To initiating up this assignment, evaluation the urged and grading rubric in the Module Five Instant Response Guidelines and Rubric. You’re going to be working by Breach Analysis Simulation Assert Two PPT, or its text-based fully different PDF, which is an interactive scenario that it’s likely you’ll use to condo questions in the urged. Whenever you’ve done your work, submit the assignment right here for grading and trainer feedback.
-
ModuleFiveShortResponseGuidelinesandRubric-CYB-250-15105-M01CyberDefense2024C-6Oct-Dec.pdf
-
CYB250ModuleFiveShortResponseTextVersion.pdf
CYB 250 Module Five Instant Response Guidelines and Rubric
Overview
Security analysts play a extremely vital feature working alongside the pc incident response team (CIRT). The analyst would be the person who both fixes the concerns or allocates sources to
fix the concerns iden�fied by the CIRT. Utilizing sources to facilitate the work becomes essen�al to wait on the successfully being of an organiza�on. Making use of the Heart for Web Security (CIS) cri�cal
controls to company infrastructure is common prac�ce for an analyst. The controls are supposed to manual the organiza�on in direction of compliance. They are no longer supposed to be inclined in isola�on.
Evaluating an organiza�on’s technical concerns to the CIS cri�cal controls supplies a methodology of growing solu�ons to remediate concerns. As soon as the concerns are iden�fied and remediated, the
next step is to uncover uncover how to successfully file those concerns to various stakeholders.
Steered
A�er reviewing Breach Analysis Simula�on Assert Two, address the cri�cal system below:
I. Repor�ng: Pick an viewers for repor�ng (sales team, senior administration, or various stakeholders).
A. Affirm the style you file technical concerns to non-technical of us in your chosen viewers. Possess in ideas that most managerial roles are non-technical in nature; managers
need informa�on presented to them in a layout they’ll with out boom model and use.
II. Subcontrols: Refer to the CIS Controls worksheet inclined in Breach Analysis Simula�on Assert Two and counsel two addi�onal subcontrols that would possibly well be modified by policy,
implementa�on, automa�on, or repor�ng to make stronger security for the organiza�on.
A. Subcontrol One: Checklist the modifica�on of the subcontrol and jus�fy your recommenda�on.
B. Subcontrol Two: Checklist the modifica�on of the subcontrol and jus�fy your recommenda�on.
III. Two-Element Authen�ca�on: A proposed solu�on for the breach danger is to use RSA key fobs as a methodology of two-factor authen�ca�on.
A. Discuss the merits of the usage of RSA encryp�on and the implementa�on of two-factor authen�ca�on.
B. Discuss how various forms of encryp�on would possibly well perhaps be inclined in VPN so�ware.
What to Submit
Your submission would possibly well perhaps quiet be 1 to 2 pages in length. Employ double spacing, 12-level Situations Original Roman font, and one-scoot margins. All sources needs to be cited the usage of APA layout. Employ a file title
that entails the course code, the assignment �tle, and your title—as an illustration, CYB_123_Assignment_Firstname_Lastname.docx.
11/25/24, 12:36 PM Assignment Records
https://learn.snhu.edu/d2l/le/verbalize material/1748997/viewContent/36623164/Look 1/2
Module Five Instant Response Rubric
Requirements Exemplary (100%) Proficient (85%) Wishes Enchancment (55%) Now not Evident (0%) Rate
Repor�ng: Picture Technical
Concerns
Meets “Proficient” criteria and
addresses cri�cal ingredient in an
excep�onally sure, insigh�ul,
sophis�cated, or crea�ve
manner
Explains uncover how to file
technical concerns to
nontechnical of us in the
chosen viewers
Addresses “Proficient” criteria,
however there are gaps in readability,
good judgment, or ingredient
Does no longer address cri�cal
ingredient, or response is
irrelevant
30
Subcontrols: Subcontrol One Meets “Proficient” criteria and
addresses cri�cal ingredient in an
excep�onally sure, insigh�ul,
sophis�cated, or crea�ve
manner
Describes the modifica�on of
the subcontrol and jus�fies the
recommenda�on
Addresses “Proficient” criteria,
however there are gaps in readability,
good judgment, or ingredient
Does no longer address cri�cal
ingredient, or response is
irrelevant
15
Subcontrols: Subcontrol Two Meets “Proficient” criteria and
addresses cri�cal ingredient in an
excep�onally sure, insigh�ul,
sophis�cated, or crea�ve
manner
Describes the modifica�on of
the subcontrol and jus�fies the
recommenda�on
Addresses “Proficient” criteria,
however there are gaps in readability,
good judgment, or ingredient
Does no longer address cri�cal
ingredient, or response is
irrelevant
15
Two-Element Authen�ca�on:
RSA Encryp�on
Meets “Proficient” criteria and
addresses cri�cal ingredient in an
excep�onally sure, insigh�ul,
sophis�cated, or crea�ve
manner
Discusses the merits of the usage of
RSA encryp�on and the
implementa�on of two-factor
authen�ca�on
Addresses “Proficient” criteria,
however there are gaps in readability,
good judgment, or ingredient
Does no longer address cri�cal
ingredient, or response is
irrelevant
15
Two-factor Authen�ca�on:
VPN So�ware
Meets “Proficient” criteria and
addresses cri�cal ingredient in an
excep�onally sure, insigh�ul,
sophis�cated, or crea�ve
manner
Discusses how various forms
of encryp�on would possibly well perhaps be inclined in
VPN so�ware
Addresses “Proficient” criteria,
however there are gaps in readability,
good judgment, or ingredient
Does no longer address cri�cal
ingredient, or response is
irrelevant
15
Ar�cula�on of Response Submission is freed from errors
linked to cita�ons, grammar,
spelling, and organiza�on and
is presented in a first fee
and easy-to-learn layout
Submission has no fundamental errors
linked to cita�ons, grammar,
spelling, or organiza�on
Submission has some errors
linked to cita�ons, grammar,
spelling, or organiza�on that
nega�vely affect readability
and ar�cula�on of fundamental ideas
Submission has cri�cal errors
linked to cita�ons, grammar,
spelling, or organiza�on that
forestall working out of ideas
10
Complete: 100%
11/25/24, 12:36 PM Assignment Records
https://learn.snhu.edu/d2l/le/verbalize material/1748997/viewContent/36623164/Look 2/2
,
Printed by Affirm® Storyline www.order.com
CYB 250 Module Five Instant Response Textual verbalize material Model Breach Analysis Simulation
Breach Analysis Simulation Assert Two Breach Analysis Simulation Introduction
Study by the next scenario. You’ll then be requested to make selections in accordance with your skills as a security analyst. Whereas there is a handiest course by the simulation, most of the various strategies are viable. That it’s likely you’ll be inspired to explore all of the strategies to make stronger your knowledge and to jam up you for future breaches. The aim of this simulation is to accomplish your systems pondering mindset and passe your cyber protection strategies.
Printed by Affirm® Storyline www.order.com
Breach Analysis Simulation: Assert Two
That it’s likely you’ll be a security analyst working for an organization that sells mass storage strategies to companies. Several of your potentialities are law companies. For the length of a routine audit, a breach used to be identified. This calls into search knowledge from the safeguards that your company has in space to guard knowledge integrity. Following up on the findings from the pc incident response team (CIRT), your supervisor has tasked you with reviewing the unusual controls. Subset of Present Controls
Review this subset of recent controls in the spreadsheet. Prioritize them in the reveal it’s likely you’ll perhaps address them for this breach by dragging and shedding every retain watch over into the fair column. (For extra knowledge on the controls, evaluation the CIS Controls file.)
• CIS Abet watch over 11: Stable Configuration for Network Devices, equivalent to Firewalls, Routers, and Switches
• CIS Abet watch over 12: Boundary Defense
• CIS Abet watch over 13: Records Security
• CIS Abet watch over 14: Controlled Win admission to Per the Must Know
• CIS Abet watch over 16: Myth Monitoring and Abet watch over
Printed by Affirm® Storyline www.order.com
1. Procedure back One 1.1 Procedure back One: Present Controls Infrastructure Analysis
Per your enter and that of various stakeholders, the absolute top priority has been deemed to be CIS Abet watch over 13: Records Security; particularly, the level of interest is subcontrol 13.3 (Video display and Block Unauthorized Network Visitors). The group has the computerized instruments set up in and a policy has been created for the retain watch over, however the retain watch over is rarely any longer configured. What’s the next step vital to verbalize compliance to this retain watch over? Under are the that it’s likely you’ll perhaps also think solutions:
• Automate this retain watch over
• Picture on this retain watch over
• Put in power the retain watch over 1.2 Automate this retain watch over
Flawed. If the policy is rarely any longer first implemented, it’s going to no longer be computerized. Strive selecting a various response.
Printed by Affirm® Storyline www.order.com
1.3 Picture on this retain watch over
Flawed. If the policy is rarely any longer first implemented, it’s going to no longer be reported on. Strive selecting a various response. 1.4 Put in power the retain watch over
Upright! For a retain watch over to in any case work, it needs to be implemented. This would possibly well perhaps well quiet be step one after the policy is defined.
Printed by Affirm® Storyline www.order.com
1.5 Procedure back One Review
Nice work! The aim for any system is to be fully computerized. It is a ways a necessity to make certain every insurance policies are created, implemented, and computerized if that it’s likely you’ll perhaps also think. Some controls can no longer be fully computerized and would possibly well perhaps will have to possess some human interaction. For the length of CIRT’s investigation of the breach, they sure that its root cause used to be network linked. Your supervisor is now assigning you the analysis of network insurance policies linked to the breach. 2. Procedure back Two 2.1 Procedure back Two: Investigating the Network
CIRT identified a port that used to be mistakenly left originate; a consumer machine used to be talking with one other client machine on an isolated network. Extra investigation identified that this port used to be left originate after configuration files had been moved three weeks prior. This left the network originate to assault. The unusual policy for subcontrol 12.2 (Scan for Unauthorized Connections Right by Trusted Network Boundaries), specifies that scans would possibly well perhaps quiet be scheduled to speed monthly.
Printed by Affirm® Storyline www.order.com
How would you replace the policy to forestall this fabricate of vulnerability in the slay? Under are the that it’s likely you’ll perhaps also think solutions:
• Scans would possibly well perhaps quiet be speed as on the entire as time enables
• Scans would possibly well perhaps quiet be speed on a day-to-day foundation
• Scans would possibly well perhaps quiet be speed in accordance with the unusual policy and after any configuration adjustments 2.2 Scans would possibly well perhaps quiet be speed as on the entire as time enables
Flawed! It is a ways a first fee approach to constantly speed scans on a routine foundation. Running them as on the entire as time enables would possibly well perhaps both dissipate extra sources than wished or, worse, would possibly well perhaps result in scans being extend for a protracted duration of time, leaving the network originate to attacks. Strive selecting a various response. 2.3 Scans would possibly well perhaps quiet be speed on a day-to-day foundation
Appropriate preference! Nonetheless, operating scans on a day-to-day foundation would possibly well perhaps very a lot tax sources. Updating the policy in this form would possibly well perhaps retain the network extra genuine, however at what impress? This replace would possibly well perhaps require adjustments to the corporate infrastructure.
Printed by Affirm® Storyline www.order.com
If we up to this level the policy to require that scanning be done on a day-to-day foundation, what is the splendid danger with the provision tenet of the CIA triad? Under are the that it’s likely you’ll perhaps also think solutions:
• The sources requirement is rarely any longer met.
• The sources are no longer successfully allocated.
• On daily foundation scanning would possibly well perhaps tax sources beyond their capabilities. 2.3.1 The sources requirement is rarely any longer met.
Flawed! Whenever it’s likely you’ll perhaps be trying to put into effect a job the set up there are no longer factual sources available in the market to originate the action, the duty can no longer be done. Evaluating and planning sources is an vital piece of mission planning. Strive selecting a various response. 2.3.2 The sources are no longer successfully allocated.
Flawed! The sources will likely be found however they devise no longer seem like allocated to the mission or task. Allocating the factual sources would possibly well perhaps even be carried out by dependency charts or mission timeline planning. Strive selecting a various response.
Printed by Affirm® Storyline www.order.com
2.3.3 On daily foundation scanning would possibly well perhaps tax sources beyond their capabilities.
Upright! It is that it’s likely you’ll perhaps also think to overuse the sources allocated for a job. Even though there would possibly well perhaps be IT infrastructure time for the scans to speed each day, the human piece of the sources would possibly well perhaps no longer possess the time. It is a ways a necessity to stability the amount of human sources and IT sources a mission is going to are looking to be environment pleasant. A factual stability enables all system of the system to speed successfully. Now that you just have explored the affect on sources, return to Procedure back Two and strive selecting a various response. 2.4 Scans would possibly well perhaps quiet be speed in accordance with the unusual policy and after any configuration adjustments
Upright! Running the scans on a routine foundation is required for the corporate to discontinuance genuine. The interval in the unusual policy has been adequate; however, the policy would possibly well perhaps quiet constantly be evaluated for optimum effectivity. If this evaluation deems monthly scans are adequate, the policy would possibly well perhaps quiet be up to this level to constantly speed scans after any configuration adjustments, which makes sure that no various piece of the system is inclined or no vital sources are left unprotected.
Printed by Affirm® Storyline www.order.com
3. Procedure back Three 3.1 Procedure back Three: Email from the Supervisor
Supervisor: “The law companies that we retailer knowledge for are very desirous about the integrity of their knowledge on our system. We should guarantee that the data that resides on our system has no longer been modified the least bit after they uploaded files. We are able to survey at various strategies to verify that our security is quiet the splendid it might most likely even be. I propose the next areas for extra investigation: human system, hardware system, encryption and security insurance policies.” What condo of security invent you think is a significant, given the character of the breach? Under are the that it’s likely you’ll perhaps also think solutions:
• Encryption and security insurance policies
• Hardware system
• Human system 3.2 Encryption and security insurance policies
Upright! There would possibly well perhaps ensure rules that your company is held to thanks to the fabricate of knowledge that it’s a ways storing. There on the entire is a need for Wisely being Insurance Portability and
Printed by Affirm® Storyline www.order.com
Accountability Act (HIPAA) compliance and various forms of privacy. Taking a glimpse at CIS subcontrols 16.3 (Require Multi-Element Authentication), 16.4 (Encrypt or Hash All Authentication Credentials), and 16.7 (Place Direction of for Revoking Win admission to), we bag a solid advice that our system needs to possess two-factor authentication, needs to use hashing for credentials, and desires to possess a job in space for hunting down workers’ access once they disappear the law companies. There are numerous concerns, however these would can possess to be our priorities to support ensure the safety of knowledge integrity and availability. Right here is a case the set up the numerous strategies are also viable. That it’s likely you’ll be inspired to explore them to make stronger your knowledge and to jam up you for future breaches. 3.3 Hardware system
Upright! Having the most up-to-date system and controls in space will facilitate solid protection from exterior influences. CIS vital subcontrol 11.5 (Location up Network Devices Utilizing Multi- Element Authentication and Encrypted Classes) minute print that every system of the system have to use two-factor authentication. This ensures confidentiality of the data throughout the system and enhances the safety by limiting undesirable access to the system. Strive selecting a various response. Right here is a case the set up the numerous strategies are also viable. That it’s likely you’ll be inspired to explore them to make stronger your knowledge and to jam up you for future breaches.
Printed by Affirm® Storyline www.order.com
3.4 Human system
Upright! The human factor of the system can constantly be the weakest link. Per CIS vital subcontrol 14.8 (Encrypt Fine Records at Relaxation), we have to encrypt all sensitive knowledge at relaxation and use instruments that require two-factor authentication. Having this policy in space and fully implemented saved the danger because even supposing the attackers had been able to accomplish access to the network, there used to be no intention for them to access the law companies’ sensitive knowledge stored on our network. Strive selecting a various response. Right here is a case the set up the numerous strategies are also viable. That it’s likely you’ll be inspired to explore them to make stronger your knowledge and to jam up you for future breaches. 4. Procedure back Four 4.1 Procedure back Four: After the Breach
Since the breach, the IT security team has been proactively identifying various doable vulnerabilities to forestall future breaches. This team has identified gaps in the safety of your system. Which of the next strategies would you address first, prioritizing time and finances? Under are the that it’s likely you’ll perhaps also think solutions:
Printed by Affirm® Storyline www.order.com
• Hold into memoir virtual non-public network (VPN) applied sciences
• Hold into memoir electronic mail encryption
• Hold into memoir file integrity 4.2 Hold into memoir virtual non-public network (VPN) applied sciences
Appropriate thought! Whereas no longer the most splendid acknowledge whereas you happen to prioritize timeliness, this represents a longer-term acknowledge. An encrypted tunnel to the data would possibly well perhaps require hardware upgrades and protocol adjustments. Strive selecting a various response. 4.3 Hold into memoir electronic mail encryption
Appropriate thought! Nonetheless, this acknowledge requires a devoted server, and utility upgrades or migration to a extra sturdy platform. Right here is the least preferable option must you specialize in timeliness and scope because it impacts so many systems; however, it does possess a ways-reaching implications for the group’s security posture. Strive selecting a various response.
Printed by Affirm® Storyline www.order.com
4.4 Hold into memoir file integrity
Upright! Right here is the splendid danger. This acknowledge satisfies the stakeholders with a alternate- relevant acknowledge that is low-impress and swiftly to put into effect. Breach Analysis Simulation Assert Two Summary
After debriefing with CIRT, the director of IT, and the IT security team, we want to discuss the reporting needs. This knowledge needs to be shared with varied audiences. Or no longer it’s a ways critical to frame your file to every viewers fastidiously because various audiences possess various needs and technical knowledge. As an instance, senior administration (CEO/CFO/CIO) needs you to provide them with a methodology to make told selections to condo the identified gaps in security insurance policies. To your activity this week, it’s likely you’ll proceed this scenario and rob the next steps in reporting and recommending strategies.
- WE OFFER THE BEST CUSTOM PAPER WRITING SERVICES. WE HAVE DONE THIS QUESTION BEFORE, WE CAN ALSO DO IT FOR YOU.
- Assignment status: Already Solved By Our Experts
- (USA, AUS, UK & CA PhD. Writers)
- CLICK HERE TO GET A PROFESSIONAL WRITER TO WORK ON THIS PAPER AND OTHER SIMILAR PAPERS, GET A NON PLAGIARIZED PAPER FROM OUR EXPERTS
QUALITY: 100% ORIGINAL PAPER – NO ChatGPT.NO PLAGIARISM – CUSTOM PAPER

Looking for unparalleled custom paper writing services? Our team of experienced professionals at AcademicWritersBay.com is here to provide you with top-notch assistance that caters to your unique needs.
We understand the importance of producing original, high-quality papers that reflect your personal voice and meet the rigorous standards of academia. That’s why we assure you that our work is completely plagiarism-free—we craft bespoke solutions tailored exclusively for you.
Why Choose AcademicWritersBay.com?
- Our papers are 100% original, custom-written from scratch.
- We’re here to support you around the clock, any day of the year.
- You’ll find our prices competitive and reasonable.
- We handle papers across all subjects, regardless of urgency or difficulty.
- Need a paper urgently? We can deliver within 6 hours!
- Relax with our on-time delivery commitment.
- We offer money-back and privacy guarantees to ensure your satisfaction and confidentiality.
- Benefit from unlimited amendments upon request to get the paper you envisioned.
- We pledge our dedication to meeting your expectations and achieving the grade you deserve.
Our Process: Getting started with us is as simple as can be. Here’s how to do it:
- Click on the “Place Your Order” tab at the top or the “Order Now” button at the bottom. You’ll be directed to our order form.
- Provide the specifics of your paper in the “PAPER DETAILS” section.
- Select your academic level, the deadline, and the required number of pages.
- Click on “CREATE ACCOUNT & SIGN IN” to provide your registration details, then “PROCEED TO CHECKOUT.”
- Follow the simple payment instructions and soon, our writers will be hard at work on your paper.
AcademicWritersBay.com is dedicated to expediting the writing process without compromising on quality. Our roster of writers boasts individuals with advanced degrees—Masters and PhDs—in a myriad of disciplines, ensuring that no matter the complexity or field of your assignment, we have the expertise to tackle it with finesse. Our quick turnover doesn’t mean rushed work; it means efficiency and priority handling, ensuring your deadlines are met with the excellence your academics demand.
