CMGT/400 WEEK 1

Everything Listed for Week 1 is included in Tutorial purchase!

Individual: Threats, Attacks, and Vulnerability Assessment

Includes: Assessment Paper

Includes: Microsoft Visio Diagram (fully editable diagram!)

Includes: Discussion Questions
Throughout this course you will study the different roles that contribute to an organization's information security and assurance.
Part A:
Select an organization you wish to explore and use throughout the course. As for the company, it's an organization you will choose so it can be hypothetical, the current organization you may work for, a wellknown and real-life public or private organization (e.g. Amazon, Google, Bank of America, etc.). This part is up to you. As you make your
selection, keep in mind that you will explore the following roles in the organization: Cyber Security Threat Analyst, Penetration Tester, Cyber Security Engineer, Risk Management Analyst, and Software Engineer.
You need sufficient knowledge of the organization you select to complete these security assignments.
Part B:
A Cyber Security Threat Analyst conducts analysis, digital forensics, and targeting to identify, monitor, assess, and counter cyber-attack threats against information systems, critical infrastructure, and cyberrelated interests.
Take on the role of a Cyber Security Threat Analyst for the organization you select. Complete the Threats, Attacks, and Vulnerability Assessment Template to create an assessment document. Regarding the system model referenced in the template, the system model can be presented in the form of a network diagram since the assets will cover cloud, network, information systems, etc. You can create a diagram using Microsoft Visio, Lucidchart, or use one from your web and/or research. A sample diagram is attached for ideas and consideration.
This attachment is a sample and can't be used for the assignment since it doesn't cover all of what's needed for this particular assignment.

Submit the assignment.

Includes 3 Full Answers to Discussion Question! A+ Work!

Penetration testers specialize in analyzing an organization for the purpose of making an authorized simulated attack on the organization's IT systems, to evaluate the security of its IT systems. The ability to analyze an organization's security and make authorized simulated attacks on it, to identify security risks, is a useful skill for anyone involved in cybersecurity to develop--not just penetration testers.

This week you will select an organization you wish to explore throughout the course. Discuss how you will analyze the security of the organization prior to conducting a penetration test. Why is it important to gain authorization before you conduct a penetration test? How do you plan to attack the organization's IT systems? How will you report vulnerabilities which you identify back to the organization?

Includes 3 Full Answers to Discussion Question! A+ Work!

Open Vulnerability Assessment System (OpenVAS) is free software that draws on a database of known vulnerabilities for various types of network devices. The software scans the network and collects information by monitoring various open ports to determine whether a given host is vulnerable to any of the known security threats. Based on the information collected, the vulnerability assessment software suggests solutions to address the detected vulnerabilities.
Discuss how you could use OpenVAS to identify and resolve security threats and vulnerabilities in an organization's IT infrastructure. How could cloud-based vendors use OpenVAS to identify and resolve security threats and vulnerabilities in cloud-based services, platforms, and software applications which they provide? Why would you need to continue to run OpenVAS on a periodic basis to continue to scan for threats and vulnerabilities?

Discussion Question: Information Assets

Includes 2 Full Answers to Discussion Question! A+ Work!

How can information be an asset in a company? Discuss three different examples of information that should be protected by a company and not exposed. Include several examples of what management could do to protect each example.

Discussion Question: CIA Triad

Includes 2 Full Answers to Discussion Question! A+ Work!

Confidentiality, Integrity, and Availability are popularly known as the CIA Triad, often used to guide information security policy development. Explain how lack of security can cause availability to be impacted and why availability is important to an organization

CMGT/400 Week 2

Everything Listed for Week 2 is included in Tutorial purchase!

Learning Team: Financial Service Security Engagement
7 Pages! A+ Work!
Your Learning Team is a cybersecurity engineering team for a financial services company that sells investments to, and manages investment portfolios for, high net-worth individuals.
Your organization just completed the migration of the account managers to a cloud-based, customer relationship management (CRM) software application. Your organization has integrated the cloud-based CRM with on-site investing and account management systems to improve the sales of investment products to customers and potential customers and for managing customer accounts and investment portfolios. Account managers are excited to use the new system, especially since it supports mobile device access.
Management hopes the new cloud-based CRM, integrated with the onsite software applications that manage customer accounts and investment portfolios will help the organization to generate more leads, increase sales, improve customer service, reduce the cost of sales for the organization, and increase revenue.
The Chief Information Security Officer (CISO) of your organization is concerned about the security of this new system and its integration to existing systems and has requested that your team complete the following 6- to 8-page security analysis in Microsoft Word format:
• Create a plan that addresses the secure use of mobile devices by internal employees

   and external employees as they use mobile devices to access these applications.
• Recommend physical security and environmental controls to protect the data center

   which runs the on-site applications.
• Propose audit assessment and processes that will be used to ensure that the cloud-

    based CRM software provider uses appropriate physical security and environmental

    controls to protect their data centers which run your cloud-based CRM software.
• Develop identity and access management policies for both the onsite systems and the

    cloud-based CRM.
• Recommend cryptography and public key infrastructure (PKI) uses which could be used

    to increase security for these systems.
Submit the assignment.

Individual: Penetration Testing Plan

8 Pages! A+ Work!!

A Penetration Tester evaluates the security of an information infrastructure by intentionally, and safely, exploiting vulnerabilities.
Take on the role of Penetration Tester for the organization you chose in Week 1.
Complete the Penetration Testing Plan Template to create a Penetration Testing Plan for the organization you chose.
Research/Consider and include the following:
• Pentest Pre-Planning
• Engagement timeline: Tasks and who performs them
• Team location: Where will the penetration team execute their tests? Team location

    can be the location of the teams involved with testing such as IT Operations. It's not

    uncommon for teams to operate in separate locations. Therefore, for this assignment  

    the team location can be San Francisco, CA or it can be at the company

    headquarters such as Seattle, WA. This part is all fictional data so feel free to complete

    this portion of the assignment however you like. If you need ideas, you can look at

     larger public companies such as Amazon, Google, Microsoft, Apple, etc. as they tend

     to share a good deal of information on their websites about their organizations, office

     locations, corporate offices, etc.
• Organization locations tested: multiple locations, countries (export restrictions and

    government restrictions). Organization location can be the headquarters of the

    corporate office (e.g. Seattle, WA).
• Which pentest technologies will be used? Consider the following as you research

    options:
• Scanning Tools: Nmap, Nikto
• Credential Testing Tools: Hashcat, Medussa, John the Ripper, Cain and Abel
• OSINT Tools: Whois, TheHarvester
• Wireless Tools: Aircrack-ng, Kismet
• Networking Tools: Wireshark, Hping
• What client personal are aware of the testing?
• What resources provided to pentest team?
• Test Boundaries:
• What is tested?
• Social engineering test boundaries? What is acceptable?
• What are the boundaries of physical security tests?
• What are the restrictions on invasive pentest attacks?
• What types of corporate policy affect your test?
• Gain Appropriate authorization (Including third-party authorization)
• Pentest Execution Planning: Given the scope and constraints you developed in your

   Pentest Pre-Plan, plan the following pentest execution activities
• Reconnaissance
• Scanning
• Gaining Access
• Maintaining Access
• Covering Tracks
• Pentest Analysis and Report Planning:
• Analyze pentest results
• Report pentest results
• Project sponsor can be CIO, CISO, CEO, the board, etc.
• Business context for penetration test is a business statement for why the test is needed.
• Project scope description can be application testing, internal/external network testing,

    wifi testing, physical security testing, social engineering testing. These are common

   scopes for real-world penetration testing.
• Date prepared & prepared by are the current date and you can list your name.
• Organization location can be the headquarters of the corporate office (e.g. Seattle,

   WA).
• Team location can be the location of the teams involved with testing such as IT

   Operations. It's not uncommon for teams to operate inseparate locations. Therefore, for

   this assignment the team location can be San Francisco, CA or it can be at the

   company headquarters such as Seattle, WA. This part is all fictional data so feel free to

    complete this portion of the assignment however you like. If you need ideas, you can

   look at larger public companies such as Amazon, Google, Microsoft, Apple, etc. as they

   tend to share a good deal of information on their websites about their organizations,

   office locations, corporate offices, etc.
      • Regarding the chart on page 2 in the template that contains ID, Activity, Resource,

    Labor, Material, & Total Cost, here's what to consider for each:
      • ID: simple numbering system (1, 2, 3, etc.)
      • Activity: related activity or specific tasks required to complete the work
      • Resource: resources (tool, etc.) needed to complete the work
      • Labor: how much labor is required by individuals to complete the work
      • Material: what's needed to complete the item
• The items related to the chart on page 2 are all directly related to the work required to complete penetration test activities and manage the effort. Please search the web for examples and some ideas. These numbers and information can be estimates.
Submit the assignment.

Discussion Question: Firewalls and Evasion

Includes 3 Full Answers to Discussion Question! A+ Work!

A firewall is a device that prevents unauthorized access to a host or a network either from within the corporate environment or coming from the public network, like the internet. Generally, there are two types of firewalls. A hardware firewall takes the form of a closed proprietary appliance with its own operating system. This is considered faster but a bit expensive. A software firewall is installed on a computer and it utilizes the computer's operating system.
Firewalls either hardware or software use rules to filter incoming and outgoing traffic to the network.
Discuss how you could use firewalls to support organizational security? What are the advantages and disadvantages of using hardware and software-based firewalls? What software tools could you use to assess the security of the firewalls used to protect your organization's computer architecture? How can you bypass blocked sites using anonymous website surfing sites?

Discussion Question: Mobile Device Security

Discuss how you would approach mobile device security for employees, customers, stakeholders, and partners as they use mobile devices to access technology and software applications in the organization you chose in Week 1?
How would you integrate mobile devices with security-enhancing solutions to reduce the risk of hackers targeting them to exploit security vulnerabilities?

Discussion Question: Audit Tools

SSAE 16 is a popular tool for reporting on operational processes.
Discuss SSAE 16 and any industry current information on this tool. Explain how it might be used by an organization, either internally or externally.

Discussion Question: Regulatory Standards

Discuss regulatory standards such as those applicable to health care organizations. Why do you think they are needed? Who do they protect?

Discussion Question: Social Networking

Discuss why an organization should worry about Social Networking. How can Social Networking have a positive or negative impact on the organization?

Discussion Question: Behavioral Roots of Information Security
Read the article The Behavioral Roots of Information Systems Security: Exploring Key Factors Related to Unethical IT Use and share an example that illustrates the various sources of security risks due to unethical use of information technology. Suggest methods to prevent these risks.

Discussion Question: Security Approach for Small Healthcare Organizations
Risk to healthcare organizations is increasing. The complexity of security and regulatory compliance poses major challenges for all healthcare organizations but even greater challenges for small healthcare organizations that may not have the resources or expertise needed to secure critical information assets.
Review the "Model Clinic" Security Approach for Small Healthcare Organizations. Identify three security and risk related issues facing health care organizations?  What are the ethical, privacy, and regulatory considerations? How can these risks be reduced?

CMGT/400 Week 3

Everything Listed for Week 1 is included in Tutorial purchase!

Individual: Security Standards, Policies, and Procedures Manual
13 Pages!! A+ Work!
Cyber Security Engineers are responsible for safeguarding computer networks and systems in an organization in order to protect the sensitive data they store.
Take on the role of Cyber Security Engineer for the organization you chose in Week 1.
Complete the Security Standards, Policies, and Procedures Template with recommendations to management of security standards, polices, and procedures which should be implemented in your chosen organization.
Research and include the following:
• Explain the importance to your organization of implementing security policies, plans,

   and procedures. Discuss how security policies, plans, and procedures will improve the

  overall security of the organization.

• Recommend appropriate policies and procedures for:
• Data privacy
• Data isolation
• NDA
• IP Protection
• Passwords
• Acceptable use of organizational assets and data
• Employee policies (separation of duties/training)
• Risk response
   • Avoidance
   • Transference
   • Mitigation
   • Acceptance
• Compliance examples that might affect your organization or others [Regulatory,

   Advisory, Informative]
   • HIPPA
   • FERPA
  • ISO
   • NIST
   • SEC
   • Sarbanes/Oxley
• Incident response
   • Preparation
   • Identification
   • Containment
   • Eradication
   • Recovery
   • Lessons learned
• Auditing
• Environmental/Physical
• Administrative
• Configuration
Submit the assignment.

Discussion Question: Industry and Government Regulations

Includes 3 Full Answers to this Discussion Question! A+ Work!

Research industry and government regulations in the context of the organization you chose in Week 1. Discuss which resource(s) you found to be most useful in terms not only of researching the different types of industry and government regulations that exist, but which industry and government regulations must be implemented for a given security scenario.
What criteria are you using, or thinking of using, to determine which type of industry or government regulation is most appropriate for your particular individual assignment?

Discussion Question: Protecting Data

Includes 3 Full Answers to this Discussion Question! A+ Work!

Consider legal, ethical, and regulatory considerations of protecting data in the context of the organization you chose in Week 1. Discuss which resource(s) you found to be most useful in terms not only of researching the different types of legal, ethical, and regulatory considerations of protecting data that exist, but also which legal, ethical, and regulatory considerations of protecting data must be implemented for a given security scenario.
What additional considerations need to be addressed when storing and protecting the data of people who live in the European Union?

Discussion Question:Effective Controls of Health Care Information

What are three controls that would be effective in protecting health care information?

Discussion Question: Access Control Methods

Other access control methods an organization can use are listed below. These are "best practice" access controls that any organization, not just HIPAA-compliant healthcare systems, can benefit from.

Discussion Question:Vulnerabilities in virtualization and in the Cloud

How can a company protect data on corporate laptops? Many companies now store their data in the cloud. Do you think that laptops working with virtualization and the cloud are in more danger than using a workstation? Explain why you think so.

Discussion Question:Corporate Laptop Protection

How can a company protect data on corporate laptops? Why do more organizations choose not to protect such data? Do you expect this to become a legal requirement in the future? Explain why you think so.

Discussion Question:Data Recovery

Organizations can have data stolen (e.g., through hacking), but if that happens, the organization will typically retain the data on their system. Discuss some steps to be taken which supports an organization that has lost data (e.g., the company data center burned down).

Individual: Security Risk Mitigation Plan
Includes: Security Risk Mitigation Plan

Includes: Discussion Questions
A Risk Management Analyst identifies and analyzes potential issues that could negatively impact a business in order to help the business avoid or mitigate those risks.
Take on the role of Risk Management Analyst for the organization you chose in Week 1.
Complete the Security Risk Mitigation Plan Template for the organization you chose.
Submit the assignment.

Security Policies and Controls

[Response]

Password Policies

[Response]

Administrator Roles and Responsibilities

[Response]

User Roles and Responsibilities

[Response]

Authentic Strategy

[Response]

Intrusion Detection and Monitoring Strategy

[Response]

Virus Detection Strategies and Protection

[Response]

Auditing Policies and Procedures

[Response]

Education Plan

Develop an education plan for employees on security protocols and appropriate use.
[Response]

Risk Response

Include: Avoidance, Transference, Mitigation, and Acceptance.
[Response]

Change Management/Version Control

[Response]

Acceptable Use of Organization Assets and Data

[Response]

Employee Policies

Explain the separations of duties and training.
[Response]

Incident Response

Document incident types and category definitions, roles and responsibilities, reporting requirements and escalation, and cyber-incident response teams.
[Response]

Incident Response Process

Discuss the incident response process including: preparation, identification, containment, eradication, recovery, and lessons learned.

[Response]

Learning Team Assignment not included

Discussion Question: Security Risk Management Plan
A cybersecurity risk management plan is a plan designed to protect a system exposed to the internet, internal employees, contractors, disasters, failures, etc. Discuss some common cybersecurity risk response, change management, version control, and incident response processes that you might consider incorporating into the cybersecurity plan you will be creating for this week's individual assignment. Are cybersecurity risk management processes similar from system to system? Where can you locate best practices for preventing or mitigating cybersecurity risk management threats?

Discussion Question: Backup and Recovery
Resource: Practice Lab: Backup and Recovery (SYO-501)
Backup and recovery processes serve two important purposes. The first purpose is to recover data after it is lost and the second is to recover data from a prior time. Good, well tested, backup and recovery processes are key to mitigating disasters and recovering from disasters as well as ensure business continuity of operation.
Discuss the recovery model for a backup and recovery strategy. What considerations should you take into account as you determine backup schedules? How will you test the execution of your backup and recovery processes to ensure that they will work appropriately?

Discussion Question: Staff Awareness

What recommendations do you have for a CISO tasked with increasing security awareness in your organization or an organization with which you are familiar?

Discussion Question:How to Protect Your Organization from Ransomware

As our class discussions surfaced, ransomware is a growing risk with growing impact. In addition to training and awareness, currency and patching, organizations should "Manage the use of privileged accounts based on the principle of least privilege: no users should be assigned administrative access unless absolutely needed; and those with a need for administrator accounts should only use them when necessary." (How to Protect Your Networks, 2020).  Check out the document at the following link to learn how to protect your organization from ransomware. Think about how these recommendations would influence the organization security policy and communication strategy.

Discussion Question:Encryption

Some hurdles that an organization must overcome to successfully implement encryption are complicating data recovery and computer slow down. When data needs to be recovered on an encrypted drive its a good thing that the data is a bit more complicated to recover. Every time you try to access a file on an encrypted drive, the authentication key is required this process can slow down the computer.

CMGT/400 Week 5

Everything Listed for Week 5 is included in purchase!

Individual: Secure Staging Evironment Design and Coding Technique Standards Technical Guide
Includes: Secure Staging Option #1

Includes: Secure Staging Option #2

Includes: Microsoft Visio Diagram of Staging Environment (Fully editable)!

Includes: All Discussion Questions and Answers!

A Software Engineer designs, develop, tests, and evaluates the software and the systems that allow computers to execute their applications.
Take on the role of Software Engineer for the organization you selected in Week 1.
Use the technical guide template to create a 3- to 4-page Secure Staging Environment Design and Coding Technique Standards Technical Guide for the organization you chose.
Research and include the following:
• Design a secure staging environment for your organization
• Diagram your staging environment
• Include descriptions for each object in your environment
• Create a secure coding technique/quality and testing standard for your organization

    covering the following secure coding techniques:
• Proper error handling
• Proper input validation
• Normalization
• Stored procedures
• Code signing
• Encryption
• Obfuscation/camouflage
• Code reuse/dead code
• Server-side vs. client-side execution and validation
• Memory management
• Use of third-party libraries and ADKs
• Data exposure
• Code quality and testing
• Automation
• Static code analyzers
• Dynamic analysis (e.g. fuzzing)
• Stress testing
• Sandboxing
• Model verification
Submit the assignment.

Discussion: Secure Application Development

Includes 3 Full Answers to Discussion Question! A+ Work!!

Application security is the use of hardware, software, and design, development, and implementation methods to create applications which are protected from cybersecurity threats. Discuss the methods that should be used during application design, build, and implementation to protect software applications from cybersecurity threats. What hardware and software resources can an organization implement to create more secure software applications?

Discussion: Embedded Systems
Includes 3 Full Answers to Discussion Question! A+ Work!!
Embedded systems are being integrated into many products. They are also being used to enable the Internet of Things. As embedded systems become more widespread, they present additional opportunities for hackers to exploit them to gain access to systems and data.
Discuss how organizations should analyze the security implications of embedded systems that they use. What are the consequences of having unprotected Linux operating systems installed on embedded systems? What steps should an organization take to secure the embedded systems that integrate with their technology architecture?

Discussion Question: Secure Software and Systems

What are two of the best practices for developing secure software and systems? Why would each practice be suitable for an organization to implement to strengthen its information security posture? Describe the benefits of each.

Discussion Question: Threat Modeling

Where should threat modeling be used in the system development process? Why is it so challenging for some individuals to understand? What can be done to make learning how to do it effectively easier?

Discussion Question: Internal Auditor

The NIST handbook suggests that audit trails can assist with individual accountability, reconstruction of events, intrusion detection, and problem analysis. The audit trail logs user activities and can help managers promote proper user behavior since they know that their actions are being recorded. A reconstruction of events can review system activity to pinpoint how, when, and why normal operation ceased. This is also a benefit that can determine whether it was operator induced or system induced errors. Real-time auditing can help to pinpoint intrusions by unauthorized users. Problem analysis can be used to find non-intrusion problems. The system can be determined if it was damaged by user error or operational error. How would an internal auditor use these audit trails?

Discussion Question: Professional Education

A prospective employer recruiting for a security role may get applications from people with a wide variety of backgrounds in terms of experience and education.
Discuss how you would weigh the value of a four-year degree, industry certifications, and vendor specific certifications.

Discussion Question: Global Encryption Laws

Encryption laws vary from country to county.  According to Saper (2013), "In the United States, there are few restrictions on the use of cryptography. When operating overseas, however, companies must grapple with a bewildering array of regulations and restrictions on the use of cryptography. Some countries restrict the import or export of cryptographic technology, others restrict the import of encrypted data, and still others restrict or prohibit the use of encryption within their borders. These regulations create immense difficulties for firms attempting to operate overseas, especially where prohibitions on the use of encryption force them to put their intellectual property at risk of compromise."
 Read the article International Cryptography Regulation and the Global Information Economy and answer the question "How will the difference in encryption laws influence global organizations security policy and technical implementation."

Discussion Question: Cyber Incident Policy and Response Program

Hospitals are an increasing target of cybercriminals including organized criminal gangs and ransomware. Although many organizations are developing security prevention and detection programs, a weakness in predefined incident response policies and processes exist. To reduce risk to hospital critical infrastructures, information assets and patients, Johns Hopkins has developed a robust security program including formal incident response protocols and processes.