CYB 320 Project One Guidelines and Rubric
Description
Having Trouble Meeting Your Deadline?
Get your assignment on CYB 320 Project One Guidelines and Rubric completed on time. avoid delay and – ORDER NOW
Incident Response and Recovery Recommendations
Overview
In the cybersecurity industry, the likelihood of something going wrong is a certainty. Its not if you will experience an incident, but when. To be prepared, organizations create incident response plans, business continuity plans, and disaster recovery plans. As an analyst, you will be asked to review and update these plans based on your expertise with the organizations assets and how they function as a system. Its your charge to use your proactive mindset to anticipate problems that dont exist yet and have plans to remediate and respond to them. These plans need to be living documents; they are not something that can be created and not touched until you have a problem. Given the critical nature surrounding issues related to business continuity and disaster recovery, the more you practice responding to incidents, the better prepared you will be when time-sensitive issues arise. It is always the goal to return to normal business operations after an incident; however, it is also important to understand and set expectations that it is very likely you will not be able to get your organization back to 100% whole.
In this project, you will experience a malware attack to practice managing an incident in real time. This project will leverage what you have learned throughout your degree program in terms of network defense and security strategies. You will need to look at an organization as a whole to defend against potential problems.
The project incorporates three stepping stones, which will be submitted in Modules Two, Three, and Four. The project will be submitted in Module Six.
In this assignment, you will demonstrate your mastery of the following competencies:
- Manage and resolve a cybersecurity incident
- Design business continuity and disaster recovery strategies based on organizational requirements
Scenario
The organizations help desk gets a call from a user in the Finance department. The user says that they cannot open one of the critical files needed to do the organizational financials. Once at the users desk, the help desk technician sees that there is a message on the screen saying that files have been encrypted. The help desk technician, unsure of what to do next, calls you, the cybersecurity analyst. As the help desk technician is talking to you on the phone, the Finance department manager is being notified as well. You walk to the Finance department, look at the computer screen, and realize the user has been infected with ransomware.
You quickly call your manager and let them know what is happening. After the phone call, you start searching the internet to see if there is a publicly available solution (key) to unencrypt the files. You do have the option of paying the ransom; however, this is not the ideal solution, and it requires executive assistance. Also, you have the option of restoring from backup since the backups are stored locally. Cumulative backups are performed once a month. However, you are not sure which departments, other than Finance, have been affected. Similarly, a couple of departments were designed to be segmented off the network, but it was discovered that they were not.
Prompt
For the scenario above, you must address the critical elements listed below. The codes shown in brackets indicate the competency to which each critical element is aligned.
- During the Incident
- Managing the Incident
- Identify the potential assets (e.g., single assets, groups of assets, and/or systems of assets) affected by the incident.
- Explain potential methods you would use to contain the incident.
- Explain potential steps for remediation of the incident.
- Recommend potential strategies to minimize the possibility of this type of incident reoccurring in the future.
- Business Continuity
- Recommend a potential strategy for maintaining normal business operations during the recovery process.
- Managing the Incident
- Post Incident: Disaster Recovery
- Describe how failover could benefit the organization and explain how it would affect the people, process, and technology aspects of the disaster recovery plan.
- Propose an update to the backup strategy and explain how it would affect the people, process, and technology aspects of the disaster recovery plan.
What to Submit
Your submission should be 3 to 5 pages in length. Use double spacing, 12-point Times New Roman font, and one-inch margins. Any references should be cited according to APA style. Use a file name that includes the course code, the assignment title, and your namefor example, CYB_123_Assignment_Firstname_Lastname.docx.
Project One Rubric
| Criteria | Exemplary (100%) | Proficient (85%) | Needs Improvement (55%) | Not Evident (0%) | Value |
|---|---|---|---|---|---|
| During the Incident: Managing the Incident: Assets | Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner | Identifies the potential assets affected by the incident | Addresses Proficient criteria, but there are gaps in clarity, logic, or detail | Does not address critical element, or response is irrelevant | 13 |
| During the Incident: Managing the Incident: Contain | Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner | Explains potential methods used to contain the incident | Addresses Proficient criteria, but there are gaps in clarity, logic, or detail | Does not address critical element, or response is irrelevant | 13 |
| During the Incident: Managing the Incident: Remediation | Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner | Explains potential steps for remediation of the incident | Addresses Proficient criteria, but there are gaps in clarity, logic, or detail | Does not address critical element, or response is irrelevant | 13 |
| During the Incident: Managing the Incident: Minimize | Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner | Recommends potential strategies to minimize the possibility of this type of incident reoccurring in the future | Addresses Proficient criteria, but there are gaps in clarity, logic, or detail | Does not address critical element, or response is irrelevant | 13 |
| During the Incident: Business Continuity: Normal Business Operations | Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner | Recommends a strategy for maintaining normal business operations during the recovery process | Addresses Proficient criteria, but there are gaps in clarity, logic, or detail | Does not address critical element, or response is irrelevant | 13 |
| Post Incident: Disaster Recovery: Failover | Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner | Describes how failover could benefit the organization and explains how it would affect the people, process, and technology aspects of the disaster recovery plan | Addresses Proficient criteria, but there are gaps in clarity, logic, or detail | Does not address critical element, or response is irrelevant | 13 |
| Post Incident: Disaster Recovery: Backup Strategy | Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner | Proposes an update to the backup strategy and explains how it would affect the people, process, and technology aspects of the disaster recovery plan | Addresses Proficient criteria, but there are gaps in clarity, logic, or detail | Does not address critical element, or response is irrelevant | 13 |
| Articulation of Response | Submission is free of errors related to citations, grammar, spelling, and organization and is presented in a professional and easy-to-read format | Submission has no major errors related to citations, grammar, spelling, or organization | Submission has some errors related to citations, grammar, spelling, or organization that negatively impact readability and articulation of main ideas | Submission has critical errors related to citations, grammar, spelling, or organization that prevent understanding of ideas | 9 |
| Total: | 100% | ||||
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Order Now and we will direct you to our Order Page at Litessays. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.