User Account

All Pages

Evaluate the role of mitigation methods and strategies

Assignment Help Computer Engineering
Reference no: EM133571283

Homework: Project Guidelines

Overview

You work for Strategic Security Consulting Group (SSCG). Recently, one of your clients located in Los Angeles, North Star Software Developers (NSSD), called with a big problem. NSSD's strategic security goals include protecting the software development process and code as well as sensitive client information from internal and external breaches. Some of its network servers were compromised, resulting in the possible loss of personal information and credit card numbers of purchasers of the company's software products. It is not presently known whether this attack came from inside or outside of the company. NSSD is currently dealing with this problem as best as it can, but it needs your company to help prevent this from happening again in the future.

You have been assigned to create a training manual for NSSD's IT personnel in which you test, describe, and recommend a variety of network security tools that, when used properly, will mitigate both the risk of future breaches and the effects of a breach when it takes place.

Given the above scenario, you will also create an executive overview that describes the appropriate areas of concern from your research in this course. This should be written in language that can be understood by a nontechnical audience of company management and stakeholders.

In this homework, you will demonstrate your mastery of the following course outcomes:

I. Interpret results of network and vulnerability scans for identifying security vulnerabilities

II. Implement appropriate methods that protect against and address network threats and vulnerabilities using appropriate risk mitigation techniques

III. Categorize the severity of security incidents using industry best practices for determining the appropriate immediate response

IV. Recommend timely countermeasures that minimize the consequences of current security incidents

V. Communicate response and mitigation strategies that align with an organization's strategic goals

Prompt

Specifically, the following critical elements must be addressed:

Network Assessment and Defense Training Manual:

I. Executive Overview

A. Create a brief description of the purpose of the manual that is in consumable terms for the stakeholders. Be sure you address the company's strategic security goals and the value of the policy changes or updates.

B. Assess the role of network defense methods and strategies for securing the network. Support your findings with research and experience from the lab exercises.

C. Evaluate the role of mitigation methods and strategies in reducing security risk. Support your findings with research and experience from the lab exercises.

D. Summarize the role of incident response methods and strategies in minimizing the impact of breaches. Support your findings with research and experience from the lab exercises.

II. Training Manual: For each section of the training manual, develop guidelines for employees to select and employ specific software, tools, and methods to address the elements of the section topic. Your guidelines serve as recommendations of specific tools and criteria for determining when to use these tools. Each section should include relevant screenshots to support the instructions.

A. Traffic Analysis: Based on the labs used for traffic analysis, address the tools, methods, and techniques related to traffic analysis. Be sure to provide screenshots for the output elements that support the following areas:

a. Create guide materials for identifying vulnerabilities and potential threats through interpreting output from packet capturing tools.

b. Recommend the alert response procedures required for traffic anomalies identified through monitoring network traffic and examining logs.

B. Firewalls: Based on the labs associated with firewalls, address the tools, methods, and techniques related to perimeter defense using firewalls. Be sure to provide screenshots for the output elements that support the following areas:

a. Illustrate the process of rule creation and firewall configuration.

b. Outline the steps for segmenting networks. Be sure to describe the benefits of the segmenting strategies.

c. Explain the process and criteria for blocking, allowing, and filtering traffic.

d. Create guidelines for the implementation of methods for detecting attacks.

C. Intrusion Detection: Describe the configuration of intrusion detection systems, specifically addressing the following:

a. Whitelisting and blacklisting

b. IDS placement

c. Summarize the key aspects of monitoring, logging (auditing), and alerting using intrusion detection systems

D. Vulnerability Assessment

a. Illustrate the proper implementation of port scanning, device scanning, and penetration testing and detection for conducting vulnerability assessments.

b. Explain how to interpret the output of a vulnerability scan to identify weaknesses.

E. Network Assessment

a. Illustrate the processes of detecting rogue devices, detecting malicious connections, and viewing network topologies to identify network weakness.

b. Explain how to interpret the output of network scans to identify weaknesses.

F. Auditing and Log Collection

a. Recommend appropriate company-approved tools that minimize the consequences of incident events, and include appropriate rationale and justification.

G. Tools Overview: Provide a brief summary of the key company-approved tools, represented by those used in the lab exercises. In your summary, identify the importance of and rationale for selecting these tools.

Reference no: EM133571283

Questions Cloud

What populations or systems are involved : What populations or systems are involved? How has this course impacted your perspective on multicultural practice?
Why was the us healthcare system created : Why was the U.S. Healthcare System created? What were some of the major milestones in the organization of the U.S. Healthcare system?
Define emergency contraception : Define Emergency Contraception. When was the first( year) legalization of abortion? What is Roe vs. Wade? Why was it important?
About contraceptive methods : How do you start talking to teenagers from 14 to 18 years old about contraceptive methods, how do you start the introduction with them,
Evaluate the role of mitigation methods and strategies : IT 643- Evaluate the role of mitigation methods and strategies in reducing security risk. Support your findings with research and experience from lab exercises.
How homeless veterans are affected by food insecurities : Describe how homeless veterans are affected by food insecurities and homelessness. How does this affect their everyday lives?
Child welfare unit of local department of social services : You are a social worker in the child welfare unit of the local Department of Social Services. You are working with a client, Jean V., an unemployed
Concept of data governance : Consider the concept of data governance. Discuss the important strategies required for an effective data governance program.
Explain the concept of storage hierarchy in computer systems : Explain the concept of storage hierarchy in computer systems, and describe the primary characteristics of secondary storage devices.

Reviews

Write a Review

Computer Engineering Questions & Answers

  What is the purpose of a generic class

What is the format of an external style sheet? What is the purpose of a generic class? What is the difference between the two selectors ol ul and ol > ul?

  How it influence it department''s ability to maintain

be sure to address readability as a characteristic and how it will influence an IT department's ability to maintain custom software for a corporation.

  How can six sigma or tqm benefit your organization

How can Six Sigma or TQM benefit your organization? What change management processes are currently in place, or if there are no formal processes.

  Write the decryption algorithm in pseudo code for cbc mode

Write the decryption algorithm in pseudo code for ECB mode. Write the decryption algorithm in pseudo code for CBC mode.

  Write a c program that reads all five values from this file

Using the Emacs editor create a file called testdata4 (no extension) that contains 5 positive integer values.

  Describe what value your blockchain app provides

Describe your business environment (what business are you in?) Describe what value your blockchain app provides to your existing and potential customers.

  Write a function mirror that will receive one input vector

Write a function mirror that will receive one input vector consisting of y coordinates of data points.

  Write a process findranks in java

Write down a method findRanks in Java that accepts an unsorted array of integers vals, and a starting and ending rank start and end, numbering ranks from 0, and returns an unsorted (any order is acceptable) array containing the lo-th through the h..

  Create a pl-sql program to show the area of circles

Create a PL/SQL program to show the area of circles with different radios ( from 1 to 10)using LOOP statement and the increment rate is 1

  What elements would you include

For example, hospitals and civilians should never be targeted for bombing. Should there be a code of ethics for cyber warfare? Why or why not?

  Construct the state diagram for the finite-state machine

Find the output for each of these input strings when given as input to the finite-state machine in Example.

  Implement the given function using logic gates

Implement the same function using a 16 input multiplexer (74150) only. (Hint: Draw the truth table for Q.)

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd