Category: Cyber security

Submit your one page memo to Case Project 2-4.
Your manager informs you that your company is going to have a new digital forensics lab built. It will have space for additional computers to perform password cracking. You’re asked to research hardware and software requirements for this task and write a one-page memo describing recommendations for a password cracking computer running multiple GPUs in a cluster of other systems with multiple GPUs. State what OS is recommended for these clusters’ systems.

Greetings class,
Organizing IT security policies by domain offers improved clarity and focus, ensuring that each policy is tailored to address specific security needs and risks associated with distinct areas of the organization. This approach allows for more relevant and actionable guidelines, making it easier for employees to understand and adhere to security measures. Additionally, segmenting policies by domain enhances manageability, as each domain can be independently updated, audited, and revised, streamlining the compliance and review processes. Organizing IT security policies by domain ensures comprehensive coverage, clear responsibilities, and scalability, enabling the organization to adapt its security measures as it grows or changes.
While organizing IT security policies by domain offers clarity and focus, it also presents the disadvantage of potential fragmentation and inconsistency. Each domain-specific policy might develop independently, leading to overlaps, gaps, or contradictions between policies in different domains. This can confuse employees navigating multiple policies, potentially undermining overall security effectiveness. Maintaining and updating numerous domain-specific policies can also become resource-intensive and complex, requiring coordinated efforts to ensure alignment and coherence across the organization.
Due to its dynamic and boundary-spanning nature, applying security policies can be particularly challenging in the “Remote Access” domain. Remote access involves securing connections from various locations, devices, and networks, each with different security postures. The diversity of endpoints, from home offices to mobile devices, introduces numerous vulnerabilities that are harder to manage and control. Ensuring secure remote access requires robust encryption, multi-factor authentication, and constant monitoring to detect and mitigate threats in real time. Moreover, the difficulty is compounded by the rapid evolution of remote work technologies and the increasing sophistication of cyber threats. Employees’ adherence to security practices while working remotely can be inconsistent, adding another layer of complexity.
-Cam
Wand, D. (2021, December 30). Securing the seven domains of IT infrastructure – Dan Wand – medium. Medium. https://cyberfore.medium.com/securing-the-seven-do…
Kaseya. (2024, March 12). IT infrastructure management: Benefits, challenges and best practices. Kaseya. https://www.kaseya.com/blog/it-infrastructure-mana…

This assignment requires that you review the article, Tammy Pettinato Oltz, ARTICLE: Educating Robot-Proof Attorneys, 97 N.D. L. Rev. 185 (2022) and deconstruct it into its primary elements, namely:
The Research Question;
The Thesis;
The Claims or argument;
The Evidence or supporting facts; and,
The Conclusion(s)
1. Locate  the article using NexisUni and save it into a Microsoft Word document. Locate the elements by annotating with the “highlight” tool and/or using the Comments tool (available on the “Review” tab on the top of the page) to provide remarks in the margins.  
2. Briefly critique the article by identifying both its strong elements and those that were less compelling.
3. Finally, assess this resource’s utility to you after you have broken it down through this deconstruction process and understand the argument and facts that the author used to support his/her claims. Provide your answers in a separate Word document. Your critique should be no longer than a single double-spaced written page.
Please provide a complete citation for your chosen resource in either Bluebook or APA format (do not mix the two styles).
THIS EXERCISE WILL PREPARE YOU TO WRITE YOUR PAPERS.
When you have completed your exercise, please title using your name and upload it in the Assignments module.

Organization to be used is: The John Day Dam and Lock
Using the organization you signed up for in Module 1, describe the following:
First, define the type of data you expect to collect for future CTI analysis.
Provide at least two alternatives for data transport from the collection points and data storage of the CTI date. 
Explain which stakeholders will need to be involved in planning and executing the data collection and storage initiative 
Create an estimate of the amount of data that will be collected and stored by day and month. Explain your strategy for archiving and managing the data. 
Criteria and Requirements
Title page
Length
Undergraduate: 2 pages, double-spaced
References page (for papers with cited sources)

As the CIO your job is to educate and keep your employees and the corporate information  safe and private.
CyberSecurity Management is a complex field. In any company you will encounter employees who know very little about the field and how to manage their own security. Careless or uninformed staff  are the second most likely cause of a serious security breach, second only to malware.
Sometimes personnel may take cybersecurity requirements too lightly, leading to dramatic consequences for the organizations they work for.
Your job is to create a short 3 minute  “Educational ” video, with audio, that will be shared with all new employees, designed to teach them about the importance of cybersecurity and their responsibility to keep CyberSafe.
Please include the following information:
1. As your employees are new to the concept of cybersecurity, you will need to provide information about the field.
2. Information about the top cyber threats targeted at your employees and how to avoid becoming a victim.
3. A copy of your script for the video.
4. Always remember to include all of your references in APA or MLA formatting. 
(Moreover just a script for me to read and make the video)

Case Study Analysis
Networks and personal computers are under continuous assault from hackers. The types of attacks vary widely in complexity and severity, but according to the text, hackers generally have one of three motives for compromising network:
Financial fraud,
Political reasons, or
Personal reasons.
Search the Internet to find an example of a hacking activity or situation that represent a cyber-crime, but is different from any examples you used in other assignments for this course.
Write a critical essay that meets the following requirements:
Cite and briefly describe your example.
Apply what you have learned from the course to this point to identify arguments both in support of and are critical of the behavior of the attackers.
Discuss which of the three motives best describes the hacker’s intentions and why that motive is the correct one.
Discuss how an information security policy or planning could have impacted the outcome of this event.
Your paper should be 3-4-pages in length and conform to APA guidelines. Include at least two credible references

Analyze a specific security technology, detailing its applications, benefits, challenges, and impact on information security. Choose a topic by April 28th, outline by May 5th, and submit the first draft by May 12th. The final 1500-2500 word paper is due by May 21st. Ensure it includes an introduction, technical overview, applications, benefits, challenges, future outlook, and conclusion, with at least five credible sources, following an academic citation style

Final Project
Research Topic: Impacts
of sophisticated phishing attacks on Critical infrastructure
Requirement:
The final project must be at least 15-20 pages long
excluding references, 10 APA-formatted and referenced pages, including the
title page and references.
Project must have table of content explaining the
Introduction, Hypothesis, Problem statement, Purpose of study, Significance of
the Study, Research questions; Literature review (theoretical frameworks, gaps
in current literature); the Research Design/Methodology; expected value of the
research (explanation of why you expect your analysis to be valuable to the
field of emergency and disaster management); regulatory frameworks, suggestions
for future research and conclusions.
You must submit your Final Project as any other Written
Assignment in the course to Turn It through Week 8 Assignments.
Final Project without a satisfactory Turn It In Similarity
Index (in the blue or green, or around 23 percent or lower) will not be
accepted for grading.
You can submit your Final Project to Turn It In through Week
8 Assignments multiple times. I will count your latest Final Project Turn It
submission as your final submission.
DO NOT SUBMIT YOUR FINAL PROJECT TO YOUR PERSONAL TURN IT IN
Account or through someone else’s account before you submit it under Week 8
Assignments.
Submitting YOUR FINAL PROJECT TO YOUR PERSONAL TURN IT IN
ACCOUNT or using someone else’s Turn It In account will render your actual Week
8 submission ineligible for grading. It will generate 100 percent similarity
(plagiarism) once (re)submitted under Week 8 Assignments.
In the Final Project, all listed sub-headings/sub-sections
from the Final Project Content and Format must be included.
In the Literature Review section, you should APA 7th
Ed-review at least 10 peer-reviewed authors who wrote on the chosen subject in
addition to primary sources (laws, regulations, conventions, treaties, and
media sources). Wikipedia should not be used as a reference.
In the Analysis section, you should critically assess the
authors’ premises, logic of inquiry, and claims. You should inject your own
thoughts on these authors’ analyses and the topic itself by the end of the
Literature Review and in the Analysis section. The Analysis section should
conclude with a statement on your own previously stated Hypothesis that should
answer the question if your Thesis is valid or not.

INTRODUCTION
In today’s digital world, most fraud can be tracked electronically. In this task, you will use Basis Technology’s Autopsy application to analyze a storage device for evidence related to a possible violation of company policy. You will analyze the storage device for data files, deleted data files, directories, or drive partitions. You will provide screenshots of your evidence, and then write a final report.
To access the Autopsy application and the files you need to recover, you will use the “Performance Assessment Lab Area” web link. Instructions for how to access the tools are included in the lab area.
SCENARIO
An oil company’s senior management has reason to suspect that John Smith, one of the company’s mechanical engineers, allegedly took information that was clearly identified as proprietary. The company’s legal office has requested digital evidence regarding the potential violation of company policy, which prohibits the sharing of proprietary information without prior approval. The employee was not authorized to access proprietary information. All employees sign nondisclosure agreements (NDAs) and acceptable use policies (AUPs). Senior management and the legal office have approved the request for digital evidence.
You are a member of the investigative team that has been assigned to examine the digital evidence captured from the suspect’s office laptop computer. You will create an incident report to present the findings to senior management.
REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. The similarity report that is provided when you submit your task can be used as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt).
A.  Write a report for the team of investigators by doing the following:
1.  Describe all steps taken in Autopsy to create the forensic system case file. Provide screenshots of these steps.
2.  Describe all steps taken in Autopsy to identify potential evidence including data files, deleted data files, directories, or drive partitions. Provide screenshots of these steps.
3.  Summarize the findings you identified during your investigation and the conclusions you made regarding the suspect and the collected evidence. Provide screenshots from Autopsy or reports to support your findings and conclusions.
B.  Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
C.  Demonstrate professional communication in the content and presentation of your submission.
File Restrictions
File name may contain only letters, numbers, spaces, and these symbols: ! – _ . * ‘ ( )
File size limit: 200 MB
File types allowed: doc, docx, rtf, xls, xlsx, ppt, pptx, odt, pdf, csv, txt, qt, mov, mpg, avi, mp3, wav, mp4, wma, flv, asf, mpeg, wmv, m4v, svg, tif, tiff, jpeg, jpg, gif, png, zip, rar, tar, 7z
RUBRIC
A1:STEPS USED TO CREATE FORENSIC CASE FILE
NOT EVIDENT
The submission does not describe the steps taken in Autopsy to create the forensic system case file or does not provide screenshots of these steps.
APPROACHING COMPETENCE
The submission describes the steps taken in Autopsy to create the forensic system case file, but the description contains inaccuracies, or 1 or more steps are missing or not described. Or the provided screenshots do not reflect each step.
COMPETENT
The submission accurately describes all steps taken in Autopsy to create the forensic system case file. The provided screenshots reflect each step.
A2:STEPS USED TO IDENTIFY POTENTIAL EVIDENCE
NOT EVIDENT
The submission does not describe the steps taken in Autopsy to identify potential evidence or does not provide screenshots of these steps.
APPROACHING COMPETENCE
The submission describes the steps taken in Autopsy to identify potential evidence, but the description contains inaccuracies, or 1 or more steps are missing or not described. Or the description is missing either data files, deleted data files, directories, or drive partitions. Or the provided screenshots do not reflect each step.
COMPETENT
The submission accurately describes all steps taken in Autopsy to identify potential evidence, including data files, deleted data files, directories, and drive partitions. The provided screenshots reflect each step.
A3:SUMMARY OF FINDINGS AND CONCLUSIONS
NOT EVIDENT
The submission summarizes neither the findings identified during the investigation, nor the conclusions made regarding the suspect or the collected evidence. Or Autopsy screenshots or reports are not provided.
APPROACHING COMPETENCE
The submission summarizes either the findings identified during the investigation, or the conclusions made regarding the suspect and the collected evidence, but it does not summarize both. Or the summary contains inaccuracies. Autopsy screenshots or reports are provided, but they do not support the summarized findings or conclusions.
COMPETENT
The submission accurately summarizes both the findings identified during the investigation and the conclusions made regarding the suspect and the collected evidence. The provided Autopsy screenshots or reports support the summarized findings and conclusions.
B:SOURCES
NOT EVIDENT
The submission does not include both in-text citations and a reference list for sources that are quoted, paraphrased, or summarized.
APPROACHING COMPETENCE
The submission includes in-text citations for sources that are quoted, paraphrased, or summarized and a reference list; however, the citations or reference list is incomplete or inaccurate.
COMPETENT
The submission includes in-text citations for sources that are properly quoted, paraphrased, or summarized and a reference list that accurately identifies the author, date, title, and source location as available or the candidate does not use sources.
C:PROFESSIONAL COMMUNICATION
NOT EVIDENT
Content is unstructured, is disjointed, or contains pervasive errors in mechanics, usage, or grammar. Vocabulary or tone is unprofessional or distracts from the topic.
APPROACHING COMPETENCE
Content is poorly organized, is difficult to follow, or contains errors in mechanics, usage, or grammar that cause confusion. Terminology is misused or ineffective.
COMPETENT
Content reflects attention to detail, is organized, and focuses on the main ideas as prescribed in the task or chosen by the candidate. Terminology is pertinent, is used correctly, and effectively conveys the intended meaning. Mechanics, usage, and grammar promote accurate interpretation and understanding.
WEB LINKS
https://lrps.wgu.edu/provision/272148024

Here is the link to the article.  I have also downloaded the instructions for an article review.
https://natlawreview.com/article/hacked-hacker-hire-lessons-yahoo-data-breaches-so-far