Category: Cyber security

How does the evolving landscape of cyber threats and technological advancements impact the strategies, challenges, and ethical considerations in modern cyber security practices?

Overview
The increasing number of remote workers introduces new vulnerabilities, as employees access corporate networks from various, potentially unsecured locations. This scenario often reveals hidden expertise gaps within IT teams, who must now manage a broader range of security issues across multiple platforms. Furthermore, the integration of BYOD devices into the workplace adds another layer of complexity. These personal devices, with varied levels of security, accessing corporate networks, present unique challenges in maintaining a secure IT environment.
In this assignment, you will explore the implications of these evolving trends on the security of operating systems within an enterprise context. You will analyze how the integration of diverse operating systems, influenced by mobility and BYOD trends, impacts an organization’s security posture. Your task will involve developing strategies to mitigate risks associated with BYOD devices and one other security threat, such as ransomware, hacker scams, insider threats, remote work vulnerabilities, or hidden expertise gaps.
Preparation
Research security features of a mobile OS of your choice.
Research security risks associated with one other threat of your choice from the following list:
Ransomware.
Hacker scams.
Insider threats.
Remote work vulnerabilities.
Hidden expertise gaps.
Instructions
Complete each of the following parts in a Word document. Use clear headers that label each part and section.
Evaluate common security threats for enterprises.
Evaluate threats addressed by a BYOD policy.
Evaluate threats addressed by one other security policy.
Explain the risk factors associated with mobile devices and one other security threat.
Analyze the vulnerabilities that inform these risks.
Analyze security protocols on routers and switches.
Support the analysis with reference to scholarly or industry research on common security threats.
Evaluate how features of a specific mobile OS keep their devices secure.
Additional Requirements
Your assignment should also to meet the following requirements:
Written communication: Written communication should convey the writer’s purpose in an appropriate tone and style that adheres to professional writing standards and incorporates evidence where relevant. Visit the Capella Writing CenterLinks to an external site. for a variety of helpful writing resources.
Format: Submit your assignment in a Word document with well-labeled responses.
Cited sources: All literature cited should be current, with publication dates within the past five years. Visit the Capella University LibraryLinks to an external site. for a variety of research resources.
APA format: Resources, citations, title page, and reference page should be formatted according to current APA style and formatting standards. Visit Evidence and APALinks to an external site. for resources to help you with APA format.
Competencies Measured
By successfully completing this assignment, you will demonstrate your proficiency in the following course competencies and scoring guide criteria:
Competency 1: Apply core concepts, technologies, components, and issues related to communications and data networks.
Analyze security protocols on routers and switches as supported by scholarly or industry research on common security threats.
Competency 2: Analyze common enterprise security threats and associated risk factors.
Analyze common security threats for enterprises impacted by a BYOD policy and one other policy that impacts security.
Explain the risk factors associated with mobile devices and one other security threat.
Analyze how features of a specific mobile OS keep their devices secure.
Competency 6: Communicate effectively and professionally.
Write with few spelling, grammatical, or mechanical errors.
Strategic Mobility and Security in a Complex World
Strategic Mobility and Security in a Complex World
Criteria Ratings Pts
Analyze common security threats for enterprises impacted by a BYOD policy and one other policy that impacts security.
16 to >13.6 pts
DISTINGUISHED
Evaluates common security threats to an enterprise posed by a BYOD policy and one other policy that impacts security.
13.6 to >11.2 pts
PROFICIENT
Analyzes common security threats to an enterprise posed by a BYOD policy and one other policy that impacts security.
11.2 to >0 pts
BASIC
Describes common security threats to an enterprise posed by a BYOD policy or one other policy that impacts security.
0 pts
NON_PERFORMANCE
Does not describe common security threats to an enterprise posed by a BYOD policy or one other policy that impacts security.
/ 16 pts
Explain the risk factors associated with mobile devices and one other security threat.
16 to >13.6 pts
DISTINGUISHED
Explains the risk factors associated with mobile devices and one other security threat, and analyzes the vulnerabilities that inform these risks.
13.6 to >11.2 pts
PROFICIENT
Explains the risk factors associated with mobile devices and one other security threat.
11.2 to >0 pts
BASIC
Lists the risk factors associated with mobile devices and one other security threat or explains them in a way that is incorrect or confusing.
0 pts
NON_PERFORMANCE
Does not list the risk factors associated with mobile devices and one other security threat.
/ 16 pts
Analyze security protocols on routers and switches as supported by scholarly or industry research on common security threats.
16 to >13.6 pts
DISTINGUISHED
Analyzes security protocols on routers and switches as supported by scholarly or industry research on common security threats, including a description of what was learned from the research.
13.6 to >11.2 pts
PROFICIENT
Analyzes security protocols on routers and switches as supported by scholarly or industry research on common security threats.
11.2 to >0 pts
BASIC
Analyzes security protocols on routers and switches without support from scholarly or industry research on common security threats.
0 pts
NON_PERFORMANCE
Does not analyze security protocols on routers and switches.
/ 16 pts
Analyze how features of a specific mobile OS keep their devices secure.
16 to >13.6 pts
DISTINGUISHED
Evaluates how features of a specific mobile OS keep their devices secure.
13.6 to >11.2 pts
PROFICIENT
Analyzes how features of a specific mobile OS keep their devices secure.
11.2 to >0 pts
BASIC
Describes how features of a specific mobile OS keep their devices secure or produces an analysis that is flawed or lacks depth.
0 pts
NON_PERFORMANCE
Does not describe how features of a specific mobile OS keep their devices secure.
/ 16 pts
Write with few spelling, grammatical, or mechanical errors.
16 to >13.6 pts
DISTINGUISHED
Writes with no spelling, grammatical, or mechanical errors.
13.6 to >11.2 pts
PROFICIENT
Writes with few spelling, grammatical, or mechanical errors.
11.2 to >0 pts
BASIC
Writes with several spelling, grammatical, or mechanical errors.
0 pts
NON_PERFORMANCE
Writes with many spelling, grammatical, or mechanical errors.
/ 16 pts
Total Points: 0

Please independently research the elements of an Asset Security Plan.   
For this assignment,  you will develop an asset security policy presentation.  The audience is your CIO and the technology and business teams,  The CIO wants  to develop and implement a policy to ensure that asset security becomes a part of the organizational culture, with proper and responsible steps.
Asset Security Research Presentation:
For this assignment, you will prepare a 10-13 PowerPoint slide presentation using all of the concepts that we have covered in this module along with your own independent research to develop an asset security policy.  Your CIO would like you to present this policy to the technology and business teams.
Within your presentation:
Detail the new asset security policy that you have developed. How did your findings researching this assignment determone the chages to the policy?
Describe how you implement this new policy in your plan.  Training??
Considering normal organizational challenges, what proactive steps would you recommend for implementing and managing this new policy? 
How will you ensure that the policy is properly being implemented? How will you continue to maintain this policy?  What are the metrics for success?
Include a cover slide, introductory slide, conclusion slide, and references slide.  All of these slides will not count in your required total of slides. 

I could not find an option for executive summary, but please provide an Executive Summary of the following article.  

Assignment Content
The target organization from your Passive Footprinting Report in Week 1 has hired your company to conduct a penetration (pen) test. You will present your client an explanation of how you will prepare and execute the attack as part of the pen test.
Create a 16- to 20-slide presentation with speaker notes explaining the steps you will take in your attack plan. Explain the techniques and tools you will use to do all of the following: Identify services the network provides
Identify operating systems
Identify initial targets
Complete a vulnerability assessment
Gain access to the network
Escalate privileges Cover tracks
Format any references according to APA guidelines.

A company is
considering hiring you to make cybersecurity risk assessment on their IT and OT
operations. As part of the interview, you must submit the project below for
review.
Project outline
Investigate the OT vs. IT
security threats and problems with an emphasis on highlighting key differences,
common vulnerabilities and practical mitigation techniques. Your project should
consist of four parts: an analysis of the security landscapes for IT and OT, a
look at threats, an assessment of the security measures that are in place, and
recommendations for improved security posture.
Project description/detail
This research project will investigate the different
security paradigms of IT and OT settings. It should look into the challenges that
arise by potential weaknesses in legacy systems, conflicting priorities and
possible entry points for malicious actors. The project should also look at new
threats, such as supply chain assaults, ransomware and insider threats and
evaluate how they affect both IT and OT systems.
The main objective of this study:
Give readers a thorough grasp of
the risks and problems associated with IT vs. OT security and provide
organizations with the information and insights the need in order to create
strong security plans for their IT and OT environments. Lastly, examine and
present the changing threat landscape and the existing security practices and
strategies.
Possible
resources required
Access
to literature, research papers and industry reports on IT and OT security.
Access
to IT and OT cybersecurity professionals for insights and expertise.
Utilization
of cybersecurity frameworks and standards.
Insight
on data collection tools (i.e SKADA software) for gathering information on
existing security measures and vulnerabilities in OT systems.

i want a literature review about log analysis and correlation – i want the literature review to be categorized as machine learning based approach and deep learning based approach . in each study i want the main objective, achieved method , limitation and results.
check the attached file for the format

Read the article The Secret History of the FBI’s Battle Against Apple Reveals the Bureau’s Mistake
https://finance.yahoo.com/news/secret-history-fbi-apos-battle-173731670.html?guccounter=1
Write a 3-5 page position paper in which you:
Explain, based on the article and additional research, whether you agree with the FBI or Apple.
Be sure to justify your opinion with supporting information.
Describe a possible compromise to the issue for future cases that would allow the investigation to continue.
Take a position on whether technology is moving too fast for the judicial system.
Include supporting information that justifies your position.
Recommend at least two improvements the courts can make to catch up and/or keep up with the advancements in technology issues and crimes.
Be sure to support your recommendations.
Integrate into the assignment at least three quality professional and/or academic resources, written within the past five years.
Note: Wikipedia and similar websites do not qualify as quality resources.
One of your resources may be the provided article.

Assignment:
Social Engineering Attack against a Fortune 10 USA Company
Assignment:  You will use any combination of social engineering techniques we discussed in class to develop a strategy to exploit information, damage reputations, or steal intellectual property, or money of the targeted organization.  These companies are listed as the ten most profitable American companies from the Fortune 500 list. You may use them or any other company on the list.
Apple
J.P. Morgan Chase
Berkshire Hathaway
Wells Fargo
Alphabet (Google)
Bank of America
Microsoft
Johnson & Johnson
Citi Group
Altria Group (Philip Morris)
RULES: 
Your plan must be ‘realistic’ (technically, politically, economically)
Your research MUST be focused upon real people and business deliverables and be provable.
SUBMISSION:  Word/PowerPoint/Other methods which:
Outlines your strategy/goal
Identifies specific targets (people, products, services, groups)
Discusses the methods of targeting
Provides a timeline of the plan
FINAL THOUGHTS:
This is your opportunity to develop a social engineering plan that could actually work.
Be bold, innovative, and take risks…but, it MUST be executable.
WARNING:  DO NOT ACTUALLY IMPLEMENT THIS ATTACK!!!!!!!!!  THIS EXERCISE IS FOR ACADEMIC PURPOSES ONLY.

The final projects would be graded entirely by your instructor. You can pick either experimental or theoretical work as your final projects. I highly encourage you to form a group of 2 or 3 for your group project; however, it is fine to work alone as well. The final grade would be for the entire group and hence the same mark would be given to every group member. The idea behind having a group project is to put your knowledge of the subject to some real use and
To perform Internet-based journalism-style information gathering and reporting,
To improve you presentation skills,
To practice teamwork and critical-thinking skills, and 
To consolidate your knowledge about a current topic of information security.
Arrange a meeting with me the week before your first draft is due if you need ideas for project. Some venues where you can find project ideas are as follows:
https://intellipaat.com/blog/cyber-security-project-ideas/Links to an external site.
http://www.infosecurity-magazine.com/ Links to an external site.
http://securityintelligence.com/ Links to an external site.
http://www.darkreading.com/ Links to an external site.
http://www.securityweek.com/ Links to an external site.
http://www.theregister.co.uk/security Links to an external site.
http://www.technewsworld.com/perl/section/cyber-security Links to an external site.
http://www.informationsecuritybuzz.com/ Links to an external site.
http://www.homelandsecuritynewswire.com/topics/cybersecurity Links to an external site.
http://www.infosecnews.org/ Links to an external site.
http://www.infosecurity-magazine.com/ Links to an external site.
http://www.inforisktoday.eu/ Links to an external site.
http://threatpost.com/ Links to an external site.
http://www.trendmicro.com/vinfo/us/security/news/ Links to an external site.
http://www.wired.com/security/Links to an external site.
This is by no means an exhaustive list. You can also implement some real world crypto systems, blockchain to see how bitcoin mining works, etc. Feel free to consult me. In general, it would be a good idea to reach out to me if you have any questions regarding your project.
As the final project, submit a pdf file for your group project with 11 points font and 1 inch spacing all around. If your work is experiment based, ensure to submit a working code and a read me file to verify the correctness of your results. This experiment work can be an implementation of an earlier paper, but it should not be plagiarized, i.e., no copying of the codebase of the authors of the work you are implementing or testing. There is a reason behind it. There is a NeurIPS 2019 paper that showed that many of the experimental results could not be duplicated, so you should never blindly trust previous works, even though peer-reviewed. One thing we would continuously try to do is to question validity of every claim we make. Theoretical work can be a survey of some of the recent work (even one) related to the wide topic of security and privacy. Again ensure that you understand the paper(s) you are including in your survey and are able to reproduce it as your own. Your paper should be a summary of past and current work on your topic, and though not required, it might be beneficial for you to give an overview of known open problems and potential future directions in the area.
Some venues where you can papers for your projects are NeurIPS, ICML, COLT, CRYPTO, EUROCRYPT, USENIX Security, ACM CCS, IEEE Symposium on Security and Privacy, and the NDSS Symposium.