CYB 200 Project Two Guidelines and Rubric Overview This project is the creation of an incident analysis brief for your manager Regardless of the level of protection and prevention an organization has in place, cybersecurity incidents occur It is the response to the incident that may make or break an organization As you progress through your degree, you will build your skills to prepare for all stages of incident response preparation, detection and analysis, containment, eradication and recovery, and post incident activity A critical aspect of incident response is the ability to use information gained from an incident to improve the organization's security posture The insight gained helps security professionals develop solutions that reduce the likelihood of similar incidents in the future while balancing the potential negative impacts those solutions will have on the people, processes, and technologies they ultimately affect In this project, you will examine an incident that has occurred and use the Fundamental Security Design Principles to develop recommendations that will protect the organization in the future In this assignment, you will demonstrate your mastery of the following course competency Describe fundamental principles of cybersecurity Scenario In a course announcement, your instructor will provide you with a scenario on which your work will be based You will situate yourself as the security analyst in one of the provided scenarios, creating an incident analysis brief that explains to the security IT director how the Fundamental Security Design Principles can be applied to strengthen the organization's security posture following the incident described in the case You do not require specific technical information from the system beyond those supplied for you within the scenario Rather, you should address each critical element in the Project Two prompt, speaking broadly to what your analysis and recommendations would be, based on your research from the course materials collected in previous modules Prompt Using evidence from the scenario, prepare an incident analysis brief for your manager In your brief, you should limit your analysis by selecting one security objective and two Fundamental Security Design Principles from the lists below Security Objective (Choose One) Confidentiality Integrity Availability Fundamental Security Design Principles (Choose Two) Separation (of domains duties) Isolation Encapsulation Modularity Simplicity of design (economy of mechanism) Minimization of implementation (least common mechanism) Open design Complete mediation Layering (defense in depth) Least privilege Fail safe defaults fail secure Least astonishment (psychological acceptability) Minimization of trust surface (reluctance to trust) Usability Trust relationships Specifically, you must address the critical elements listed below Most of the critical elements align with a particular course competency, shown in brackets Scenario Analysis Using your work in the case study analyses (Modules Two through Four) and other course resources as reference, select the security objective you think is most relevant to the organization in the case Describe why the loss of your selected security objective (confidentiality, integrity, or availability) reflects the greatest overall negative impact on the organization Use evidence from the scenario and your coursework to support your selection Summarize the negative impacts on people, processes, and technologies associated with the loss of your selected security objective Recommendations Select two Fundamental Security Design Principles as criteria, and recommend solutions to remedy the loss of the selected security objective based on your assessment of the incident Explain how your solution implements the selected Fundamental Security Design Principles Provide evidence from the scenario and your coursework to support your selections Describe how your solution balances impacts on people, processes, and technologies Explain which aspect of your solution you would recommend to your manager as the most important to the organization Support your response with evidence from the coursework or scenario What to Submit Your submission should be 3 to 5 pages in length (plus a cover page and references) and should be written in APA format Use double spacing, 12 point Times New Roman font, and one inch margins Include at least three references, which should be cited according to APA style Use a file name that includes the course code, the assignment title, and your namefor example, CYB 200 Project Two Neo Anderson docx

The Answer is in the image, click to view ...

Answered step by step

Verified Expert Solution

Link Copied!

Question

1 Approved Answer

Posted on Jun 26, 2024

CYB 200 Project Two Guidelines and Rubric Overview This project is the creation of an incident analysis brief for your manager. Regardless of the level

CYB 200 Project Two Guidelines and Rubric

Overview

This project is the creation of an incident analysis brief for your manager. Regardless of the level of protection and prevention an organization has in place, cybersecurity incidents occur. It is the response to the incident that may make or break an organization. As you progress through your degree, you will build your skills to prepare for all stages of incident response: preparation, detection and analysis, containment, eradication and recovery, and post-incident activity.

A critical aspect of incident response is the ability to use information gained from an incident to improve the organization's security posture. The insight gained helps security professionals develop solutions that reduce the likelihood of similar incidents in the future while balancing the potential negative impacts those solutions will have on the people, processes, and technologies they ultimately affect. In this project, you will examine an incident that has occurred and use the Fundamental Security Design Principles to develop recommendations that will protect the organization in the future.

In this assignment, you will demonstrate your mastery of the following course competency:

Describe fundamental principles of cybersecurity

Scenario

In a course announcement, your instructor will provide you with a scenario on which your work will be based. You will situate yourself as the security analyst in one of the provided scenarios, creating an incident analysis brief that explains to the security/IT director how the Fundamental Security Design Principles can be applied to strengthen the organization's security posture following the incident described in the case. You do not require specific technical information from the system beyond those supplied for you within the scenario. Rather, you should address each critical element in the Project Two prompt, speaking broadly to what your analysis and recommendations would be, based on your research from the course materials collected in previous modules.

Prompt

Using evidence from the scenario, prepare an incident analysis brief for your manager. In your brief, you should limit your analysis by selecting one security objective and two Fundamental Security Design Principles from the lists below.

Security Objective (Choose One):

Confidentiality
Integrity
Availability

Fundamental Security Design Principles (Choose Two):

Separation (of domains/duties)
Isolation
Encapsulation
Modularity
Simplicity of design (economy of mechanism)
Minimization of implementation (least common mechanism)
Open design
Complete mediation
Layering (defense in depth)
Least privilege
Fail-safe defaults/fail secure
Least astonishment (psychological acceptability)
Minimization of trust surface (reluctance to trust)
Usability
Trust relationships

Specifically, you must address the critical elements listed below. Most of the critical elements align with a particular course competency, shown in brackets.

Scenario Analysis: Using your work in the case study analyses (Modules Two through Four) and other course resources as reference, select the security objective you think is most relevant to the organization in the case.
1. Describe why the loss of your selected security objective (confidentiality, integrity, or availability) reflects the greatest overall negative impact on the organization. Use evidence from the scenario and your coursework to support your selection.
2. Summarize the negative impacts on people, processes, and technologies associated with the loss of your selected security objective.
Recommendations: Select two Fundamental Security Design Principles as criteria, and recommend solutions to remedy the loss of the selected security objective based on your assessment of the incident.
1. Explain how your solution implements the selected Fundamental Security Design Principles. Provide evidence from the scenario and your coursework to support your selections.
2. Describe how your solution balances impacts on people, processes, and technologies.
3. Explain which aspect of your solution you would recommend to your manager as the most important to the organization. Support your response with evidence from the coursework or scenario

What to Submit

Your submission should be 3 to 5 pages in length (plus a cover page and references) and should be written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. Include at least three references, which should be cited according to APA style. Use a file name that includes the course code, the assignment title, and your namefor example, CYB_200_Project_Two_Neo_Anderson.docx.