CYB_200_Project_Three_Milestone_Brian_Saintsing.docx.

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

200

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

8

Uploaded by HighnessPowerRhinoceros30

Report
CYB 200 Project Two Milestone Decision Aid Template Complete the template by filling in the blank cells provided. I. Detection 1. Describe the following best practices or methods for detecting a threat actor. Awareness Training programs for awareness are vital in response to such situations, ensuring employees stay vigilant and can effectively identify suspicious behaviors. These initiatives not only heighten awareness but also empower individuals to actively contribute to the organization's overall security readiness. Auditing Monitoring and evaluating the plan established for protection to see if the plan is meeting requirements. Diligence This involves scrutinizing the specifics of all transactions, calculations, or processes carried out by a computer that performs repetitive tasks without experiencing failure or fatigue. Monitoring Monitoring is essentially the documentation of time spent on task execution. Numerous programs keep records of various transactions and processes on computers or networks, including screen captures, messages, visited sites, and more. Testing Testing is when the system is evaluated for threats. Sandboxing Sandboxing allows you to execute code in an environment that replicates those of other end-users, aiding in the prevention of potential threats posed by malicious actors. Enticing Enticing is when you trick someone into something you’re offering or something they may want. Citations: Kim. (n.d.). Fundamentals of Information Systems Security, 3 rd edition. O’Reilly Online Learning. https://learning.oreilly.com/library/view/fundamentals-of-information/9781284116465/? sso_link=yes&sso_link_from=SNHU . Musthaler, L. (June 2 nd , 2008). 13 best practices for preventing and detecting insider threats. Network World. https://www.networkworld.com/article/2280365/13-best-practices-for-preventing-and-detecting- insider-threats.html .
Citations:
II. Characterization 2. Briefly define the following threat actors. Individuals who are “shoulder surfers” Observing actions discreetly and smoothly, akin to someone glancing over your shoulder, involves directly witnessing activities without detection. An illustrative instance would be discreetly observing someone entering a password or a four-digit code at an ATM. Individuals who do not follow policy An individual who fails to follow guidelines (rules). Individuals using others’ credentials An individual who fails to use their own credentials to gain access in other words unauthorized access. Individuals who tailgate A person who exploits someone else opening a secured entry and gains unauthorized access can be likened to a situation where a gym member, possessing a key fob for entry, allows a friend to enter, or someone seizes the opportunity to slip through the door before it closes. Individuals who steal assets from company property Individuals who steal things that don’t belong to them. Whether it be computers, accessories, money, etc. Citations: Kim. (n.d.). Fundamentals of Information Systems Security, 3 rd edition. O’Reilly Online Learning. https://learning.oreilly.com/library/view/fundamentals-of-information/9781284116465/? sso_link=yes&sso_link_from=SNHU .
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
3. Describe the following motivations or desired outcomes of threat actors. Fraud To attain access or access to financial values like money, equipment, or sensitive information to gain advantage. Sabotage Political agenda or purely out of spite. Disgruntled workers, etc. Vandalism A political agenda may involve supporting a group that is not in favor of a particular cause, with the motivation to hold someone accountable and make them pay for damages incurred. Theft Individuals seeking revenge or financial wealth. Citations: Kim. (n.d.). Fundamentals of Information Systems Security, 3 rd edition. O’Reilly Online Learning. https://learning.oreilly.com/library/view/fundamentals-of-information/9781284116465/? sso_link=yes&sso_link_from=SNHU .
4. Identify the company assets that may be at risk from a threat actor for the following types of institutions. Remember: Each company will react differently in terms of the type of assets it is trying to protect. Financial PII, Social Security Number, Sensitive tax data, and financial data. Medical Medical Records, PII, and confidential information. Educational Diplomas, PII, and educational achievements. Government Classified information that may be released to the public resulting in the possibility of doing more harm than good. Retail Merchandise, Financial information such as credit cards, Social Security Numbers, and names. Pharmaceutical Pharmacy records and medical information such as PII. Entertainment Credentials to other services as well as financial information used to pay for the service. Citations: Kim. (n.d.). Fundamentals of Systems Security, 3 rd edition. O’Reilly Online Learning. https://learning.oreilly.com/library/view/fundamentals-of-information/9781284116465/? sso_link=yes&sso_link_from=SNHU .
III. Response Choose a threat actor from Question 2 to research for the response section of the decision aid: Threat Actor Shoulder Surfers 5. Describe three potential strategies or tactics that you would use to respond to and counter the threat actor you chose. Hint: What are the best practices for reacting to this type of threat actor? Strategy 1 Strategy 2 Strategy 3 Secure your devices and sensitive information by positioning yourself with your back against a wall, away from potential threats, and avoiding proximity to glass or mirrors. Protect your privacy by shielding the keypad or datapad at ATM machines, installing screen protectors on computer screens, and exercising caution with open transactions to prevent unauthorized observation from potential onlookers. Exercise caution when discussing personal information and avoid openly sharing credit card details or Personally Identifiable Information (PII), even in hurried situations. Always be mindful that someone in a public place may be recording, and your conversations could be captured. Citations: Kim. (n.d.). Fundamentals of Systems Security, 3 rd edition. O’Reilly Online Learning. https://learning.oreilly.com/library/view/fundamentals-of-information/9781284116465/? sso_link=yes&sso_link_from=SNHU . Symanovich, S. (n.d.). What is shoulder surfing? Lifelock Official Site. https://www.lifelock.com/learn- identity-theft-resources-what-is-shoulder-surfing.html
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
6. Describe three potential strategies or tactics that you would employ to reduce the likelihood of a similar threat occurring again. Hint: What are the best practices for proactively responding to this type of threat actor? Strategy 1 Strategy 2 Strategy 3 Enhance device security by affixing screen protectors, ensuring to lock devices when leaving them unattended for any duration, and consistently implementing password protection or encryption measures. When sharing sensitive or private information that shouldn't be leaked, opt for private locations to ensure confidentiality and minimize the risk of unauthorized disclosure. If there is a threat of someone observing your activities, cease what you are doing, relocate, or wait until the surroundings are secure before proceeding. Citations: Symanovich, S. (n.d.). What is shoulder surfing? Lifelock Official Site. https://www.lifelock.com/learn- identity-theft-resources-what-is-shoulder-surfing.html Kim. (n.d.). Fundamentals of Systems Security, 3 rd edition. O’Reilly Online Learning. https://learning.oreilly.com/library/view/fundamentals-of-information/9781284116465/? sso_link=yes&sso_link_from=SNHU
7. Explain your reason for determining the threat actor you chose to research. Why are the strategies you identified appropriate for responding to this threat actor? Justify your tactics to proactively and reactively respond to this threat actor. Shoulder surfing is a common phenomenon in everyday situations, like sharing credit cards for payments or using phones for food orders. Items containing Personally Identifiable Information (PII) are easily accessible, emphasizing the need for careful choices. Foster awareness and avoid using personal information or accessing sensitive data in environments where even minimal risks are present.

Related Documents

Identify and evaluate marketing opportunities_3.docx
Ransomeware.pdf
ESET_315_-_Lab_6_-_Review_and_DHCP_Server_Spring23-1_-_Tagged.pdf
AI Report Order_6364776_IT_640_5-3_Milestone_Two.pdf
COIT20263 ass2 part 2-Final (2).docx
CYB 200 Module Three Case Study Template.docx
CYB_260_Project_One_Brian_Saintsing.docx..docx
Task3 d270 4th and goal.pdf
CYB_260_Project_Three_Milestone_Brian_Saintsing.docx..docx
SITXCCS016 Jasvir Kaur (1).docx
SITHKOP010 Sonia IBV3000628.docx
Week06_02.docx