Creating and Delivering Professional Presentations
Project 2: Nations Behaving Badly
Start Here
Despite work that cyber management teams perform in regard to systems design, network security protocols, hardware and software maintenance, training, policies, implementation, maintenance, and monitoring, breaches can and do occur. In this project, you will work with a team of other cyber professionals to analyze and respond to anomalous network activities.
The graded submission for Project 2 is a packaged deliverable to the CISO about risk and network intrusion, to be completed as a team. The deliverable to the CISO will include the following five parts:
Cybersecurity Risk Assessment including Vulnerability Matrix
Incident Response Plan
Service-Level Agreement
FVEY Indicator Sharing Report
Final Forensic Report
The project will take 15 days to complete. After reading the scenario below, proceed to Step 1, where you will establish your team agreement plan.
The US reports data exfiltration has been detected in the IDS (intrusion detection system). All nations will perform forensic analysis and collect corroborating information to identify the bad actor.
Prior to the summit, your nation team was tasked with setting up its own independent secure comms network. Now, at 3 a.m., just hours before the summit begins, you receive a text message from your CISO that reads: “I need to meet with the team immediately about an urgent matter. Please come to the conference room next to my hotel room now so we can discuss it.”
You quickly dress and head to the conference room. When you arrive, she breaks the news to your team: The nation hosting the summit has detected data exfiltration in its IDS (intrusion detection system). It is likely that this pattern of network traffic could also result in buffer overflows or other attacks such as denial of service. Each nation’s server is at risk.
“The report shows that the pattern of network traffic is anomalous,” says the CISO. “And the point of origin is internal. Someone at the summit is involved in this.”
Given the nature of the summit, participants understand that all nations have a common goal. “None of the FVEY members would have done this,” says a colleague. “It’s got to be the Russians or the Chinese. Friends don’t read each other’s mail.”
The CISO says, “No one is above suspicion here. Our FVEY partners have been known to both collect intelligence and seek to embarrass other partners when it suited their strategic needs. It could have been anyone. Until we know for sure, though, we will continue to regard them as allies.”
Leaders of the nations at the summit agree they all need to perform forensic analysis on their respective systems to identify the bad actor.
Your CISO continues. “Let’s get to the bottom of this. We’re all familiar with data exfiltration attacks; do you think that’s part of what we’re dealing with here? Or do you think there’s more? Use our packet sniffing tools to analyze the network traffic. Additionally, we need to identify attack vectors and attributes. Give me any information you can find on the tools, techniques, and the identity of this bad actor. Also, establish an incident response plan that we can use in case of another cyber event.”
“Our systems went down due to this attack. We need to examine the service-level agreement to see what it will take to get the summit back up and running. After our analysis, we need to quickly let our allies know how to protect their networks through an indicator sharing report.
“Remember, no one is above suspicion—not even our allies. Got it?”
Everyone nods in agreement. The CISO says, “Good. Now get to work. I’m going to try to go back to sleep for a few hours.”
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
Project 2: Nations Behaving Badly
Step 1: Establish Team Agreement Plan
As a part of your nation team, an agreement needs to be established in order to work efficiently on each project. Begin by revisiting your current team agreement document, which includes a suggested schedule for project completion. Update your team agreement with roles and assignments for this project. Your team will use this document as a guide to establish a plan for completing and submitting the group tasks. When you have completed the plan, resubmit it for review in the dropbox below.
In the next step, you will identify attack vectors.
Step 2: Identify Attack Vectors
You and your nation state have just suffered an intrusion attack. As a cybersecurity professional, one of the first steps is to identify potential attack vectors. For each known cybersecurity vulnerability and known threats (addressing cybersecurity threats through risk management, international cybersecurity approaches, you and your team members need to identify attack vectors via information systems hardware, information systems software, operating systems (operating system fundamentals, operating system protections), telecommunications (internet governance), and human factors (intrusion motives/hacker psychology). Then, you must determine if any attribution is known for the threat actor most likely involved in exploiting each weakness.
Review the materials on attack vectors if a refresher is needed. Once you’ve identified the attack vectors in this step, you will be able to participate in the next step, in which you will discuss your findings with colleagues and compare the findings with their analyses.
Step 3: Discuss Attack Vectors and Known Attribution
In light of your research in the last step, you will now use your group’s discussion board to share your thoughts with other members of your nation team. Review the findings of classmates in your group, noting points of agreement or disagreement, asking critical questions, and making suggestions for improvement or further research.
You should research incidents of known attribution of the hackers and actors who employ the attack vectors previously discussed by your group. This step provides a variety of options and perspectives for your group to consider when drafting the Attack Vector and Attribution Analysis in the next step.
This step also provides the foundation for research into known attribution, which will help you to discern the motivation for intrusion as well as the identity of the hackers and actors who employ the attack vectors noted.
Step 4: Analyze Attack Vectors and Known Attribution
You’ve discussed attack vectors and attribution with your nation state team members. In this step, your group will prepare an Attack Vector and Attribution Analysis of your group’s findings in the previous steps. The analysis should first identify all possible attack vectors via hardware, software, operating systems, telecommunications, and human factors. Next, you should discuss whether attribution is known for the threat actor (hackers and actors) likely involved in exploiting each weakness. Integrate supporting research via in-text citations and a reference list. This analysis will play a key role in the development of a Vulnerability Assessment Matrix and Cybersecurity Risk Assessment in the next few steps.
Step 5: Develop the Vulnerability Assessment Matrix
With the Attack Vector and Attribution Analysis complete, in this step your nation team will assess the impact of identified threats and prioritize the allocation of resources to mitigate or prevent risks. As a group, you will collaborate to develop and submit one Vulnerability Assessment Matrix for your nation. This spreadsheet includes the following:
characterization of current and emerging vulnerabilities and threats (cybersecurity vulnerability)
identification of the attack vector(s) employed
your assessment (high, medium, or low) of the impact the vulnerability could have on your organization
Submit your team’s matrix for feedback. This matrix will be included in the final project deliverable, the Cybersecurity Risk Assessment.
In the next step, you and your nation team members will conduct research on best practices and countermeasures for the kind of attack your nation team sustained at the summit.
Step 6: Research Industry Best Practices and Countermeasures
At this point, you and your team members have analyzed attack vectors and used your research to construct a vulnerability assessment matrix. The next step in the process of analyzing the intrusion is to look at common practices and countermeasures that can be used for the type of attack your team incurred at the summit.
In this step, you and your team members will perform research on current best practices for authentication, authorization, and access control methods. You will also research possible countermeasures and cyber offense strategies that may be available. Review the materials on countermeasures and cyber offensives/warfare if needed. This research will help you make recommendations in the cybersecurity risk assessment, which you develop in the next step. Approach your research with transparency to support trust among your team. Review these resources on risk assessment and risk assessment approaches to prepare for the next step. The following links will provide you with resources on industry standards and best practices:
Security Operations
Software Development Security
Security Assessment and Testing
Security Engineering
Step 7: Develop the Cybersecurity Risk Assessment
In this step, your team will prepare the Cybersecurity Risk Assessment in the form of a PowerPoint presentation. This is one of your three final deliverables, which you will submit for feedback as a group, and then for individual assessment at the end of the project.
The presentation should identify current measures for authentication, authorization, and access control, and clearly explain weaknesses in your organization’s security (to include people, technology, and policy) that could result in successful exploitation of vulnerabilities and/or threats. The presentation should conclude with recommendations (e.g., continue to accept risks, accept some risks (identify them), mitigate some risks (identify them), mitigate all risks, etc.). Include the attack vector and attribution analysis, and the vulnerability matrix from the previous steps. Don’t try to shoehorn every point into your presentation. For guidance on creating presentations, refer to the following:
Creating and Delivering Professional Presentations
Record a Slide Show with Narration and Slide Timings
Converting PowerPoint and Uploading to YouTube
Submit your Cybersecurity Risk Assessment PowerPoint for feedback by uploading it to YouTube. At the end of this project, your team will submit the presentation in the form of a YouTube link for grading.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
