Category: Cyber security

IT projects present a different set of challenges from traditional projects since they are usually unique in nature and represent something new being developed for the stakeholders.
For this assignment, you must use the four core theories of project management leadership to write an analysis in which you address how the leadership theories of project management can be used to resolve common issues facing IT project managers today.
Your paper should include the following:
Outline the most important leadership challenges facing IT projects today. This section is important to identify how these challenges can be addressed by the leadership theories of project management.
Describe how particular leadership theories could be applied to address IT project challenges.
Discuss how you would apply the core leadership theories to create your own leadership style. Based on the core leadership theories that you have chosen, provide a summary of your own leadership style that you would use to manage the IT projects. Provide specific examples of the leadership style that you need to have to be successful in IT project management.
Length: 3-4-page academic paper, not including title and reference pages
References: Include a minimum of 3 scholarly resources
The completed assignment should address all of the assignment requirements, exhibit evidence of concept knowledge, and demonstrate thoughtful consideration of the content presented in the course. The writing should integrate scholarly resources, reflect academic expectations and current APA standards

Your task: You have been asked to give a presentation at an online training session for employees who are now working from home. The subject of this training session is: Access Controls and Why They Matter.
Background: Access controls are security features that are usually considered the first line of defense in asset protection. They are used to dictate how subjects access objects, and their main goal is to protect the objects from unauthorized access. Access control models are frameworks that use access controls to enforce the rules and objectives of the model (e.g. MAC, DAC, RBAC).
For this training, you should focus on the need to use Access Controls to protect corporate assets and data which are accessible via equipment and networks within the Work From Home setting. In your talking points you should also consider and address the frustrations that employees may feel when they encounter access controls that are not set up to allow the same type of “inside” access as employees had when working on company equipment inside company networks. (Explain why “turning off” access controls is not an acceptable solution to remote access to internal networks and resources.) Finally, address some potential “insider threats” which may exist in the Work From Home environment that need the countermeasures provided by access controls. Such threats could include the actions of others residing in the home who have access to the employee’s laptops or who use the same networks and network connections.
Format: This week, the format for your deliverable (posting) will be “Talking Points.” Talking points are presented in outline format and contain the content that you would put on slides in a slide deck. Your outline should include 5 to 7 major points (“slide titles”) followed by 3 to 5 supporting points for each. Remember to put enough information into the talking points that your peer reviewers can understand what you intend to cover in each section of your briefing. Remember to introduce the topic at the beginning, present your analysis, and then close your briefing with an appropriate summary. Include a list of sources (3 or more) which attendees could refer to if they wish to fact check your work.

Submit a one page outline with your proposed term paper title, thesis statement, and an outline of the subtopics you will cover in your paper. 
Include at least 3 references supporting your paper research.

Please Seperate Each Response!!
Discussion 1: 
1.     Why is Linux, especially Kali Linux, rather than some other operating systems, such as Windows, preferred by most people for penetration testing?
Discussion 2:
Agree or Disagree? Why?
How are passwords stored on Linux systems?
Similar to Windows, Linux stores passwords as a hash; however, Linux stores then in the /etc/shadow file rather than an SAM file in Windows (Easttom, 2018). Easttom explains that Linux uses a salt algorithm which periodically inserts bits into the passwords (2018). Additionally, salt is often utilized in hashing to prevent attacks on rainbow tables (Easttom, 2018). One may be able to use a rainbow table in an attempt to recover a password if you can recover the hash from Linux (Easttom, 2018).
For a simpler answer, I found the following explanation on the Red Hat website: passwords stored in Linux in the /etc/shadow file ARE hashes. When you sign in, the process of authentication compares the stored hash with the hashed version of the password you keyed in- if the checksums of both are identical, the correct password was entered, and authentication is complete (Garn, 2021). Furthermore, by checking the first 2 characters of the encrypted password (ie $1, $5, or $6), then the password is encrypted by MD5, SHA256, or SHA512 respectively (Garn, 2021).
Easttom, C. (2018). Penetration Testing Fundamentals (Ch 3). Pearson Education, Inc.
Garn, D. (2021, January 18). An Introduction To Hashing And Checksums In Linux. Red Hat. Retrieved June 9, 2024, from https://www.redhat.com/sysadmin/hashing-checksums
Discussion 3:
1.     Select five or more Linux commands from the list below and describe their purposes.
·       ls, cd, grep, ps, kill
·       mkdir, rm, mv, rmdir, chown, chmod
·       useradd, userdel, users, who
2.     Select three or more Linux directories from the list below and describe them briefly.
·       /root
·       /bin,
·       /etc/passwd
·       /etc/shadow
·       /dev
·       /boot
·       /usr

In order to build on a program – the overall requirements of that program need to be developed. Some of them will be determined this week. For example, a bank has to be compliant with, at a minimum, state and federal laws. For purposes of this program we will try to focus on the laws and standards that apply regarding cybersecurity.
Completion Instructions:
For this week, there are several sections to complete:
4) Laws, compliance and framework requirements (30% points)
Laws that apply to the organization – describe at least two laws, and how they apply to the organization (they do not have to be specifically cyber related, but try).
Compliance related standards – describe at least two compliance related standards, and how they apply to the organization (PCI DSS is one example)
Aligned Standards – As earlier determined, the bank will be aligning to NIST 800-53r5. Also add the FFIEC Cybersecurity Assessment Tool (FFIEC CAT) – describe both at a high level.
You can leverage the material you posted in this week’s DB, ensure you add to it as necessary, as more is required here than was in the DB.
5) Data Classification Levels (60% points)
Define 3-5 data classification levels. Define and provide examples.
Be sure to include employee data in the determination, as well as customer data definitions.
6) Security Awareness Program (10% points)
For the discussion board material for this week – gather the Security Awareness program information and paste it in this section.
Discuss three annual activities that should be implemented at your organization to support the security awareness program.
One of these should be annual User Security Awareness Training.  
For that section, provide a list of 8 topics/bullet points that will be in that training (Here is a starter list: Social Engineering, Insider threat, Phishing, etc.)
Submission Instructions:
Each week, more content will be added to it, you will always turn in the entire document each time. There are additional notes and comments on the template, remove them as you move through the completion of the template. For example, for the sections due this week, all of the comments, notes, and suggested text should be removed for those sections.

You are working for the Chief of Staff (CoS) for a newly elected Governor. The governor asked the CoS to research and prepare a 5- to 7-paragraph background briefing (backgrounder) that addresses the below question. The CoS will use this background briefing to prepare the Governor and his appointed cybersecurity director as they answer questions from the press and general-public.
You are not answering the questions as the governor, rather you are providing the governor the information s/he needs to answer the question.
The question: As governor, how will your administration improve cybersecurity for the state’s Critical Infrastructures?
The CoS asked you to research and prepare a draft for the background briefing. Your draft must provide enough information that the CoS and the Governor understand key terms that you use in your explanations. To that end, your draft briefing must answer the following questions:
What is meant by “cybersecurity” for critical infrastructures?” Give examples of critical infrastructure associated with a specific state.
What is meant by “Threats” (i.e. individual hackers, politically motivated hacktivists, criminal enterprises, and unfriendly “nation state” actors), countermeasures, and safeguards? Explain technical terms and examples.
What are the three most important actions that the governor’s administration should take to help improve the security of critical infrastructures in the state? (You should identify and discuss these in greater detail than your response to the first two bullet points.)
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting.

Here is the link for the article that needs to be reviewed.  https://www.raconteur.net/risk-regulation/black-hat-hackers
I have also attached the article review directions

Case Study Presentation: Cybersecurity Awareness Campaign Design (20 mins)
Scenario: With the rise of generative AI in the workplace, the potential for inadvertently
compromising sensitive information has increased. Recent internal evaluations indicate a
significant gap in employee understanding of the risks involved in using publicly accessible AI
tools with company data. 
Task: Your task is to create a security awareness campaign using Microsoft PowerPoint that
addresses this issue. 
Campaign Objectives: 
• Increase Awareness: Educate employees on the risks associated with using generative
AI tools with sensitive company data. 
• Promote Best Practices: Encourage the implementation of data sanitization
techniques before inputting any information into AI tools. 
• Cultivate a Culture of Security: Establish a workplace environment that prioritizes
data privacy and security.
Requirements: 
• Detail the content and structure of the campaign. 
• Outline communication methods and materials you would use. 
• Propose a method to ensure the effectiveness of the campaign. 
• Develop a follow-up plan to ensure ongoing compliance with security protocols.
Deliverable: 
• Develop a presentation outlining the campaign strategy to be presented to the manager. 
The presentation should be no longer than 20 minutes and should emphasize
the strategic rationale behind your decisions. o Quality of the case study is key. 

This assignment is for a course in Industrial Espionage.
Instructions
This assignment consists of two questions to test knowledge and assimilation of the course objectives.  
1. One of the most significant and common threats is the insider threat. What actions do you think are appropriate for the security of an organization regarding the insider threat?
2. Imagine you are the new CEO of a toy Research & Design Company. Your company was in the process of creating an electronic gaming toy and the final protocol plans have been developed. You are not sure what security protocols are in place. What is your approach for securing the data from an outside threat?
Technical Requirements
Your paper must be at a minimum of 2-3 pages per question for a total of 4-6 pages (the Title and Reference pages do not count towards the minimum limit).
Scholarly and credible references should be used. Please use at least 2 scholarly sources per page of content.
Type in Times New Roman, 12 point and double space.
Students will follow the current APA Style as the sole citation and reference style used in written work submitted as part of coursework. 
Do not use Wikipedia or encyclopedic-type sources. It is highly advised to utilize scholarly references such as books, peer-reviewed journals, articles, archived documents, etc.
NOTE: An excellent reference for this assignment is Wimmer, C.B. (2015). Business espionage: Risks,
threats, and countermeasures. Elsevier Science & Technology.

Detailed description of the area researched
Technology involved in the area
Future trends in the area
Example companies involved in the area
Regulatory issues surrounding the area
Global implications for the area
References (minimum of 10)