User Account

All Pages

Identify the project phases

Assignment Help Computer Network Security
Reference no: EM132986697

Cybersecurity Graduate Capstone Topic Approval Form

The purpose of this approval form is to help you clearly state your research question for this capstone project, as well as your project's scope and timeline, to ensure that these align with your degree emphasis. You will not have a complete and realistic overview of your project, and the acceptability of your project for the purposes of this course cannot be accurately assessed without clearly defining each of these areas. Many students use a project they have already completed within the past two years. If you choose a finished project, you will write the proposal as if the project is not yet complete. Then, when you report on your project, use your complete after-implementation report.

If you have not yet started your project, this document can help make sure the scope is in the acceptable range for this capstone. A course instructor must approve this form before you submit your capstone for evaluation. The task will not be evaluated without a course instructor's signature. The course instructor may ask for additional information before approving the form.

Project Topic: Password-less/ Multifactor Authentication- Getting Extra Security

Summary of the problem: Password are being hacked at an alarming rate, users are unknowingly giving their password out to hackers using different ways. We need a way to protect information data when password have been compromised and also reduce password compromise.

Outline of technology-supported security solution:

Multifactor Authentication (Hardware / Software)

Multifactor Authentication (MFA) is a process during authentication to ensure users are who they say they are by requiring two authentication mechanism during the authentication process. Enabling MFA on an account makes it harder for criminal to steal or impersonate a user. Azure MFA is provided as Software as a Service (SaaS), which provides secondary authentication using text, mail, call, app, security questions which have been predefined in the system. Also, there are several MFA hardware token that enable operating system or more enhanced login for example dui or RSA SecurID. Passwordless login will be implemented using one of the MFA hardware token.

Cloud (Azure)
Cloud computing or technology is a way to have resources available ondemand over the internet. Services or Applications are delivered over a secure connection between the provider (our project - Azure) and the consumer. It allows the consumer to focus on business needs without having to worry about the overhead capital cost (CAPEX). Majority of Cloud service providers utilize OPEX for payment.

User Behavior Analytics
Microsoft Azure provides several user behavior analytics which can be used to configure several policy that automatically enforce different actions during login process. One of the user behavior analytics that we will be implementing is location sign in risk. This track and analyze a user login behavior. For example, if EmployeeA logs in everyday from Columbus Ohio, if the said employee logs in Monday morning from Columbus and he logs in that afternoon from London, UK. The account will automatically be flagged and temporarily disabled till user confirmation.

Single Sign on
.Single sign on is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. Single Sign On (SSO) uses trust that have

been setup with various system by utilizing a token already provided identity provider to a service provider

Context: Explain why the situation or question would benefit from your security solution
The proposed solution of increasing password complexity, going password-less when possible and adding extra layer of MFA will help secure the environment from external and internal vulnerabilities.
Vulnerabilities in today's world cost organizations millions if not billions of dollars. Also I.T will be able to adequately contain compromised systems or hackers from crawling through the infrastructure by security privileged account with controlled elevated access

Stakeholders: Identify the project stakeholders. I.T, Management and Entire Employees

Project Plan: Describe the project plan, scope, goals, and objectives.

Project Plan
To gather information about unsecure passwords or accounts that are set to not require password and accounts with default system password, Implement and Enforce password policy, Audit accounts not following password policy, Implement secondary accounts for privilege or elevated task in different application, Enforce MFA on secondary and regular accounts, and also Implement SSO / Password less authentication

Scope
The scope of this project includes all employees who have or are responsible for an account or any form of access that requires a password on any system

Goal
Adopting security solutions to tighten security and have a greater chance of preventing intruders from penetrating business networks than using a single security solution to safeguard data at all levels and across many applications and devices.

Objectives
Cybersecurity team will verify compliance to this policy through various methods, including but not limited to, periodic penetration testing, business tool reports, internal and external audits, and feedback to the Information Security

Methodology: Outline the project approach. Agile methodology will be followed for the project. We will follow small iterations by rolling out to small group, test and go live with the rest of the task. We will also make changes to the policy as we receive feedbacks from stakeholders

Implementation Plan: Identify the project phases. Gather information about unsecure passwords or accounts that are set to not require password. Gather information about accounts with default system password Implement Password Policy Enforce password policy Audit accounts not following password policy Implement secondary accounts for privilege or elevated task in different application Enforce MFA on secondary accounts Enforce MFA on regular accounts Implement SSO / Password less authentication

Project Outcomes: List the key anticipated project outcomes and deliverables in 500 words or less. Secure password, NIST Compliance environment, (NIST 800-63 and NIST 800-53), Less password to remember for stakeholders (SSO) and Inability for compromised systems to cause damage to other applications

Attachment:- Cybersecurity Graduate Capstone.rar

Reference no: EM132986697

Questions Cloud

How much more can tom earn investing at that bank : Tom is considering saving an amount of $5000 for 4 years. He can save this amount at Magic bank, How much more can Tom earn investing at that bank
Would the process still be good enough for the supplier need : If the process mean were to drift from its setting of 2.500 mm to a new mean of 2.497, would the process still be good enough for the supplier's needs
How blockchain may be used in that industry : Pick an industry you feel will be most affected by blockchain and how blockchain may be used in that industry.
Evaluate the companys debt-paying ability : Blue Spruce had total debt of $500,500 and $776,250 as at December 31, 2020, and December 31, 2019, Evaluate the company's debt-paying ability
Identify the project phases : Identify the project phases. Gather information about unsecure passwords or accounts that are set to not require password
Prepare journal entries to record the income tax : Income before tax per income statement: 2020 - 6,000,000. Prepare journal entries to record the income tax and deferred tax for 2020 and 2021
Data visualization in presenting complex data to management : You will explore the role of data visualization in presenting complex data to management.
Application each for dss-bi and analytics : Survey the literature from the past six months to find one application each for DSS, BI, and analytics.
Find the market value per share of the company : The Enterprise Value per Revenue of Bitcoin Company is 2.5. Using this scenario, find the market value per share of the company

Reviews

Write a Review

Computer Network Security Questions & Answers

  Key generation of the simplified des algorithm

What is the history of DES and describe the key generation of the Simplified DES algorithm

  Network security hii need the attached assignment done by

hi ltbrgti need the attached assignment done by 120914. please quote the best price. the assignment should be completed

  How data mining can be used to improve food quality

How data mining can be used to improve food quality - topic report is data mining to improve the food quality.

  How to find anti-virus and firewall sw on your computer

How to find anti-virus and/or Firewall SW on your computer. Discussion on how to remove unwanted Virus and Malware?

  Discuss security issues related to researched technologies

From the e-Activity, discuss two security issues related to the researched technologies. Analyze the security protection currently implemented on the device.

  What might sony and the u.s. government done

What might Sony and the U.S. government done differently to discourage future such attacks on other U.S. organizations

  Information security

A computer forensics investigator needs to develop an understanding about security standards and formal procedures within an organisation. This module will provide knowledge in addressing issues around security in the organisational environment. T..

  What did you learn from your classmates posting

Based on IP 7, provide a short summary of the Kali Tool you have researched. Share with other students, how it's used, implemented and measures to protect your.

  Find the sequence obtained by applying successively the

1 encrypt the message buy now using the knapsack cipher based on the sequence obtained from the super-increasing

  Analyse issues associated with organisational data networks

Analyse issues associated with organisational data networks and security to recommend practical solutions towards their resolution

  Can one tool be used for managing more than one area

What is the best tool for each area? Can one tool be used for managing more than one area? Why or why not? Support your information and make sure all information sources are appropriately cited.

  How can crt be used to speed up rsa decryption

Describe a man-in-the-middle attack on the Diffie-Hellman protocol where the ad- versary shares a key kA. How can CRT be used to speed up RSA decryption?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd