CIS 552 TERM PAPER REDESIGNING SECURITY OPERATIONS

CIS 552 TERM PAPER REDESIGNING SECURITY OPERATIONS

 

 

 

 

 

 

CIS 552 TERM PAPER REDESIGNING SECURITY OPERATIONS

 

CIS 552 Term Paper Redesigning Security Operations

Imagine you have recently been hired as the Information security director at a start-up health care research firm, where confidential client data is housed in its Data Center. Currently, the company has 100 employees and expects to expand its workforce to 300 in the next three (3) months and the company is moving to a new location in an urban office building across four (4) floors. The security operations and defensive mechanisms have been run in the past by the Networking Department and due to the move, you have a chance to start anew with the company’s security operations to improve its overall security posture.

 

 

 

 

https://hwacer.com/Tutorial/cis-552-term-paper-redesigning-security-operations/

 

 

 

 

 

 

 

CIS 552 TERM PAPER REDESIGNING SECURITY OPERATIONS

 

CIS 552 Term Paper Redesigning Security Operations

Imagine you have recently been hired as the Information security director at a start-up health care research firm, where confidential client data is housed in its Data Center. Currently, the company has 100 employees and expects to expand its workforce to 300 in the next three (3) months and the company is moving to a new location in an urban office building across four (4) floors. The security operations and defensive mechanisms have been run in the past by the Networking Department and due to the move, you have a chance to start anew with the company’s security operations to improve its overall security posture.

CIS 552 WEEK 1 DISCUSSION

CIS 552 WEEK 1 DISCUSSION

 

 

 

CIS 552 Week 1 Discussion

Determine whether or not you believe penetration tests are necessary and an integral part of a security program and discuss why or why not. Imagine you are an information security manager. Explicate whether or not you would consider utilizing penetration testing in your environment, and, if so, in what capacity. In a few sentences, describe the most important business areas and or network infrastructure components that would be most beneficial to test. Can you recommend a website, as a potential useful resource that outlines best practices for conducting an internal penetration test?

 

 

 

https://hwacer.com/Tutorial/cis-552-week-1-discussion/

 

 

 

 

 

 

 

CIS 552 Week 1 Discussion

Determine whether or not you believe penetration tests are necessary and an integral part of a security program and discuss why or why not. Imagine you are an information security manager. Explicate whether or not you would consider utilizing penetration testing in your environment, and, if so, in what capacity. In a few sentences, describe the most important business areas and or network infrastructure components that would be most beneficial to test. Can you recommend a website, as a potential useful resource that outlines best practices for conducting an internal penetration test?

 

 

 

CIS 552 Week 1 Discussion

Determine whether or not you believe penetration tests are necessary and an integral part of a security program and discuss why or why not. Imagine you are an information security manager. Explicate whether or not you would consider utilizing penetration testing in your environment, and, if so, in what capacity. In a few sentences, describe the most important business areas and or network infrastructure components that would be most beneficial to test. Can you recommend a website, as a potential useful resource that outlines best practices for conducting an internal penetration test?

CIS 552 WEEK 1 LAB ASSIGNMENT 1

CIS 552 WEEK 1 LAB ASSIGNMENT 1

 

 

 

CIS 552 WEEK 1 LAB ASSIGNMENT 1

 

  1. Complete the weekly labs according to the steps described below.
  2. Provide deliverables in the form of documents, files, and / or screenshots for the steps specified in each lab assignment. Some labs require the use of Microsoft Word or OpenOffice for preparing and submitting deliverables.
Lab Submission Breakdown
LabAssignment WeekDue Lab # & Title Deliverables for Submission
1 1 Lab 1: Assessing and Securing Systems on a Wide Area Network (WAN) 1.      Complete Section 1: Hands on Demonstration, Parts 1-4, and provide the appropriate screen captures in your lab report. Screen captures are specified in the directions of each lab.2.      Complete Section 2: Applied Learning, Parts 1-4, and provide the appropriate screen captures in your lab report. Screen captures and file names are specified in the directions of each lab.

 

 

 

 

CIS 552 WEEK 1 LAB ASSIGNMENT 1

  1. Complete the weekly labs according to the steps described below.
  2. Provide deliverables in the form of documents, files, and / or screenshots for the steps specified in each lab assignment. Some labs require the use of Microsoft Word or OpenOffice for preparing and submitting deliverables.
Lab Submission Breakdown
LabAssignment WeekDue Lab # & Title Deliverables for Submission
1 1 Lab 1: Assessing and Securing Systems on a Wide Area Network (WAN) 1.      Complete Section 1: Hands on Demonstration, Parts 1-4, and provide the appropriate screen captures in your lab report. Screen captures are specified in the directions of each lab.2.      Complete Section 2: Applied Learning, Parts 1-4, and provide the appropriate screen captures in your lab report. Screen captures and file names are specified in the directions of each lab.

CIS 552 WEEK 2 DISCUSSION

CIS 552 WEEK 2 DISCUSSION

 

 

CIS 552 Week 2 Discussion

 

Your labs and readings this week focus on applying common cryptography and hashing techniques to important data to ensure confidentiality and integrity. These techniques are important, as they ensure safeguarding a company’s information and the accuracy of the data.

  • In a few sentences, describe the difference between an MD5 hashing algorithm and an SHA1 hashing algorithm, outlining the strengths and weaknesses of each hashing algorithm.  Describe a scenario or instance when MD5 and SHA1 would be best suitable to use to secure data. Researching your own PC’s operating system, are there any tools built in to verify MD5 or SHA1 checksums of downloaded software?  Can you recommend a website as a potential useful resource that show a user how to verify an MD5 checksum? Share with your classmates, and provide links to any useful resource you find.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post often.

Additional post option: What would happen if you downloaded new software, and confirmed that the MD5 value does not match the site? What steps would you take to resolve this issue?

 

 

 

 

 

 

 

 

https://hwacer.com/Tutorial/cis-552-week-2-discussion/

 

 

 

 

 

 

CIS 552 Week 2 Discussion

Your labs and readings this week focus on applying common cryptography and hashing techniques to important data to ensure confidentiality and integrity. These techniques are important, as they ensure safeguarding a company’s information and the accuracy of the data.

  • In a few sentences, describe the difference between an MD5 hashing algorithm and an SHA1 hashing algorithm, outlining the strengths and weaknesses of each hashing algorithm.  Describe a scenario or instance when MD5 and SHA1 would be best suitable to use to secure data. Researching your own PC’s operating system, are there any tools built in to verify MD5 or SHA1 checksums of downloaded software?  Can you recommend a website as a potential useful resource that show a user how to verify an MD5 checksum? Share with your classmates, and provide links to any useful resource you find.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post often.

Additional post option: What would happen if you downloaded new software, and confirmed that the MD5 value does not match the site? What steps would you take to resolve this issue?

 

 

CIS 552 WEEK 3 DISCUSSION WIRESHARK

CIS 552 WEEK 3 DISCUSSION WIRESHARK

 

 

 

 

 

 

 

CIS 552 Week 3 Discussion WIRESHARK

Your labs this week focus on capturing network data by using tools such as TCPdump, Wireshark and NetWitness Investigator. The ability to analyze network data can be useful in determining possible network vulnerabilities.

  • In your labs, you performed a network capture using TCPdump and Wireshark. Compare and contrast these tools. In a few sentences, describe a scenario when you might find a use for each of these tools. Is one tool more efficient than the other in this industry? Using the Internet, recommend a website or video that provides a tutorial on how to best use one of these tools.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post often.

Additional post option: Outline the steps and equipment needed to capture wireless network traffic.

 

 

 

 

 

 

https://hwacer.com/Tutorial/cis-552-week-3-discussion-wireshark/

 

 

 

 

 

 

 

 

 

CIS 552 Week 3 Discussion WIRESHARK

Your labs this week focus on capturing network data by using tools such as TCPdump, Wireshark and NetWitness Investigator. The ability to analyze network data can be useful in determining possible network vulnerabilities.

  • In your labs, you performed a network capture using TCPdump and Wireshark. Compare and contrast these tools. In a few sentences, describe a scenario when you might find a use for each of these tools. Is one tool more efficient than the other in this industry? Using the Internet, recommend a website or video that provides a tutorial on how to best use one of these tools.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post often.

Additional post option: Outline the steps and equipment needed to capture wireless network traffic.

CIS 552 WEEK 3 ASSIGNMENT 1

CIS 552 WEEK 3 ASSIGNMENT 1

 

 

CIS 552 WEEK 3 ASSIGNMENT 1

 

Assignment 1: Encryption and Hashing Algorithms: Tools and Commands

Due Week 3 and worth 100 points

The CIA and FBI have been working as a joint task force to unearth the meaning behind a vast amount of intercepted digital communiqué between two known operatives, believed to be spies. They have recruited your company to assist with the decryption of these messages.

Part 1:

Write a paper in which you answer the following:

Before starting on this mission, both national organizations want to verify your ability to identify hash and encryptions standards. Answer the following questions, providing specific details for each topic:

 

 

 

 

 

 

https://hwacer.com/Tutorial/cis-552-week-3-assignment-1/

 

 

 

 

 

 

 

 

 

  1. Explain how to identify the type of hash, identifying a tool that can integrate with Linux and Windows so desktop users are able to verify hash values. Specify any online tools.
  2. Describe the difference between RSA and ECDSA encryption algorithms and name a well-known product that uses each type of encryption. Be sure to cite your references.
  3. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar websites do not qualify as quality resources.

Part 2:

Here is a useful online resource to help with your tasked assignment from the FBI. Using the following link, decrypt the random messages and put them together into a useful missive. Identify the hash type, and rearrange the messages in logical order to assemble the message.

CIS 552 WEEK 4 DISCUSSION FOOTPRINTING AND PORT SCANNING

CIS 552 WEEK 4 DISCUSSION FOOTPRINTING AND PORT SCANNING

 

 

CIS 552 Week 4 Discussion FOOTPRINTING AND PORT SCANNING

Footprinting is a passive scan performed to gather basic public information about a target company and is useful in determining if you have too much visibility on the Internet. Port scanning is done to scan a network for open ports. This week’s labs and reading focus on port scanning and footprinting.

  • Explain what you believe is the greatest source of information for hackers in the footprinting stage, including where this information is commonly found and how a hacker is able to obtain it. Compare and contrast footprinting and port scanning. Determine which you believe is the more important step in the hacking process and explain why. Using the Internet or the Strayer Library, research at least two commonly used port scanning tools. Provide a tutorial, website or video that provides a tutorial on how to use the tools. Share with your classmates, and include links to any useful resource you find.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post often.

Additional post option: What type of pertinent information can be found during a passive scan from social media sites such as LinkedIn or Facebook?

 

 

 

https://hwacer.com/Tutorial/cis-552-week-4-discussion-footprinting-port-scanning/

 

 

 

 

 

 

 

 

CIS 552 Week 4 Discussion FOOTPRINTING AND PORT SCANNING

Footprinting is a passive scan performed to gather basic public information about a target company and is useful in determining if you have too much visibility on the Internet. Port scanning is done to scan a network for open ports. This week’s labs and reading focus on port scanning and footprinting.

  • Explain what you believe is the greatest source of information for hackers in the footprinting stage,

 

 

 

 

 

CIS 552 Week 4 Discussion FOOTPRINTING AND PORT SCANNING

Footprinting is a passive scan performed to gather basic public information about a target company and is useful in determining if you have too much visibility on the Internet. Port scanning is done to scan a network for open ports. This week’s labs and reading focus on port scanning and footprinting.

  • Explain what you believe is the greatest source of information for hackers in the footprinting stage, including where this information is commonly found and how a hacker is able to obtain it. Compare and contrast footprinting and port scanning. Determine which you believe is the more important step in the hacking process and explain why. Using the Internet or the Strayer Library, research at least two commonly used port scanning tools. Provide a tutorial, website or video that provides a tutorial on how to use the tools. Share with your classmates, and include links to any useful resource you find.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post often.

Additional post option: What type of pertinent information can be found during a passive scan from social media sites such as LinkedIn or Facebook

 

 

CIS 552 WEEK 5 DISCUSSION STUXNET

CIS 552 WEEK 5 DISCUSSION STUXNET

 

 

 

 

CIS 552 Week 5 Discussion Stuxnet

our readings this week emphasize enumeration and computer system hacking. One of the most sophisticated attacks found this decade is called Stuxnet, so it is worth reviewing this attack.

  • Explain in your own words the processes used by the Stuxnet attackers to conceal their actions. Discuss why you believe these were successful in being undetected for such a long period of time. In your opinion, explain what precautions could have prevented Stuxnet from occurring. Describe how Stuxnet changed the dynamics of defending threats. Are there any Internet resources you could recommend that would be useful in understanding these concepts? Share with your classmates and provide links to any useful resources you find.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post often.

Additional post option: Based on your research, who is responsible for Stuxnet?

 

 

 

 

 

https://hwacer.com/Tutorial/cis-552-week-5-discussion-stuxnet/

 

 

 

 

 

CIS 552 Week 5 Discussion Stuxnet

our readings this week emphasize enumeration and computer system hacking. One of the most sophisticated attacks found this decade is called Stuxnet, so it is worth reviewing this attack.

  • Explain in your own words the processes used by the Stuxnet attackers to conceal their actions. Discuss why you believe these were successful in being undetected for such a long period of time. In your opinion, explain what precautions could have prevented Stuxnet from occurring. Describe how Stuxnet changed the dynamics of defending threats. Are there any Internet resources you could recommend that would be useful in understanding these concepts? Share with your classmates and provide links to any useful resources you find.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post often.

Additional post option: Based on your research, who is responsible for Stuxnet?

CIS 552 WEEK 6 DISCUSSION DATABASES AND A REAL-WORLD ATTACK

CIS 552 WEEK 6 DISCUSSION DATABASES AND A REAL-WORLD ATTACK

 

 

 

CIS 552 Week 6 Discussion Databases and a Real-World Attack

 

“Risk Management” Please respond to the following:

  • History has shown that the chances of risk events occurring and their respective costs increasing can change over the project life cycle. As a project manager, select at least three (3) risk events as they apply to your selected project, and explain how you would address the risks you selected. Next, determine at least one (1) strategy to mitigate each risk occurrence.

 

 

 

 

https://hwacer.com/Tutorial/cis-552-week-6-discussion-databases-real-world-attack/

 

 

 

 

 

 

 

CIS 552 Week 6 Discussion Databases and a Real-World Attack

 

“Risk Management” Please respond to the following:

  • History has shown that the chances of risk events occurring and their respective costs increasing can change over the project life cycle. As a project manager, select at least three (3) risk events as they apply to your selected project, and explain how you would address the risks you selected. Next, determine at least one (1) strategy to mitigate each risk occurrence.

 

 

CIS 552 Week 6 Discussion Databases and a Real-World Attack

 

“Risk Management” Please respond to the following:

  • History has shown that the chances of risk events occurring and their respective costs increasing can change over the project life cycle. As a project manager, select at least three (3) risk events as they apply to your selected project, and explain how you would address the risks you selected. Next, determine at least one (1) strategy to mitigate each risk occurrence.

 

 

 

 

 

 

 

 

https://hwacer.com/Tutorial/cis-552-week-6-discussion-databases-real-world-attack/

 

 

 

 

 

CIS 552 Week 6 Discussion Databases and a Real-World Attack

 

“Risk Management” Please respond to the following:

  • History has shown that the chances of risk events occurring and their respective costs increasing can change over the project life cycle. As a project manager, select at least three (3) risk events as they apply to your selected project, and explain how you would address the risks you selected. Next, determine at least one (1) strategy to mitigate each risk occurrence.

 

 

CIS 552 Week 6 Discussion Databases and a Real-World Attack

 

“Risk Management” Please respond to the following:

  • History has shown that the chances of risk events occurring and their respective costs increasing can change over the project life cycle. As a project manager, select at least three (3) risk events as they apply to your selected project, and explain how you would address the risks you selected. Next, determine at least one (1) strategy to mitigate each risk occurrence.

 

 

 

CIS 552 WEEK 7 DISCUSSION RANSOMWARE

CIS 552 WEEK 7 DISCUSSION RANSOMWARE

 

 

CIS 552 Week 7 Discussion Ransomware

 

This week’s labs and reading focus on malware, viruses, worms, Trojans, and backdoors. Each threat is uniquely different, hence the importance of learning and understanding each threat and how to mitigate the risk.

  • Use the Internet or the Strayer Library to research recent ransomware attacks. Summarize an attack and describe how the attack was resolved. Describe the steps that can be taken to protect a PC against ransomware and determine if a particular OS is more secure against these types of attacks. Share a website or resource that shows how to mitigate ransomware attacks. Share with your classmates, and include links to any useful resource you find.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post

 

 

 

 

 

 

https://hwacer.com/Tutorial/cis-552-week-7-discussion-ransomware/

CIS 552 Week 7 Discussion Ransomware

 

This week’s labs and reading focus on malware, viruses, worms, Trojans, and backdoors. Each threat is uniquely different, hence the importance of learning and understanding each threat and how to mitigate the risk.

  • Use the Internet or the Strayer Library to research recent ransomware attacks. Summarize an attack and describe how the attack was resolved. Describe the steps that can be taken to protect a PC against ransomware and determine if a particular OS is more secure against these types of attacks. Share a website or resource that shows how to mitigate ransomware attacks. Share with your classmates, and include links to any useful resource you find.

After reading a few of your classmate’s postings, reply to the ones from which you learned something new, or to which you have something to add. Remember to get in early and post