx
bywrite5
 
PurposeThis course project is intended to assess your abilit
byTakishaPeck109
 

Recently uploaded

PDF
The Drift Principle: When Information Accelerates Faster Than Minds Can Compress
byReality Drift Archive
 
PDF
Ketogenic diet in Epilepsy in children..
bymirzasania0810
 
PPTX
Rectal Surgery in Senior Citiizens .pptx
byJohn Thanakumar
 
PDF
Projecte de la porta de primer B: L'antic Egipte
byeduardrubio1
 
PDF
BỘ TEST KIỂM TRA CUỐI HỌC KÌ 1 - TIẾNG ANH 6-7-8-9 GLOBAL SUCCESS - PHIÊN BẢN...
byNguyen Thanh Tu Collection
 
PPTX
Searching in PubMed andCochrane_Practical Presentation.pptx
bySystematic Reviews Network (SRN)
 
PDF
Projecte de la porta de la classe de primer A: Mar i cel.
byeduardrubio1
 
PPTX
How to use search_read method in Odoo 18
byCeline George
 
PDF
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
PPTX
Cost of Capital - Cost of Equity, Cost of debenture, Cost of Preference share...
bySundar B N
 
PDF
APM Wessex Network: DEIB Policy into Practice
byAssociation for Project Management
 
PPTX
Vitamins and mineral deficiency , signs and symptoms associated with exercise
byvirupa chandrika reddy
 
PPTX
York "Collaboration for Research Support at U-M Library"
byNational Information Standards Organization (NISO)
 
PDF
Current Electricity for first year physiotherapy
byGanesh Jadhav
 
PPTX
CHAPTER NO.08 HCP BY GG CLINICAL PHARMACY
byGanu Gavade
 
PPTX
Semester 6 unit 2 Atopic dermatitis.pptx
bysachin7989
 
PDF
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
PPTX
Unit I — Introduction to Anatomical Terms and Organization of the Human Body
byRAKESH SAJJAN
 
PDF
DHA/HAAD/MOH/DOH OPTOMETRY MCQ PYQ. .pdf
byAnmol Singh
 
PPTX
Details of Epithelial and Connective Tissue.pptx
byAshish Umale
 
The Drift Principle: When Information Accelerates Faster Than Minds Can Compress
byReality Drift Archive
 
Ketogenic diet in Epilepsy in children..
bymirzasania0810
 
Rectal Surgery in Senior Citiizens .pptx
byJohn Thanakumar
 
Projecte de la porta de primer B: L'antic Egipte
byeduardrubio1
 
BỘ TEST KIỂM TRA CUỐI HỌC KÌ 1 - TIẾNG ANH 6-7-8-9 GLOBAL SUCCESS - PHIÊN BẢN...
byNguyen Thanh Tu Collection
 
Searching in PubMed andCochrane_Practical Presentation.pptx
bySystematic Reviews Network (SRN)
 
Projecte de la porta de la classe de primer A: Mar i cel.
byeduardrubio1
 
How to use search_read method in Odoo 18
byCeline George
 
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
Cost of Capital - Cost of Equity, Cost of debenture, Cost of Preference share...
bySundar B N
 
APM Wessex Network: DEIB Policy into Practice
byAssociation for Project Management
 
Vitamins and mineral deficiency , signs and symptoms associated with exercise
byvirupa chandrika reddy
 
York "Collaboration for Research Support at U-M Library"
byNational Information Standards Organization (NISO)
 
Current Electricity for first year physiotherapy
byGanesh Jadhav
 
CHAPTER NO.08 HCP BY GG CLINICAL PHARMACY
byGanu Gavade
 
Semester 6 unit 2 Atopic dermatitis.pptx
bysachin7989
 
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
Unit I — Introduction to Anatomical Terms and Organization of the Human Body
byRAKESH SAJJAN
 
DHA/HAAD/MOH/DOH OPTOMETRY MCQ PYQ. .pdf
byAnmol Singh
 
Details of Epithelial and Connective Tissue.pptx
byAshish Umale
 

Cst 610 Your world/newtonhelp.com

  • 1.
    CST 610 AllProject (Project 1-6) For more course tutorials visit www.newtonhelp.com CST 610 Project 1 Information Systems and Identity Management CST 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) CST 610 Project 3 Assessing Information System Vulnerabilities and Risk CST 610 Project 4 Threat Analysis and Exploitation CST 610 Project 5 Cryptography CST 610 Project 6 Digital Forensics Analysis ---------------------------------------------------------------------------------------------------------
  • 2.
    CST 610 Project1 Information Systems and Identity Management For more course tutorials visit www.newtonhelp.com Project 1 Information Systems and Identity Management Video transcript CYB 610 Project 1 You are a systems administrator in the IT department of a major metropolitan hospital. Your duties are to ensure the confidentiality, availability, and integrity of patient records, as well as the other files and databases used throughout the hospital. Your work affects several departments, including Human Resources, Finance, Billing, Accounting, and Scheduling. You also apply security controls on passwords for user accounts. Just before clocking out for the day, you notice something strange in the hospital's computer system. Some person, or group, has accessed user accounts and conducted unauthorized activities. Recently, the hospital experienced intrusion into one of its patient's billing accounts. After validating user profiles in Active Directory and matching them with user credentials, you suspect several user's passwords have been compromised to gain access to the hospital's computer network. You schedule an emergency meeting with
  • 3.
    the director ofIT and the hospital board. In light of this security breach, they ask you to examine the security posture of the hospital's information systems infrastructure and implement defense techniques. This must be done quickly, your director says. The hospital board is less knowledgeable about information system security. The board makes it clear that it has a limited cybersecurity budget. However, if you can make a strong case to the board, it is likely that they will increase your budget and implement your recommended tool company¬wide. You will share your findings on the hospital's security posture. Your findings will be brought to the director of IT in a technical report. You will also provide a non¬technical assessment of the overall identity management system of the hospital and define practices to restrict and permit access to information. You will share this assessment with the hospital board in the form of a narrated slide show presentation. You know that identity management will increase the security of the overall information system's infrastructure for the hospital. You also know that, with a good identity management system, the security and productivity benefits will outweigh costs incurred. This is the argument you must make to those stakeholders. Daily life requires us to have access to a lot of information, and information systems help us access that information. Desktop computers, laptops, and mobile devices keep us connected to the information we need through processes that work via hardware and software components. Information systems infrastructure makes this possible. However, our easy access to communication and information also creates security and privacy risks. Laws, regulations, policies, and guidelines exist to protect information and information owners. Cybersecurity ensures the confidentiality, integrity, and availability of the information. Identity management is a fundamental practice. Part of identity management is the governance of access, authorization, and authentication of users to information systems, Identity management is one part of a layered security defense strategy within the information systems infrastructure. Your work in this project will enable you to
  • 4.
    produce a technicalreport and nontechnical presentation that addresses these requirements. There are five steps that will help you create your final deliverables. The deliverables for this project are as follows: 1. Nontechnical presentation: This is an 8-10 slide PowerPoint presentation for business executives and board members. 2. Technical report: Your report should be a 6-7 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations. 3. Executive summary: This should be a 2-3 page double-spaced Word document. 4. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. • 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. • 6.2: Creating a roadmap for organizations to use in development of an Identity Access Management program (to address gaps in their current offerings). • Step 1: Defining the Information System Infrastructure Select a hospital or healthcare organization to research. You may choose an organization you are familiar with or can readily obtain information
  • 5.
    about. To maintainconfidentiality, you do not need to mention the name of the organization. You may also choose a hypothetical/fictitious healthcare organization. Others have researched several healthcare organizations, which have suffered major security breaches, extensively. 1. Describe the organization and structure including the different business units and their functions. You may use an organizational chart to provide this information. 2. Choose one or more mission-critical systems of the healthcare organization. Define the information protection needs for the organization's mission-critical protected health information (PHI). This information is stored in database medical records for doctors, nurses, and insurance claims billing systems, which are used to fulfill the organizational information needs. 3. Define the workflows and processes for the high-level information systems that you have just identified that will store PHI. Workflows and processes for healthcare organizations define how the organization gets its work done. They describe the movement of patient information to the business units that have needs to process and manage that information, from billing to physician care. All these organizations have hardware and software implementations of their information systems, and it is critical to understand these components, and how they are connected (known as their topology), so the appropriate protections can be applied. Your research may produce instances and examples of how an information system is connected, to include cybersecurity components like firewalls, in the information system and network diagram. Be sure you understand the benefits and weaknesses for the different network topologies. ---------------------------------------------------------------------------------------------------------
  • 6.
    CST 610 Project2 Operating Systems Vulnerabilities (Windows and Linux) For more course tutorials visit www.newtonhelp.com CYB 610 Project 2 Congratulations, you are the newly appointed lead cybersecurity engineer with your company in the oil and natural gas sector. This is a senior¬level position. You were hired two months ago based on your successful cybersecurity experience with a previous employer. Your technical knowledge of cybersecurity is solid. However, you have a lot to learn about this company's culture, processes, and IT funding decisions, which are made by higher management. You have recently come across numerous anomalies and incidents leading to security breaches. The incidents took place separately, and it has not been determined if they were caused by a single source or multiple related sources. First, a month ago, a set of three corporate database servers crashed suddenly. Then, a week ago, anomalies were found in the configuration of certain server and router systems of your company. You immediately recognized that something with your IT resources was not right. You suspect that someone, or some group, has been regularly accessing your user account and conducting unauthorized configuration changes. You meet with your leadership to discuss the vulnerabilities. They would like you to provide a security assessment report, or SAR, on the state of the operating systems within the organization. You're also
  • 7.
    tasked with creatinga non-technical narrated presentation summarizing your thoughts. The organization uses multiple operating systems that are Microsoft-based and Linux¬based. You will have to understand these technologies for vulnerability scanning using the tools that work best for the systems in the corporate network. You know that identity management will increase the security of the overall information systems infrastructure for the company. You also know that with a good identity management system, the security and productivity benefits will outweigh costs incurred. This is the argument you must make to the stakeholders The operating system (OS) of an information system contains the software that executes the critical functions of the information system. The OS manages the computer's memory, processes, and all of its software and hardware. It allows different programs to run simultaneously and access the computer's memory, central processing unit, and storage. The OS coordinates all these activities and ensures that sufficient resources are applied. These are the fundamental processes of the information system and if they are violated by a security breach or exploited vulnerability it has the potential to have the biggest impact on your organization. Security for operating systems consists of protecting the OS components from attacks that could cause deletion, modification, or destruction of the operating system. Threats to an OS could consist of a breach of confidential information, unauthorized modification of data, or unauthorized destruction of data. It is the job of the cybersecurity engineer to understand the operations and vulnerabilities of the OS (whether it is a Microsoft, Linux, or another type of OS), and to provide mitigation, remediation, and defense against threats that would expose those vulnerabilities or attack the OS. There are six steps that will help you create your final deliverables. The deliverables for this project are as follows:
  • 8.
    1. Security AssessmentReport (SAR): This report should be a 7-8 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. 2. Nontechnical presentation: This is a set of 8-10 PowerPoint slides for upper management that summarizes your thoughts regarding the findings in your SAR. 3. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. • 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. • 5.4: Identify potential threats to operating systems and the security features necessary to guard against them. Step 1: Defining the OS The audience for your security assessment report (SAR) is the leadership of your organization, which is made up of technical and nontechnical staff. Some of your audience will be unfamiliar with operating systems (OS). As such, you will begin your report with a brief explanation of operating systems fundamentals and the types of information systems. Click on and read the following resources that provide essential information you need to know before creating a thorough and accurate OS explanation: • operating systems fundamentals
  • 9.
    • the applicationsof the OS • The Embedded OS --------------------------------------------------------------------------------------------------------- CST 610 Project 3 Assessing Information System Vulnerabilities and Risk For more course tutorials visit www.newtonhelp.com Project 3 Assessing Information System Vulnerabilities and Risk CYB 610 Project 3 You are an Information Assurance Management Officer, IAMO, at an organization of your choosing. One morning, as you're getting ready for work, you see an email from Karen, your manager. She asks you to come to her office as soon as you get in. When you arrive to your work, you head straight to Karen's office. “Sorry for the impromptu meeting,” she says, “but we have a bit of an emergency. There's been a security breach at the Office of Personnel Management.” We don't know how this happened, but we need to make sure it doesn't happen again, says Karen. You'll be receiving an email with more information on the security breach. Use this info to assess the information system vulnerabilities of the Office of Personnel Management. At your desk, you open Karen's email. She's given you an
  • 10.
    OPM report fromthe Office of the Inspector General, or OIG. You have studied the OPM OIG report and found that the hackers were able to gain access through compromised credentials. The security breach could have been prevented, if the Office of Personnel Management, or OPM, had abided by previous auditing reports and security findings. In addition, access to the databases could have been prevented by implementing various encryption schemas and could have been identified after running regularly scheduled scans of the systems. Karen and the rest of the leadership team want you to compile your findings into a Security Assessment Report or SAR. You will also create a Risk Assessment Report, or RAR, in which you identify threats, vulnerabilities, risks, and likelihood of exploitation and suggested remediation The security posture of the information systems infrastructure of an organization should be regularly monitored and assessed (including software, hardware, firmware components, governance policies, and implementation of security controls). The monitoring and assessment of the infrastructure and its components, policies, and processes should also account for changes and new procurements that are sure to follow in order to stay in step with ever-changing information system technologies. The data breach at the Office of Personnel Management (OPM) is one of the largest in US government history. It provides a series of lessons learned for other organizations in industry and the public sector. Some critical security practices, such as lack of diligence to security controls and management of changes to the information systems infrastructure were cited as contributors to the massive data breach in the OPM Office of the Inspector General's (OIG) Final Audit Report, which can be found in open source searches. Some of the findings in the report include: weak authentication mechanisms; lack of a plan for life-cycle management of the information systems; lack of a configuration management and change management plan; lack of inventory of systems, servers, databases, and network devices; lack of mature
  • 11.
    vulnerability scanning tools;lack of valid authorizations for many systems, and lack of plans of action to remedy the findings of previous audits. The breach ultimately resulted in removal of OPM's top leadership. The impact of the breach on the livelihoods of millions of people is ongoing and may never be fully known. There is a critical need for security programs that can assess vulnerabilities and provide mitigations. There are nine steps that will help you create your final deliverables. The deliverables for this project are as follows: 1. Security Assessment Report (SAR): This should be an 8-10 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. 2. Risk Assessment Report (RAR): This report should be a 5-6 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. 3. In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. • 1.2: Develop coherent paragraphs or points so that each is internally unified and so that each functions as part of the whole document or presentation. • 1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.
  • 12.
    • 1.4: Tailorcommunications to the audience. • 1.5: Use sentence structure appropriate to the task, message and audience. • 1.6: Follow conventions of Standard Written English. • 5.2: Knowledge of architectural methodologies used in the design and development of information systems and knowledge of standards that either are compliant with or derived from established standards or guidelines. • 5.6: Explore and address cybersecurity concerns, promote awareness, best practice, and emerging technology. • 7.3: Knowledge of methods and tools used for risk management and mitigation of risk. • 8.1: Demonstrate the abilities to detect, identify, and resolve host and network intrusion incidents. • 8.2: Possess knowledge and skills to categorize, characterize, and prioritize an incident as well as to handle relevant digital evidence appropriately. Step 1: Enterprise Network Diagram During Project One, you researched a hypothetical or actual organization of your choice. You had to understand the goals of the organization and the types of systems that would fulfill those goals. You will now research and learn about types of networks and their secure constructs that may be used in organizations to accomplish the functions of the organization’s mission. You will propose a local area network (LAN) and a wide area network (WAN) for the organization, define the systems
  • 13.
    environment, and incorporatethis information in a network diagram. Discuss the security benefits of your chosen network design. Read about the following computing platforms available for networks and discuss how these platforms could be implemented in your organization. Include the rationale for all platforms you choose to include in your network design. • common computing platforms • cloud computing • distributed computing • centralized computing • secure programming fundamentals • Step 2: Enterprise Threats • Review the OIG report on the OPM breach that you were asked to research and read about at the beginning of the project. The OIG report --------------------------------------------------------------------------------------------------------- CST 610 Project 4 Threat Analysis and Exploitation For more course tutorials visit www.newtonhelp.com
  • 14.
    Project 4 ThreatAnalysis and Exploitation CYB610 Project 4 You are part of a collaborative team that was created to address cyber threats and exploitation of US financial systems critical infrastructure. Your team has been assembled by the White House Cyber National security staff to provide situational awareness about a current network breach and cyber attack against several financial service institutions. Your team consists of four roles, a representative from the financial services sector who has discovered the network breach and the cyber attacks. These attacks include distributed denial of service attacks, DDOS, web defacements, sensitive data exfiltration, and other attack vectors typical of this nation state actor. A representative from law enforcement who has provided additional evidence of network attacks found using network defense tools. A representative from the intelligence agency who has identified the nation state actor from numerous public and government provided threat intelligence reports. This representative will provide threat intelligence on the tools, techniques, and procedures of this nation state actor. A representative from the Department of Homeland Security who will provide the risk, response, and recovery actions taken as a result of this cyber threat. Your team will have to provide education and security awareness to the financial services sector about the threats, vulnerabilities, risks, and risk mitigation and remediation procedures to be implemented to maintain a robust security posture. Finally, your team will take the lessons learned from this cyber incident and share that knowledge with the rest of the cyber threat analysis community. At the end of the response to this cyber incident, your team will provide two deliverables, a situational analysis report, or SAR, to the White House Cyber National security staff and an After Action Report and lesson learned to the cyber threat analyst community.
  • 15.
    US critical infrastructure-power—water,oil and natural gas, military systems, financial systems—have become the target of cyber and physical attacks as more critical infrastructure systems are integrated with the Internet and other digital controls systems. The lesson learned in defending and mitigating cyberattacks is that no entity can prevent or resolve cyberattacks on its own. Collaboration and information sharing is key for success and survival. This is a group exercise, representing collaboration across all sectors, to support and defend US critical infrastructure. In the working world, a team like this would include some agencies, some industrial partners, and some private sector corporations. Each organization has different strengths and skills, different access to information, and different authorities to report to. When the sectors work together and leverage resources and skills, the result is that everyone benefits from the defense and protection of US IT infrastructure. In your teams, you can model the same collaboration, leveraging each other's expertise, sharing each other's knowledge, teaching each other, and providing contributions specific to your role in the scenario. • Financial Services Representative: special task in Step 3 • Law Enforcement Representative: special task in Step 4 • Intelligence Agency Representative: special task in Step 5 • Homeland Security Representative: special task in Step 6 There are seven steps that will help you create your final deliverables. The deliverables for this project are as follows: 1. Security Assessment Report (SAR): This report should be a 14-15 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
  • 16.
    2. After ActionReport (AAR): This report should be a 10-15 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. 3. This is a 5-8 slide PowerPoint presentation for executives along with a narrated or In-Class Presentation summarizing your SAR and AAR report. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. --------------------------------------------------------------------------------------------------------- CST 610 Project 5 Cryptography For more course tutorials visit www.newtonhelp.com Project 5 Cryptography
  • 17.
    CYB610 Project 5You are an enterprise security architect for a company in a semiconductor manufacturing industry where maintaining competitive advantage and protecting intellectual property is vital. You're in charge of security operations and strategic security planning. Your responsibilities include devising the security protocols for identification, access, and authorization management. You recently implemented cryptography algorithms to protect the information organization. Leadership is pleased with your efforts and would like you to take protection methods even further. They've asked you to study cyber-attacks against different cryptography mechanisms and deploy access control programs to prevent those types of attacks. We'd like you to create plans for future security technology deployments, says one senior manager. And provide documentation so that others can carry out the deployments. A director chimes in, but you should also devise a method for ensuring the identification, integrity, and non-repudiation of information in transit at rest and in use within the organization. As the enterprise security architect, you are responsible for providing the following deliverables. Create a network security vulnerability and threat table in which you outline the security architecture of the organization, the cryptographic means of protecting the assets of the organizations, the types of known attacks against those protections, and means to ward off the attacks. This document will help you manage the current configuration of the security architecture. Create a Common Access Card, CAC deployment strategy, in which you describe the CAC implementation and deployment and encryption methodology for information security professionals. Create an email security strategy in which you provide the public key, private key hashing methodology to determine the best key management system for your organization. These documents will provide a security overview for the leadership in your company Encryption uses cryptographic algorithms to obfuscate data. These complex algorithms transform data from human readable plaintext into encrypted cipher text. Encryption uses the principles of substitution and permutation to ensure that data is transformed in a non-deterministic
  • 18.
    manner by allowingthe user to select the password or a key to encrypt a message. The recipient must know the key in order to decrypt the message, translating it back into the human readable plaintext. There are six steps that will lead you through this project. After beginning with the workplace scenario, continue to Step 1: "IT Systems Architecture." The deliverables for this project are as follows: 1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format. Page count does not include diagrams or tables. The report must cover the following: o network security and threat table o Common Access Card deployment strategy o e-mail security strategy 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you performed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 1.5: Use sentence structure appropriate to the task, message and audience. • 1.6: Follow conventions of Standard Written English. • 1.7: Create neat and professional looking documents appropriate for the project or presentation. • 2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
  • 19.
    • 2.2: Locateand access sufficient information to investigate the issue or problem. • 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. • 2.4: Consider and analyze information in context to the issue or --------------------------------------------------------------------------------------------------------- CST 610 Project 6 Digital Forensics Analysis For more course tutorials visit www.newtonhelp.com • Project 6 Digital Forensics Analysis Project 6 Start Here This project will provide an introduction to digital forensic analysis. Digital forensic analysis is used to review and investigate data collected through digital communications and computer networks. The National Institute for Standards and Technology (NIST) has defined four fundamental phases for forensic analysis: collection, examination, analysis, and reporting. You will learn more about these concepts as you
  • 20.
    navigate throughout thesteps of this project and read the literature and links found in each step. There are four steps that will lead you through this project. Begin with Step 1: “Methodology. The deliverables for this project are as follows: 1. Digital Forensic Research Paper: This should be a five-page double- spaced Word document with citations in APA format. The page count does not include diagrams or tables. 2. In a Word document, share your lab experience and provide screenshots to demonstrate that you completed the lab. When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission. • 5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. • 8.6: Provides professional preparation for computer digital forensics, investigation of crime, and preservation of digital evidence in criminal and civil investigations and information security incident response. • 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. Step 1: Methodology The methodology includes following a systems process. Identify the requirements, purpose, and objectives of the investigation. Click the links below to review information that will aid in conducting and documenting an investigation:
  • 21.
    • secure programmingfundamentals • forensics fundamentals Learn about the investigation methodology. Consider secure programming fundamentals. Define the digital forensics analysis methodology, and the phases of the digital forensics fundamentals and methodology, including the following: 1. preparation 2. extraction 3. identification 4. analysis This information will help you understand the process you will use during an investigation. Step 2: Tools and Techniques Select the following links to learn about forensics analysis tools, methods, and techniques: 1. forensics analysis tools 2. web log and session analysis 3. hash analysis Step 3: Exploring Forensic Tools Note: You will utilize the tools in Workspace for this step. If you need help outside the classroom, you can register for the CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration
  • 22.
    information). Primary labassistance is available from a team of lab assistants. Lab assistants are professionals and are trained to help you. Click here to access the instructions for Navigating the Workspace and the Lab Setup. Select the following link to enter Workspace. Complete the forensic tools exercise provided in this lab. Explore the tutorials and user guides to learn more about various types of digital forensic tools. Click here to access the Project 6 Workspace Exercise Instructions. You will learn about the different types of tools, techniques, and analyses. Step 4: Digital Forensics Research Paper Now that you have learned basics of digital forensics analyses and methodology, and have experienced one of the common forensic tools, use the material presented in this project as well as research you've conducted outside of the course materials to write a research paper that addresses the following: ---------------------------------------------------------------------------------------------------------