Establishing Roles
a. Introduce yourselves
b. Establish roles
i. Financial Sector
ii. Law Enforcement
iii. The Intelligence Community
iv. Homeland Security
c. Assign roles listed above
d. Create schedule
e. Create plan of action
II. Assessing Suspicious Activity (All Team Members)
a. Review previous topics from project 1,2, and 3 to assess any suspicious network activity and network vulnerabilities
i. Network Security
ii. Mission Critical systems
iii. Penetration Testing
iv. Port Scan Activities
v. Network Scanning Tools Activities
vi. Analyze Wireshark Files
III. The Financial Sector
a. Description of the impact the threat has on the financial sector
i. Loss of control of systems
ii. Loss of data integrity or confidentiality
iii. Exfiltration of data
iv. Any other impacts noted
b. To be completed by all team members
i. Provide submissions from the Information Sharing Analysis Councils
ii. Review Industrial Control Systems (ICS)
1. Advise the importance of them to the financial services sector
iii. Identify the risk associated with ICS
IV. Law Enforcement
a. Complete the group Research assignment
i. Determine tools, techniques, and procedures used to exploit the database
ii. Provide the successful methods
b. To be completed by the Law Enforcement Representative
i. Determine what was learned about the methods for exploitation
ii. Provide research to justify your claim
iii. Identify the threats and vulnerabilities of the website application
1. Identify possible countermeasures
2. Include in the SAR and AAR
V. The Intelligence Community
a. To be completed by all team members
i. Provide overview of the life cycle of a cyber threat
ii. Explain different threat vectors that cyber actors use
iii. Provide a possible list of nation-state actors that have targeted US financial services industry before
iv. Review the threat response and recovery resource
v. Provide or propose an analytical method in which you detect threats, identify threats, and perform threat response and recovery
vi. Identify the stage of the cyber threat life cycle where you observe different threat behaviors
1. Provide in the SAR and AAR
b. To be completed by Intelligence Community Representative
i. Provide intelligence on the nation-state actor, their cyber tools, techniques and procedures
ii. Leverage threat reporting from FireEye, Mandiant, and other organizations that provide intelligence reports
iii. Include social engineering methods used by the nation-state actor and their reasons for attacking US critical infrastructure
1. Include in the SAR and AAR
VI. Homeland Security
a. To be completed by the Homeland Security Representative
i. Use the USCERT website and other resources that provide common vulnerability reporting
ii. Explore the resources for risk mitigation and provide the risk, response, and risk mitigation steps that should be taken for same type of attack
b. To be completed by all team members
i. Provide a risk threat matrix
ii. Provide a current state snapshot of the risk profile of the financial services sector
1. Will be a part of the overall risk assessment
2. Will be included in the SAR and AAR
3. Review and refer to the risk assessment resource to aid you in developing this section of the report.
VII. The SAR and AAR
a. To be completed by all team members
i. Compile your research
ii. SAR submitted to the white house
iii. AAR submitted to analyst community
b. SAR
i. Describe the threat
ii. The motivations of the threat actor
iii. The vulnerabilities that the threat can exploit
iv. Current & expected impact on US financial services
v. Reducing risk
vi. Actions taken to defend and prevent against this threat in the future
vii. 15 pages including tables and graphs
c. AAR
i. Includes the intelligence, law enforcement, defense/civilian, private sector and academia communities
ii. System lifecycle methodology
1. Rationale for cyber incident
2. Critical thinking to solve this cyber incident
3. 10-15 pages including tables and graphs
Project 4 Deliverables
SAR (14-15 pages)
I. Title Page
II. Abstract
I. Threat Actors (provide definition/overview)
a. Tools, Techniques, and Procedures (what is used by threats to attack)
b. Attacks (list some social engineering attacks used by threats against US)
i. Rationale (provide the reason why they would attack the US)
III. Exploitation Methods (provide definition/overview)
a. Examples of Exploitations (research to find and summarize findings)
b. Vulnerabilities of Web Application (identify vulnerabilities to the web application)
i. Threats to Web Application (identify threats to web application)
ii. Risks (identify risks created by threats exploiting vulnerabilities)
1. Identify Countermeasures (identify remediation activities)
IV. Threat Analysis and Exploitation: Ethical Hacking (Provide in depth definition of ethical hacking)
a. Tools, Techniques, and Procedures (identify TTPs of ethical hacking)
V. Risk Threat Matrix (provide definition/overview)
a. Current Security Profile (current security profile of financial sector)
i. Vulnerabilities (identify vulnerabilities in the financial sector)
ii. Threats (identify threats to the vulnerabilities in the financial sector)
VI. Recommendations (identify ways to prevent attacks in the future)
VII. Conclusion (sum up the entire SAR)
VIII. References
Executive Presentation (5-8 slides)
Summarize the SAR & AAR report
I. Title Slide
II. 5-8 slides
III. Reference Slide
AAR (10-15 pages)
II. Title Page
III. Abstract
IV. Threat Actors
a. Lessons Learned (what was learned from successful attacks by threats against the US)
V. Exploitation Methods
a. Lessons Learned (what was learned from exploitation examples in SAR)
b. Recommendations (recommend solutions to secure database)
VI. Threat Analysis and Exploitation: Ethical Hacking (Provide definition/overview)
a. Successful Methods (Identify what went well with ethical hacking)
VII. Risk Threat Matrix
a. Risk (identify risks to the financial sector)
b. Recommendations (provide recommendations to remediate risks to financial sector)
VIII. Recommendations (Provide recommendations based on lessons learned in the AAR)
IX. Conclusion (Sum up AAR)
X. References
References
U.S. Department of Commerce, National Institute of Standards and Technology (NIST). (2012). Information security: Guide for conducting risk assessments (Special Publication 800-30). Retrieved August 5, 2016, from http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspe…
NIST SP 800-37 Revision 1
Chapter 11: A Survey on New Threats and Countermeasures on Emerging Networks by Jacques Saraydayran, Fatiha Benali, and Luc Paffumi from Intrusion Detection Systems
Using a Prediction Model to Manage Cyber Security Threats by Venkatesh Jaganathan, Priyesh Cherurveettil, and Premapriya Muthu Sivashanmugam from The Scientific World Journal
Cyber Security Awareness Month – Day 31 – Business Continuity and Disaster Recovery by Johannes B. Ullrich from Internet Storm Center
The Pragmatic Guide to : The Process from Securosis
Insecure Configuration Management from the Open Web Application Security Project
Wireless Network Security Threats and MitigationA Survey by Mohammad Bajwa from
Open Journal of Business and Management
Error Handling, Auditing and Logging from The Open Web Application Security Project
Guide to Malware Incident Prevention and Handling for Desktops and Laptops
by Murugiah Souppaya and Karen Scarfone
Intrusion Detection using Security Onion Based on Kill Chain Approach by J. Beatrice Ssowmiya
and S. Prabhakaran from International Journal of Science and Research
https://www.owasp.org/index.php/Top_10_2013-Top_10
9.3 Firewalls an overview from Network Security
Securing the Home Energy Management Platform by Sren Aagaard Mikkelsen and Rune Hylsberg Jacobsen from Energy Management of Distributed Generation Systems
http://csrc.nist.gov/groups/SMA/fisma/assessment-c…
http://www.learncisco.net/courses/iins/common-secu…
Protecting Your System: Network (Internet) Security from Safeguarding Your Technology
Peer-to- Peer Enclaves for Improving Network Defense by David W. Archer and Adam Wick from Technology Innovation Management Review
https://www.owasp.org/images/5/57/OWASP_Proactive_…
https://lti.umuc.edu/contentadaptor/topics/byid/54…
Technical Guide to and Assessment by Murugiah P. Souppaya and
Karen A. Scarfone
Pen Testing from Hacking Wetware https://lti.umuc.edu/contentadaptor/topics/byid/87…
Singh, G., Goyal, S., & Agarwal, R. (2015). Intrusion Detection Using Network Monitoring Tools. IUP Journal Of Computer Sciences, 9(4), 46-58
Performance Analysis of Cloud Based Penetration Testing Tools by Aruna Pavate and Pranav
Nerurkar from International Journal of Engineering Research and Technology
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
Computer science is a tough subject. Fortunately, our computer science experts are up to the match. No need to stress and have sleepless nights. Our academic writers will tackle all your computer science assignments and deliver them on time. Let us handle all your python, java, ruby, JavaScript, php , C+ assignments!
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
There is a very low likelihood that you won’t like the paper.
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
GET A PERFECT SCORE!!! 
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more