CYB 200 Project Three Milestone Decision Aid Template

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

200

Subject

Computer Science

Date

Feb 20, 2024

Type

docx

Pages

8

Uploaded by ISSIT_Learn

Report
CYB 200 Project Three Milestone Decision Aid Template Complete the template by filling in the blank cells provided. I. Detection 1. Describe the following best practices or methods for detecting a threat actor. Awareness The understanding of the current security risk posture within the organization. It can also mean the process of teaching users about security objectives, the current threats and trends, and to motivate users to comply with the stated security policies. Auditing The process of evaluating devices and software to avoid data breaches by checking how their operation meets your security goals. It is used to detect abnormal behavior. Monitoring Reviewing and measuring all security controls to capture actions and changes on systems. Collecting information from network sensors to identify patterns that indicate a potential threat or security incident. Testing The testing of systems, networks, and software programs to sse how secure they are and to see if they can withstand an attack from a person with bad intent. Sandboxing Offers a monitored and controlled environment where unknown software cannot cause harm to the real hosting computer.
Citations: Amoroso, Edward.   Cyber Attacks : Protecting National Infrastructure , Elsevier Science & Technology, 2010.   ProQuest Ebook Central , https://ebookcentral-proquest-com.ezproxy.snhu.edu/lib/snhu-ebooks/ detail.action?docID=610561. Cebula, James L., and Lisa R. Young.   A taxonomy of operational cyber security risks . Carnegie-Mellon Univ Pittsburgh Pa Software Engineering Inst, 2010. Hoopes, John, and John Hoopes.   Virtualization for Security : Including Sandboxing, Disaster Recovery, High Availability, Forensic Analysis, and Honeypotting , Elsevier Science & Technology Books, 2008.   ProQuest Ebook Central , https://ebookcentral-proquest-com.ezproxy.snhu.edu/lib/snhu-ebooks/ detail.action?docID=421177 . Kim, David, and Michael Solomon.  Fundamentals of Information Systems Security . 3rd ed., Jones & Bartlett Learning, 2016.  Lord, Nate. “What Is Threat Monitoring?”  Digital Guardian , 29 Sept. 2020, https://digitalguardian.com/blog/what-threat-monitoring. 
II. Characterization 2. Briefly define the following threat actors. Individuals who are “shoulder surfers” A person who looks over the shoulder of other people who are typing into a computer screen. Individuals who do not follow policy An insider is a serious threat actor that comes from within an organization, a contractor, or a business partner. This person could be a disgruntled employee looking to get financial gain from selling information or an employee looking to conceal information through fake transactions. Individuals using others’ credentials Individuals who tailgate Individuals who follow other individuals so close that they can sneak past a secure door or access area. Individuals who steal assets from company property Citations: Kim, David, and Michael Solomon.  Fundamentals of Information Systems Security . 3rd ed., Jones & Bartlett Learning, 2016. 
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
3. Describe the following motivations or desired outcomes of threat actors. Fraud People who commit fraud want power and financial gain by stealing people’s identity and bank account information. It is the deliberate act to benefit oneself or a collaborator at the expense of someone else or an organization. Sabotage People who sabotage are looking to destroy property or obstruct normal operations. A deliberate action taken to cause failure in an organization asset or process. Vandalism Some threat actors may vandalize public or private systems to gain notoriety. They want attention and/or to build a reputation. They could also do it for financial gain. Vandalism is the deliberate damaging of organizational assets, often done at random. Theft People who commit theft are searching for financial gain and power. It is the intentional and unauthorized taking of organizational assets. Citations: Ablon, Lillian. "Data Thieves."   The Motivations of Cyber Threat Actors and Their Use and Monetization of Stolen Data   (2018). Blog, RedLegg. “7 Types of Cyber Threat Actors and Their Damage.”  RedLegg , 2 Feb. 2020, https://www.redlegg.com/blog/cyber-threat-actor-types.  Kim, David, and Michael Solomon.  Fundamentals of Information Systems Security . 3rd ed., Jones & Bartlett Learning, 2016.  Rennie, Morgan. “What Is Cyber Fraud?”  DeltaNet , 12 Apr. 2022, https://www.delta-net.com/knowledge- base/compliance/fraud-awareness/what-is-cyber-fraud/. 
4. Identify the company assets that may be at risk from a threat actor for the following types of institutions. Remember: Each company will react differently in terms of the type of assets it is trying to protect. Financial Medical Educational Government Retail Pharmaceutical Entertainment Citations:
III. Response Choose a threat actor from Question 2 to research for the response section of the decision aid: Threat Actor 5. Describe three potential strategies or tactics that you would use to respond to and counter the threat actor you chose. Hint: What are the best practices for reacting to this type of threat actor? Strategy 1 Strategy 2 Strategy 3 Citations:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
6. Describe three potential strategies or tactics that you would employ to reduce the likelihood of a similar threat occurring again. Hint: What are the best practices for proactively responding to this type of threat actor? Strategy 1 Strategy 2 Strategy 3 Citations:
7. Explain your reason for determining the threat actor you chose to research. Why are the strategies you identified appropriate for responding to this threat actor? Justify your tactics to proactively and reactively respond to this threat actor.

Related Documents

Chapter 9 Lab - working with data types and functions(1).docx
Project 6_ Parking Lot with rubrics.docx
COMP228Lab6F16 (3) (1).docx
CSCI570_Fall2023.pdf
F103A_Short_Answer_Questions.docx
A1.pdf
Quizzes 1-12.docx
CNET221_LAB4_301297030.docx
Networking Quiz - TIA Ch 7_ EM 2024 SPRING-CIS105 17957_100.pdf
System Software Quiz - TIA Ch 5_ EM 2024 SPRING-CIS105 17957.pdf
Computer Hardware Quiz - TIA Ch 2_ EM 2024 SPRING-CIS105 17957.pdf
Syllabus and Policies Acknowledgement Quiz_ EM 2024 SPRING-CIS105 17957_1.pdf
Recommended textbooks for you
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS