Project 4 Threat Analysis and Exploitation Assignment
Order ID:89JHGSJE83839 Style:APA/MLA/Harvard/Chicago Pages:5-10 Instructions:
Project 4 Threat Analysis and Exploitation Assignment
Transcript (background):
You are part of a collaborative team that was created to address cyber threats and exploitation of US financial systems critical infrastructure. Your team has been assembled by the White House Cyber National security staff to provide situational awareness about a current network breach and cyber attack against several financial service institutions. Your team consists of four roles, a representative from the financial services sector who has discovered the network breach and the cyber attacks. These attacks include distributed denial of service attacks, DDOS, web defacements, sensitive data exfiltration, and other attack vectors typical of this nation state actor. A representative from law enforcement who has provided additional evidence of network attacks found using network defense tools. A representative from the intelligence agency who has identified the nation state actor from numerous public and government provided threat intelligence reports. This representative will provide threat intelligence on the tools, techniques, and procedures of this nation state actor. A representative from the Department of Homeland Security who will provide the risk, response, and recovery actions taken as a result of this cyber threat. Your team will have to provide education and security awareness to the financial services sector about the threats, vulnerabilities, risks, and risk mitigation and remediation procedures to be implemented to maintain a robust security posture. Finally, your team will take the lessons learned from this cyber incident and share that knowledge with the rest of the cyber threat analysis community. At the end of the response to this cyber incident, your team will provide two deliverables, a situational analysis report, or SAR, to the White House Cyber National security staff and an After-Action Report and lesson learned to the cyber threat analyst community.
Step 2: Assessing Suspicious Activity
Your team is assembled and you have a plan. It’s time to get to work. You have a suite of tools at your disposal from your work in Project 1, Project 2, and Project 3, which can be used together to create a full common operating picture of the cyber threats and vulnerabilities that are facing the US critical infrastructure.
To be completed by all team members: Leverage the network security skills of using port scans, network scanning tools, and analyzing Wireshark files, to assess any suspicious network activity and network vulnerabilities.
Step 3: The Financial Sector
To be completed by the Financial Services Representative: Provide a description of the impact the threat would have on the financial services sector. These impact statements can include the loss of control of the systems, the loss of data integrity or confidentiality, exfiltration of data, or something else. Also provide impact assessments as a result of this security incident to the financial services sector.
To be completed by all team members: Provide submissions from the Information Sharing Analysis Councils related to the financial sector. You can also propose fictitious submissions. Also, review the resources for Industrial Control Systems, and advise the importance of them to the financial services sector. Explain the risks associated with the Industrial Controls Systems. (1-2 page)
Step 4: Law Enforcement
To be completed by the Law Enforcement Representative: Provide a description of the impact the threat would have on the law enforcement sector. These impact statements can include the loss of control of systems, the loss of data integrity or confidentiality, exfiltration of data, or something else. Also provide impact assessments as a result of this security incident to the law enforcement sector. (2 page)
Step 5: The Intelligence Community
To be completed by all team members: Provide an overview of the life cycle of a cyber threat. Explain the different threat vectors that cyber actors use, and provide a possible list of nation-state actors that have targeted the US financial services industry before. (1-2 page)
Review this threat response and recovery resource and use what you learned from the resource to provide or propose an analytical method in which you are able to detect the threat, identify the threat, and perform threat response and recovery. Identify the stage of the cyber threat life cycle where you would observe different threat behaviors. Include ways to defend against the threat, and protect against the threat. Provide this information in the SAR and AAR.
To be completed by the Intelligence Community Representative: Provide intelligence on the nation-state actor, their cyber tools, techniques, and procedures. Leverage available threat reporting such as from FireEye, Mandiant, and other companies and government entities that provide intelligence reports. Also include the social engineering methods used by the nation-state actor and their reasons for attacking US critical infrastructure. Include this information in the SAR and AAR.
Step 6: Homeland Security
To be completed by the Homeland Security Representative: Use the US-CERT and other similar resources to discuss the vulnerabilities and exploits that might have been used by the attackers.
Explore the resources for risk mitigation and provide the risk, response, and risk mitigation steps that should be taken if an entity suffers the same type of attack.
To be completed by all team members: Provide a risk-threat matrix and provide a current state snapshot of the risk profile of the financial services sector. These reports will be part of an overall risk assessment, which will be included in the SAR and AAR. (1-2 page)
Review and refer to this risk assessment resource to aid you in developing this section of the report.
Step 7: The SAR and AAR
All team members: After you compile your research, and your own critical assessments and analysis, determine which information is appropriate for a Security Assessment Report (SAR) that will be submitted to the White House, and an After Action Report (AAR) that will be submitted to the rest of the analyst community.
Prepare your SAR for the White House Cyber National Security Staff, describing the threat, the motivations of the threat actor, the vulnerabilities that are possible for the threat actor to exploit, current and expected impact on US financial services critical infrastructure, the path forward to eliminate or reduce the risks, and the actions taken to defend and prevent against this threat in the future.
Prepare the AAR. This knowledge management report will be provided to the cyber threat analyst community, which includes the intelligence community, the law enforcement community, the defense and civilian community, the private sector, and academia. The purpose of the AAR is to share the systems life cycle methodology, rationale, and critical thinking used to resolve this cyber incident.
The deliverables for this project are as follows:
Security Assessment Report (SAR): This report should be a 14-15 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
After Action Report (AAR): This report should be a 10-15 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
A 5-8 slide PowerPoint presentation for executives along with narration or In-Class presentation by each team member summarizing a portion of your SAR and AAR report.
Project 4 Threat Analysis and Exploitation Assignment
RUBRIC
Excellent Quality
95-100%
Introduction 45-41 points
The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.
Literature Support
91-84 points
The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.
Methodology
58-53 points
Content is well-organized with headings for each slide and bulleted lists to group related material as needed. Use of font, color, graphics, effects, etc. to enhance readability and presentation content is excellent. Length requirements of 10 slides/pages or less is met.
Average Score
50-85%
40-38 points
More depth/detail for the background and significance is needed, or the research detail is not clear. No search history information is provided.
83-76 points
Review of relevant theoretical literature is evident, but there is little integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are included. Summary of information presented is included. Conclusion may not contain a biblical integration.
52-49 points
Content is somewhat organized, but no structure is apparent. The use of font, color, graphics, effects, etc. is occasionally detracting to the presentation content. Length requirements may not be met.
Poor Quality
0-45%
37-1 points
The background and/or significance are missing. No search history information is provided.
75-1 points
Review of relevant theoretical literature is evident, but there is no integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are not included in the summary of information presented. Conclusion does not contain a biblical integration.
48-1 points
There is no clear or logical organizational structure. No logical sequence is apparent. The use of font, color, graphics, effects etc. is often detracting to the presentation content. Length requirements may not be met
You Can Also Place the Order at www.collegepaper.us/orders/ordernow or www.crucialessay.com/orders/ordernow