Building the Knowledge Base This week for your capstone portfolio project, you will develop a two page summary discussing the development processes in your project. Whether this be the utilization of

Building the Knowledge Base This week for your capstone portfolio project, you will develop a two page summary discussing the development processes in your project. Whether this be the utilization of
Cybersecurity Awareness Sarah Ray CSU Global Cybersecurity Capstone ITS481 Ofori Boateng 07/31/2022 Cybersecurity Awareness Cybersecurity awareness is defined as the continuous process of educating and training people about the threats that lurk in cyberspace, how to prevent such threats, and what to do if a security incident occurs. Individuals must become aware of the dangers of browsing the web, checking email, and interacting online on websites that are not safe. Also, people should be advised to use strong passwords, use a comprehensive internet security suite, keep their software up to date, control their social media settings, improve their home network and talk to their children about the internet. It is also crucial to ensure that cybersecurity training is mandatory for everyone, implementing it with the same spirit and seriousness as other risks. People should also be educated on phishing and different ways to prevent it; phishing is the fraudulent practice of sending emails that appear to be from a legitimate source to compel victims to reveal sensitive information such as passwords and credit card numbers (Schaberreiter et al., 2022). Ensuring that specific rules for browsing, emails, and mobile phone use are also an adequate measure of promoting cybersecurity. Including security posters displayed at different organizations and security awareness content on different websites will help increase awareness. A study found that using the internet to raise awareness is the best strategy out of the different methods. Users must be aware of the organization’s security policy to increase security awareness. Cybercriminals are constantly devising new methods to circumvent the most advanced defensive tools and technologies, compromising the security of confidential information such as emails. In 2021 alone, 85 percent of data breaches were caused by cyber criminals, with 94 percent of malware distributed via email (Moallem, 2019). Cybersecurity awareness is essential for data protection; it helps secure information and protects the system from virus attacks. Week Activities Week 1 Introduction and Literature review Week 2 Methodology and Objectives Week 3 Research scope and Discussion Week 4 Conclusion and Bibliography Projected Timeline References Moallem, A. (2019). How to improve awareness. Cybersecurity Awareness Among Students and Faculty, 59-67. https://doi.org/10.1201/9780429031908-5 Schaberreiter, T., Quirchmayr, G., & Papanikolaou, A. (2022). A case for cybersecurity awareness systems. Cybersecurity Awareness, 1-19. https://doi.org/10.1007/978-3-031-04227-0_1
Building the Knowledge Base This week for your capstone portfolio project, you will develop a two page summary discussing the development processes in your project. Whether this be the utilization of
7 Strategies, possible Threats, possible Threat Actors, and Infrastructure Sarah Ray CSU Global Cybersecurity Capstone Ofori Boateng 08/07/2022 Strategies, possible Threats, possible Threat Actors, and Infrastructure Providing a safe and reliable network for a local company will fall under the purview of this project. The network will have a virtual private network, an intrusion detection and prevention system, and a firewall. Only specific kinds of traffic will be permitted via the firewall, while default settings will block all other forms of traffic. The configuration of the intrusion detection and prevention system will make it possible to identify and thwart assaults made against the network. Implementing the virtual private network (VPN) will ensure the network’s connection to the internet is kept secret and secure (Aiello, 2021). The first thing that needs to be done to build a secure network is understanding the dangers it will encounter. An attempt to render a computer or network inaccessible to its regular users is known as a denial of service attack (DoS). A denial of service assault, sometimes known as a DoS attack, is the most typical cyberattack. Injecting malicious code into a network or being infected by a virus or worm can all lead to a denial of service attack (Krzykowska-Piotrowska et al., 2021). A Man-in-the-Middle (MitM) attack is an additional form of danger. An attempt to intercept or manipulate communications that are taking place between two or more parties is referred to as a MitM attack. Attacks utilizing man-in-the-middle techniques can be brought about by either the installation of malicious software on a computer or by a hostile individual who possesses the ability to intercept communications. The data stored on a network are the most valuable asset there is. Computers, servers, and other types of storage devices are all capable of storing data. Data can also be sent across networks, such as the internet, which connects computers worldwide (Gečienė-Janulionė, 2018). The next thing that needs to be done to build a secure network is to list the assets that require protection. The secrecy of communications, the integrity of communications, and the availability of services are three more assets that must be safeguarded. Locating the weaknesses already present in the network is the third phase in establishing a secure network. The usage of weak passwords, improper configuration of equipment, and software defects are all potential causes of vulnerabilities. After a vulnerability is discovered, it is necessary to patch it or take other preventative measures. Vulnerabilities, threats, and assets can all contribute to the creation of risks. It is necessary to conduct a risk assessment to ascertain the probability of an event and its potential consequences. Identifying the threats currently present in the network is the fourth phase of building a secure network. The implementation of security measures is the fifth phase in the process of establishing a secure network. A network’s hazards can be mitigated by implementing various security mechanisms. A firewall is the most frequent and widespread form of security control. You can use a firewall to prevent all traffic from entering your network or restrict it to only specific categories of data (Maloletko, 2015). Access control lists, virtual private networks, and intrusion detection and prevention systems are some of the other forms of security measures. The monitoring of the network is the sixth phase in the process of building a secure network. Monitoring the network’s performance in addition to the network itself can be done with network monitoring software. Network monitoring can either be done manually or automatically through the software. Responding to events constitutes the seventh and last step in developing a secure network. Incidents can be brought on by either malicious attacks or technical difficulties with the network. When something terrible happens, it is critical to act quickly and take the necessary precautions to limit the harm. Recovering from an incident constitutes the eighth step in developing a secure network. Rebuilding the network or retrieving data from backups are two options for performing a recovery after an incident. Preventing future events is the ninth phase of establishing a secure network. Patching vulnerabilities, putting security rules in place, and keeping an eye on the web are all effective ways to forestall the occurrence of future events. Establishing a secure network reaches its tenth and last stage when the network itself is documented. The network documentation can be utilized to assist in problem-solving and can also be used when making plans for the network’s future growth. Conclusion Every company needs to prioritize maintaining a safe and secure network. Understanding the threats, determining the assets, resolving the vulnerabilities, evaluating the risks, putting in place security controls, monitoring the network, responding to incidents, recovering from incidents, preventing future incidents, and documenting the network are the steps involved in developing a secure network. References Aiello, S. (2021). Human/Personnel Security Threats: When Employees Turn Insider Threat Actors. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3944220 Gečienė-Janulionė, I. (2018). The Consequences of Perceived (In)security and Possible Coping Strategies of Lithuanian People in the Context of External Military Threats. Journal On Baltic Security, 4(1), 5-14. https://doi.org/10.2478/jobs-2018-0003 Krzykowska-Piotrowska, K., Dudek, E., Siergiejczyk, M., Rosiński, A., & Wawrzyński, W. (2021). Is Secure Communication in the R2I (Robot-to-Infrastructure) Model Possible? Identification of Threats. Energies, 14(15), 4702. https://doi.org/10.3390/en14154702 Maloletko, A. (2015). New Possible Threat of Economic Safety of the Hospitality Industry of the Crimea. Contemporary Problems Of Social Work, 1(3), 98-101. https://doi.org/10.17922/2412-5466-2015-1-3-98-101
Building the Knowledge Base This week for your capstone portfolio project, you will develop a two page summary discussing the development processes in your project. Whether this be the utilization of
Hardware and Software Sarah Ray CSU Global Cybersecurity Capstone Ofori Boateng 08/14/2022 Hardware and Software Summary of Hardware The hardware components will include proxy servers, firewalls, network access control, and email security gateways. The proxy servers will prevent cyber attackers from gaining access to private networks by allowing the clients to make indirect connections when accessing network services. Intrusion detection and prevention systems will be used to identify and thwart identified threats to the network (Sadqi & Mekkaoui, 2020). The firewall will permit only specific types of traffic while the default settings will block all other forms of traffic. This will help to proactively monitor and prevent malicious traffic from entering the network by thwarting both denials of service (DoS) attacks to malware on end-point devices. Web application firewalls block or allows traffic based on suspicious activity or predefined criteria (Sadqi & Mekkaoui, 2020). On the other hand, the network access control will link the state on the endpoint devices with network authentication to secure the devices connected to the network. The email security gateways monitor the incoming and outgoing email traffic from viruses, spam, compromised accounts, and phishing attempts by detecting anomalies with the network and connected devices. Summary of Software There are several software tools that will be deployed. For instance, SolarWinds Security Event Manager can help during log correlation and analysis as well as both network and host intrusion detection (Hale, 2016). This is an important cloud-based software tool to use for threat intelligence. It also offers an event log archive and a comprehensive set of integrated reporting tools. The online password protection feature of the System Mechanic Ultimate Defense software makes it unique and important in the setting. Antivirus software such as Avast software and Bitdefender Total Security software would also be suitable for network threat protection and multi-layer ransomware protection. Finally, ESET Encryption software will help to safely encrypt hard drives, files, media, and emails, increasing security against cybercrimes. Potential Vulnerabilities Some of the potential vulnerabilities will include operating system vulnerabilities, network vulnerabilities, and human vulnerabilities (Abomhara & Køien, 2015). Operating system vulnerabilities are the vulnerabilities that hackers identify and exploit in an operating system in order to gain access to the assets on the operating system. For example, having superuser accounts from the software could be used by hackers to gain access to network resources. Network vulnerabilities include issues with both the hardware and software such as poorly configured passwords which expose the network to intrusion by outside parties (Abomhara & Køien, 2015). On the other hand, human vulnerabilities include user errors that may create exploitable access points or expose sensitive data. The areas that will require additional security and attention will thus include ensuring the network is secure and reliable, ensuring the data stored is safeguarded, as well as identifying and mitigating potential threats to the computing devices on the network. This will help to provide a safe and reliable network for the local company during the project. References Abomhara, M., & Køien, G. M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders, and attacks. Journal of Cyber Security and Mobility, 65-88. Hale, B. (2016). Estimating log generation for security information events and log management. Retrieved September, 15. Sadqi, Y., & Mekkaoui, M. (2020). Design Challenges and Assessment of Modern Web Applications Intrusion Detection and Prevention Systems (IDPS). In The Proceedings of the Third International Conference on Smart City Applications (pp. 1087-1104). Springer, Cham.
Building the Knowledge Base This week for your capstone portfolio project, you will develop a two page summary discussing the development processes in your project. Whether this be the utilization of
Penetration Testing and Footprinting Sarah Ray Cybersecurity Capstone CSU Global Professor Ofori Boateng 08/25/2022 Penetration Testing and Footprinting Before attempting to secure a network adequately, it is essential first to understand the potential risks posed by the network. Testing for network penetration and leaving a digital footprint are two required methods that may be utilized to evaluate the level of security provided by a network. The process of assessing a computer system, network, or web application to locate weaknesses that an adversary could exploit is called penetration testing or pen testing. Footprinting, on the other hand, refers to the act of gathering knowledge about a target system to have a better understanding of the vulnerabilities that it possesses (More & Rohela, 2018). Both penetration testing and footprinting can be used to collect information about the target system. Penetration testing is used to find vulnerabilities, and footprinting is used to learn about the target system. When used in conjunction with one another, these two technologies make it possible to get a complete picture of the state of security within a given system. When testing for vulnerabilities, many different approaches may be taken. Social engineering is a common strategy that a lot of people use. Accessing a system is attempting to guess passwords or other information to gain access. To accomplish this, one must deceive another individual into divulging knowledge that can be utilized to break into a computer system. Using what is known as brute force attacks is yet another common strategy. When conducting penetration testing and footprinting, you can choose from various tool and method options. Metasploit, Nmap, and Burp Suite are some of the most prominent tools utilized in penetration testing. Metasploit is a robust framework for exploiting software vulnerabilities, and it can be used to launch attacks against a target computer or network. Nmap is a tool for network exploration that may be used to search a network for systems susceptible to attack. Burp Suite is a web application security testing tool that may be used to locate vulnerabilities in online applications. This can be accomplished by using the device (Koster, 2016). When carrying out a penetration test, it is essential to use the appropriate tools and approaches for the particular system being tested. For this illustration, let’s say that the target system is a web application. In this case, the primary objective of the penetration test should be to identify any flaws in the online application. If the target system is a network, the penetration test’s primary goal should be to identify weak spots in the network’s security. The process of footprinting can be carried out utilizing a vast number of tools and approaches. Whois, traceroute, and DNS enumeration are three of the most common techniques utilized throughout the footprinting process. Whois is a tool that may be used to acquire information about a domain name, such as the contact information for the owner, registrar, and other relevant parties. Traceroute is a tool that can be utilized to map the path that data travels from its origin to its final destination. DNS enumeration is a method that can be used to gather data regarding a domain’s DNS records (Shinde & Ardhapurkar, 2016). This data may include the name servers and MX records. Footprinting is a method that can be utilized to collect a wide variety of information concerning the target system. This information may include the system’s IP address, the type of software installed on it, and the operating system currently being used by the system. This information can determine the most effective way to launch an attack on a particular system. References Koster, K. (2016). Cone penetration testing: a sound method for urban archaeological prospection. Archaeological prospection, 23(1), 55-69. More, S., & Rohela, A. (2018). Vulnerability Assessment and Penetration Testing through Artificial Intelligence. International Journal of Recent Trends in Engineering & Research, 4(1), 217-224. Shinde, P. S., & Ardhapurkar, S. B. (2016, February). Cyber security analysis using vulnerability assessment and penetration testing. In 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave) (pp. 1-5). IEEE.
Building the Knowledge Base This week for your capstone portfolio project, you will develop a two page summary discussing the development processes in your project. Whether this be the utilization of
0 ENSURING THAT PEOPLE HAVE ACCESS TO ONLY WHAT THEY REQUIRE Sarah Ray CSU Global Cybersecurity Capstone Professor Ofori Boateng 8/31/22 ENSURING THAT PEOPLE HAVE ACCESS TO ONLY WHAT THEY REQUIRE System security is an essential and continuous practice that ensures people access files and information based on their roles, responsibilities and needs. It means that during system security, everyone will be assigned an account based on their work roles in the organization; an example, the employees and clients will access different types of information. Therefore during the login process, the system should be able to differentiate between other users and channel them to the right information. Therefore the first process that will be applied is user control, especially through passwords and usernames. The employee will act on behalf of the management to solve a client’s needs, General, the user verification process will ensure that everyone creates a unique username and password that shall not be shared or easily guessed. It will ensure that users can access their accounts only; therefore, the information they get will be based on their needs. Additionally, the continued updates on the accounts shall only be verified by the IT management within the organization to ensure there are no errors in communication. Harambam et al. (2019). Secondly, we shall create data classification procedures in the organization, ensuring that people at the lower ranks can access less critical data than those in management positions. This will be our precautionary measure, especially considering that there are many workers within the organization, which increases our security threat. However, as one’s hierarchy in the organization goes lower, one will access more specific information that would have minimal or no impact on the organization if exposed. An example, the top employees will access more classified intellectual property in the organization, including the competitive strategies, marketing records, profitability records, customer data etc. We will also implement account monitoring activities to ensure safety and that people access the data needed. An example, we shall conduct a system audit once per month to ensure that all systems function effectively. The auditing will help understand the risk levels of different accounts and whether the users are handling them responsibly or not. Users found to have compromised security or terms of the organization will be summoned to the IT manager’s office for retraining. The account auditing process shall also ensure that people whose contract is expired or have stopped working for the organization have their accounts revoked. It will ensure they do not have access to our internal communications, which would be used against us by competing companies. Our program will ensure that users have access to information they require by ensuring the remoting access process is highly monitored. We understand that most hackers normally target employees working from a separate geographical location and using devices not authorized by the company. Therefore we will protect our information against illegal access by limiting the access to one device specified by the company. While employees will be informed that all their remote access will be monitored, in case of any threats, their accounts will be temporarily suspended. Chromik et al. (2019, March). Finally, our program will ensure that there are specifications of whatever employees may do or not do on their personal and company computers. An example, employees will seek permission to download files, install new software on the organization’s computers and access unauthorized websites. Within the system, an automated process will scan for malware for any download that occurs, limiting access to malicious files. Generally, employee education regarding data security and accountability within the organization will be essential in promoting the maximum security of our database. During the sensitization, the employees will understand their limitations, and whoever they should consult in case they face difficulties. In conclusion, our primary method to ensure limited access to data is to use control through passwords and usernames to ensure user authentication. The second method will be data classification; as one’s hierarchy level increases, one will have access to more confidential information in the organization. References Chromik, M., Eiband, M., Völkel, S. T., & Buschek, D. (2019, March). Dark Patterns of Explainability, Transparency, and User Control for Intelligent Systems. In IUI workshops (Vol. 2327). https://www.medien.ifi.lmu.de/pubdb/publications/pub/chromik2019iuiworkshop/chromik2019iuiworkshop.pdf Harambam, J., Bountouridis, D., Makhortykh, M., & Van Hoboken, J. (2019, September). Designing for the better by considering users: A qualitative evaluation of user control mechanisms in (news) recommender systems. In Proceedings of the 13th ACM Conference on Recommender Systems (pp. 69-77). https://dl.acm.org/doi/abs/10.1145/3298689.3347014
Building the Knowledge Base This week for your capstone portfolio project, you will develop a two page summary discussing the development processes in your project. Whether this be the utilization of
0 THE TYPES OF ALERTS Sarah Ray CSU Global Cybersecurity Capstone Professor Ofori Boateng 8/31/22 THE TYPES OF ALERTS The major sorts of alerts in our organization will be email and SMS communication. Firstly, email communication will be the most significant, where all employees will provide their emails to the IT office. At the same time, the organization will create corporate emails, especially for the management positions to make them different from others within the organization. Therefore after the assessment of the processes in the organization, the involved IT personnel will develop an email citing the problem they have observed and changes that should be expected. Then the system’s users shall be forwarded the email in real-time. Brain & Crosby (2011). The simple mail transfer protocol or SMTP will be used by the organization to receive and send emails to the involved parties. The email transfer will be based on whether the receivers are local or remote. An example, for local recipients, the emails should remain in the service and will be accessed by IMAP and POP. While for the remote recipients, the DNS (domain name server) will be used to locate the appropriate IP address of the recipient. However in case, the communication will be queued in case the remote SMTP is not accessible; however, if the queue period exceeds one day, it will be returned to the sender. While SMS communication will be used for communicating urgent but special information that requires an immediate reaction from the recipient, the information communication shall be limited to only one hundred characters, while attachments shall not be allowed. Therefore all employees will provide their phone numbers for direct contact through SMS. For SMS to work, the recipient and sender have to be connected to a network provider. After clicking send button, the information is transmitted by the closest cellphone tower, just like how it occurs when making calls. The tower will then send the information to the closest receiving tower next to the recipient, thus relaying the communication to their cell phone. Rayarikar et al. (2012). References Brain, M., & Crosby, T. (2011). How email works. URL: http://www. HowStuffWorks. com/email. htm (дата звертання: 11.10. 2018). https://edurev.gumlet.io/files/5747_49ba216b-1f15-4a17-86b0-15b0b19c3b9f.pdf Rayarikar, R., Upadhyay, S., & Pimpale, P. (2012). SMS encryption using AES algorithm on android. International Journal of Computer Applications, 50(19), 12-17. https://www.researchgate.net/file.PostFileLoader.html?id=55c212f66225ff9e068b4623&assetKey=AS%3A273825676103681%401442296536278