USA: +1(669)289-8683 
Sign in
Overview
One of the three focus projects for this course is the creation of a technical brief based on research you’ve conducted. The audience for this brief is the security/IT director for a fictional organization at which you are employed for the purposes of this assignment. This technical brief will serve as the basis for a proactive adversarial detection plan that your director will be creating. The final product represents an authentic demonstration of competency because, as a security analyst, you will need to be able to develop skills that employ a variety of methods and tools necessary to detect, characterize, and counter cyber threat actors. Your work will contribute to larger team projects across your organization. This project will also help position you to cultivate an important mind-set: thinking responsibly, proactively, and in terms of what threat actors would do to attack organizational assets.
The project incorporates one milestone, which will be submitted in Module Five. The project will be submitted in Module Seven.
In this assignment, you will demonstrate your mastery of the following course competency:
- Develop reliable, ethical methods to detect, characterize, and counter cyber threat actors
Scenario
In a course announcement, your instructor will provide you with some scenarios for you to choose from. You will situate yourself as the security analyst in one of the provided scenarios, creating a technical brief that explains to the security/IT director how the situation informs the larger proactive adversarial detection plan that he or she is writing for the organization. You do not require specific technical information from the system at hand, as the results or determinations are supplied for you within the scenario. Rather, you should address each critical element in the Project Three prompt, speaking broadly to what your best-practice tactics or methods would be, based on your research from the decision aid you completed as the milestone for this project. The Conclusion section of this activity requires you to extrapolate on all the research you have done for the decision aid.
Prompt
In your technical brief, you must address the critical elements listed below.
- IntroductionIdentify your threat actors and characterize their motivations or desired outcomes. Use research from the Project Three resource guide or decision aid to support your response. For example, is the threat actor gathering information for financial gain?
- AnalysisDescribe best practices or methods for detecting the threat actors from the scenario. Use research from the Project Three resource guide or decision aid to support your response.Describe ethical and legal factors that should be considered and their significance in terms of the company for which you are employed in the scenario. Use research from the Project Three resource guide or decision aid to support your response.Describe at least one tactic or method that is important in responding to and countering this threat actor. Use research from the Project Three resource guide or decision aid to support your response.Describe at least one tactic or method that would be employed to reduce the likelihood of the same situation happening again. Use research from the Project Three resource guide or decision aid to support your response.
- ConclusionExplain the potential ramifications of the tactics or methods you have suggested. Use research from the resource guide or decision aid to support your response.
What to Submit
Your submission should be approximately 2 pages in length (plus a cover page and references) and should be written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. Include at least three references, which should be cited according to APA style. Use a file name that includes the course code, the assignment title, and your name—for example, CYB_200_Project_Three_Neo_Anderson.docx.
Project Three Rubric
| Criteria | Exemplary ( | 100% | Proficient (85%) | Needs Improvement (55%) | Not Evident (0%) | Value | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner | Identifies threat actors and characterizes their motivations or desired outcomes, using research from the resource guide or decision aid to support the response | Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail | Does not address critical element, or response is irrelevant | 16 | ||||||||||||||||||||
| Describes best practices or methods for detecting the threat actors, using research from the resource guide or decision aid to support the response | ||||||||||||||||||||||||
| Describes ethical and legal factors that need to be considered and their significance, using research from the resource guide or decision aid to support the response | ||||||||||||||||||||||||
| Describes at least one tactic or method that is important in responding to and countering the threat actor, using research from the resource guide or decision aid to support the response | ||||||||||||||||||||||||
| Describes at least one tactic or method that would be employed to reduce the likelihood of the same situation happening again, using research from the resource guide or decision aid to support the response | ||||||||||||||||||||||||
| Explains the potential ramifications of the tactics or methods suggested, using research from the resource guide or decision aid to support the response | ||||||||||||||||||||||||
| Submission is free of errors related to citations, grammar, spelling, and organization and is presented in a professional and easy-to-read format | Submission has no major errors related to citations, grammar, spelling, or organization | Submission has some errors related to citations, grammar, spelling, or organization that negatively impact readability and articulation of main ideas | Submission has critical errors related to citations, grammar, spelling, or organization that prevent understanding of ideas | 4 | ||||||||||||||||||||
| Total: |
CYB 200 Project Three Scenario One
Your organization, a healthcare firm, has been experiencing some issues with its information systems. As
a new security analyst, you have been tasked with getting the system fully patched and up to date. You
run into a problem with a third-party vendor, Stellar Technologies. Stellar Technologies created and
maintains a software application called MyPatientRecords. The company is owned by the son of the
chief information security officer (CISO) of the healthcare firm at which you are employed. The software
is used as a primary source for all personally identifiable information for all patients. While you are
doing the scheduled patch management of the network, the MyPatientRecords application stops
working due to a software version compatibility issue. As you look into the compatibility issue, you
discover Stellar Technologies has not patched their own software. You know this may lead to a known
vulnerability called TakeMyData, which might allow external entities to gain unauthorized entry into the
information system. When confronted, Stellar Technologies denies the claim. They require a clone of the
system (a complete copy of the application, including all its data) be sent to their facilities so they can do
their own testing on it. When you bring this up to the CISO during your research, he determines that you
should make the clone of the system and provide it to Stellar Technologies, but that it isn’t necessary to
secure any other approvals or notify anyone else about the situation—including anyone in your own
chain of command within the organization—about the situation.
CYB 200 Project Three Scenario Three
You are a student taking classes at your local university, where you are enrolled in a cybersecurity
program. You are anticipating the results of your midterm grade, which your English professor promised
would be posted on their door by noon on Friday. When you check the door you are distraught to see a
generic, printed report from the grading system with the following information for each student:
Name
Student ID
Email address
Social Security number
Home address
List of all the grades to date in the class, including the midterm grades
As a cybersecurity student, you are not happy with this report, and you remove it from the door while
other people are trying to see their grades. You bring the report to the professor and ask them why they
posted so much information. The professor does not see anything wrong with their actions.
