I had attached the assignment document.

It is a case study about the risk assessment for cloud privacy and security.

you need to write 5000 words.

provided with risk assessment matrices.

the detailed description of the assignment is provided in the document.

 

In 500 words or more, explain PCI compliance to the database administrator at a large retailer. Consider the consequences for non-compliance. 

Cite your sources. Do not copy. Write in essay format not in bulleted, numbered or other list format. 

 

It is important that you use your own words, that you cite your sources, that you comply with the instructions regarding length of your post and that you reply to two classmates in a substantive way (not ‘nice post’ or the like).  Your goal is to help your colleagues write better. Do not use spinbot or other word replacement software. It usually results in nonsense and is not a good way to learn anything. Please do not use attachments unless requested. 

 

• Overview
  The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard designed to increase controls on personal data and to reduce fraud,  for organizations that handle branded credit cards from the major card schemes
• Required Videoshttps://www.youtube.com/watch?v=b6xplJbic6s
  https://www.youtube.com/watch?v=k6JhhL2Kfdw
  https://www.campuscommerce.com/new-pci-security-standards/
  https://www.youtube.com/watch?v=ubeiOkXbWr4

You are a network analyst on the fly-away team for the FBI’s cybersecurity sector engagement division. You’ve been deployed several times to financial institutions to examine their networks after cyberattacks, ranging from intrusions and data exfiltration to distributed denial of services to their network supporting customer transaction websites. A representative from the Financial Services Information Sharing and Analysis Center, FS-ISAC, met with your boss, the chief net defense liaison to the financial services sector, about recent reports of intrusions into the networks of banks and their consortium.

He’s provided some of the details of the reports in an email. “Millions of files were compromised, and financial officials want to know who entered the networks and what happened to the information. At the same time, the FS-ISAC has seen extensive distributed denial of service disrupting the bank’s networks, impacting the customer websites, and blocking millions of dollars of potential transactions,” his email reads.

You realize that the impact from these attacks could cause the downfall of many banks and ultimately create a strain on the US economy. In the email, your chief asks you to travel to one of the banks and using your suite of network monitoring and intrusion detection tools, produce two documents—a report to the FBI and FS-ISAC that contains the information you observed on the network and a joint network defense bulletin to all the banks in the FS-ISAC consortium, recommending prevention methods and remediation against the types of malicious traffic activity that they may face or are facing.

Network traffic analysis and monitoring help to distinguish legitimate traffic from malicious traffic. Network administrators must protect networks from intrusions. This can be done using tools and techniques that use past traffic data to determine what should be allowed and what should be blocked. In the face of constantly evolving threats to networks, network administrators must ensure their intrusion detection and prevention systems are able to analyze, monitor, and even prevent these advanced threats.

In this project, you will research network intrusion and prevention systems and understand their use in a network environment. You will also use monitoring and analysis technologies in the Workspace to compile a Malicious Network Activity Report for financial institutions and a Joint Network Defense Bulletin for a financial services consortium.

The following are the deliverables for this project:

Deliverables

•Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.

•Joint Network Defense Bulletin: A one- to two-page double-spaced document.

Step 1: Create a Network Architecture Overview

You travel to the various bank locations and gain access to their networks. However, you must first understand the network architecture of these banks. 

Provide a network architecture overview along with diagrams. Your overview can be fictitious or based on an actual organization. The goal is to provide an understanding of the network architecture.

Describe the various data transmission components. Select the links below to review them:

1.User Datagram Protocol (UDP)

2.Transmission Control Protocol/Internet Protocol (TCP/IP)

3.Internet packets

4.IP address schemes

5.well-known ports and applications

Address the meaning and relevance of information, such as:

a.The sender or source that transmits a message 

b.The encoder used to code messages

c.The medium or channel that carries the message 

d.The decoding mechanisms used

e.The receiver or destination of the messages

Describe:

a.The intrusion detection system (IDS) 

b.The intrusion prevention system (IPS)

c.The firewalls that have been established

d.The link between the operating systems, the software, and hardware components in the network, firewall, and IDS that make up the network defense implementation of the banks’ networks.

Identify:

a.How banks use firewalls 

b.How banks use IDSs 

c.The difference between these technologies

Include:

a.The network infrastructure information

b.The IP address schemes that will involve the IP addressing assignment model 

c.The public and private addressing and address allocations

d.Identify potential risks in setting up the IP addressing scheme 

Here are some resources to review:

•Intrusion detection & prevention (IDS/IPS) systems

•Firewalls

Identify:

a.Any well-known ports and applications that are used

b.The risks associated with those ports and applications being identified and possibly targeted 

Add your overview to your report.

In the next step, you will identify network attacks and ways to monitor systems to prevent these attacks.

Step 2: Identify Network Attacks

In the previous step, you provided an overview of the network architecture. In this step, you will identify possible cyberattacks such as spoofing/cache poisoning, session hijacking, and man-in-the-middle attacks.

Provide techniques for monitoring these attacks using knowledge acquired in the previous step. Review the following resources to gain a better understanding of these particular cyberattacks:

•Session hijacking: spoofing/cache poisoning attacks

•Man-in-the-middle attacks

One way to monitor and learn about malicious activities on a network is to create honeypots.

Propose a honeypot environment to lure hackers to the network and include the following in your proposal:

a.Describe a honeypot.

b.Explain how a honeypot environment is set up.

c.Explain the security and protection mechanisms a bank would need for a honeypot.

d.Discuss some network traffic indicators that will tell you that your honeypot trap is working.

Include this information in your final report. However, do not include this information in the bulletin to prevent hackers from being alerted about these defenses.

Then, continue to the next step, where you will identify false negatives and positives.

Step 3: Identify False Negatives and False Positives

You just identified possible information security attacks. Now, identify the risks to network traffic analysis and remediation. Review the resources on false positives and false negatives and discuss the following:

a.Identify what are false positives and false negatives.

b.How are false positives and false negatives determined?

c.How are false positives and false negatives tested?

d.Which is riskier to the health of the network, a false positive or a false negative?

Describe your analysis about testing for false negatives and false positives using tools such as IDSs and firewalls, and include this as recommendations for the banks in your public service Joint Network Defense Bulletin.

Discuss the concept of performing statistical analysis of false positives and false negatives.

Explain how banks can reduce these issues.

Research possible ways to reduce these events and include this information as recommendations in the Malicious Network Activity Report.

Network intrusion analysis is often done with a tool such as Snort. Snort is a free and open-source intrusion detection/prevention system program. It is used for detecting and preventing malicious traffic and attacks on networks, analysis, and education. Such identification can be used to design signatures for the IDS, as well as to program the IDS to block this known bad traffic. 

Network traffic analysis is often done using tools such as Wireshark. Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development and education. Cybersecurity professionals must know how to perform network forensics analysis.

In the next step, you will analyze network traffic.

Step 5: Determine Sensitivity of Your Analysis 

In the previous step, you completed network analysis. In this step, you will determine which information to include in which document.

Information appropriate for internal consumption may not be appropriate for public consumption. The Joint Network Defense Bulletin may alert criminals of the network defense strategy. Therefore, be careful about what you include in this bulletin.

Once you have assessed the sensitivity of the information, include appropriate information in your Malicious Network Activity Report.

Then, include appropriate information in the Joint Network Defense Bulletin in a way that educates the financial services consortium of the threat and the mitigating activities necessary to protect against that threat.

Step 6: Explain Other Detection Tools and Techniques

In the previous step, you included appropriate information in the proper document. In this step, perform independent research and briefly discuss what other tools and techniques may be used to detect these signatures.

Provide enough detail so that a bank network administrator could follow your explanation to deploy your system in production. Include this information in the Joint Network Defense Bulletin.

Next, move to the next step, where you will organize and complete your report.

Step 7: Complete Malicious Network Activity Report

Now that you have gathered all the data for your Malicious Network Activity Report, it is time to organize and submit it. The following is a suggested outline:

1.Introduction: Describe the banking institution and the issue you will be examining.

2.Overview of the Network Architecture

3.Network Attacks

4.Network Traffic Analysis and Results

5.Other Detection Tools and Techniques

6.Recommended Remediation Strategies

Submit your report to the Assignments folder. You are now ready for the final step, the Joint Network Defense Bulletin.

Step 8: Create the Joint Network Defense Bulletin

In this step, you will create the Joint Network Defense Bulletin. Compile the information you have gathered, taking care to eliminate any sensitive bank-specific information. The Joint Network Defense Bulletin is an educational document for the financial services consortium. This bulletin should be addressed to the FBI chief and the FS-ISAC representative.  

Here is a list of the final deliverables for Project 2.

Deliverables

•Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.

•Joint Network Defense Bulletin: A one- to two-page double-spaced document.

 

Data: Simple Graphs in RStudio

Background: As we have learned, a lot of thought goes into the design of a visualization. This week we review how the data types influence the graphing types.

Assignment:

• Use RStudio to generate a word document with simple graphs of the following dataset: dataset_price_personal_computers.csv  
• Review the slides to learn the data types requirements for each graph type: Analyzing and Visualizing Data – Selecting a Graph.pptx  
• Use the following videos to learn the commands to produce simple graphs in RStudio: RStudio – Simple Graphs – Part1.mp4  | RStudio – Simple Graphs – Part2.mp4  

Graphs to Produce:

Pie Chart:

• Create a pie chart of the computer ram
• Label the ram sizes as follows: 2GB, 4GB, 8GB, 16GB, 24GB, 32GB
• Title the pie chart as “Computer Ram”
• Color the pie chart using the rainbow option

Bar Plot:

• Create a barplot of the computer screen sizes
• Label the x axis as “Screen Sizes”
• Label the y axis as “Frequency”
• Title the barplot as “Computer Screen Sizes”
• Color the bars in the barplot any color you wish.

Histogram:

• Create a histogram of the computer prices
• Label the x axis as “Prices”
• Title the histogram as “Computer Prices”
• Give the histogram any color you wish.

Box Plot:

• Create a boxplot of the comparing the computer price and premium category
• Label the y axis as “Price”
• Label the x axis as “Premium”
• Title the boxplot as “Premium Computer Prices Distribution”
• Color the boxplot any color you wish.

Scatter Plot:

• Create a scatter plot of computer price and hard drive size
• Label the x axis as “Hard Drive Size”
• Label the y axis as “Price”
• Title the scatter plot as “Computer Price vs Hard Drive Size”
• Color the scatter any color you wish.

Your document should be an easy-to-read font in MS Word (other word processors are fine to use but save it in MS Word format). Your cover page should contain the following: Title, Student’s name, University’s name, Course name, Course number, Professor’s name, and Date.

Submit your assignment on or before the due date.

Submission FolderProject #1 – Understanding Investigative ParametersInstructions

No directly quoted material may be used in this project paper. 

Resources should be summarized or paraphrased with appropriate in-text and Resource page citations. 

Project #1 – Understanding Investigative Parameters

Scenario Characters:

You: Data Security Analyst, Allied Technology Systems (ATS)

Randy Capisi: Information Security Director, Allied Technology Systems (Your supervisor)

Devin Roberts: Human Resources Director, Allied Technology Systems

Keith Jackson: (former) engineer, Product Development Division, Allied Technology Systems

Jon Dewberry: Product Engineering Manager; Product Development Division, Allied Technology Systems (Keith Jackson’s Supervisor)

**Characters will carry through Project 1, 2 and the Final Project. However, please remain conscious of who you are/what roll you play in EACH project and in regards to specific questions.

For the purposes of this project, imagine you are a Data Security Analyst, an employee of the Allied Technology Systems and assigned to the company’s Data Protection Team.

In this case, you have been notified by Mr. Devin Roberts, Human Resources Director for Allied Technology Systems, that the company has just terminated Mr. Keith Jackson, a former engineer in the company’s New Products Division, for cause (consistent tardiness and absences from work). Mr. Roberts tells you that during Mr. Jackson’s exit interview earlier that day, the terminated employee made several statements to the effect of “it is okay because I have a new job already and they were VERY happy to have me come from ATS, with ALL I have to offer.”

Jackson’s statements made Mr. Roberts fear he might be taking Allied’s intellectual property with him to his new employer (undoubtedly a competitor). In particular, Mr. Roberts is worried about the loss of the source code for “Product X,” which the company is counting on to earn millions in revenue over the next several years. Mr. Roberts provides you a copy of the source code to use in your investigation. Lastly, Mr. Roberts tells you to remember that the Company wants to retain the option to refer the investigation to law enforcement in the future, so anything you do should be with thought about later potential admissibility in court.

The 4th Amendment to the U.S. Constitution reads, “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” While the 4th Amendment is most commonly interpreted to only affect/restrict governmental power (e.g., law enforcement), the fact that a formal criminal investigation is a possibility (and the Company has no desire to be named in a civil lawsuit) means you must consider its effect to your actions.

With the above scenario in mind, thoroughly answer the following questions (in paragraph format, properly referring to and citing materials used in this course as well as outside research, where appropriate, and within a reference page at the end of the project paper).

1. Prior to any incident happening, it is important for any company to implement a “forensic readiness” plan. Discuss the benefits of a forensic readiness plan and name what you believe are the top three (3) requirements to establish forensic readiness within a private sector business like Allied Technology Systems. Support your answers. (Please note that while cyber security and digital forensics have overlaps in incident response preparation, please limit your answers here to forensic readiness in the digital forensic arena, not cyber security.)

2. Mr. Roberts, out of concern for the theft/sharing of the “Product X” source code, is requesting that you, your supervisor, or Mr. Dewberry start searching the areas in which Mr. Jackson had access within the building. Can you or Mr. Dewberry search Jackson’s assigned locker in the Company’s on-site gym for digital evidence? Support your answer.

3. Can you or Mr. Dewberry use a master key to search Jackson’s locked desk for digital evidence, after Keith Jackson has left the premises? Support your answer.

4. The police have not been called or involved yet, however, Mr. Roberts asks how involving the police will change your incident response. Describe how you will respond to Mr. Roberts concerning how the parameters of search and seizure will change by involving the police in the investigation at this time. Support your answer.

5. There is a page in the Company’s “Employee Handbook” that states that anything brought onto the Company’s property, including the employees themselves, are subject to random search for items belonging to Allied Technology Systems. There is a space for the employee to acknowledge receipt of this notice. Mr. Jackson has a copy of the handbook but never signed the receipt page. Does that matter? Explain.

6. Allied Technology Systems uses a security checkpoint at the entrance to the building. A sign adjacent to the checkpoint states that the purpose of the checkpoint is for security staff to check for weapons or other materials that may be detrimental to the working environment and employee safety. Screening is casual and usually consists of verification of an employee’s Company ID card. Can security staff at this checkpoint be directed to open Mr. Jackson’s briefcase and seize any potential digital evidence? Support your answer.

7. You know that it is important to document the details of your investigation if the company wants to insure admissibility of any evidence collected in the future. However, Mr. Roberts has never heard of the term “chain of custody.” How would you explain to Mr. Roberts what the chain of custody means, why it is important, and what could occur if the chain of custody is not documented. Support your answer.

Project Requirements:

• Each question should be answered with a minimum of 1-2 paragraphs, so do your research, be specific, be detailed, and demonstrate your knowledge; submitting your project through the appropriate assignment folder.

• Answers to the above questions should be submitted in a single Microsoft Word document (.DOC/.DOCX), with answers separated and/or numbered in respect to the question, so as to make it clear which question is being answered. It may be in a question and answer format, or as described with answers to the associated question numbers;

• The paper should be written in third-person grammar, not first person (I, me, myself, etc.);

• The submission is to have a cover page that includes course number, course title, title of paper, student’s name, and the date of submission per APA writing format;

• Format: 12-point font, double-space, one-inch margins;

• It is mandatory that you do some research, and utilize outside resources! You must have a reference page at the end of your project that is consistent with APA citation style and format (see https://owl.english.purdue.edu/owl/resource/560/01/ for help).

Due DateJun 10, 2018 11:30 PM