During this week’s LabSim modules you learned how to apply scanning techniques to perform an internal scan, external scan using Zenmap and scan with Nmap Scripts. Compare and contrast results. Perform Enumeration with NMAP and Metasploit and compare and contrast results and apply enumerations countermeasures to prevent zone transfer.

For the Unit 3 individual project submit a 3 page MS Word document that will include screen shots of your LabSim course outline showing completion of all of the nodes in the following modules and provide a 300-500 word summary of your lessons learned from completing these modules.

Congratulations! Your boss, Judy “Mac” McNamara, thought you did a great job on your Vulnerability Management Process recommendation and analysis of the OpenVAS vulnerability report. However, the boss doesn’t think the free OpenVAS tool will provide the high-level presentation reporting and support needed by Mercury USA. Now, Judy would like you to evaluate the leading commercial vulnerability scanner, Nessus. Fortunately, Judy had asked someone in the IT department to install and configure a 30-day evaluation copy of Nessus. She hands you a recent Nessus report from IT that has a few more systems added, and with a wry smile adds, “It looks like there’s some really bad stuff in there!”

Judy would like you to provide an analysis of the report. You decide to highlight what you think the company should address first and how you would mitigate some of the top threats. In addition, Judy wants to know your thoughts on Nessus, since it’s expensive. You now realize that you need to ensure due diligence has been performed before making a purchase recommendation to executive management.

This week, you will submit the second project, VM Scanner Background Report, based on the Nessus Report. As you are writing your report, you may want to refer back to the CEO’s video in Week 1 to make sure your analysis and recommendations align with the CEO’s priorities and concerns.

You should link your analysis to the kinds of organizational functions and data associated with a transportation company (e.g., protecting order data, customer lists, sales leads, Payment Card Industry (PCI) compliance for processing credit, proprietary software, etc.) and provide your recommendation if Mercury USA should purchase the Nessus tool. This report should be four to six pages in length and include a title/cover page. Include in-text citations and a reference page with three quality sources in a citation style of your choice.

Delete the instructional text from the template before you submit.

Project overview:

Mercury USA is a small- and medium-sized business (SMB) in the transportation sector with 400 employees. 

You’ve just been hired by Mercury USA as the first cyber threat analyst on the team and will work within the existing Information Technology department. Mercury USA has an urgent interest in addressing security vulnerabilities.

Judy “Mac” McNamara, the manager of IT services, said the chief executive officer (CEO) recently learned via a mandatory breach disclosure that a competitor was a victim of ransomware. The firm in question lost a significant amount of intellectual property and customer data and is facing expensive litigation, government fines, and loss of customer confidence. These issues are likely to result in bankruptcy.

Thus, executive management would like to prevent Mercury USA’s critical data (e.g., order data, customer lists, sales leads, Payment Card Industry (PCI) compliance for processing credit, proprietary software) from falling into the wrong hands and threatening the survival of the business.

During job interviews, employers often ask if you are familiar with cybersecurity software. For this reason, it is a good idea to become familiar with commonly used software, including capabilities and limitations. These software products are the tools for conducting your day-to-day duties.

For the first six weeks of this course, you have been exposed to many different tools that an analyst should become familiar with: analyst tools, exploitation tools, and forensics tools. Provide a response in which you:

1. Describe a lab or a software tool that you used that has helped you to better understand the role of an analyst within an organization, such as:

• Kali
• Metasploit
• Nessus
• Nmap
• Process Explorer
• Splunk
• Wireshark
• Any other tool used in the course

2. Describe the process to install, set up, and configure the tool you selected above. Did you find the tool easy to use? Did you encounter challenges?

3. Highlight some of the benefits of the tool you selected above. Provide some examples of where you think using the tool would benefit you as a cybersecurity threat analyst. Why do you think the tool would be best?

Scenario

KION Group is a global material handling Equipment Company based  in Germany. Forklift trucks and warehouse automation equipment are the  company’s main products. KION Group needs to prepare for the prevailing  computer incidents of today and tomorrow. An organization can assist in  developing a computer incident response team (CIRT) plan for a number of  computer-based safety incidents.

This assignment will discuss a CIRT plan, which is often used as a  contingency plan for the KION Group. A system administrator noticed  yesterday that several of the file servers at HQ were responding very  slowly. The KION Group headquarters (HQ) handles all incidents so that  the plan will have its roots at HQ.

Like the latest IBM Threat Intelligence Index, read a recent  article to gather information on current threats and remember to  leverage the BCP and DRP you generated for the organization last week.

Instructions

Write a 5–6 page paper in which you:

1. Describe the purpose and primary elements of a CIRT plan.
2. Discuss the relationship between a CIRT plan and risk management.
3. Discuss the five Ws (who, what, where, when, and why) found in a  CIRT plan in regard to the incident given in the above scenario.
4. Explain how KION Group can leverage its BCP and DRP to develop and support its CIRT plan.
5. Explain how you think threats will evolve to impact KION Group  in the future and how the CIRT plan should be updated to combat them.
6. Discuss at least five best practices to follow when creating a CIRT plan.
7. Use at least two quality resources in this assignment. 

The specific course learning outcome associated with this assignment is:

• Develop a contingency plan for the sample organizations to include: business continuity, disaster recovery, and incident response.

Discuss the theoretical framework you think helps explains your topic and problem you will address in your dissertation. Remember, this will also be cited in the literature as well, so make sure to include scholarly resources from a peer reviewed journal. 

Topic :  The Smart Phone as a Dangerous Technology  

APA format with references needed. 500 words