1 CYB 200 Project Two Guidelines and Rubric Overview This project is the creation of an incident analysis brief for your manager. Regardless of the level of protection and prevention an organization...

To complete this assignment, review the prompt and grading rubric in theProject Two Guidelines and Rubricdocument. When you have finished your work, submit the assignment here for grading and instructor feedback.For reference, refer to theCIA Triad and Fundamental Security Design Principlesdocument


1 CYB 200 Project Two Guidelines and Rubric Overview This project is the creation of an incident analysis brief for your manager. Regardless of the level of protection and prevention an organization has in place, cybersecurity incidents occur. It is the response to the incident that may make or break an organization. As you progress through your degree, you will build your skills to prepare for all stages of incident response: preparation, detection and analysis, containment, eradication and recovery, and post-incident activity. A critical aspect of incident response is the ability to use information gained from an incident to improve the organization’s security posture. The insight gained helps security professionals develop solutions that reduce the likelihood of similar incidents in the future while balancing the potential negative impacts those solutions will have on the people, processes, and technologies they ultimately affect. In this project, you will examine an incident that has occurred and use the Fundamental Security Design Principles to develop recommendations that will protect the organization in the future. In this assignment, you will demonstrate your mastery of the following course competency:  CYB-200-03: Describe fundamental principles of cybersecurity Scenario In a course announcement, your instructor will provide you with a scenario on which your work will be based. You will situate yourself as the security analyst in one of the provided scenarios, creating an incident analysis brief that explains to the security/IT director how the Fundamental Security Design Principles can be applied to strengthen the organization’s security posture following the incident described in the case. You do not require specific technical information from the system beyond those supplied for you within the scenario. Rather, you should address each critical element in the Project Two prompt, speaking broadly to what your analysis and recommendations would be, based on your research from the course materials collected in previous modules. Prompt Using evidence from the scenario, prepare an incident analysis brief for your manager. In your brief, you should limit your analysis by selecting one security objective and two Fundamental Security Design Principles from the table below. Security Objective (Choose One) Fundamental Security Design Principles (Choose Two)  Confidentiality  Integrity  Availability  Separation (of domains/duties)  Isolation  Encapsulation 2  Modularity  Simplicity of design (economy of mechanism)  Minimization of implementation (least common mechanism)  Open design  Complete mediation  Layering (defense in depth)  Least privilege  Fail-safe defaults/fail secure  Least astonishment (psychological acceptability)  Minimization of trust surface (reluctance to trust)  Usability  Trust relationships Specifically, you must address the critical elements listed below. Most of the critical elements align with a particular course competency, shown in brackets. I. Scenario Analysis: Using your work in the case study analyses (Modules Two through Four) and other course resources as reference, select the security objective you think is most relevant to the organization in the case. A. Describe why the loss of your selected security objective (confidentiality, integrity, or availability) reflects the greatest overall negative impact on the organization. Use evidence from the scenario and your coursework to support your selection. B. Summarize the negative impacts on people, processes, and technologies associated with the loss of your selected security objective. II. Recommendations: Select two Fundamental Security Design Principles as criteria, and recommend solutions to remedy the loss of the selected security objective based on your assessment of the incident. A. Explain how your solution implements the selected Fundamental Security Design Principles. Provide evidence from the scenario and your coursework to support your selections. B. Describe how your solution balances impacts on people, processes, and technologies. C. Explain which aspect of your solution you would recommend to your manager as the most important to the organization. Support your response with evidence from the coursework or scenario. 3 Project Two Rubric Guidelines for Submission: Your submission should be 3 to 5 pages in length (plus a cover page and references) and should be written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. Include at least three references, which should be cited according to APA style. Use a file name that includes the course code, the assignment title, and your name—for example, CYB_200_Project_Two_Neo_Anderson.docx. Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value Scenario Analysis: Greatest Overall Negative Impact [CYB-200-03] Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Describes how the selected security objective is most relevant to the incident’s impact on the organization with evidence from the scenario and coursework to support the selection Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 19 Scenario Analysis: Negative Impacts [CYB-200-03] Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Summarizes the negative impacts on people, processes, and technologies caused by the loss of the selected security objective Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 19 Recommendations: Implementation of Fundamental Security Design Principles [CYB-200-03] Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Explains how the solution reflects the selected Fundamental Security Design Principles with evidence to support the selections Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 19 Recommendations: Balancing Impacts [CYB-200-03] Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Describes how the solution balances impacts on people, processes, and technologies Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 19 Recommendations: Importance to Organization [CYB-200-03] Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Explains which aspect of the solution is most important to the organization with evidence to support the explanation Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 19 4 Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value Articulation of Response Submission is free of errors related to citations, grammar, spelling, and organization and is presented in a professional and easy-to-read format Submission has no major errors related to citations, grammar, spelling, or organization Submission has some errors related to citations, grammar, spelling, or organization that negatively impact readability and articulation of main ideas Submission has critical errors related to citations, grammar, spelling, or organization that prevent understanding of ideas 5 Total 100% CIA Triad and Fundamental Security Design Principles The terms listed below are essential in the field of cybersecurity and will be a topic of conversation and application throughout the program. It is therefore important for you to familiarize yourself with these terms and their definitions. Note that the CIA triad is sometimes referred to as the tenets of cybersecurity. The Fundamental Security Design Principles are sometimes called fundamental design principles, cybersecurity first principles, the cornerstone of cybersecurity, and so on. CIA Triad Information that is secure satisfies three main tenets, or properties, of information. If you can ensure these three tenets, you satisfy the requirements of secure information (Kim & Solomon, 2013).  Confidentiality Only authorized users can view information (Kim & Solomon, 2013).  Integrity Only authorized users can change information (Kim & Solomon, 2013).  Availability Information is accessible by authorized users whenever they request the information (Kim & Solomon, 2013). Fundamental Security Design Principles These principles offer a balance between aspirational (and therefore unobtainable) “perfect security,” and the pragmatic need to get things done. Although each of the principles can powerfully affect security, the principles have their full effect only when used in concert and throughout an organization. These principles are a powerful mental tool for approaching security: one that doesn’t age out of usefulness or apply only to a few specific technologies and contexts; one that can be used for architecture, postmortem analysis, operations, and communication. The principles are ultimately only one piece in the security practitioner’s toolkit, but they are a flexible piece that will serve different roles for different people (Sons, Russell, & Jackson, 2017).  Abstraction Removal of clutter. Only the needed information is provided for an object-oriented mentality. This is a way to allow adversaries to see only a minimal amount of information while securing other aspects of the model (Tjaden, 2015).  Complete Mediation All accesses to objects should be checked to ensure that they are allowed (Bishop, 2003).  Encapsulation The ability to only use a resource as it was designed to be used. This may mean that a piece of equipment is not being used maliciously or in a way that could be detrimental to the overall system (Tjaden, 2015).  Fail-Safe Defaults / Fail Secure The theory that unless a subject is given explicit access to an object, it should be denied access to that object (Bishop, 2003).  Information Hiding Users having an interface to interact with the system behind the scenes. The user should not be worried about the nuts and bolts behind the scenes, only the modes of access presented to them. This topic is also integrated with