Explain the purpose of using the password cracking utilities and discuss the relevance to cybersecurity.
Category: security
Collaborations for Homeland Security
The tasks related to securing the homeland and its critical infrastructure are shared among many organizations. Several universities participate in research projects in conjunction with the DHS. Additionally, other departments in the government have jurisdiction over certain elements of the critical infrastructure.
Describe one academic institution helping to conduct research to protect the homeland.
Evaluate in detail one specific example of a research project conducted by the institution to protect the homeland. Be sure to explain the objectives of the project.
Analyze the outcomes, conclusions, and recommendations of the research project. Was the project successful?
Identify opportunities for future research in the area explored by this project.
Cite any sources using APA format on a separate page.
Enforcement of security policies
Enforcement of security policies is most effective when it comes from leadership. Employees look to executive management for direction. The executive is more likely to enforce policies to support his or her personal credibility. Once executives put their own credibility behind policies, they are less likely to allow violations to occur.
Finding the right level of leadership to take action can be a challenge. It’s generally more effective to have leadership governance and management committees responsible for IT security policy enforcement, where governance sets the direction for management to follow.
Answer the following question(s):
Why, or in what ways, would a governance committee be more effective than an executive in enforcing security policies?
“Security Threat Trends 2015”
Define and evaluate a security risk and measure the impact of the risk on a business organization.
Review one of the five security reports listed below and provided in the topic Resources. Your goal is to identify an interesting trend, such a high profile threat, the Internet of Things, medical devices, web hacks, etc. and write an executive summary explaining how the trend presents a risk within the industry associated with the selected security report.
“Security Threat Trends 2015”
“Worldwide Infrastructure Security Report – Volume XI”
“Internet Security Threat Report”
“2016 Trustwave Global Security Report”
“2016 Data Breach Investigations Report”
Write a 1,500-word executive summary that contains the following information.
Overview
Provide a summary of the threat trend.
Include graphs that depict the trend. You may include content form the report with appropriate citation and references.
Threat Definition
Explain the threat and how it exploits vulnerabilities within an organization.
Risk Identification
Identify the risk by detailing how exposed the organization is to the threat.
List several systems, resources, applications, or browsers that can be impacted.
Rate each system based on the likelihood and impact of the threat.
Provide a risk matrix that summarizes threat likelihood and impact.
Assign each system a value from the risk matrix to identify the risk posted to the organization.
Justify the risk matrix values.
Risk Measured
Identify and measure the impact the identified threat can cause to an organization.
Explain how the threat can impact the organization and summarize the likelihood of occurrence.
Discuss the costs associated with the impact of the threat.
Identify appropriate countermeasures or information technology solutions that can be put into place to reduce, resolve, or manage the threat impact.
Security Threat Awareness Infographic And Presentation
Imagine you are the information systems security officer at your company and are tasked with creating a cybersecurity threat awareness training. You must create an infographic or job aid for the company’s intranet and a brief presentation for the company’s stakeholders, including executives, managers, and staff.
Refer to the LinkedIn course “PowerPoint: Creating an Infographic” by Heather Ackmann, located in this week’s Learning Activities folder, for guidance on creating infographics.
Create a 1-page infographic or job aid of the cyber domain using the OSI model.
Identify 5 to 7 threats to the cyber domain, including at least 1 threat for each of the layers in your infographic.
Create a 4- to 6-slide presentation in which you:
Discuss the challenges of securing each layer of the cyber domain in the company’s cyber threat awareness training.
Select 3 threats from your infographic or job aid.
Identify 2 challenges from the threats you identified.
Note: You do not need to identify how to mitigate the threat; this presentation is focused on raising awareness of cybersecurity threats and the challenges these threats present.
Cyber Security Phishing Playbook
A Playbook in cybersecurity is usually referred to as a manual or set of instructions that can be referenced to follow specific processes and procedures depending on workflow and circumstances. The term playbook is probably borrowed from use in sporting events where teams will practice specific plays in order to execute them with higher degrees of efficiency during critical times. The following is an example of cybersecurity playbook that is open source found here
Cyber Security
Using a Web search engine, find an article from a reputable source, published within the past six months, that reports on the risk coming from inside the organization compared to the risk coming from outside the organization. If the article notes that this relative risk is changing, how is it changing and to what is the change attributed?
Search your institution’s published documents (or another organization’s), including its Web pages. Locate its values, vision, and/or mission statement, as well as strategic goals. Identify any references to InfoSec. Also look for any planning documents related to InfoSec.
Using a web search engine, visit one of the popular disaster recovery/business continuity sites, such as www.disasterrecoveryworld.com , www.drj.com, www.drie.org, www.drii.org, or csrc.nist.gov. Search for the terms hot site, warm site, and cold site. Do the provided descriptions match those of this chapter? Why or why not——- Just define what each term is and say that it does.
#4 Using the format provided in the text, design an incident response plan for your home computer. Include actions to be taken if each of the following events occur
-virus attack
-power failure
-fire
-burst water pipe
-ISP failure
What other scenarios do you think are important to plan for?
Wireless Security Forensic Used In Cyber Digital Investigations
How Is Wireless Security Forensic Used In Cyber Digital Investigations?
How cyber impact and affect our critical infrastructure by way of interdependencies
How does cyber impact and affect our critical infrastructure by way of interdependencies
Briefly discuss policy and legislation that supports cyber security.
What is the cyber threat spectrum?
Information technology (IT) security policies.
Purpose
This course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.
Learning Objectives and Outcomes
Successful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:
§ Evaluate compliance laws relevant to the U.S. Department of Defense.
§ Assess policy frameworks appropriate for an organization in a given scenario.
§ Evaluate security controls and standards for the seven domains of a typical IT infrastructure.
§ Develop DoD-compliant policies for an organization’s IT infrastructure.
Required Source Information and Tools
Web References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on August 26, 2020.
The following tools and resources will be needed to complete this project:
§ Course textbook
§ Internet access
§ DoD instructions or directives
https://www.esd.whs.mil/dd/
§ Risk Management Framework (RMF) for DoD Information Technology (IT) https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/851001p.pdf?ver=2019-02-26-101520-300
§ U.S. Department of Defense (DoD) Chief Information Office Library
https://dodcio.defense.gov/Library/
§ Department of Defense Information Security Program
https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodm/520001m_vol1.pdf?ver=2020-08-04-092500-203
§ Department of Defense Internet Services and Internet-Based Capabilities
https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/817001p.pdf