Explain the developmental perspective on the problem of and changes to cybervictimization.

Cyberterrorism and Information Warfare

The CIA and FBI have been working as a joint task force to unearth the meaning behind a vast amount of intercepted digital communiqué between two known operatives believed to be spies. They have recruited your company to assist with the decryption of these messages.

Instructions

Before you start on this mission, both national organizations want to verify your ability to identify the motivation and capabilities behind cyberterrorism and information warfare. In a 4–5 page report to both organizations, answer the following questions, providing specific details for each topic: 

Explain the developmental perspective on the problem of and changes to cybervictimization.

Evaluate two current issues, trends, or problems in cybercrime and cyberterrorism.

Analyze the tactics used in cyberspace to share information and promote terrorist ideologies between and within terrorist groups.

Explain why interconnectivity is important in today’s connected environment.

Evaluate the two biggest threats against the national interests of the United States, including critical infrastructure.

Provide three sources to support your writing in addition to the textbook. Choose sources that are credible, relevant, and valid. Cite each source listed on your source page at least one time within your assignment. For help with research, writing, and citation, access the library or review library guides.

In what ways has the invention of the transistor influenced the course of human events?Do you think we will ever reach the limits of Moore’s Law, why or why not?

Computer technology advancements,Open source,Transistors

Watch a few segments of a Bill Nye the Science Guy episode (first aired April 25th 1997). Discuss what has changed since 1997 and what has remained the same. Be sure to include fundamental components (CPU, RAM, Hard Disks, Motherboards, input and output devices) in your answer (3 paragraphs about 15-20 sentences in total). Another article that might help think about this question: https://bigthink.com/hard-science/perseverance-rover-brain/ Youtube: https://www.youtube.com/watch?v=iUVrImXZHvA 0.57-5:00 & 9:45-15:03

In what ways has the invention of the transistor influenced the course of human events?Do you think we will ever reach the limits of Moore’s Law, why or why not? (3 paragraphs about 15-20 sentences in total) Also consider this article: https://escholarship.org/content/qt9t3495n0/qt9t3495n0.pdf Youtube: https://www.youtube.com/watch?v=OuFlISa73Sw

Describe how each of the five major hardware components of a computer (CPU, memory, Circuit board, storage, and input/output) are present in a Smartphone. (3 paragraphs about 12-20 sentences in total)

This article will be useful: https://fossbytes.com/whats-inside-smartphone-depth-look-parts-powering-everyday-gadget/

Name the five components that make up an information system and define each in your own words.

Describe the disruption caused with the introduction of the iPhone in 2007. How did this product change mobile phones and mobile computing?

What are three advantages of solid-state drives over standard hard disk drives? Are there times when one type is preferred over the other type?

 

Identify your threat actors and characterize their motivations or desired outcomes.

CYB-200-02: Develop reliable,ethical methods to detect,characterize,and counter cyber threat actors

In your technical brief, you must address the critical elements listed below. The codes shown in brackets indicate the course competency to which each critical element is aligned.

I. Introduction

Identify your threat actors and characterize their motivations or desired outcomes. Use research from the Project Three resource guide or decision aid to support your response. For example, is the threat actor gathering information for financial gain? [CYB-200-02]

II. Analysis

Describe best practices or methods for detecting the threat actors from the scenario. Use research from the Project Three resource guide or decision aid to support your response. [CYB-200-02]

Describe ethical and legal factors that should be considered and their significance in terms of the company for which you are employed in the scenario. Use research from the Project Three resource guide or decision aid to support your response. [CYB-200-02]

Describe at least one tactic or method that is important in responding to and countering this threat actor. Use research from the Project Three resource guide or decision aid to support your response. [CYB-200-02]

Describe at least one tactic or method that would be employed to reduce the likelihood of the same situation happening again. Use research from the Project Three resource guide or decision aid to support your response. [CYB-200-02]

III. Conclusion

Explain the potential ramifications of the tactics or methods you have suggested. Use research from the resource guide or decision aid to support your response. [CYB-200-02]

Identify the organization’s primary internal and external risks based on the local environments where facilities are located.

Develop risk analysis and mitigation plans

You are the IT risk assessment lead at Health Network, Inc., a health services organization headquartered in Tampa, Florida. Health Network has over 700 employees throughout the organization and generates $500 million in revenue annually. The company has two additional locations in Seattle, Washington, and Arlington, Virginia. These locations support different aspects of corporate operations. Each facility is located near a data center, where production systems are located and managed by third-party data-center hosting vendors.

Health Network has three main products:

HNetExchange is the primary source of revenue for the company. The service handles secure electronic medical messages that originate from its customers, such as large hospitals, which are then routed to receiving customers such as clinics.

HNetPay is a web portal used by many of the company’s HNetExchange customers to support the management of secure payments and billing. The HNetPay web portal, hosted at Health Network production sites, accepts various forms of payments and interacts with credit-card processing organizations, much like a web commerce shopping cart.

HNetConnect is an online directory that lists doctors, clinics, and other medical facilities to allow Health Network customers to find the right type of care at the right locations. It contains doctors’ personal information, work addresses, medical certifications, and types of services that the doctors and clinics offer. Doctors are given credentials and are able to update the information in their profiles. Health Network customers, which are hospitals and clinics, connect to all three of the company’s products using HTTPS connections. Doctors and potential patients are able to make payments and update their profiles using internet-accessible HTTPS websites.

Health Network operates in three production data centers that provide high availability across the company’s products. The data centers host about 1,000 production servers, and Health Network maintains 650 corporate laptops and company-issued mobile devices for its employees.

A previous risk assessment identified the following threats:

Potential loss of data due to inappropriate hardware decommission

Potential loss of protected health information (PHI) from lost or stolen company-owned assets, such as mobile devices and laptops

Potential data loss due to corrupt production data resulting from a systems outage

Internet threats from hackers and other malicious actors

Insider threats due to social engineering, installation of malware and spyware

Changes in the regulatory landscape that may impact operations

Based on the findings of this risk assessment, Health Network administration has determined that the existing risk management plan does not take into account the above threats and is therefore out of date. You have been assigned to develop a new plan.

Directions

For this assignment, you will create a risk management plan for Health Network that contains the following objectives:

Importance: Explain the plan’s purpose and importance for the key stakeholders of the organization.

Scope: Define the scope and boundaries of the plan.

Risks: Identify the organization’s primary internal and external risks based on the local environments where facilities are located.

Safety: Describe physical and safety considerations associated with the identified risks.

Business Impact: Conduct a business impact analysis (BIA) that determines the probability and significance of certain risky events and their potential impact on the various aspects of Health Network’s business.

Mitigation: Identify strategies to mitigate these risks and to allow Health Network to continue operating (business continuity plan (BCP) and disaster recovery plan (DRP)) if these risks occur.

Should companies accessing customers personal data in the fight against harmful content be allowed to act as police, judge,jury and executioner?

Should companies have access to their customers personal data in the fight against harmful content or is this an invasion of privacy

Apple has recently announced that they will scan photos on Apple mobile devices for certain illicit material. With the growing use of AI and algorithms now scanning customers personal data in the fight against such harmful content is the issue of: “Should companies have access to their customers personal data in the fight against harmful content or is this an invasion of privacy?” Build in 2500 words expressing a logical and highly persuasive argument supported by appropriate literature to this question.

The argument should follow a logical and cohesive structure with an elegant progression between the substantive points made where there are highly effective links within and across paragraphs.

This essay although based on the Apple announcement should also focus on other companies which have access to their customers personal data such as but not limited to YouTube, Twitter, Facebook Tic-Tok, Samsung and major banking intuitions etc.

Areas in which you may choose to explore its question but not limited too are.

What is considered harmful content?

Do customers forfeit their privacy when the sign up to use companies’ products that uses and stores personal data?

What ways can customers protect their personal data from companies accessing it?

Should companies accessing customers personal data in the fight against harmful content be allowed to act as police, judge,jury and executioner?

What are the legalities of companies accessing their customers personal data in the fight against harmful content?

Is this issue beyond any companies control or is it now becoming normal procedure for companies in a modern digital society?

Explain specialized terms or concepts to facilitate audience comprehension.

Linux training guide

You’ve won the business! Faster Computing has agreed to the project. As the final stage of pre-implementation, you have been asked to produce a training guide that will demonstrate how to install Linux and provide an overview of several common commands, as follows:

(11.1.3: Install the software.)

Use a hypervisor of your choice to install Linux. Many hypervisors are available, such as Oracle’s VirtualBox, which is a free download. In addition, as part of UMGC’s agreement with VMware, you can download VMware Workstation for free. See below for specific screenshot requirements. You should include at least 3 screenshots (e.g., disk partitioning, timezone selection, creating the default account). Each screenshot should be accompanied by a brief explanation of what you did.

NOTE: It is not necessary to include screenshots of installing the hypervisor software.

1.2.3: Explain specialized terms or concepts to facilitate audience comprehension.

Demonstrate command-line operations that will provide the following information:

A listing of files in a directory and common file attributes

The current directory (hint: also known as the present working directory)

Create a file, then copy it to a different directory

Create a second file and move it to a different directory

Remove the first file, as well as the copy you created

The manual page for a given command

Create a text file, then use an editor to modify the content. Then display the content of the modified file

1.4.2: Use vocabulary appropriate for the discipline, genre, and intended audience.

In the above section (demonstrate CLI operations) show the commands with options/arguments (e.g., ls, cp, mv, rm) in your documentation as well as in your screenshots.

11.2.1: Configure technology according to stakeholder specifications and requirements.

Show running processes on the system. Demonstrate how to search for a specific process

Forcibly stop a running process

In the above section (demonstrate CLI operations) show the commands with options/arguments (e.g., top, kill, -9, ps) in your documentation as well as in your screenshots.

13.1.1: Create documentation appropriate to the stakeholder.

The deliverable for the final phase of the project is a written paper with screenshots. There is no minimum or maximum page requirement, but all of the requirements must be met. Use the Training Guide Template to record your work. This section will be graded upon the overall usefulness of the training guide to the organization.

11.3.1: Add and update systems as required.

This portion of the training guide helps determine your submission is unique.

Important Requirement

On the final screenshot, you need to open a command line and type in the following commands (without the quotes):

“date”

“echo CMIT391”

“echo ” (Replace your name here with your name)

The recommended format is to provide screenshots incorporated within the written narrative. The screenshots must all be your own. Screenshots from external sources are not permitted. You must include the specific screenshot listed above or your project will not be accepted.

1.1.4: Explain the relationship between the ideas presented to enhance clarity and comprehension.

The training guide must have a cover page, an introduction, summary, and at least 3-5 references.

1.2.2: Employ a format, style, and tone appropriate to the audience, context, and goal.

Employ proper spelling and grammar. All Linux commands must be lower case.

2.2.3: Explain the assumptions underlying viewpoints, solutions, or conclusions.

In your conclusion of at least a paragraph, summarize why using Linux is beneficial for employees, management, and the organization as a whole.

Discuss the problems of the increasingly complex issues security and risk management have to face as technology becomes more pervasive with new emerging technologies. 

The nature of cyber threats has changed dramatically over the past three decades

Make informed judgements by critically evaluating the issues with information security and security risks.

Identify and explore issues related to legal, ethical and professional issues in security management.

Discuss the problems of the increasingly complex issues security and risk management have to face as technology becomes more pervasive with new emerging technologies.

Discuss the problems of the increasingly complex issues security and risk management must face as technology becomes more pervasive with new emerging technologies.

The nature of cyber threats has changed dramatically over the past three decades

Considering the above statement, write a discussion paper on the following:

On how the nature of cyber threats has changed over the past three decades, and how you see the landscape of cyber security threats and risks evolving over the next ten years with emerging technologies, and consequently the challenges faced by management to deal with them.

Guidance: discuss the problems of the increasingly complex issues security and risk management must face as technology becomes more pervasive with new emerging technologies.

Include in the discussions any legal, ethical, and professional issues that are likely to arise.

Criteria

The discussion paper should be 1,800 words and written using references based on the IEEE referencing system, supplying full details of all references used.

1. A relevant discussion of evolving issues and challenges facing security and risk management in the next ten years with new and emerging tech with relevant examples.

2. An analysis and evaluation of relevant factors about why cyber threats have changed over the past 3 decades

3. Discussion of any legal, ethical, and professional issues that are likely to arise.

4. Relevant supporting arguments and good discussion.

How does the plan identify the risks,vulnerabilities,and threats that could impact mission critical business functions and processes?

Risk mitigation plan

Risk Analysis Report

The CIO is asking you to prepare a 3–4 page report that evaluates the company’s current IT Security Risk Management Plan, linked in the Supporting Materials section.

The report should contain the following:

Scope: Evaluate the scope and comprehensiveness of the current plan.

How does the plan describe its objectives?

How does the plan balance risk and cost?

In what ways does the plan cover the business objectives end to end?

How does the plan address all stakeholders who could be impacted by a cybersecurity attack?

Risk: Determine how the current plan identifies risks.

How does the plan identify the risks,vulnerabilities,and threats that could impact mission critical business functions and processes?

How does the plan identify industry-related risks (internal and external)?

Impact: Analyze how the identified risks might impact the organization’s assets.

How does the plan identify key assets and activities that need to be protected?

How does the plan estimate the financial impact of losses?

How does the plan address business continuity and asset replacement?

Mitigation: Evaluate the current plan’s mitigation recommendations.

How effectively does the plan translate the risk assessment into a risk mitigation plan?

How does the plan prioritize risk elements?

Legal Compliance: Assess how the plan addresses legal considerations.

Non-Compliance: Determine how the plan anticipates the implications of non-compliance.

Ethical Considerations: Assess how the plan aligns with current ethical codes within the cybersecurity field.