Midterm Test

The midterm test is over chapters 1-5. Please use this template and answer the questions on this form. Place your name at the top of this page prior to submitting (or add a cover page to this paper),

1. For each of the datasets note if data privacy is an important issue

a. Census data collected from 1900- 1950

b. IP addresses and visit times of web users who visit your website.

c. Images from Earth orbiting satellites

d. Names and addresses of people from the telephone book

e. Names and email addresses collected from the web.

2. Classify the following attributes as binary, discrete, or continuous. Also classify them as qualitative (nominal or ordinal) or quantitative (interval or ratio). Some cases may have more than one interpretation, so briefly indicate your reasoning if you think there may be some ambiguity. 

Example: Age in years. Answer: Discrete, quantitative, ratio 

(a) Time in terms of AM or PM. 

(b) Brightness as measured by a light meter. 

(c) Brightness as measured by people’s judgments.

(d) Angles as measured in degrees between 0◦ and 360◦. 

(e) Bronze, Silver, and Gold medals as awarded at the Olympics. 

(f) Height above sea level. 

(g) Number of patients in a hospital. 

(h) ISBN numbers for books. (Look up the format on the Web.) 

(i) Ability to pass light in terms of the following values: opaque, translucent, transparent. 

(j) Military rank. 

(k) Distance from the center of campus. 

(l) Density of a substance in grams per cubic centimeter. 

(m) Coat check number. (When you attend an event, you can often give your coat to someone who, in turn, gives you a number that you can use to claim your coat when you leave.) 

3. Which of the following quantities is likely to show more temporal autocorrelation: daily rainfall or daily temperature? Why? 

4. Distinguish between noise and outliers. Be sure to consider the following questions. 

a. Is noise ever interesting or desirable? Outliers? 

b. Can noise objects be outliers? 

c. Are noise objects always outliers? 

d. Are outliers always noise objects? 

e. Can noise make a typical value into an unusual one, or vice versa? 

5. Discuss the advantages and disadvantages of using sampling to reduce the number of data objects that need to be displayed. Would simple random sampling (without replacement) be a good approach to sampling? Why or why not? 

6. How might you address the problem that a histogram depends on the number and location of the bins?

7. Show that the entropy of a node never increases after splitting it into smaller successor nodes.

8. Compute a two-level decision tree using the greedy approach described in this chapter. Use the classification error rate as the criterion for splitting. What is the overall error rate of the induced tree?

Note: To determine the test condition at the root note, you first need to computer the error rates for attributes X, Y, and Z.  

For attribute X the corresponding counts are:

  

x

c1

c2

 

0

60

60

 

1

40

40

For Y the corresponding counts are:

  

y

c1

c2

 

0

40

60

 

1

60

40

 For Z the corresponding counts are:

  

Z

c1

c2

 

0

30

70

 

1

70

30

9. Consider a binary classification problem with the following set of attributes and attribute values: 

• Air Conditioner = {Working, Broken} 

• Engine = {Good, Bad} 

• Mileage = {High, Medium, Low} 

• Rust = {Yes, No} 

Suppose a rule-based classifier produces the following rule set:

Mileage = High −→ Value = Low 

Mileage = Low −→ Value = High 

Air Conditioner = Working, Engine = Good −→ Value = High 

Air Conditioner = Working, Engine = Bad −→ Value = Low 

Air Conditioner = Broken −→ Value = Low (

a) Are the rules mutually exclusive? 

b) Is the rule set exhaustive? 

c) Is ordering needed for this set of rules? 

d) Do you need a default class for the rule set?

Consider the one-dimensional data set shown below: 

  

X

.5

3.0

4.5

4.6

4.9

5.2

5.3

5.5

7.0

9.5

 

Y

–

–

+

+

+

–

–

+

–

–

(a) Classify the data point x = 5.0 according to its 1-, 3-, 5-, and 9-nearest neighbors (using majority vote). 

(b) Repeat the previous analysis using the distance-weighted voting approach.

Need No Plagiarism 100% original work in APA format 

Need at-least 2-3 pages with some sub headings

The Fraud Management solution is based on scoring model. For example, assume the scores range from 1 to 10, with 10 being the highest probability that the transaction is fraudulent. What cutoff score would you use to decide to approve a purchase? What cutoff score would you use to decide not to aporve a purchase? If those cutoff sores are not the same,how do you suggest those falling between socres be treated. 

Sample headings:

1.  Analyze reasons to invest millions of dollars to detect and prevent fraudulent transactions. In your evaluation, do a cost benefit analysis to show why the investment cost is worthwhile. 
2.  Review the two outcomes of the fraud scenario. Assess the business implications of each of the following two goals. Explain why these goals are conflicting. 

 

Initial Post

According to Kirk (2016), most of your time will be spent work with your data.  The four following group actions were mentioned by Kirk (2016):

Data acquisition: Gathering the raw material

Data examination: Identifying physical properties and meaning

Data transformation: Enhancing your data through modification and consolidation

Data exploration: Using exploratory analysis and research techniques to learn

Select 1 data action and elaborate on the actions preformed in that action group.

Remember your initial post on the main topic should be posted by Wednesday 11:59 PM (EST). 

Reply Post

Please critique the initial posts from at least 2 classmates initial and provide comments as to why you agree or disagree with your classmates.

Please be sure to support your position. Remember your initial post on the main topic should be posted by Wednesday 11:59 PM (EST).

Your 2 following posts should be commenting on your classmates’ post on different days by Saturday 11:59 PM (EST).

You should end the week with 3 total discussion posts.In order to receive full credit for the discussion posts, you must include at least two citations (APA) from academic resources (i.e. the textbook, University of the Cumberlands Library resources, etc.).

A quality post is more than stating, “I agree with you.” Maybe you should state why you agree with your classmate’s post. Additionally, please post some examples or find a related topic from the WWW or the University’s library and comment on it in the discussion post. 

Reference: Kirk, A. (2016). Data Visualisation: A Handbook for Data Driven Design. Thousand Oaks, CA: Sage Publications, Ltd. ISBN: 978-1-4739-1214-4

 

Culminating Assignment

Concept Paper:   Red Team Assessment Strategies in Cybersecurity

Directions:

1.  Read the scenario, access the resources, and review the rubric below to help you understand the assignment.  The final paper will be due in Week 7.  You should begin working on the assignment right away, and you will share your progress in Week 6.  

2.  Write a paper that follows the listed parameters, addresses the important concepts, and includes the required sections:

Parameters:  

• Ranges from 4 – 5 double-spaced pages and use IEEE formatting style. 
• Uses Times New Roman font (size 12), with one-inch margins on all sides.
• Includes at least three (3) quality resources to support your ideas.  You may use the resources provided and/or others of your choosing.  They must be cited appropriately.

Important Concepts:

• Compare and contrast red teaming versus penetration testing based on the presented case.
• Describe the approach to red team assessment.
• Discuss how different types of organizations are utilizing red teaming.

Required Sections:

• Title 
• Introduction:  Clear description of the topic, including a summary of what is already known about that topic.
• Body:  
  • Address important concepts.  
  • What evidence do you have to support your topic?  
• Conclusion:  Why is it important to study this topic? Why is this worth investigating further?
• Reference Page:  IEEE style

3.  Your paper should enable a casual reader to understand this topic and its importance.  Please make sure the following outcomes are addressed within your paper:

• Explain the common tools and tactics used in red teaming.
• Use technology and information resources to research the evolution of red team assessment techniques.

Due:  In week 7 with the specific date posted in Blackboard.  You will be directed to complete and share parts of this assignment in Week 6.  

Scenario:  A large multinational fintech wanted to conduct a Red Team Assessment to evaluate its ability to detect and respond to a real-world cybersecurity attack.

The read team started their assessment by sending a phishing email that persuaded the victim to log in to a fake portal hosted on a server to obtain valid credentials. While a small number of users clicked on the malicious link sent in the email, none of them submitted their credentials. This could be attributed to the regular social engineering tests and security awareness training delivered to staff.

After the failed phishing campaign, the team went back to the drawing board to come up with a new plan of attack.  Reviewing the company’s Twitter account, the team discovered that they host a monthly community event at one of their buildings. The team registered for the event to deploy a purpose-built device into their internal network. The device will allow the team to gain remote access to the network using either an independent wireless connection or a 3G/4G mobile connection.

Two members of the red team attended the event. They managed to slip away from the main event to see if there were any unlocked offices or conference rooms. Once a room had been found. One team member acted as a lookout while the other plugged the device and checked that he could reach it from his mobile phone. Shortly afterward the testers left the event and joined the rest of the team in a coffee shop down the road.  Once connected to the network, the team started mapping the internal network and gathering additional information. Over the next couple of days, the team captured several password hashes, which were achieved by exploiting a weakness in Windows’ broadcast protocols. However, users appeared to be using strong complex passwords and it was not possible to crack the hashes to recover clear-text passwords. The team then decided to relay a captured hash belonging to a user and use it to log in into a workstation where they had local administrative privileges. This allowed them to extract the clear-text password of the currently logged-in users from memory.

Resources to help you complete this assignment:

• Red Team Exercise. (2019, September 25). Retrieved July 11, 2021, from Sisainfosec.com website: https://www.sisainfosec.com/services/red-team-exercise/ 
• (N.d.). Retrieved July 11, 2021, from Varonis.com website: https://www.varonis.com/blog/red-teaming/ 
• Wood, B. J., & Duggan, R. A. (2002). Red Teaming of advanced information assurance concepts. Proceedings DARPA Information Survivability Conference and Exposition. DISCEX’00. IEEE Comput. Soc.

Rubric:

Points: 

Assignment: Red Team Assessment Strategies in Cybersecurity

Criteria

Needs Improvement

Below 60-70 F

Fair

70-79 C

Proficient

80-89 B

Exemplary

90-100 A

1. Compare and contrast red teaming versus penetration testing based on the presented case. Met outcomes.

Weight: 25%

Did not submit or incompletely compared and contrasted red teaming versus penetration testing based on the presented case.  Did not meet outcomes.

Partially compared and contrasted red teaming versus penetration testing based on the presented case.  Partially met outcomes.

Satisfactorily compared and contrasted red teaming versus penetration testing based on the presented case.  Met outcomes.

Thoroughly compared and contrasted red teaming versus penetration testing based on the presented case. Exceeded outcomes.

2. Describe the approach to red team assessment.

Weight: 30%

Did not submit or incompletely described the approach to red team assessment.

Partially described the approach to red team assessment.

Satisfactorily described the approach to red team assessment.

Thoroughly described the approach to red team assessment.

3. Discuss how different types of organizations are utilizing red teaming.

Weight: 30%

Did not submit or incompletely discussed how different types of organizations are utilizing red teaming.

Partially discussed how different types of organizations are utilizing red teaming.

Satisfactorily discussed how different types of organizations are utilizing red teaming.

Thoroughly discussed how different types of organizations are utilizing red teaming.

5. 3 References

Weight: 5%

No references were provided.

Does not meet the required number of references; some or all references poor quality choices.

Meets the number of required references; all references high-quality choices.

Exceeds the number of required references; all references high-quality choices.

6. Clarity, writing mechanics,  formatting.

Weight: 10%

More than 6 errors present