Risk Threat and Vulnerability Management 12pages PowerPoint in two days =120

0 Comment

Many companies and agencies conduct IT audits to test and assess the rigor of IT security controls in order to mitigate risks to IT networks. Such audits meet compliance mandates by regulatory organizations. Federal IT systems follow Federal Information System Management Act (FISMA) guidelines and report security compliance to US-CERT, the United States Computer Emergency Readiness Team, which handles defense and response to cyberattacks as part of the Department of Homeland Security. In addition, the Control Objective for Information Technology (COBIT) is a set of IT security guidelines that provides a framework for IT security for IT systems in the commercial sector.These audits are comprehensive and rigorous, and negative findings can lead to significant fines and other penalties. Therefore, industry and federal entities conduct internal self-audits in preparation for actual external IT audits, and compile security assessment reports.In this project, you will develop a 12-page written security assessment report and executive briefing (slide presentation) for a company and submit the report to the leadership of that company.There are six steps to complete the project. Most steps in this project should take no more than two hours to complete, and the project as a whole should take no more than three weeks to complete. Begin with the workplace scenario, and then continue to Step 1.Step 1: Conduct a Security Analysis BaselineIn the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).You will get your information from a data-flow diagram and report from the Microsoft Threat Modeling Tool 2016. The scope should include network IT security for the whole organization. Click the following to view the data-flow diagram: [diagram and report]Include the following areas in this portion of the SAR: Security requirements and goals for the preliminary security baseline activity. Typical attacks to enterprise networks and their descriptions. Include Trojans, viruses, worms, denial of service, session hijacking, and social engineering. Include the impacts these attacks have on an organization. Network infrastructure and diagram, including configuration and connections. Describe the security posture with respect to these components and the security employed: LAN, MAN, WAN, enterprise. Use these questions to guide you: What are the security risks and concerns? What are ways to get real-time understanding of the security posture at any time? How regularly should the security of the enterprise network be tested, and what type of tests should be used? What are the processes in play, or to be established to respond to an incident? Workforce skill is a critical success factor in any security program, and any security assessment must also review this component. Lack of a skilled workforce could also be a security vulnerability. Does the security workforce have the requisite technical skills and command of the necessary toolsets to do the job required? Is there an adequate professional development roadmap in place to maintain and/or improve the skill set as needed? Describe the ways to detect these malicious code and what tactics bad actors use for evading detection. Public and private access areas, web access points. Include in the network diagram the delineation of open and closed networks, where they co-exist. In the open network and closed network portion, show the connections to the Internet. Physical hardware components. Include routers and switches. What security weaknesses or vulnerabilities are within these devices? Operating systems, servers, network management systems. data in transit vulnerabilities endpoint access vulnerabilities external storage vulnerabilities virtual private network vulnerabilities media access control vulnerabilities ethernet vulnerabilities Possible applications. This network will incorporate a BYOD (bring your own device) policy in the near future. The IT auditing team and leadership need to understand current mobile applications and possible future applications and other wireless integrations. You will use some of this information in Project 2 and also in Project 5.The overall SAR should detail the security measures needed, or implementations status of those in progress, to address the identified vulnerabilities. Include: remediation mitigation countermeasure recoveryThrough your research, provide the methods used to provide the protections and defenses.From the identification of risk factors in the risk model, identify the appropriate security controls from NIST SP 800-53A and determine their applicability to the risks identified.The baseline should make up at least three of the 12 pages of the overall report.When you have completed your security analysis baseline, move on to the next step, in which you will use testing procedures that will help determine the company’s overall network defense strategy.Step 2: Determine a Network Defense StrategyYou’ve completed your initial assessment of the company’s security with your baseline analysis. Now it’s time to determine the best defenses for your network.Start by reading a publication by the National Institute of Standards and Technology, NIST-SP-800-115 Technical Guide to Information Security Testing and Assessment, and outline how you would test violations. Identify how you will assess the effectiveness of these controls and write test procedures that could be used to test for effectiveness. Write them in a manner to allow a future information systems security officer to use them in preparing for an IT security audit or IT certification and accreditation. Within this portion of the SAR, explain the different testing types (black box testing, white box testing).Include these test plans in the SAR. The strategy should take up at least two of the 12 pages of the overall report.Click the following link to learn more about cybersecurity for process control systems: Cybersecurity for Process Control SystemsAfter you’ve completed this step, it’s time to define the process of penetration testing. In the next step, you’ll develop rules of engagement (ROE).Step 3: Plan the Penetration Testing EngagementNow that you’ve completed your test plans, it’s time to define your penetration testing process. Include all involved processes, people, and timeframe. Develop a letter of intent to the organization, and within the letter, include some formal rules of engagement (ROE). The process and any documents can be notional or can refer to actual use cases. If actual use cases are included, cite them using APA format.This portion should be about two pages of the overall 12-page report.After you have outlined the steps of a penetration testing process, in the next step you will perform penetration testing. During the testing, you will determine if the security components are updated and if the latest patches are implemented, and if not, determine where the security gaps are.Step 5: Complete a Risk Management Cost Benefit AnalysisYou’ve completed the penetration testing, and now it’s time to complete your SAR with a risk management cost benefit analysis. Within this analysis, think about the cost of violations and other areas if you do not add the controls. Then add in the cost for implementing your controls.When you have finished with the cost benefit analysis, which should be at least one page of your overall report, move to the final step, which is the completed SAR. As part of the final assignment, remember that you will need to create a slide presentation as part of the executive briefing, and submit that along with the SAR.Step 6: Compile the SAR, Executive Briefing, and Lab ReportYou have completed comprehensive testing in preparation for this audit, provided recommended remediations, and developed a set of recommendations. Now you are ready to submit your SAR and executive briefing.The requirements for Project 1 are as follows: Executive briefing: A three- to five-slide visual presentation for business executives and board members. Security assessment report (SAR): Your report should be 12 pages minimum, double-spaced with citations in APA format. The page count does not include figures, diagrams, tables or citations.Step 6: Compile the SAR, Executive Briefing, and Lab ReportYou have completed comprehensive testing in preparation for this audit, provided recommended remediations, and developed a set of recommendations. Now you are ready to submit your SAR and executive briefing.The requirements for Project 1 are as follows: Executive briefing: A three- to five-slide visual presentation for business executives and board members. Security assessment report (SAR): Your report should be 12 pages minimum, double-spaced with citations in APA format. The page count does not include figures, diagrams, tables or citations.ScreenShot2020-04-12at9.21.25AM.pngScreenShot2020-04-12at9.21.34AM.pngScreenShot2020-04-12at9.21.11AM.pngPosted: an hour agoDue: 14/04/2020Budget: $120Tags: POWERPOINTurgent Answers 1smart-tutor4.6 (57)4.7 (831)Chatan hour agoPurchase the answer to view itDiscussionQuestions.docxTry it first(plagiarism check)Buy answer $120Bids 89Dr. Michelle_KMGrace GradesMiss HilaryMath GuruuMukul5078Dr. ElahiMusyokionesabdul_rehman_KATHERINE BECKSDr. AmeerahQuickly answer hassan0906Rosie SeptemberWIZARD_KIMbennetsandovaAsad UllahHomework Prowizard kimMBA MASTERDexterMastersRESPECT WRITERProCastrol01PROF. ANNuniversity workMathStat GeniusBrilliant GeekDr WillymartinsEmily MichaelBrainy BrianPaula HogAgher Editorquality work for allCatherine OwensMichelle OwensJenny BoomTiny Chrissleek-writersarapaul2013Jessica Luisbrilliant answersprof avrilCasey CeliaTutorJoeKimProf. ClariseDr Candice_2547ChrisProfNursing_MissansRohanSaburBimhmd.fsmart-tutorDrNicNgaoEva Greenjuliusmu33Miss ProfessorWendy LewisANN HARRISDr R Judy MarkGuruu MathProf.MacQueenTutor Cyrus Kenwork solutionskim woodsAmerican TutorperfectoSaad FahimAcademic MentorAbdullah AnwarCotton CandyRELIABLE PAPERSJen Tech1A-Grade WriterMiss Emily BluntkatetutorExpert Essay WriterProff work phd phyllis youngPROFJUMAAAElprofessorisuniyaziaQuickMentorMiss Lily J.Raphael j.k.Avryle Katherineexpro254Amelia IrisTop Notch AnswerSolution_voltkatty_julietOther questions 10Opening a New Factorymanaging employee preformance 5For Prof.Goodman Only Law factorised_factsFOR PHYLLIS YOUNGFinal Paper, FOR WIZARD KIM ONLYneed assignment doneModule 5 AssignmentUnit 5 DBNot ratedProjectMany companies and agencies conduct IT audits to test and assess the rigor of IT security controls in order to mitigate risks to IT networks. Such audits meet compliance mandates by …Not ratedworkThe requirements for Project 1 are as follows: Executive briefing: A three- to five-slide visual presentation for business executives and board members. Security assessment report (SAR): …Blog ArchiveCopyright © 2019 Read MoreApplied SciencesArchitecture and DesignBiologyBusiness & FinanceChemistryComputer ScienceGeographyGeologyEducationEngineeringEnglishEnvironmental scienceSpanishGovernmentHistoryHuman Resource ManagementInformation SystemsLawLiteratureMathematicsNursingPhysicsPolitical SciencePsychologyReadingScienceSocial Science window.__REDUX__STATE__ = ‘{“appMeta”:{“serverRendered”:true},”apiRequests”:{“pendingRequestCount”:0,”succeededRequestCount”:4,”failedRequestCount”:0,”requestCounters”:{“GET_FIELDS_PENDING”:0,”GET_ENTITY_PENDING”:0,”GET_FIELDS_SUCCESS”:1,”GET_ENTITY_SUCCESS”:1,”GET_SIMILAR_QUESTIONS_PENDING”:0,”GET_OTHER_QUESTIONS_PENDING”:0,”GET_SIMILAR_QUESTIONS_SUCCESS”:1,”GET_OTHER_QUESTIONS_SUCCESS”:1}},”currentUserMeta”:{“id”:0,”isGuest”:true,”isReceivingEmails”:null,”authMethod”:null,”approvalTicket”:null,”fees”:null,”disputesAmount”:null,”earningsStats”:{“questions”:{“totalPurchases”:0,”totalIncome”:0},”tutorials”:{“totalPurchases”:0,”totalIncome”:0}}},”modal”:{},”joyride”:{“steps”:[]},”users”:{“guest-0”:{“role”:”student”,”isGuest”:true}},”usersStatuses”:{},”usersThreads”:{},”usersReviews”:{},”usersQuestions”:{},”reviewsPage”:{“results”:[]},”reviews”:{},”answersReviews”:{},”threads”:{},”questions”:{“11016241”:{“body”:”Based on your past experiences and the knowledge gained during your course work, consider the following question, and post a substantive initial post:Kotter’s 8 steps of change focus on introducing …”,”id”:11016241,”title”:”Unit 5 DB”,”isTutorial”:false,”isEssay”:true,”due”:”2016-08-09T00:00:00.000Z”,”budget”:5,”fieldOfStudyId”:2600,”userId”:45413,”published”:true,”newBids”:0,”createdAt”:”2016-08-05T16:44:16.000Z”,”fieldOfStudy”:{“id”:2600,”name”:”Human Resource Management”,”anchor”:”Human Resource Management”,”createdAt”:”2017-09-06T03:15:16.000Z”,”path”:{“id”:5886191,”path”:”/fields/human-resource-management”,”sitemap”:true,”amp”:false,”createdAt”:”2017-12-24T22:55:21.000Z”}},”path”:{“id”:1205026,”path”:”/content/unit-5-db-11016241-2″,”sitemap”:true,”amp”:true,”createdAt”:”2017-09-06T03:23:07.000Z”},”rating”:{“id”:1098997,”grade”:100,”num”:2,”createdAt”:”2018-03-18T08:20:56.000Z”}},”11019511″:{“body”:”Module 5 Homework Assignment1. Find the critical value or values of χ2based on the given information. H1: σ < 26.1, n = 9, α = 0.01Solution:Instructor Comments:2. …","id":11019511,"title":"Module 5 Assignment","isTutorial":false,"isEssay":false,"due":"2016-08-07T21:00:00.000Z","budget":5,"fieldOfStudyId":100,"userId":211176,"published":true,"newBids":0,"createdAt":"2016-08-06T02:14:31.000Z","fieldOfStudy":{"id":100,"name":"Mathematics","anchor":"Mathematics","createdAt":"2017-09-06T03:15:16.000Z","path":{"id":5886107,"path":"/fields/mathematics","sitemap":true,"amp":false,"createdAt":"2017-12-24T22:55:21.000Z"}},"path":{"id":1205314,"path":"/content/module-5-assignment-11019511-2","sitemap":true,"amp":true,"createdAt":"2017-09-06T03:23:07.000Z"}},"11019661":{"body":"Read the article titled, “Enterprise IT shops now choose SSD storage,” located here and at the …","id":11019661,"title":"need assignment done","isTutorial":false,"isEssay":false,"due":"2016-08-13T00:00:00.000Z","budget":15,"fieldOfStudyId":2000,"userId":528709,"published":true,"newBids":0,"createdAt":"2016-08-06T02:45:18.000Z","fieldOfStudy":{"id":2000,"name":"Information Systems","anchor":"Information Systems","createdAt":"2017-09-06T03:15:16.000Z","path":{"id":5886185,"path":"/fields/information-systems","sitemap":true,"amp":false,"createdAt":"2017-12-24T22:55:21.000Z"}},"path":{"id":1205332,"path":"/content/need-assignment-done-11019661-2","sitemap":true,"amp":true,"createdAt":"2017-09-06T03:23:07.000Z"}},"11028001":{"body":"This paper will be an application of the leadership practice concepts learned throughout your degree program to a real-world situation. In an eight- to ten-page paper, discuss one significant …","id":11028001,"title":"Final Paper, FOR WIZARD KIM ONLY","isTutorial":false,"isEssay":false,"due":"2016-08-10T00:00:00.000Z","budget":75,"fieldOfStudyId":6700,"userId":662063,"published":true,"newBids":0,"createdAt":"2016-08-06T17:41:04.000Z","fieldOfStudy":{"id":6700,"name":"Business Finance - Management","anchor":"Management","fieldOfStudyId":900,"createdAt":"2017-09-06T03:15:16.000Z","path":{"id":5886227,"path":"/fields/business-finance-management","sitemap":true,"amp":false,"createdAt":"2017-12-24T22:55:21.000Z"}},"path":{"id":1205784,"path":"/content/final-paper-wizard-kim-only","sitemap":true,"amp":true,"createdAt":"2017-09-06T03:23:07.000Z"}},"11032697":{"body":"Culturally Competent Training for Health ProfessionalsFor this discussion:Discuss, as a leader in nursing, how you could assist in providing culturally competent health education on CAM, …","id":11032697,"title":"FOR PHYLLIS YOUNG","isTutorial":false,"isEssay":true,"due":"2016-08-18T00:00:00.000Z","budget":4,"fieldOfStudyId":6900,"userId":213592,"published":true,"newBids":0,"createdAt":"2016-08-07T02:31:09.000Z","fieldOfStudy":{"id":6900,"name":"Nursing","anchor":"Nursing","createdAt":"2017-09-06T03:15:16.000Z","path":{"id":5886229,"path":"/fields/nursing","sitemap":true,"amp":false,"createdAt":"2017-12-24T22:55:21.000Z"}},"path":{"id":1206132,"path":"/content/phyllis-young-11032697-2","sitemap":true,"amp":true,"createdAt":"2017-09-06T03:23:07.000Z"}},"11032727":{"body":"APA referencing academic sources or books onlydiscuss and evaluate harmonisation of IFRS","id":11032727,"title":"factorised_facts","isTutorial":false,"isEssay":false,"due":"2016-08-11T12:00:00.000Z","budget":50,"fieldOfStudyId":1900,"userId":638489,"published":true,"newBids":0,"createdAt":"2016-08-07T02:38:33.000Z","fieldOfStudy":{"id":1900,"name":"Business Finance - Accounting","anchor":"Accounting","fieldOfStudyId":900,"createdAt":"2017-09-06T03:15:16.000Z","path":{"id":5886183,"path":"/fields/business-finance-accounting","sitemap":true,"amp":false,"createdAt":"2017-12-24T22:55:21.000Z"}},"path":{"id":1206138,"path":"/content/factorisedfacts-1","sitemap":true,"amp":true,"createdAt":"2017-09-06T03:23:07.000Z"}},"11033513":{"body":"Please reread the case of Branham v. Ford Motor Co. on Page 302,answer the following questions,and submit to the digital drop box.Since the injured plaintiff was not wearing a seatbelt, …","id":11033513,"title":"Law ","isTutorial":false,"isEssay":false,"due":"2016-08-07T00:00:00.000Z","budget":7,"fieldOfStudyId":2700,"userId":635441,"published":true,"newBids":0,"createdAt":"2016-08-07T05:58:17.000Z","fieldOfStudy":{"id":2700,"name":"Law","anchor":"Law","createdAt":"2017-09-06T03:15:16.000Z","path":{"id":5886193,"path":"/fields/law","sitemap":true,"amp":false,"createdAt":"2017-12-24T22:55:21.000Z"}},"path":{"id":1206180,"path":"/content/law-11033513-2","sitemap":true,"amp":true,"createdAt":"2017-09-06T03:23:07.000Z"}},"11037633":{"body":"Dear Prof ,You just have to answer the yellow marked bullet point .( 100 words )You are assigned to work on a team in the workplace with a person who has a different …14/04/2020120computerscience