90 likes | 97 Vues
Product Design and Quality What important organizational activities enable a firm to build quality into its products? Explain each of these along with its benefits. Your initial post should include examples and be at least 200-250 words.
E N D
CYB 610 All Project (Project 1-6) For more classes visit www.snaptutorial.com CYB 610 Project 1 Information Systems and Identity Management CYB 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) CYB 610 Project 3 Assessing Information System Vulnerabilities and Risk CYB 610 Project 4 Threat Analysis and Exploitation CYB 610 Project 5 Cryptography CYB 610 Project 6 Digital Forensics Analysis **************************************** CYB 610 Project 1 Information Systems and Identity Management
For more classes visit www.snaptutorial.com Project 1 Information Systems and Identity Management Video transcript CYB 610 Project 1 You are a systems administrator in the IT department of a major metropolitan hospital. Your duties are to ensure the confidentiality, availability, and integrity of patient records, as well as the other files and databases used throughout the hospital. Your work affects several departments, including Human Resources, Finance, Billing, Accounting, and Scheduling. You also apply security controls on passwords for user accounts. Just before clocking out for the day, you notice something strange in the hospital's computer system. Some person, or group, has accessed user accounts and conducted unauthorized activities. Recently, the hospital experienced intrusion into one of its patient's billing accounts. After validating user profiles in Active Directory and matching them with user credentials, you suspect several user's passwords have been compromised to gain access to the hospital's computer network. You schedule an emergency meeting with the director of IT and the hospital board. In light of this security breach, they ask you to examine the security posture of the hospital's information systems infrastructure and implement defense techniques. This must be done quickly, your director says. The hospital board is less knowledgeable about information system security. The board makes it clear that it has a limited cybersecurity budget. However, if you can make a strong case to the board, it is likely that they will increase your budget and implement your recommended tool companywide. You will share your findings on the hospital's security posture. Your
findings will be brought to the director of IT in a technical report. You will also provide a nontechnical assessment of the overall identity CYB 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux) For more classes visit www.snaptutorial.com CYB 610 Project 2 Congratulations, you are the newly appointed lead cybersecurity engineer with your company in the oil and natural gas sector. This is a seniorlevel position. You were hired two months ago based on your successful cybersecurity experience with a previous employer. Your technical knowledge of cybersecurity is solid. However, you have a lot to learn about this company's culture, processes, and IT funding decisions, which are made by higher management. You have recently come across numerous anomalies and incidents leading to security breaches. The incidents took place separately, and it has not been determined if they were caused by a single source or multiple related sources. First, a month ago, a set of three corporate database servers crashed suddenly. Then, a week ago, anomalies were found in the configuration of certain server and router systems of your company. You immediately recognized that something with your IT resources was not right. You suspect that someone, or some group, has been regularly accessing your user account and conducting unauthorized configuration changes. You meet with your leadership to
discuss the vulnerabilities. They would like you to provide a security assessment report, or SAR, on the state of the operating systems within the organization. You're also tasked with creating a non- technical narrated presentation summarizing your thoughts. The organization uses multiple operating systems that are Microsoft- based and Linuxbased. You will have to understand these technologies for vulnerability scanning using the tools that work best for the systems in the corporate network. You know that identity . Explore the tutorials and user guides to learn more about the tools you will use. You've prepared for your assessment; now it's time to perform. Security and vulnerability assessment analysis to operating systems and the security features necessary to guard against them. **************************************** CYB 610 Project 3 Assessing Information System Vulnerabilities and Risk For more classes visit www.snaptutorial.com or SAR. You will also create a Risk Assessment Report, or RAR, in which you identify threats, vulnerabilities, risks, and likelihood of exploitation and suggested remediation The security posture of the information systems infrastructure of an organization should be regularly monitored and assessed (including
software, hardware, firmware components, governance policies, and implementation of security controls). The monitoring and assessment of the infrastructure and its components, policies, and processes should also account for changes and new procurements various known threats to the organization's network architecture and IT assets. Get acquainted with the following types of threats and attack techniques. Which are a risk to your organization? IP address spoofing/cache poisoning attacks denial of service attacks (DoS) packet analysis/sniffing session hijacking attacks distributed denial of service attacks In identifying the different . 8.2: Possess knowledge and skills to categorize, characterize, and prioritize an incident as well as to handle relevant digital evidence appropriately. **************************************** CYB 610 Project 4 Threat Analysis and Exploitation For more classes visit www.snaptutorial.com
Project 4 Threat Analysis and ExploitationBottom of Form CYB610 Project 4 You are part of a collaborative team that was created to address cyber threats and exploitation of US financial systems critical infrastructure. Your team has been assembled by the White House Cyber National security staff to provide situational awareness about a current network breach and cyber attack against several financial service institutions. Your team consists of four roles, a representative from the financial services sector who has discovered the network breach and the cyber attacks. These attacks include distributed denial of service attacks, DDOS, web defacements, sensitive data exfiltration, and other attack vectors typical of this nation state actor. A representative from law enforcement who has provided additional evidence of network attacks found using network defense tools. A representative from the intelligence agency who has identified the nation state actor from numerous public and government provided threat intelligence reports. This representative will provide threat intelligence on the tools, techniques, and procedures of this nation state actor. A representative from the Department of Homeland Security who will provide the risk, response4.3: Contribute to team projects, assignments, or organizational goals as an engaged member of a team. 8.4: Possess knowledge of proper and effective communication in case of an incident or crisis. **************************************** CYB 610 Project 5 Cryptography
For more classes visit www.snaptutorial.com Project 5 Cryptography CYB610 Project 5 You are an enterprise security architect for a company in a semiconductor manufacturing industry where maintaining competitive advantage and protecting intellectual property is vital. You're in charge of security operations and strategic security planning. Your responsibilities include devising the security protocols for identification, access, and authorization management. You recently implemented cryptography algorithms to protect the information organization. Leadership is pleased with your efforts and would like you to take protection methods even further. They've asked you to study cyber- attacks against different cryptography mechanisms and deploy access control programs to prevent those types of attacks. We'd like you to create plans for future security technology deployments, says one senior manager. And provide documentation so that others can carry out the deployments. A director chimes in, but you should also devise a method for ensuring the identification, integrity, and non- repudiation of information in transit at rest and in use within the organization. As the enterprise security architect, you are responsible for providing the following deliverables. Create a network security vulnerability and threat table in which you outline the security architecture of the organization, the cryptographic means of protecting the assets of the organizations, the types of known attacks against those protections, and means to ward off the attacks. This document will help you manage the current configuration of the security architecture.
Create a Common Access Card, CAC deployment strategy, in which you describe the CAC implementation and deployment and encryption methodology for information security professionals. Create an email security strategy in which you provide the public key, private key hashing methodology to determine the best key management system for your organization. These documents will provide a security overview for the leadership in your company Encryption of an organization's information assets, which include files, networks, databases, and e-mail, and include this in your lab report. data or information secure, including public key infrastructure, point-to-point encryption, and smart cards. **************************************** CYB 610 Project 6 Digital Forensics Analysis For more classes visit www.snaptutorial.com Project 6 Digital Forensics Analysis Project 6 Start Here This project will provide an introduction to digital forensic analysis. Digital forensic analysis is used to review and investigate data collected through digital communications and computer networks. The National Institute for Standards and and documenting an investigation: secure programming fundamentals
forensics fundamentals Learn about the investigation methodology. Consider secure programming fundamentals. Define the digital forensics analysis methodology, and the phases 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. ****************************************