CYB 200 Project Three Milestone Decision Aid Template

docx

School

Full Sail University *

*We aren’t endorsed by this school

Course

MISC

Subject

Industrial Engineering

Date

Feb 20, 2024

Type

docx

Pages

7

Uploaded by streaming85

Report
5-3 Project Three Milestone: Decision Aid CYB 200 Nickolas Cook February 9, 2024 Complete the template by filling in the blank cells provided. Detection 1. Describe the following best practices or methods for detecting a threat actor. Awareness Awareness training is about being aware of your environment and awareness trainings give employees ways to be aware of suspicious behavior. Auditing This would include examining details of all transactions, calculations or process from a computer performing the repetitive tasks without failing or fatiguing. Monitoring Monitoring is simply a record of the time spent on tasks or activities. There are various programs that keep track of various transactions and processes even on your computer or network. This includes screen grabs, messages, websites visited etc. Testing This is when a system is evaluated for threats itself. Sandboxing With sandboxing, you can execute code in a sandboxed environment that mirrors the rest of the end-users and helps protect against threat actors. Citations: Alshammary, M. (2022). Mobile applications and algorithms for information security. Edegbeme-Beláz, A., & Kerti, A. (2022). A New Approach to Information Security Auditing in Public Administration. Military Engineer / Hadmérnök, 17(3), 109–131. https://doi-org.ezproxy.snhu.edu/10.32567/hm.2022.3.8
Characterization 2. Briefly define the following threat actors. Individuals who are “shoulder surfers” Real-time insights as seamless as a person looking over their shoulder. For example, watching someone type in a password or a 4-digit code into an ATM machine. Individuals who do not follow policy Just someone who breaks the rules or the rules don't apply to them. Individuals using others’ credentials Users who do not use their user name or password to access the system. Individuals who tailgate Someone who tricks someone into opening a door and entering without permission. For example, a gym member who pays for access and has a fob, allows their friend to enter, or catches the door just before it closes. Individuals who steal assets from company property The term “taking” refers to people who take other people’s property.The term “taking” refers to people who take other people’s property. Citations: Yang, S., Paul, S. D., & Bhunia, S. (2021). Hands-On Learning of Hardware and Systems Security. Advances in Engineering Education, 9(2).
3. Describe the following motivations or desired outcomes of threat actors. Fraud How to get access to money, vehicles, or information. Sabotage Seeking vengeance, or political agenda. Vandalism Political Agenda, to support a non-help group, motivation to sue for damages. Theft Whether it’s revenge or profit. Citations: Yang, S., Paul, S. D., & Bhunia, S. (2021). Hands-On Learning of Hardware and Systems Security. Advances in Engineering Education, 9(2).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
4. Identify the company assets that may be at risk from a threat actor for the following types of institutions. Remember: Each company will react differently in terms of the type of assets it is trying to protect. Financial PII, Financial Data, Tax information and Social Security numbers Medical Medical records, PII, Confidential data Educational Educational merits, diplomas, certifications and Pll Government Communications, PII, Things that have never been released to the people that may ruin or do harm Retail Merchandise, Finances, Credit Cards, Socials, PII Pharmaceutical Pharmacy records, Medical Data, PII Entertainment Streaming services Credit Cards Credentials for other services Citations: Yang, S., Paul, S. D., & Bhunia, S. (2021). Hands-On Learning of Hardware and Systems Security. Advances in Engineering Education, 9(2). Response
Choose a threat actor from Question 2 to research for the response section of the decision aid: Threat Actor Shoulder Surfers 5. Describe three potential strategies or tactics that you would use to respond to and counter the threat actor you chose. Hint: What are the best practices for reacting to this type of threat actor? Strategy 1 Strategy 2 Strategy 3 Protect your devices and other logins from attack by keeping your back to a wall away from glass o mirrors. Hide the keypad or data pad in ATM machines, on screen protectors, and take precautionary privacy measures with open transactions, where someone may be looking. Be mindful of your environment when discussing personal data. Do not discuss credit card details or personally identifiable information (PII) in the same circumstances, even if you are in a hurry. Always assume that if someone is recording in a public space, they are recording you or the conversation you are having. Citations: Yang, S., Paul, S. D., & Bhunia, S. (2021). Hands-On Learning of Hardware and Systems Security. Advances in Engineering Education, 9(2).
6. Describe three potential strategies or tactics that you would employ to reduce the likelihood of a similar threat occurring again. Hint: What are the best practices for proactively responding to this type of threat actor? Strategy 1 Strategy 2 Strategy 3 Secure all devices with screen protectors, lock when you leave for any reason, and always use password protection or encryption on all devices. When you need to share sensitive or non-public information, go to private locations. If there’s a chance someone will see what you’re doing, stop and move or wait for the coast to clear. Citations: Edegbeme-Beláz, A., & Kerti, A. (2022). A New Approach to Information Security Auditing in Public Administration. Military Engineer / Hadmérnök, 17(3), 109–131. https://doi-org.ezproxy.snhu.edu/10.32567/hm.2022.3.8
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
7. Explain your reason for determining the threat actor you chose to research. Why are the strategies you identified appropriate for responding to this threat actor? Justify your tactics to proactively and reactively respond to this threat actor. Shoulder surfing is happening everywhere, all the time. Credit cards are handed out for lunch. Cell phones are used to order food. Too many products with personal information (PII) are easily and casually accessed. This could be a target for shoulder surfing. Make better decisions in whatever environment you’re in, and that begins with awareness. Don’t use personal information or access data in places with even the tiniest risk.

Related Documents

Assignment 2 (Line Balancing) (1).pdf
8-2 Module Eight Lab.docx
OPSCB574 Reflection 3.docx
The current cost allocation methods used by EE can be improved by implementing a more accurate and t
Design Document.docx
Recrystallization Post-lab aassignment.docx
MendozaGuerrero_L_2.5.2.7.docx
INSPECT AND PACK REUSABLE MEDICAL DEVICES.docx
Week 2 Assignment - Linear Programming.docx
Anntotated outline.docx
OMIS6320W24 Course Introduction.pptx
AEC 2611 Exam 2.pdf