The document outlines a series of projects for a cybersecurity course (cyb 610), addressing various aspects of information systems, including identity management, operating systems vulnerabilities, risk assessments, threat analysis, cryptography, and digital forensics. Each project involves specific roles and responsibilities, technical assessments, and the requirement to create deliverables such as reports and presentations tailored for technical and non-technical audiences. The culmination of these projects aims to enhance the security posture of organizations and ensure better cybersecurity practices in response to identified vulnerabilities and threats.

1. CYB 610 All Project (Project 1-6)
For more course tutorials visit
www.newtonhelp.com
CYB 610 Project 1 Information Systems and Identity Management
CYB 610 Project 2 Operating Systems Vulnerabilities (Windows and
Linux)
CYB 610 Project 3 Assessing Information System Vulnerabilities and
Risk
CYB 610 Project 4 Threat Analysis and Exploitation
CYB 610 Project 5 Cryptography
CYB 610 Project 6 Digital Forensics Analysis
-------------------------------------------------------------------------------------------
CYB 610 Project 1 Information Systems and Identity
Management
For more course tutorials visit

2. www.newtonhelp.com
Project 1 Information Systems and Identity Management
Video transcript
CYB 610 Project 1 You are a systems administrator in the IT department
of a major metropolitan hospital. Your
duties are to ensure the confidentiality, availability, and integrity of
patient records, as well as the other files and databases used throughout
the hospital. Your work affects several departments, including Human
Resources, Finance, Billing, Accounting, and Scheduling. You
also apply security controls on passwords for user accounts.
Just before clocking out for the day, you notice something strange in the
hospital's computer system. Some person, or group, has accessed
user accounts and conducted unauthorized
activities. Recently, the hospital experienced intrusion into one of
its patient's billing accounts. After validating user profiles in Active
Directory and matching them with user credentials, you
suspect several user's passwords have been compromised to gain
access to the hospital's computer network. You schedule an
emergency meeting with the director of IT and the hospital board.
In light of this security breach, they ask you to examine the
security posture of the hospital's information systems infrastructure and
implement defense techniques. This must be done
quickly, your director says. The hospital board is less knowledgeable
about information system security. The board makes it clear that it has a
limited cybersecurity budget. However, if you can
make a strong case to the board, it is likely that they will increase your
budget and implement your recommended tool companywide.
You will share your findings on the hospital's security posture. Your
findings will be brought to the director of IT in a technical report. You

3. will also provide a nontechnical assessment of the
overall identity management system of the hospital and define
practices to restrict and permit access to information. You will share
this assessment with the hospital board in the form of a
narrated slide show presentation. You know that identity management
will increase the security of the overall information system's
infrastructure for the hospital. You also know that, with a good
identity management system, the security and productivity benefits will
outweigh costs incurred. This is the argument you must
make to those stakeholders.
Daily life requires us to have access to a lot of information, and
information systems help us access that information. Desktop
computers, laptops, and mobile devices keep us connected to the
information we need through processes that work via hardware and
software components. Information systems infrastructure makes this
possible. However, our easy access to communication and information
also creates security and privacy risks. Laws, regulations, policies, and
guidelines exist to protect information and information owners.
Cybersecurity ensures the confidentiality, integrity, and availability of
the information. Identity management is a fundamental practice. Part of
identity management is the governance of access, authorization, and
authentication of users to information systems, Identity management is
one part of a layered security defense strategy within the information
systems infrastructure. Your work in this project will enable you to
produce a technical report and nontechnical presentation that addresses
these requirements.
There are five steps that will help you create your final deliverables. The
deliverables for this project are as follows:
-------------------------------------------------------------------------------------------
CYB 610 Project 2 Operating Systems Vulnerabilities
(Windows and Linux)

4. For more course tutorials visit
www.newtonhelp.com
CYB 610 Project 2 Congratulations, you are the newly appointed lead
cybersecurity engineer with your company in
the oil and natural gas sector. This is a seniorlevel position. You were
hired two months ago based on your successful cybersecurity experience
with a previous employer. Your technical knowledge of
cybersecurity is solid. However, you have a lot to learn about this
company's culture, processes, and IT funding decisions, which are made
by higher management.
You have recently come across numerous anomalies and
incidents leading to security breaches. The incidents took place
separately, and it has not been determined if they were
caused by a single source or multiple related sources. First, a month ago,
a set of three corporate database servers crashed suddenly. Then, a
week ago, anomalies were found in the
configuration of certain server and router systems of your company.
You immediately recognized that something with your IT
resources was not right. You suspect that someone, or some group,
has been regularly accessing your user account and conducting
unauthorized configuration changes. You meet with your leadership to
discuss the vulnerabilities. They would like you to provide a
security assessment report, or SAR, on the state of the operating
systems within the organization. You're also tasked with creating a non-
technical narrated presentation summarizing your thoughts.
The organization uses multiple operating systems that are Microsoft-
based and Linuxbased. You will have to understand these
technologies for vulnerability scanning using the tools that
work best for the systems in the corporate network.

5. You know that identity management will increase the security of the
overall information systems infrastructure for the company. You also
know that with a good identity management system,
the security and productivity benefits will outweigh costs incurred.
This is the argument you must make to the stakeholders
The operating system (OS) of an information system contains the
software that executes the critical functions of the information system.
The OS manages the computer's memory, processes, and all of its
software and hardware. It allows different programs to run
simultaneously and access the computer's memory, central processing
unit, and storage. The OS coordinates all these activities and ensures that
sufficient resources are applied. These are the fundamental processes of
the information system and if they are violated by a security breach or
exploited vulnerability it has the potential to have the biggest impact on
your organization.
Security for operating systems consists of protecting the OS components
from attacks that could cause deletion, modification, or destruction of
the operating system. Threats to an OS could consist of a breach of
confidential information, unauthorized modification of data, or
unauthorized destruction of data. It is the job of the cybersecurity
engineer to understand the operations and vulnerabilities of the OS
(whether it is a Microsoft, Linux, or another type of OS), and to provide
mitigation, remediation, and defense against threats that would expose
those vulnerabilities or attack the OS.
There are six steps that will help you create your final deliverables. The
deliverables for this project are as follows:
1. Security Assessment Report (SAR): This report should be a 7-8
page double-spaced Word document with citations in APA format.
The page count does not include figures, diagrams, tables, or
citations.
2. Nontechnical presentation: This is a set of 8-10 PowerPoint slides
for upper management that summarizes your thoughts regarding
the findings in your SAR.

6. 3. In a Word document, share your lab experience and provide screen
prints to demonstrate that you performed the lab.
When you submit your project, your work will be evaluated using the
competencies listed below. You can use the list below to self-check your
work before submission.
-------------------------------------------------------------------------------------------
CYB 610 Project 3 Assessing Information System
Vulnerabilities and Risk
For more course tutorials visit
www.newtonhelp.com
Project 3 Assessing Information System Vulnerabilities and Risk
CYB 610 Project 3 You are an Information Assurance Management
Officer, IAMO, at an organization of your
choosing. One morning, as you're getting ready for work, you see an
email from Karen, your manager. She asks you to come to her office
as soon as you get in. When you arrive to your work, you head straight
to Karen's office. “Sorry for the impromptu meeting,” she says, “but we
have a bit of an emergency. There's been a security breach at the
Office of Personnel Management.” We don't know how this happened,
but we need to make sure it doesn't happen again, says
Karen. You'll be receiving an email with more information on the
security breach. Use this info to
assess the information system vulnerabilities of the Office of Personnel

7. Management. At your desk, you open Karen's email. She's given you an
OPM report from the Office of the Inspector General, or OIG. You have
studied the OPM OIG report and found that the hackers
were able to gain access through compromised credentials. The
security breach could have been prevented, if the Office of Personnel
Management, or OPM, had abided by previous
auditing reports and security findings. In addition, access to the
databases could have been prevented by implementing
various encryption schemas and could have been identified after
running regularly scheduled scans of the systems.
Karen and the rest of the leadership team want you to compile your
findings into a Security Assessment Report or SAR. You will also create
a Risk Assessment Report, or RAR, in which
you identify threats, vulnerabilities, risks, and likelihood of exploitation
and suggested remediation
The security posture of the information systems infrastructure of an
organization should be regularly monitored and assessed (including
software, hardware, firmware components, governance policies, and
implementation of security controls). The monitoring and assessment of
the infrastructure and its components, policies, and processes should also
account for changes and new procurements that are sure to follow in
order to stay in step with ever-changing information system
technologies.
The data breach at the Office of Personnel Management (OPM) is one of
the largest in US government history. It provides a series of lessons
learned for other organizations in industry and the public sector. Some
critical security practices, such as lack of diligence to security controls
and management of changes to the information systems infrastructure
were cited as contributors to the massive data breach in the OPM Office
of the Inspector General's (OIG) Final Audit Report, which can be found
-------------------------------------------------------------------------------------------
CYB 610 Project 4 Threat Analysis and Exploitation

8. For more course tutorials visit
www.newtonhelp.com
Project 4 Threat Analysis and ExploitationBottom of Form
CYB610 Project 4 You are part of a collaborative team that was created
to address cyber threats and exploitation of US financial systems critical
infrastructure. Your team has been assembled by the White
House Cyber National security staff to provide situational
awareness about a current network breach and cyber attack against
several financial service institutions. Your team consists of four roles, a
representative from the financial services sector who has
discovered the network breach and the cyber attacks. These
attacks include distributed denial of service attacks, DDOS, web
defacements, sensitive data exfiltration, and other attack vectors
typical of this nation state actor. A representative from law enforcement
who has provided additional evidence of network attacks found using
network defense tools. A representative from the intelligence
agency who has identified the nation state actor from
numerous public and government provided threat intelligence reports.
This representative will provide threat intelligence on the tools,
techniques, and procedures of this nation state actor. A
representative from the Department of Homeland Security who will
provide the risk, response, and recovery actions taken as a result of
this cyber threat. Your team will have to provide education and
security awareness to the financial services sector
about the threats, vulnerabilities, risks, and risk mitigation and

9. remediation procedures to be implemented to maintain a robust
security posture. Finally, your team will take the lessons learned
from this cyber incident and share that knowledge with the rest of the
cyber threat analysis community. At the end of the response to
this cyber incident, your team will provide two deliverables, a situational
analysis report, or SAR, to the White House Cyber National
security staff and an After Action Report and lesson learned
to the cyber threat analyst community.
US critical infrastructure-power—water, oil and natural gas, military
systems, financial systems—have become the target of cyber and
physical attacks as more critical infrastructure systems are integrated
with the Internet and other digital controls systems. The lesson learned
in defending and mitigating cyberattacks is that no entity can prevent or
resolve cyberattacks on its own. Collaboration and information sharing
is key for success and survival.
-------------------------------------------------------------------------------------------
CYB 610 Project 5 Cryptography
For more course tutorials visit
www.newtonhelp.com
Project 5 Cryptography
CYB610 Project 5 You are an enterprise security architect for a
company in a semiconductor manufacturing industry where maintaining

10. competitive advantage and protecting intellectual property is vital.
You're in charge of security operations and strategic security planning.
Your responsibilities
include devising the security protocols for identification, access, and
authorization management. You recently implemented
cryptography algorithms to protect the information organization.
Leadership is pleased with your efforts and would like you to take
protection methods even further. They've asked you to study cyber-
attacks against different cryptography mechanisms
and deploy access control programs to prevent those types of attacks.
We'd like you to create plans for future
security technology deployments, says one senior
manager. And provide documentation so that others can carry out the
deployments. A director chimes in, but you should also devise a method
for ensuring the identification, integrity, and non-
repudiation of information in transit at rest and in use within the
organization. As the enterprise security architect, you are responsible
for providing the following deliverables.
Create a network security vulnerability and threat table in which you
outline the security architecture of the organization, the
cryptographic means of protecting the assets of the
organizations, the types of known attacks against those protections, and
means to ward off the attacks. This document will help you manage the
current configuration of the security architecture.
Create a Common Access Card, CAC deployment strategy, in which you
describe the CAC implementation and deployment and encryption
methodology for information security professionals. Create an email
security strategy in which you provide the public key, private key
hashing methodology to determine the best key management system for
your organization. These documents will provide a security overview
for the leadership in your company
Encryption uses cryptographic algorithms to obfuscate data. These
complex algorithms transform data from human readable plaintext into
encrypted cipher text. Encryption uses the principles of substitution and
permutation to ensure that data is transformed in a non-deterministic

11. manner by allowing the user to select the password or a key to encrypt a
message. The recipient must know the key in order to decrypt the
message, translating it back into the human readable plaintext.
There are six steps that will lead you through this project. After
beginning with the workplace scenario, continue to Step 1: "IT Systems
Architecture."
The deliverables for this project are as follows:
-------------------------------------------------------------------------------------------
CYB 610 Project 6 Digital Forensics Analysis
For more course tutorials visit
www.newtonhelp.com
 Project 6 Digital Forensics Analysis
Project 6 Start Here
This project will provide an introduction to digital forensic analysis.
Digital forensic analysis is used to review and investigate data collected
through digital communications and computer networks. The National
Institute for Standards and Technology (NIST) has defined four
fundamental phases for forensic analysis: collection, examination,
analysis, and reporting. You will learn more about these concepts as you
navigate throughout the steps of this project and read the literature and
links found in each step.
There are four steps that will lead you through this project. Begin with
Step 1: “Methodology. The deliverables for this project are as follows:

12. 1. Digital Forensic Research Paper: This should be a five-page
double-spaced Word document with citations in APA format. The
page count does not include diagrams or tables.
2. In a Word document, share your lab experience and provide
screenshots to demonstrate that you completed the lab.
When you submit your project, your work will be evaluated using the
competencies listed below. You can use the list below to self-check your
work before submission.
 5.3: Uses defensive measures and information collected from a
variety of sources to identify, analyze, and report events that occur
or might occur within the network in order to protect information,
information systems, and networks from threats.
 8.6: Provides professional preparation for computer digital
forensics, investigation of crime, and preservation of digital
evidence in criminal and civil investigations and information
security incident response.
 8.7: Provide theoretical basis and practical assistance for all
aspects of digital investigation and the use of computer evidence in
forensics and law enforcement.
Step 1: Methodology
The methodology includes following a systems process. Identify the
requirements, purpose, and objectives of the investigation. Click the
links below to review information that will aid in conducting and
documenting an investigation:
 secure programming fundamentals
 forensics fundamentals
Learn about the investigation methodology. Consider secure
programming fundamentals. Define the digital forensics analysis
methodology, and the phases of the digital forensics fundamentals and
methodology, including the following:

13. 1. preparation
2. extraction
3. identification
4. analysis
This information will help you understand the process you will use
during an investigation.
Step 2: Tools and Techniques
Select the following links to learn about forensics analysis tools,
methods, and techniques:
1. forensics analysis tools
2. web log and session analysis
3. hash analysis
Step 3: Exploring Forensic Tools
Note: You will utilize the tools in Workspace for this step. If you need
help outside the classroom, you can register for the CLAB 699 Cyber
Computing Lab Assistance (go to the Discussions List for registration
information). Primary lab assistance is available from a team of lab
assistants. Lab assistants are professionals and are trained to help you.
Click here to access the instructions for Navigating the Workspace and
the Lab Setup.
Select the following link to enter Workspace. Complete the forensic
tools exercise provided in this lab. Explore the tutorials and user guides
to learn more about various types of digital forensic tools.
Click here to access the Project 6 Workspace Exercise Instructions.
You will learn about the different types of tools, techniques, and
analyses.
Step 4: Digital Forensics Research Paper
Now that you have learned basics of digital forensics analyses and
methodology, and have experienced one of the common forensic tools,
use the material presented in this project as well as research you've

14. conducted outside of the course materials to write a research paper that
addresses the following:
1. digital forensic methodology
2. the importance of using forensic tools to collect and analyze
evidence (e.g., FTK Imager and EnCase)
3. hashing in the context of digital forensics
4. How do you ensure that the evidence collected has not been
tampered with (i.e., after collection)? Why and how is this
important to prove in a court of law?
The deliverables for this project are as follows:
1. Digital Forensic Research Paper: This should be a five-page
double-spaced Word document with citations in APA format. The
page count does not include diagrams or tables.
2. In a Word document, share your lab experience and provide
screenshots to demonstrate that you completed the lab.
Submit your deliverables to the assignment folder.
Before you submit your assignment, review the competencies below,
which your instructor will use to evaluate your work. A good practice
would be to use each competency as a self-check to confirm you have
incorporated all of them in your work.
 5.3: Uses defensive measures and information collected from a
variety of sources to identify, analyze, and report events that occur
or might occur within the network in order to protect information,
information systems, and networks from threats.
 8.6: Provides professional preparation for computer digital
forensics, investigation of crime, and preservation of digital
evidence in criminal and civil investigations and information
security incident response.

15.  8.7: Provide theoretical basis and practical assistance for all
aspects of digital investigation and the use of computer evidence in
forensics and law enforcement.
-------------------------------------------------------------------------------------------