Unit 10 IT595

profileshells0143
CShells-IT595Assignment-Unit5.docx

Unit 5 Assignment 1

Unit 5 Assignment 1

Unit 5 IT595

Clifford Shells

Purdue University Global

IT595: Master’s Capstone in Cybersecurity Management

January 6, 2025

Milestone 2: Risk Assessment & Architecture Design - Status Report

The second milestone of this project focused on conducting a comprehensive risk assessment and designing scalable Zero Trust architecture tailored to the organization’s cybersecurity needs. Building on the foundation established in Milestone 1, this phase focused on the enumeration of risks, evaluation of threats, and proposal of architectural changes to enhance endpoint security. Under this project, it is hoped to eliminate the vulnerabilities arising through the above-mentioned critical areas to formulate the base for strong organizational defense against cyber threats. The following sections present an overview of cybersecurity principles used for the current report, an overview of tasks conducted for this purpose, a summary of lessons learned as well as additional evidence in support of this broad priority.

Cybersecurity Principles and Research

The milestone incorporated key cybersecurity principles and modern strategies to ensure robust and adaptable architecture. The risk assessment entailed observing network activity to identify suspicious activity, reviewing access records to discover unauthorized attempts to obtain access, and using hypotheticals to exploit potential problems. These activities pointed out concerns that must be addressed when pursuing architectural design.

Vulnerability

Impact

Mitigation Strategy

Weak Password Policies

Elevated risk of breaches

Implement strong password policies (MFA)

Unsecured Endpoint Devices

Risk of lateral movement

Deploy EDR and enforce endpoint encryption

Lack of Traffic Monitoring Tools

Undetected anomalies

Adopt network traffic monitoring tools

The Zero Trust model served as the guiding principle for architecture design, emphasizing a "never trust, always verify" approach. In the design, some features that were provided were micro-segmentation for the basis of containing lateral movement within the network, MFA for more enhanced access controls, and EDR for detecting threats as they happen in the network. (Weinberg & Cohen, 2024). Furthermore, extensibility was considered to accommodate organizational growth. Recent studies on cybersecurity conducted by Bhat (2022) supported the modern techniques needed for cybersecurity problems, especially with the modern enhanced complications in cybersecurity (Bhat, 2022).

Metric

Value

Observation

Total Traffic Anomalies

125 anomalies/day

A high anomaly rate indicates vulnerabilities

Unauthorized IPs

15

Unregistered IPs attempting to access

Log-in Failures

23/day

Suspicious activity from external sources

A diagram of a computer security system  Description automatically generated

Figure 1: Key Elements of the Zero Trust Model (keepnetlabs, 2024)

Tasks Completed

This milestone was done according to the goals of the project, and several critical tasks were accomplished during this phase. The risk assessment in turn included analyzing the network traffic for suspicious activities, accessing the logs looking for signs of intrusions, and conducting security vulnerability tests whereby the networks were evaluated based on potential break-ins. All these activities allowed the instructor to learn some weaknesses within the organization.

A diagram of a risk assessment  Description automatically generated

Figure 2: Process of Risk Assessment

The architectural design phase resulted in a comprehensive Zero Trust blueprint. This entailed the setting of micro-segmentation to enable the segmentation of the data, the enhancement of the MFA mechanisms to the authentication procedures, and the enhancements of EDR solutions to the endpoint protection (Mahjabeen & Islam, 2024). There was also another element called stakeholder engagement when workshops are conducted to get feedback and to make sure architecture fulfills the organization’s requirements. All these tasks laid down a good relationship for better measures in place to improve the security of an organization.

Task

Planned Duration (days)

Actual Duration (days)

Notes

Risk Assessment

5

6

Delays due to complex log analysis

Architecture Blueprint Development

7

7

Completed as scheduled

MFA Implementation

4

5

Additional day for configuration validation

EDR Solution Deployment

3

3

No deviations

Work Breakdown Structure (WBS)

The updated Work Breakdown Structure (WBS) reflects the planned and actual durations for the tasks completed during this milestone. The assessment of risks in such a system took six days as opposed to the planned five days because log analysis was complicated. Likewise, MFA was implemented one day more than planned, since there were unanticipated configuration issues that needed to be resolved. The approach to the choice of the architectural design and deployment of the EDR solutions conformed to their schedule (Pereira, 2024). These minor deviations highlight the fact that work usually contains unexpected complications that require changes in planning. In general, the WBS shows the accomplishments made on the project and the blueprint for the following phases of the project. (Miranda, 2019).

User ID

IP Address

Timestamp

Login Attempts

Status

1001

192.168.1.10

2024-12-31 12:45 PM

4

Unauthorized

1002

172.16.0.5

2024-12-31 1:15 PM

2

Authorized

1003

10.0.0.8

2024-12-31 2:00 PM

5

Unauthorized

Lessons Learned

Several valuable lessons emerged during the implementation of this milestone. The first of these effects was the need for careful planning before action. When the general vulnerability assessment was implemented, other problems were discovered that had not been anticipated despite detailed schedule formation, and this showed why there should be more buffer periods for such plans. This engagement with stakeholders was particularly helpful as it enabled us to further adjust the architectural design suggested and ensure there were no significant issues with scalability. Also, the project showed the importance of the adaptable architectural concept, meaning the possibility of further growth of the proposed design. Such lessons will help to avoid scenarios in further steps of project management by shifting to a more suitable approach.

Conclusion

In Milestone 2, key risks were properly identified and Zero Trust architecture that best fits the organization was recommended. This grounded theoretical control milestone extended intentionality to initiative-taking risk identification and management, engagement with all stakeholders, and adoption of modifiable designs to create a robust, coherent blueprint for improving overall cybersecurity. This progress builds on the achievements of Milestone 1 and sets the stage for future phases of the project. The tasks completed and lessons learned in this phase will contribute to the timely and effective realization of the project’s overall objectives.

References Bhat, S. (2022). Analysis of Cybersecurity for the Enterprise. https://doi.org/10.7939/r3-v6tj-zn63 keepnetlabs. (2024). What Is Zero Trust Architecture​? Retrieved from keepnetlabs: https://keepnetlabs.com/blog/what-is-zero-trust-architecture Mahjabeen, F., & Islam, M. A. (2024). Digital Defense Mechanisms: A Framework for Securing Broadcast Systems in the Age of Cyber Threats. Journal of Multidisciplinary Research, 1-25. https://jomresearch.com/index.php/jomr/article/download/24/20 Miranda, E. (2019). Milestone planning: a participatory and visual approach. The Journal of Modern Project Management. https://journalmodernpm.com/manuscript/index.php/jmpm/article/download/JMPM02003/350 Pereira, G. (2024). EDR: Securing Low-Level Tracing for Intrusion Detection. Master's thesis. https://search.proquest.com/openview/7e250bd35d05bf5c5672597fc787aa3d/1?pq-origsite=gscholar&cbl=2026366&diss=y Weinberg, A. I., & Cohen, K. (2024). Zero Trust Implementation in the Emerging Technologies Era: Survey. arXiv preprint arXiv:2401.09575. https://doi.org/10.48550/arXiv.2401.09575

image1.png

image2.png