Project

You are an enterprise security architect for a company in a semiconductor manufacturing industry where maintaining competitive advantage and protecting intellectual property is vital. You're in charge of security operations and strategic security planning. Your responsibilities include devising the security protocols for identification, access, and authorization management.

You recently implemented cryptography algorithms to protect the information organization. Leadership is pleased with your efforts and would like you to take protection methods even further. They've asked you to study cyber¬attacks against different cryptography mechanisms and deploy access control programs to prevent those types of attacks. We'd like you to create plans for future security technology deployments, says one senior manager. And provide documentation so that others can carry out the deployments.

A director chimes in, but you should also devise a method for ensuring the identification, integrity, and non-repudiation of information in transit at rest and in use within the organization. As the enterprise security architect, you are responsible for providing the following deliverables. Create a network security vulnerability and threat table in which you outline the security architecture of the organization, the cryptographic means of protecting the assets of the organizations, the types of known attacks against those protections, and means to ward off the attacks. This document will help you manage the current configuration of the security architecture.

Create a Common Access Card, CAC deployment strategy, in which you describe the CAC implementation and deployment and encryption methodology for information security professionals. Create an email security strategy in which you provide the public key, private key hashing methodology to determine the best key management system for your organization. These documents will provide a security overview for the leadership in your company.

Encryption uses cryptographic algorithms to obfuscate data. These complex algorithms transform data from human readable plaintext into encrypted cipher text. Encryption uses the principles of substitution and permutation to ensure that data is transformed in a non-deterministic manner by allowing the user to select the password or a key to encrypt a message. The recipient must know the key in order to decrypt the message, translating it back into the human readable plaintext.

There are six steps that will lead you through this project. After beginning with the workplace scenario, continue to Step 1: "IT Systems Architecture."

The deliverables for this project are as follows:

1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format. Page count does not include diagrams or tables. The report must cover the following:
o network security and threat table
o Common Access Card deployment strategy
o e-mail security strategy

2. In a Word document, share your lab experience and provide screenshots to demonstrate that you performed the lab.
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
1.5: Use sentence structure appropriate to the task, message and audience.
1.6: Follow conventions of Standard Written English.
1.7: Create neat and professional looking documents appropriate for the project or presentation.
2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
2.2: Locate and access sufficient information to investigate the issue or problem.
2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
2.4: Consider and analyze information in context to the issue or problem.
3.2: Employ mathematical or statistical operations and data analysis techniques to arrive at a correct or optimal solution.
5.1: Knowledge of procedures, tools, and applications used to keep data or information secure, including public key infrastructure, point-to-point encryption, and smart cards.

Step 1: IT Systems Architecture

You are a senior-level employee and you must tailor your deliverables to suit your audience: the leadership of the organization. You may choose to use a fictitious organization, or model your organization on an existing organization, including proper citations.

Leadership is not familiar with the architecture of the IT systems, nor are they familiar with the types of threats that are likely or the security mechanisms in place to ward off those threats. You will provide this information in tabular format and call it the Network Security and Vulnerability Threat Table. Refer to this threat table template for guidance on creating this document.

Before you begin, select the links below to review some material on information security. These resources will help you complete the network security and vulnerability threat table.
- LAN security
- Availability
Now you're ready to create your table. Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely:
- LAN security
- identity management
- physical security
- personal security
- availability
- privacy

Next, review the different types of cyberattacks described in the following resource: cyberattacks. As you're reading take note of which attacks are most likely to affect your organization. Then list the security defenses you employ in your organization to mitigate these types of attacks. Include this information in your Network Security and Vulnerability Threat Table.

Network Security and Vulnerability Threats Template

You will identify the IT system assets of the system architecture of your organization.These can be fictitious or modeled after existing architectures. Be sure to cite using APA format. You will identify threats and vulnerabilities to IT system assets and the security mechanisms used to address them.

Topic 4: Technological Safeguards

As the Daytona Investment Bank scenario demonstrates, the threat of insider attacks is very real. The bank spent millions of dollars to ensure that its information systems had built-in security controls. However, enforcement of basic security practices-such as not sharing passwords and taking action on system-generated alerts-was weak. Implementing stronger technological safeguards is one way Daytona can overcome its security problems.

Daytona is now considering restricting physical access to mission-critical facilities in its data centers. A plethora of security tools, such as proximity card readers and biometric technologies, are available on the market today, and the senior management team at Daytona is evaluating these tools along three parameters.

Select each tab to learn how that parameter is influencing Daytona's technological safeguard decisions.

Select each image to view an example of an internal threat and an external threat.
- External Threat

- Internal Threat
Threats Originating from Cyberspace
Corporate Web sites and portals, extranets for vendors, and e-commerce sites are just a few tools with which organizations harness the benefits of the Internet.

With the rise in cybercrime, it is critical for organizations with an Internet presence to build a robust security infrastructure to safeguard their IT resources from threats. Contrary to popular belief, not all threats originate from the outside. Threats can and do originate from within the organization itself -in such cases, the Internet is a useful tool for the attack.

Select each image to view an example of an internal threat and an external threat.
- External Threat

- Internal Threat

Step 2: Plan of Protection

Note: You will utilize the tools in Workspace for this step. If you need help outside the classroom, you can register for the CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration information). Primary lab assistance is available from a team of lab assistants. Lab assistants are professionals and are trained to help you.

In this lab exercise, you will learn more about the transmission of files that do not seem suspicious but that actually have embedded malicious payload, undetectable to human hearing or vision. This type of threat can enter your organization's networks and databases undetected through the use of steganography or data hiding. You should include this type of threat vector to an organization in your report to leadership. Research how organizations can monitor, identify and remedy those files with embedded files and data, and provide these as recommendations for your leadership.

You will have to provide the leadership of your organization with your plan for protecting identity, access, authorization and nonrepudiation of information transmission, storage, and usage.

Research scholarly works on nonrepudiation measures and discuss options for protecting the integrity of an organization's information assets, which include files, networks, databases, and e-mail, and include this in your lab report.

Step 3: Data Hiding Technologies
You will describe to your organization the various cryptographic means of protecting its assets. Select the links below to review encryption techniques and encryption technologies, then provide your organization with a brief overview of each.

Encryption Technologies
1. Shift / Caesar cipher
2. Polyalphabetic cipher
3. One time pad cipher/Vernam cipher/perfect cipher
4. Block ciphers
5. triple DES
6. RSA
7. Advanced Encryption Standard (AES)
8. Symmetric encryption
9. Text block coding
Data Hiding Technologies
1. Information hiding and steganography
2. Digital watermarking
3. Masks and filtering
These descriptions will be included in the network security vulnerability and threat table for leadership.

Step 4: Creating the Network Security Vulnerability and Threat Table

Using the information you've gathered from the previous steps, prepare the network security vulnerability and threat table, in which you outline the following:
- security architecture of the organization
- the cryptographic means of protecting the assets of the organization
- the types of known attacks against those types of protections
- means to ward off the attacks
Create your Network Security Vulnerability and Threat Table, and include it in your submission to the organization. Please refer to this threat table template for guidance on creating this document.

Step 5: Access Control Based on Smart Card Strategies

Smart cards use encryption chips to identify the user, their identity, role, and sometimes use their personal identifiable information (PII). Two examples of smart cards are the federal government's use of common access cards (CACs), and the financial sector's use of encryption chips in credit cards.
You have completed your threat table, and you've decided that you want to modernize the access control methods for your organization. To that end, you read the following resources to gather some background information on access control and the various encryption schemas associated with the Common Access Card (CAC):
- Access control
- Common access Card (CAC)
You plan to deploy CAC to the company and you are tasked with devising that CAC deployment strategy, which includes the cryptographic solutions used with the CAC.
In the Common Access Card Deployment Strategy final deliverable, describe how identity management would be a part of your overall security program and your CAC deployment plan:
Create your Common Access Card Deployment Strategy and include it in your submission to the organization.

Step 6: The Email Security Strategy
After completing the CAC, your next step is to build the Secure Email Strategy for the organization. You will present this tool to your leadership.
Provide an overview of the types of public-private key pairing, and show how this provides authentication and nonrepudiation. You will also add hashing, and describe how this added security benefit ensures the integrity of messaging.
Begin preparing your strategy by reviewing the following resources that will aid you in becoming well informed on encryption technologies for e-mail:
- Public Key Infrastructure (PKI)
- iOS encryption
- Blackberry encryption
Then start developing your strategy. Define these strong encryption technologies as general principles in secure email:
Pretty Good Policy (PGP algorithm)
- GNU Privacy Guard (GPG)
- Public Key Infrastructure (PKI)
- Digital signature
- Mobile device encryption (e.g., iOS encryption and Blackberry encryption)
In your report, also consider how the use of smart card readers tied to computer systems might be beneficial in the future enhancements to system and data access protection. This may help you define long-term solutions for your leadership.
Leadership does not know the costs and technical complexity of these email encryption strategies. To further their understanding, compare the complexities of each in relation to the security benefits, and then make a recommendation and a deployment plan.
The deliverables for this project are as follows:
1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format. Page count does not include diagrams or tables. The report must cover the following:
o network security and threat table
o Common Access Card deployment strategy
o e-mail security strategy
2. In a Word document, share your lab experience and provide screenshots to demonstrate that you performed the lab.
Submit your deliverables to the assignment folder.

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.
1.5: Use sentence structure appropriate to the task, message and audience.
1.6: Follow conventions of Standard Written English.
1.7: Create neat and professional looking documents appropriate for the project or presentation.
2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
2.2: Locate and access sufficient information to investigate the issue or problem.
2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
2.4: Consider and analyze information in context to the issue or problem.
3.2: Employ mathematical or statistical operations and data analysis techniques to arrive at a correct or optimal solution.
5.1: Knowledge of procedures, tools, and applications used to keep data or information secure, including public key infrastructure, point-to-point encryption, and smart cards.

Project Instruction-

https://www.dropbox.com/s/y8xxn0ubjhdrsn2/Project%20instruction%20-%2011-7-2017.rar?dl=0