BMIS 664 Information Controls Project Assignment Instructions

Overview

Sophisticated computer network attacks that increase human resources, maintenance, and operation costs prompt the need for more sophisticated security techniques. Without added measures of security, the networks of organizations everywhere will be increasingly susceptible to additional types of attacks. The advancements in technology that enables different methods of attacks require security to be continuously updated as well.

Instructions

Assume that you are the information security officer of a business, and you must evaluate at least four (4) common cyber security threats using a minimum of four (4) IT controls and one (1) IT security framework. Research appropriate frameworks such as COBIT (Control Objectives for Information Technology) and the Committee of Sponsoring Organizations of the Treadway Commission (COSO) that assist with IT controls and their appropriate use to mitigate cyber security threats. Analyze the identified four (4) cyber security threats using the frameworks and four (4) IT controls on at least two (2) different operating systems by emulating their occurrence in a server environment. Use a current operating system designed for ethical hacking. At the time of this writing some examples include Kali Linux, Parrot, and BackBox.

In order to perform this analysis, if you do not have access to two different physical workstations with different operating systems it is recommended you use virtual machines. VMware and Oracle VirtualBox are examples. Search for either and download them free of charge. Subsequently, you can use open source pre-built images or install from the operating system ISO images. For instance, Kali Linux is a popular operating system that has the tools to do this analysis. Search “Kali Linux VirtualBox Image” to find a virtual box image pre-installed with Kali Linux. You can use other open source available operating systems of your choice as the systems in which to perform the testing on using Kali Linux and it’s associated security tools.

Be sure to perform the following:

· A properly formatted APA paper;

· Screenshots with visible OS dates of the network security threat assessments on the two different operating systems, at least one OS being Linux, using relevant security tools on Kali Linux or Linux alternatives;

· An evaluation of at least four (4) different cyber security threats using four (4) unique IT controls;

· Application of appropriate frameworks such as COBIT or COSO;

· An evaluation of the effectiveness of the framework and IT controls in assessing each of the cyber security threats on the two (2) different operating systems;

· Application of four (4) common security tools that can be used to address each of the four (4) different cyber security threats on the two (2) different operating systems;

· An explanation of the advantages and disadvantages of each type analysis performed on the selected threats using Kali Linux or an alternative ethical hacking operating system;

· Hint: Create Microsoft Excel spreadsheets that list the operating system, cyber security threats, frameworks, and IT controls to make relevant and supported comparisons;

· Your project must be a minimum of 1,800 words and must contain at least 7 peer-reviewed sources;

· Before being graded, all code, security tool logs/reports, server logs, access control rules, and diagrams (each) must include screenshots with a valid OS date/timestamp and a unique piece of data that shows completion on the student’s Kali Linux distribution or relevant alternative security OS. Include the screenshots in appendices in your written paper.