Assessing Information System Vulnerabilities and Risk
good123
CST610-DFC610AllProjectsGradingChecklist.xlsxProject 1
| Student Name: | |
| Date: | |
| This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission | |
| Project 1: Requires the Following FOUR Pieces | Areas to Improve |
| 1. Executive Summary (Try to Stay Within 2 Pages) | |
| 2. Technical Report | |
| 3. Non-Technical Presentation Slides (Narration Not Needed) | |
| 4. Lab Experience Report with Screenshots | |
| 1. Technical Report | |
| Defining the Information System Infrastructure | |
| Describe the organization, including mission, key cabinet offices, business units, and functions. Use diagram if possible. | |
| Choose one or more mission-critical systems of the healthcare organization. | |
| Define the information protection needs for the organization's mission-critical protected health information (PHI). | |
| Define the workflows and processes for the mission critical systems you selected that will store PHI. | |
| Threats | |
| Threats to the hospital's information systems infrastructure | |
| Insider threats | |
| Intrusion motives | |
| Hacker psychology | |
| The purpose and components of an identity management system to include authentication, authorization, and access control | |
| Use of laptop, tablet, and mobile devices by doctors who visit patients and need access to PHI. | |
| Access Control Management | |
| Access control lists in operating systems | |
| Role-based access controls | |
| Files | |
| Database access controls | |
| Discuss types of authorization and authentication and the use of passwords | |
| Password management | |
| Password protection in an identity management system | |
| Describe secure authentication mechanisms including Multi-factor | |
| Other material that may qualify “Exceeds Expectations“ | |
| Password Cracking Tools | |
| Compare the password cracking tools based on these characteristics, and include as part of your assessment and recommendations on the use of such tools. | |
| Discuss issues related to organizational anti-virus software detecting password cracking tools as malware. | |
| Help the leadership understand the risks and benefits of using password cracking tools, through persuasive arguments in your report and presentation. | |
| References | |
| Authoritative in-text citations in APA format. | |
| Authoritative list of references at end in APA format. | |
| Technical Report Feedback | |
| 2. Executive Summary | |
| Summarize each part of your Technical Report at a high level for executive consumption. | |
| Avoid citations in Executive Summary. Use your own words and explain so anyone can understand. | |
| Make sure you highlight your recommendations. | |
| Executive Summary Feedback | |
| 3. Presentation Slides | |
| Title Slide | |
| Use of Readable Fonts and Color | |
| Summarizes Findings and Recommendations at High Level | |
| Presentation Slides Feedback | |
| 4. Lab Experience Report | |
| Summarizes the Lab Experience and Findings | |
| Responds to the Questions | |
| Provides Screenshots of Key Results | |
| Lab Experience Report Feedback | |
Project 2
| Student Name: | |
| Date: | |
| This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission | |
| Project 2: Requires the Following THREE Pieces | Areas to Improve |
| 1. Security Assessment Report (including relevant findings from Lab) | |
| 2. Non-Technical Presentation Slides (Narration Not Needed) | |
| 3. Lab Experience Report with Screenshots | |
| 1. Security Assessment Report | |
| Defining the OS | |
| Brief explanation of operating systems (OS) fundamentals and information systems architectures. | |
| 1. Explain the user's role in an OS. | |
| 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. | |
| 3. Describe the embedded OS. | |
| 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. | |
| Include a brief definition of operating systems and information systems in your SAR. | |
| Other outstanding information | |
| OS Vulnerabilities | |
| 1. Explain Windows vulnerabilities and Linux vulnerabilities. | |
| 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. | |
| 3. Explain the motives and methods for intrusion of MS and Linux operating systems. | |
| 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. | |
| 5. Describe how and why different corporate and government systems are targets. | |
| 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections | |
| Preparing for the Vulnerability Scan | |
| 1. Include a description of the methodology you proposed to assess the vulnerabilities of the operating systems. | |
| 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. | |
| 3. Include a description of the applicable tools to be used, limitations, and analysis. | |
| 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. | |
| 5. In your report, discuss the strength of passwords | |
| 5a. any Internet Information Services' | |
| 5b. administrative vulnerabilities, | |
| 5c. SQL server administrative vulnerabilities, | |
| 5d. Other security updates and | |
| 5e. Management of patches, as they relate to OS vulnerabilities. | |
| Vulnerability Assessment Tools for OS and Applications (Lab) | |
| Use the tools' built-in checks to complete the following for Windows OS (e.g., using Microsoft Baseline Security Analyzer, MBSA): | |
| 1. Determine if Windows administrative vulnerabilities are present. | |
| 2. Determine if weak passwords are being used on Windows accounts. | |
| 3. Report which security updates are required on each individual system. | |
| 4. You noticed that the tool you used for Windows OS (i.e., MBSA) provides dynamic assessment of missing security updates. MBSA provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. | |
| 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as MBSA will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. | |
| Utilize the OpenVAS tool to complete the following: | |
| 1. Determine if Linux vulnerabilities are present. | |
| 2. Determine if weak passwords are being used on Linux systems. | |
| 3. Determine which security updates are required for the Linux systems. | |
| 4.You noticed that the tool you used for Linux OS (i.e., OpenVAS) provides dynamic assessment of missing security updates. MBSA provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. | |
| 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment | |
| 3. Presentation Slides | |
| Title Slide | |
| Use of Readable Fonts and Color | |
| Summarizes Findings and Recommendations at High Level | |
| Summarizes Findings and Recommendations at High Level | |
| Presentation Slides Feedback | |
| 4. Lab Experience Report | |
| Summarizes the Lab Experience and Findings | |
| Responds to the Questions | |
| Provides Screenshots of Key Results | |
| Lab Experience Report Feedback | |
Project 3
| Student Name: | |
| Date: | |
| This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission | |
| Project 3: Requires the Following THREE Pieces | Areas to Improve |
| 1. Security Assessment Report (including relevant findings from Lab) | |
| 2. Risk Assessment Report | |
| 3. Lab Experience Report with Screenshots | |
| 1. Security Assessment Report | |
| Enterprise Network Diagram | |
| You will propose a local area network (LAN) and | |
| a wide area network (WAN) | |
| define the systems environment, | |
| incorporate this information in a network diagram. | |
| Discuss the security benefits of your chosen network design. | |
| Threats | |
| Define threat intelligence and explain what kind of threat intelligence is known about the OPM breach. | |
| differentiate between the external threats to the system and the insider threats. | |
| entify where these threats can occur in the previously created diagrams. | |
| Relate the OPM threat intelligence to your organization. How likely is it that a similar attack will occur at your organization? | |
| Identifying Security Issues | |
| Provide an analysis of the strength of passwords used by the employees in your organization. | |
| Are weak passwords a security issue for your organization? | |
| Firewalls and Encryption | |
| Determine the role of firewalls and encryption, and auditing | |
| RDBMS that could assist in protecting information and monitoring the confidentiality, integrity, and availability of the information in the information systems. | |
| Threat Identification | |
| Identify the potential hacking actors of these threat attacks on vulnerabilities in networks and information systems and the types of remediation and mitigation techniques available in your industry, and for your organization. | |
| Identify the purpose and function of firewalls for organization network systems, and how they address the threats and vulnerabilities you have identified. | |
| Also discuss the value of using access control, database transaction and firewall log files. | |
| Identify the purpose and function of encryption, as it relates to files and databases and other information assets on the organization's networks. | |
| 2. Risk Assessment Report | |
| Risk and Remediation | |
| What is the risk and what is the remediation? | |
| What is the security exploitation? | |
| 3. Lab Experience Report | |
| Summarizes the Lab Experience and Findings | |
| Responds to the Questions | |
| Provides Screenshots of Key Results | |
| Lab Experience Report Feedback | |
Project 4
| Student Name: | |
| Date: | |
| This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission | |
| Project 4: Requires the Following FOUR Pieces | Areas to Improve |
| 1. Team Forming and Completion of Charter | |
| 2. Security Assessment Report | |
| 3. After Action Report | |
| 4. Presentation Slides (With Narration or In Class Presentation) | |
| 1. Team Forming and Completion of Charter | |
| Upload completed Charter to Team Locker in Classroom | |
| 2. Security Assessment Report | |
| Financial Sector | |
| Provide a description of the impact the threat would have on the financial services sector. These impact statements can include the loss of control of the systems, the loss of data integrity or confidentiality, exfiltration of data, or something else. Also provide impact assessments as a result of this security incident to the financial services sector. | |
| Provide submissions from the Information Sharing Analysis Councils related to the financial sector. | |
| Law Enforcement | |
| Provide a description of the impact the threat would have on the law enforcement sector. These impact statements can include the loss of control of systems, the loss of data integrity or confidentiality, exfiltration of data, or something else. Also provide impact assessments as a result of this security incident to the law enforcement sector. | |
| The Intelligence Community | |
| Provide intelligence on the nation-state actor, their cyber tools, techniques, and procedures. Leverage available threat reporting such as from FireEye, Mandiant, and other companies and government entities that provide intelligence reports. Also include the social engineering methods used by the nation-state actor and their reasons for attacking US critical infrastructure. | |
| Homeland Security | |
| Use the US-CERT and other similar resources to discuss the vulnerabilities and exploits that might have been used by the attackers. | |
| Explore the resources for risk mitigation and provide the risk, response, and risk mitigation steps that should be taken if an entity suffers the same type of attack. | |
| Provide a risk-threat matrix and provide a current state snapshot of the risk profile of the financial services sector. | |
| 3. After Action Report | |
| The purpose of the AAR is to share the systems life cycle methodology, rationale, and critical thinking used to resolve this cyber incident. | |
| Identify the purpose and function of firewalls for organization network systems, and how they address the threats and vulnerabilities you have identified. | |
| Also discuss the value of using access control, database transaction and firewall log files. | |
| Identify the purpose and function of encryption, as it relates to files and databases and other information assets on the organization's networks. | |
| 4. Presentation (Complete Set of Team Slides and Narration of a Portion) | |
| Title Slide | |
| Use of Readable Fonts and Color | |
| Summarizes Findings and Recommendations at High Level | |
| Slide Narration or In Class Presentation (5-6 minutes or a portion of report) | |
| Presentation Slides Feedback | |
Project 5
| Student Name: | |
| Date: | |
| This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission | |
| Project 5: Requires the Following TWO Pieces | Areas to Improve |
| 1. Paper | |
| 2. Lab Experience Report with Screenshots | |
| 1. Paper | |
| IT Systems Architecture | |
| You will provide this information in tabular format and call it the Network Security and Vulnerability Threat Table | |
| security architecture of the organization | |
| the cryptographic means of protecting the assets of the organization | |
| the types of known attacks against those types of protections | |
| means to ward off the attacks | |
| Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely: | |
| LAN security | |
| identity management | |
| physical security | |
| personal security | |
| availability | |
| privacy | |
| Then list the security defenses you employ in your organization to mitigate these types of attacks. | |
| Plan of Protection | |
| Learn more about the transmission of files that do not seem suspicious but that actually have embedded malicious payload, undetectable to human hearing or vision. This type of threat can enter your organization’s networks and databases undetected through the use of steganography or data hiding. You should include this type of threat vector to an organization in your report to leadership. | |
| Provide the leadership of your organization with your plan for protecting identity, access, authorization and nonrepudiation of information transmission, storage, and usage | |
| Data Hiding Technologies | |
| describe to your organization the various cryptographic means of protecting its assets. descriptions will be included in the network security vulnerability and threat table for leadership | |
| Encryption Technologies | |
| 1. Shift / Caesar cipher | |
| 2. Polyalphabetic cipher | |
| 3. One time pad cipher/Vernam cipher/perfect cipher | |
| 4. Block ciphers | |
| 5. triple DES | |
| 6. RSA | |
| 7. Advanced Encryption Standard (AES) | |
| 8. Symmetric encryption | |
| 9. Text block coding | |
| Data Hiding Technologies | |
| 1. Information hiding and steganography | |
| 2. Digital watermarking | |
| 3. Masks and filtering | |
| Network Security Vulnerability and Threat Table | |
| Describe the various cryptographic means of protecting its assets. descriptions will be included in the network security vulnerability and threat table for leadership | |
| Encryption Technologies | |
| 1. Shift / Caesar cipher | |
| 2. Polyalphabetic cipher | |
| 3. One time pad cipher/Vernam cipher/perfect cipher | |
| Access Control Based on Smart Card Strategies | |
| Describe how identity management would be a part of your overall security program and your CAC deployment plan: | |
| 2. Lab Experience Report | |
| Summarizes the Lab Experience and Findings | |
| Responds to the Questions | |
| Provides Screenshots of Key Results | |
| Lab Experience Report Feedback | |
Project 6
| Student Name: | |
| Date: | |
| This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission | |
| Project 5: Requires the Following TWO Pieces | Areas to Improve |
| 1. Paper | |
| 2. Lab Experience Report with Screenshots | |
| 1. Paper | |
| Methodology | |
| 1. Preparation | |
| 2. Extraction | |
| 3. Identification | |
| 4. Analysis | |
| Tools and Techniques | |
| 1. The importance of using forensic tools to collect and analyze evidence (e.g., FTK Imager and EnCase) | |
| 2. Hashing in the context of digital forensics | |
| 3. How do you ensure that the evidence collected has not been tampered with (i.e., after collection)? Why and how is this important to prove in a court of law? | |
| 2. Lab Experience Report | |
| Summarizes the Lab Experience and Findings | |
| Responds to the Questions | |
| Provides Screenshots of Key Results | |
| Lab Experience Report Feedback | |
