Data Loss Prevention
Wonderful news. The executive team of your media company has recognized the importance of cybersecurity and has promoted everyone in your group into the role of a chief information security officer, or CISO, for your respective subsidiary.
The company's executive leadership team has tasked your team to plan the future of mass connectivity and data loss prevention technology for the company. You and your teammates will compile a technology strategy plan for incorporating IP v-6, internet of things, IoT, and data loss prevention techniques. Specifically, Block Chain, tokenization, data masking, data obfuscation, and other similar emerging technologies.
You will present this future technology roadmap and vision to the executive leadership. Your team will have about five members. In addition to the future technology roadmap and vision, your team will prepare a future view of the data flow of your enterprise network.
Your team discussions should be guided by your learning achieved through the other projects in this course. Your team will compile all the information into one cohesive report-- the strategic technology plan for data loss prevention-- to be presented to the executive team. Your team will also prepare an executive presentation explaining the highlights of your team's plan.
The world of technology is changing at an unprecedented pace, and these changes represent business opportunities as well as challenges.
Mass connectivity and faster speeds create opportunities for businesses to network more devices, complete more transactions, and enhance transaction quality. Internet Protocol version 6 (IPv6) and Internet of things (IoT) are two such technologies that represent significant opportunities for strategic cybersecurity technology professionals to create lasting value for their organizations.
IoT is the phenomenon of connecting devices used in everyday life. It provides an interactive environment of human users and a myriad of devices in a global information highway, always on and always able to provide information. IoT connections happen among many types of devices - sensors, embedded technologies, machines, appliances, smart phones - all connected through wired and wireless networks.
Cloud architectures such as software as a service have allowed for big data analytics and improved areas such as automated manufacturing. Data and real-time analytics are now available to workers through wearables and mobile devices.
Such pervasive proliferation of IoT devices gives hackers avenues to gain access to personal data and financial information and increases the complexity of data protection. Given the increased risks of data breaches, newer techniques in data loss prevention should be examined.
Increased bandwidth and increased levels of interconnectivity have allowed data to become dispersed, creating issues for big data integrity. In such a world, even the financial transactions of the future are likely to be different - Bitcoin and digital currency may replace a large portion of future financial transactions.
To survive and thrive, organizational technology strategists must develop appropriate technology road maps. These strategists must consider appropriate function, protection, and tamper-proofing of these new communications and transactions.
It will be impossible to protect data by merely concentrating on protecting repositories such as networks or endpoints. Cybersecurity strategists have to concentrate on protecting the data themselves. They will need to ensure that the data are protected no matter where they reside.
In this project, you will work with team members to compile a technology strategy plan for your organization to protect data throughout the company. This project will take about two weeks to complete. There are 10 steps in the project, which will include a 12- to 15-page report, slide presentation, and lab report. The details can be found in the project's final step. First, begin with the project scenario below, and then move to Step 1, where you will be assigned roles within your team and sign the team project charter.
Note: You need to do only below parts
Step 8: Finalize the Report
Now that the various parts of your Cybersecurity Technology Strategic Plan have been addressed and developed, you and your team members must compile, review, edit, and proofread all parts of the plan as a team and determine if there are any other challenges to address.
Consider the following:
- Have you missed discussing some key impact to the organization and its network infrastructure?
- In the future, what will the organization need to do to meet its goals and objectives?
- How will your organization ensure continuous improvement?
- Are there any roadblocks?
- How can they be overcome?
Your plan should be about 12 to 15 double-spaced pages, submitted as a Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. There is no penalty for using additional pages. Include a minimum of six references. Include a reference list in your plan.
Provide a one-page executive summary at the beginning of the paper.
In the next step, you and your team members will work on the team presentation.
Include the consolidated lab report in your plan.
When this step is complete, move on to the next step, where as part of the Strategic Technology Plan for Data Loss Prevention, you will include a section that will include "people" issues, including personnel and training to consider.
Lab
The lab portion that needs to be finish. Part 2 of the lab, You need to redo the following Files Modicon.pcap and WinXp.pcap on the Excel doc. And provide all relative information on the Excel Doc. Take screen shots of wiresharkpacket of these two file and write a one page report. In the report label the screen figure 1,2 ect. Follow the lab instruction Group 2. Once this is done write a consolidated lab report of all the files in group 2 using the completed excel doc.that will be added to the plan.
This address will provide you with thewireshark files for the lab they are the same as the ones in the lab instructions. You need to download Wireshark.
1. Redo Modicon.pcap and WinXp.pcap on Excel doc. Provided.
2. Write a one page lab report of files Modicon.pcap and WinXp..pcap include screen shots.
3. Write a one consolidated lab report of all files in group 2using the excel doc.
File Name File Size Description Advantech.pcap 39K Advantech PLC BACnet_FIU.pcap 10M BACnet Internet BACnet_Host.pcap 2M BACnet Corporate Zone MicroLogix56.pcap 10M MicroLogix Modicon.pcap 863K Modicon PLC WinXP.pcap 3M Windows XP iFix_Client86.pcap 965K iFix Client iFix_Server119.pcap 13M iFix Server
You also need to complete the ppt slides 3,4,10,13 completed.
- Selecting Devices & Technology
- Goals & Objectives
- Data Flow Diagram
- Summary
The report is include so as to know what to put in the PPT slides.
The lab report, you should answer the following questions related to the IoT and SCADA PCAP files that you analyzed:
• Which PCAP file is each Wireshark captured data transaction referenced in?
• What IP addresses are communicating with one another?
• Can you determine what type of devices are represented by the different IP addresses?
• What potential vulnerabilities did you find, related to specific devices at IP addresses?
• Does your team have suggestions for enhancing the security of any devices you noted with potential vulnerabilities?
• What IP addresses outside of the IP address domain of the IoT or SCADA device did you find (external Internet references)?
• Using a reverse DNS lookup on the Internet from your private machine (such as the site http://remote.12dt.com/lookup.php), see if you can determine the Domain Name Service (DNS) URL name for the IP addresses in this lab.
For Part 2 of the lab on SCADA devices, the lab environments consist of the following topologies:
The topology of the network for the Group 1 SCADA files, along with the IP addresses of the devices, can be found at http://www.netresec.com/?page=PCAP4SICS
The network topology of the Group 2 SCADA files and associated devices information can be found at http://www.digitalbond.com/s4/s4x15-week/s4x15-ics-village/
As you investigate the PCAP files provided, you might want to reference the above web pages for more information on the setup of the equipment and network from which the Wireshark packet captures were collected.
Again, as mentioned in a prior section, your tasks for both the IoT and SCADA PCAP captured files is to try to determine if any intelligible, plaintext information can be discerned which could be exploited by man-in-the-middle attacks, replay attacks, or spoofing and hi-jacking of data sessions; or, exposure of sensitive information in transmissions (which might be commands for devices). In your report, remember to make suggestions for how your team would advise in enhancing the security to mitigate any security weaknesses you find.
Attachment:- Lab.rar