A portable  MYSQL server that run's on port 3311

 

Your organization recently had an important mini-super pc stolen from the premises despite it being in a highly secured area . The server was in a room that required two-factor authentication, something that you possessed and something your are. However, the PC was not locked down physically, there are no security guards at the front desk, anyone can walk into the building, and there is no escorting or logging. The CEO from corporate has hired you as the Lead Security Specialist and Forensic Examiner. You must write a detail report explaining ALL the specified points to the CEO 1) what forms of 2FA are used for authentication at the facility, who are the potential culprits, and what cross-functional teams you'll need to work with to build a new system.

After talking to the help desk, you learned that Jonathan Noble, a Deputy Chief financial officer, has made 8 calls to the help desk about weird activity on his computer. Looking further into the situation, you decide will have to use a forensic tool to examine Jonathan's PC. 2)As a CEO what kind of tool you want to use and why.

In addition, After talking to the facility manager, you find out that only two people had access to the room: Jonathan and a long-term janitor named Chris Jenkins, who's been on leave due to an injury. However, only one of the two had weekend access to the facility and only one had access to the computer. 4) Jonathan is still at work, so you need to make a recommendation and what actions the situations warrant for him to get access to his computer.

After gaining access to both Jonathan's and Chris's computer. You discovered that Jonathan had clicked on an email link, which opened up a remote desk top vulnerability, after the attacker got a hold on the system, Jonathan was sent a note, where the attacker consistently used the word, "sorry" and gave the option for same to randomly-selected encryption if he didn't pay in full. Instead of Jonathan notifying IT, he was embarrassed, so he talked to the perpetrator, who was trying to get Jonathan to meet him. 5) explain how Jonathan got into this predicament and what type of malware issue the organization faces. While searching on Chris's computer, you find nothing but unrelated visits to porn sites, as a result you must make a decision to report it or not.6) Your job now is to reconstruct possible events that led to the theft of the mini-super pc.

In addition, you are being paid to be a security consultant to recommend the best method to build a more secure computer that will go through several evolutions where you will work with cross-functional teams to produce the solution. (7)recommend and explain why the software development model you suggested is the best suited for your project by 8) using a threat-modeling design and (9) explaining the coding design security concepts used.

The system that is implemented uses a client and web server built and it is your job to (10) recommend the best authentication protocol (TACACS+) for encryption between the client and the server and explain your choice of selection. I will add a grading rubric for this assignment soon.