It 549 Scenario Assignment Module Eight Guidelines And Rubric For T ✓ Solved
IT 549 Scenario Assignment Module Eight Guidelines and Rubric For the Module Eight assignment, students will assume the role of lead network security administrator within an organization. Students will then be required to provide instruction pertaining to identifying holes in security countermeasures to newly hired network security technicians. This provides students with experience in not only evaluating vulnerabilities in a network, but also conveying this knowledge to subordinates. These are valuable skills that will be needed in order to design an information assurance plan and ultimately explain its intent to members of the organization. Prompt: Assume that you are the lead network security expert in your organization.
Because of the recent rise in web security issues and the development of the global marketplace, your organization has decided to hire additional network security technicians. Once hired, you are to give a report to these individuals designed to illustrate holes in current security countermeasures, along with ways in which these holes can be filled. In your report, ensure you address the areas mentioned below: ï‚· An explanation of which web security threats are most prevalent, the hazards they present, and how these threats are exploiting holes in current security countermeasures ï‚· An explanation of the actions that should be taken to prevent existing web security countermeasures from being exploited ï‚· An assessment of the pros and cons of choosing to implement measures such as firewalls, access control measures, and cryptographic systems Guidelines for Submission: Your responses for each prompt must be submitted as two to three paragraphs and as a Microsoft Word document with double spacing, 12-point T imes New Roman font, one-inch margins, and at least three sources cited in APA format.
Instructor Feedback: This activity uses an integrated rubric in Blackboard. Students can view instructor feedback in the Grade Center. For more information, review these instructions. Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value Threats Meets “Proficient†criteria and the threat described uses content based vocabulary and research based evidence to support the answer Identifies which web security threats are most prevalent Submission identifies web security threats but not the most prevalent, or the submission is not supported by scholarly evidence Submission does not identify or explain prevalent web security threats 20 Hazards Meets “Proficient†criteria and the explanation of the hazards uses research based evidence to support what security threats the hazards present Explains the hazards that web security threats present Submission suggests the hazards that web security presents to a network, but does not explain the hazards Submission does not explain the hazards that web security threats present to a network 15 Exploitations Meets “Proficient†criteria and the explanation of how threats are exploiting holes in current security countermeasures is substantiated by research based evidence to support the answer Explains how the identified threats are presently exploiting holes in current security countermeasures Submission explains how the identified threats are exploiting holes in current security countermeasures but does not use content based vocabulary to do so Submission does not explain how the identified threats are exploiting holes in security countermeasures 20 Preventative Actions Meets “Proficient†criteria and the description of the steps that should be taken to prevent web security countermeasures from being exploited uses content based vocabulary and research based evidence to support the answer Explains the steps that should be taken to prevent existing web security countermeasures from being exploited Submission does not use research based evidence to support the steps that need to be taken to prevent existing web security countermeasures from being exploited Submission does not explain the steps that should be taken to prevent existing web security countermeasures from being exploited 15 Pros and Cons Meets “Proficient†criteria and the explanation of both the pros and the cons is supported by content based vocabulary and research based evidence to support the answer Assesses the pros and cons of choosing to implement measures such as firewalls, access control measures, and cryptographic systems Submission addresses either the pros or the cons of choosing to implement measures such as firewalls, but does not explain or assess both Submission addresses neither the pros nor the cons of choosing to implement measures such as firewalls, access control measures, and cryptographic systems 20 Articulation of Response Submission is free of errors related to citations, grammar, spelling, syntax, and organization and is presented in a professional and easy-to-read format Submission has no major errors related to citations, grammar, spelling, syntax, or organization Submission has major errors related to citations, grammar, spelling, syntax, or organization that negatively impact readability and articulation of main ideas Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent understanding of ideas 10 Earned Total 100% 1.
The constitution of the United States grants explicit powers to the Executive and Legislative Branches for the conduct of foreign policy. Describe the major sources of friction between the two branches in the execution of foreign affairs. 2. What examples can you offer of significant influences on foreign policy decision making by outside interest groups? Structure your post using the Jentleson’s typologies of outside interest groups.
3. What important elements are necessary for achieving policy objectives, when successfully using diplomacy as an instrument of power? Draw from the Fedyszyn’s article for this assessment. 4. Assume you are in charge of public diplomacy at the State Department.
What recommendations would you offer to make public diplomacy more effective? 5. The perennial question for defense budgets is “How much is enough?†Given the domestic economic crisis, the amount currently spent on security from all agencies, and the most likely threats in the future, what broad categories would you cut from defense? What are the “untouchablesâ€? 6.
Do civilian leaders have a significant role to play at all three levels of warfare—strategic, operational, and tactical? 7. What are the most significant factors in the post-9/11 intelligence reforms? Are they working as intended? Make reference to the Joshua Rovner assessment of the politicizing of intelligence.
The McConnell reading is adequate to answer the question. 8. The NSA and FBI controversy over “Meta data†and collecting the electronic files of American citizens has opened a major debate on security versus civil liberties and privacy. How can we best resolve these issues and find the proper balance in a democracy? 9.
What are the major functions of a National Security Strategy? (Use lecture slide to answer & discuss). Who actually reads this document and why? 10. The 2002 (and 2006) Bush National Security Strategies contain four major elements known as the "Bush Doctrine"—Primacy, Unilateralism, Preemption, & The Democracy Crusade. How do these compare with the “Obama Doctrine?†Include references to the political context from which each NSS emerged.
11. If you were writing a strategy to counter radical extremism what would you consider its most important element? Include references to the 2011 NATIONAL STRATEGY FOR COUNTERTERRORISM and the White House Fact Sheet on the use of force in counterterrorism 12. Using Jentleson's 4 P formulations, what are our most important national interests in future relations with China? Integrate materials from the Sanger and Jentleson analysis in your post.
13. Using Jentleson's 4 P formulations, what are our most important national interests in future relations with Russia? Integrate materials from the Jentleson analysis in your post.
Paper for above instructions
In the contemporary digital landscape, organizations are confronted with a multitude of web security threats that can compromise their networks and sensitive data. As the lead network security administrator, it is imperative to recognize that web security threats are constantly evolving and can create significant vulnerabilities in current security countermeasures. Some of the most prevalent threats today include malware attacks, phishing, distributed denial-of-service (DDoS) attacks, and SQL injection, which can lead to data breaches and system downtime (Verizon, 2023). These threats exploit existing deficiencies in an organization's security posture, often targeting unsuspecting employees or unpatched vulnerabilities in systems.
One of the major hazards posed by these threats is the potential for unauthorized access to sensitive information, resulting in significant financial loss and reputational damage to the organization. For example, phishing attacks lure employees into providing login credentials, effectively granting attackers access to internal systems (Panda Security, 2023). Similarly, SQL injections can manipulate backend databases, allowing unauthorized entities to retrieve or alter data (OWASP, 2023). These examples illustrate how gaps in the implementation of security countermeasures enable malicious actors to exploit organizational networks. Therefore, addressing these shortcomings is crucial in order to protect the safety and integrity of information systems.
To mitigate the risk of web security threats and enhance existing countermeasures, organizations should adopt a multi-faceted approach. Regular security audits and vulnerability assessments should be conducted to identify and remediate weaknesses in the security infrastructure. Additionally, maintaining updated software and applying security patches promptly play a critical role in closing gaps that attackers might exploit (NIST, 2023). Employees should also receive ongoing training related to recognizing social engineering attacks, including phishing attempts. Furthermore, implementing robust access control measures, such as multi-factor authentication (MFA), can significantly reduce the likelihood of unauthorized access to sensitive systems (Hadnagy, 2023).
There are also various measures for securing networks, including firewalls, access control mechanisms, and cryptographic systems. Each of these options presents distinct pros and cons that must be assessed before implementation. Firewalls, for instance, serve as the first line of defense against unauthorized access while offering the ability to filter traffic based on predefined security rules. However, firewalls alone may not effectively mitigate more sophisticated threats such as DDoS attacks, which can overwhelm even the most robust firewall configurations (Bertino & Islam, 2017).
Access control measures, which ensure that only authorized personnel have access to specific resources, help organizations enforce security policies and minimize exposure to potential threats. Nonetheless, if poorly configured or managed, these systems can create opportunities for insider threats or lead to complacency among employees who may not recognize the importance of maintaining strict access protocols (Alcaraz & Lopez, 2017).
Finally, cryptographic systems provide a high level of security for data in transit and at rest by encrypting sensitive information. While this ensures confidentiality and integrity, it may involve additional overhead and resource consumption, which can impact system performance (Gollmann, 2016). Organizations must weigh these advantages and disadvantages when determining the most appropriate combination of security measures to implement.
In conclusion, as we navigate the complexities of web security threats, it is imperative that both the organization and newly hired network security technicians remain vigilant. By recognizing prevalent threats, understanding the hazards they present, and adopting comprehensive preventative measures, including ongoing training and robust security solutions, organizations can significantly reduce the risk of exploitation. Continuous assessment and adaptation of security countermeasures must be embedded into the organization's security culture to effectively combat emerging threats and ensure the safety and integrity of sensitive data.
References
1. Alcaraz, C., & Lopez, J. (2017). Security and Privacy in the Internet of Things: A Survey. Computers & Security, 76, 11-29. https://doi.org/10.1016/j.cose.2017.01.001
2. Bertino, E., & Islam, N. (2017). Botnets and Internet of Things Security. Computer Security, 63, 128-136. https://doi.org/10.1016/j.cose.2016.07.004
3. Gollmann, D. (2016). Computer Security. John Wiley & Sons.
4. Hadnagy, C. (2023). Social Engineering: The Science of Human Hacking. Wiley Publishing.
5. NIST. (2023). Framework for Improving Critical Infrastructure Cybersecurity. National Institute of Standards and Technology. https://doi.org/10.6028/NIST.CSWP.04162018
6. OWASP. (2023). SQL Injection. Open Web Application Security Project. https://owasp.org/www-community/attacks/SQL_Injection
7. Panda Security. (2023). The Real Cost of Phishing Attacks. https://www.pandasecurity.com/en/mediacenter/news/phishing-attacks-2023
8. Verizon. (2023). Data Breach Investigations Report. Verizon Business. https://enterprise.verizon.com/resources/reports/dbir/
9. East, M. (2019). Firewalls: An Overview of Firewall Security and Strategies. Computer Science Journal, 15(3), 234-246.
10. Johnson, B. (2021). Modern Cyber Threats: An Overview. International Journal of Cyber Security and Digital Forensics, 10(1), 45-57.