Certification PDF(s) (if you pass Sigstore course, attach separately.) A detailed lab report that should o For Task 2: URL of the GitHub Project you choose, and screenshots of your README.md with Badge showing in the front. o For Task 3: Describe all your efforts on addressing issues highlighted by the Scorecard. And some screenshots showing you have a score increase! o Simply attaching screenshots without any explanation will not receive credits.
Effective communication, mature organizational culture, and collaborative threat intelligence sharing are critical because they determine whether cybersecurity capabilities translate into actual risk reduction or remain siloed technical activities disconnected from business reality. Organizations that fail to bridge the divide between technical and non-technical stakeholders risk making uninformed decisions, misallocating resources, and leaving critical risks invisible to leadership. Communication frameworks that translate technical findings into business impact terms ensure executives understand cybersecurity risks sufficiently to make timely, informed decisions rather than treating security as an IT-only concern.
A strong security culture recognizes that technology alone cannot defend against threats. Employees at all levels must understand their role, demonstrate security-conscious behaviors, and contribute to collective defense. Collaborative threat intelligence sharing enables organizations to benefit from collective knowledge, early warnings, and coordinated responses impossible to achieve in isolation. Together, strategic communication, cultural maturity, and industry collaboration create holistic defenses where people, processes, and partnerships amplify technical controls, building resilient security postures grounded in shared responsibility rather than technology acquisition alone.
Over the past weeks, you have analyzed major cybersecurity challenges through the lens of technical controls, breach timelines, and security architecture. This week, you will shift your focus to examine how effective communication, organizational culture, and collaborative threat intelligence sharing influence an organization’s ability to prevent, detect, and respond to cyber threats.
Your task is to build on your analysis of the cybersecurity incident you chose in the assignments from previous weeks and to analyze how breakdowns in stakeholder communication, gaps in security culture, or failures in threat intelligence collaboration contributed to the security failure. You will then propose strategic improvements that address the human, organizational, and collaborative dimensions of cybersecurity, demonstrating that technical solutions alone are insufficient without effective communication frameworks, mature security culture, and industry collaboration.
Follow these guidelines for the structure of your research paper:
Open and review all tabs below, prior to starting your assignment: Section 1:
Length: 2-3 pages, excluding the title page and references, 12-point standard font (Times New Roman) and in APA format
The paper should be broken down into the following sections (you should have three subsections in your paper with the following subsection titles):
Section 1: Incident Context and Communication/Collaboration Failures (Brief – 20-30% of paper)
Provide a concise overview to establish context for your strategic communication and collaboration analysis:
Incident Response: Briefly describe the organization and industry context, the nature of the security failure and the timeline of key events (1-2 paragraphs)
Organizational Impact: Summarize the consequences across multiple stakeholder groups (1 paragraph):
Key Communication and Collaboration Failures: Identify 2-3 critical failures that enabled or exacerbated the incident (1 paragraph with bullet points), categorized across:
Communication Failures: Technical-to-business translation gaps, siloed information, delayed executive awareness
Culture Failures: Lack of security awareness, unclear roles/responsibilities, insufficient training
Collaboration Failures: Missed threat intelligence, failure to share indicators, inadequate industry coordination
Note: This section should be approximately 250-300 words. Keep it concise and focused on establishing the foundation for your strategic communication and collaboration recommendations.
Section:
Strategic Communication, Culture, and Collaboration Framework (Primary Focus – 70-80% of paper)
This is the core of your assignment. You will analyze how the organization should build effective communication bridges, strengthen cybersecurity culture, and leverage collaborative threat intelligence to address the failures identified in Section 1.
Bridging Technical and Non-Technical Stakeholders (Communication Perspective)
Translation and Contextualization Strategy: Using literature and case studies, analyze documented communication gaps in your selected incident; research established frameworks for translating technical risks into business terms and best practices for stakeholder-appropriate metrics and visualizations.
Stakeholder Engagement Approach: Review published incident reports to identify effective cross-functional decision-making models; examine how leading organizations define cybersecurity roles across departments and documented communication protocols from industry standards.
Validation and Effectiveness Measurement: Research how organizations in case studies measure communication improvement (decision speed, incident coordination); identify measurement frameworks from literature and analyze documented feedback mechanisms successfully implemented.
Building and Measuring Cybersecurity Culture (People and Process Perspective)
Culture Assessment and Gap Analysis: Research existing cybersecurity culture maturity models from academic literature and industry standards; analyze published incident reports identifying culture deficiencies that enabled failures.
Culture Development Initiatives: Examine peer-reviewed studies on effective security awareness programs; research documented leadership-driven culture transformation cases and evidence-based training approaches from published examples.
Measurement and Reinforcement: Review literature on cybersecurity culture metrics and KPIs; research documented recognition/accountability systems from case studies and published continuous improvement frameworks.
Threat Intelligence Sharing Analysis and Trust Framework: Research whether threat indicators related to your incident appeared in public ISAC bulletins or CISA alerts; analyze literature on sharing barriers and review published trust frameworks including TLP implementation guides.
Operational Integration of Shared Intelligence: Research technical documentation on SIEM integration with threat feeds (STIX/TAXII); examine published examples of translating threat intelligence into operational actions and reciprocity models.
Public-Private Partnership Engagement: Research sector-specific ISAC structure and benefits through published materials; examine CISA/ENISA resources and frameworks; analyze published reports on CTA, GCA platforms and their documented successes.
Conclusion: Summarize the key findings of your research.
References: Cite all references using APA style. You need to use at least three recent, credible references.
I am looking for someone with strong experience in Digital Forensics and Incident Response (DFIR), specifically using Velociraptor and Splunk, to help complete a cumulative lab assignment.
IMPORTANT: You do NOT need to complete all questions.
The assignment requires:
Selecting a minimum of FOUR (4) questions from Part 1 (Velociraptor)
Selecting a minimum of THREE (3) questions from Part 2 (Splunk)
You may choose the easiest or most efficient questions, but they must be completed correctly.
The lab is hands-on and requires actual execution (not just written answers).
Tasks include:
Working with Velociraptor (client/server setup, VQL queries, hunts, artifacts)
Writing and executing VQL queries (e.g., pslist, filtering, regex)
Performing hunts and remote command execution
Collecting forensic artifacts from endpoints
Installing and configuring Splunk and Universal Forwarder
Running SPL queries (rex, stats, timechart, etc.)
Analyzing logs (EventCode 4104, 4688)
Working with datasets such as BOTSv3
VERY IMPORTANT: The assignment requires:
Screenshots of all results (Velociraptor interface, Splunk dashboards, queries, outputs)
Clear visibility of commands and outputs in screenshots
Correct queries used (VQL and SPL)
Short written explanations for each question
This is a practical lab assignment, so everything must be properly executed and documented with screenshots as proof.
Requirements:
Experience with Velociraptor and Splunk
Knowledge of DFIR workflows
Ability to follow instructions carefully
Must provide clean, accurate, and well-organized answers
Please only apply if you have done similar cybersecurity labs before.
Introduction You will be doing a site assessment and design proposal for a wireless installation at a virtual site. This project will be done as an individual. Case Study The Building A company, MyCo, has rented a two-floor office space in a commercial/industrial area measuring 132’x78′. The facility is located in Lake County, Illinois. The space is broken up into fixed wall offices and cubicles. The internal structure consists of 15′ ceilings, with a suspended ceiling dropping down to 12′ leaving a 3′ plenum above the suspension system. We have Armstrong Cortega Second Look tiles in an Armstrong Prelude XL Fireguard system. The tiles are wet-formed mineral fiber with an insulation R-factor of 1.6 and an energy absorption of 0.28 watts/sqm. The grid uses a 15/16 T-rail suspended from the support structure at 4 increments. It can support 42lbs in its current configuration per 4 segment after taking into consideration the tile and structure weight. The T-rail is recessed 1/4 into the tile. The cubicles are selected from the Allsteel Concensys system. They are a combination of steel frames, laminate and composite horizontal surfaces and fabric covered vertical surfaces. There are small 2×2 whiteboards in use throughout the cubical areas. These are aluminum backed board with a laminate coating. The plenum space contains a combination of flexible and non-flexible ductwork as well as a sprinkler system. It is an active plenum so all components installed in this space need to be plenum-rated. Fluorescent tube lighting fixtures are situated in regular patterns throughout the space. Ceiling tiles are replaced with 2×4 fixtures leveraging electronic ballasts fed with 240vac power. Exterior-facing windows and doors meet energy star requirements for this area. They take advantage of low-e glass, triple pane with argon fills. Interior glass is not filmed but is tempered per local building code. Interior doors are hollow core with no metal reinforcement. The interior walls are constructed using type-C gypsum board. They are fixed to steel studs 16 on-center. Window and door casings interior to the building are painted steel. Floors are constructed of pre-cast/pre-stressed flexicore concrete panels. The concrete panels are 12 thick. Functional Requirements The staff require wireless service throughout the building, but special care must be taken to cover the meeting and break rooms as these are concentrated areas of mobile users. The staff request no less than 802.11ac wave 2 infrastructure be installed. Many users will likely give up their wired connections and leverage the convenience of the new wireless network, so planning for capacity and density over simply coverage would be advantageous. You will have to carefully balance the coverage and AP density dynamics. There are currently 185 users within the space at any given time. We expect this to grow to roughly 250 users within three years. Each user can be assumed to have 2.2 devices, a mix of corporate and BYOD (e.g., company-issued laptop, personal phone and many will have another device). Deliverables You will need to provide markups of the provided drawing to show AP placement and coverage, channel designations on a per-AP basis, etc. Furthermore, all equipment used (APs, antennas, cables, controllers etc.) will need to be documented as a total solution to the sites request. All of this information must be included in a single cohesive document. It must be delivered electronically in a format of your choosing via the Sakai assignment tool. All deliverables must be provided no later than 11pm CDT on Thursday, April 9, 2025. Grading Grading will be as follows: 50pts – Floor one layout, including channels (2.4GHz, 5GHz, and 6GHz if appropriate) 50pts – Floor two layout, including channels (2.4GHz, 5GHz, and 6GHz if appropriate) 50pts – Hardware selections (APs, antennas, cables, controllers, etc.) 150pts total
Vendor Evaluation, Validation, and Optimization (IE Assessment)
Effective communication, mature organizational culture, and collaborative threat intelligence sharing are critical because they determine whether cybersecurity capabilities translate into actual risk reduction or remain siloed technical activities disconnected from business reality. Organizations that fail to bridge the divide between technical and non-technical stakeholders risk making uninformed decisions, misallocating resources, and leaving critical risks invisible to leadership. Communication frameworks that translate technical findings into business impact terms ensure executives understand cybersecurity risks sufficiently to make timely, informed decisions rather than treating security as an IT-only concern.
A strong security culture recognizes that technology alone cannot defend against threats. Employees at all levels must understand their role, demonstrate security-conscious behaviors, and contribute to collective defense. Collaborative threat intelligence sharing enables organizations to benefit from collective knowledge, early warnings, and coordinated responses impossible to achieve in isolation. Together, strategic communication, cultural maturity, and industry collaboration create holistic defenses where people, processes, and partnerships amplify technical controls, building resilient security postures grounded in shared responsibility rather than technology acquisition alone.
Over the past weeks, you have analyzed major cybersecurity challenges through the lens of technical controls, breach timelines, and security architecture. This week, you will shift your focus to examine how effective communication, organizational culture, and collaborative threat intelligence sharing influence an organization’s ability to prevent, detect, and respond to cyber threats.
Your task is to build on your analysis of the cybersecurity incident you chose in the assignments from previous weeks and to analyze how breakdowns in stakeholder communication, gaps in security culture, or failures in threat intelligence collaboration contributed to the security failure. You will then propose strategic improvements that address the human, organizational, and collaborative dimensions of cybersecurity, demonstrating that technical solutions alone are insufficient without effective communication frameworks, mature security culture, and industry collaboration.
Follow these guidelines for the structure of your research paper:
Open and review all tabs below, prior to starting your assignment: Section 1:
Length: 2-3 pages, excluding the title page and references, 12-point standard font (Times New Roman) and in APA format
The paper should be broken down into the following sections (you should have three subsections in your paper with the following subsection titles):
Section 1: Incident Context and Communication/Collaboration Failures (Brief – 20-30% of paper)
Provide a concise overview to establish context for your strategic communication and collaboration analysis:
Incident Response: Briefly describe the organization and industry context, the nature of the security failure and the timeline of key events (1-2 paragraphs)
Organizational Impact: Summarize the consequences across multiple stakeholder groups (1 paragraph):
Key Communication and Collaboration Failures: Identify 2-3 critical failures that enabled or exacerbated the incident (1 paragraph with bullet points), categorized across:
Communication Failures: Technical-to-business translation gaps, siloed information, delayed executive awareness
Culture Failures: Lack of security awareness, unclear roles/responsibilities, insufficient training
Collaboration Failures: Missed threat intelligence, failure to share indicators, inadequate industry coordination
Note: This section should be approximately 250-300 words. Keep it concise and focused on establishing the foundation for your strategic communication and collaboration recommendations.
Section:
Strategic Communication, Culture, and Collaboration Framework (Primary Focus – 70-80% of paper)
This is the core of your assignment. You will analyze how the organization should build effective communication bridges, strengthen cybersecurity culture, and leverage collaborative threat intelligence to address the failures identified in Section 1.
Bridging Technical and Non-Technical Stakeholders (Communication Perspective)
Translation and Contextualization Strategy: Using literature and case studies, analyze documented communication gaps in your selected incident; research established frameworks for translating technical risks into business terms and best practices for stakeholder-appropriate metrics and visualizations.
Stakeholder Engagement Approach: Review published incident reports to identify effective cross-functional decision-making models; examine how leading organizations define cybersecurity roles across departments and documented communication protocols from industry standards.
Validation and Effectiveness Measurement: Research how organizations in case studies measure communication improvement (decision speed, incident coordination); identify measurement frameworks from literature and analyze documented feedback mechanisms successfully implemented.
Building and Measuring Cybersecurity Culture (People and Process Perspective)
Culture Assessment and Gap Analysis: Research existing cybersecurity culture maturity models from academic literature and industry standards; analyze published incident reports identifying culture deficiencies that enabled failures.
Culture Development Initiatives: Examine peer-reviewed studies on effective security awareness programs; research documented leadership-driven culture transformation cases and evidence-based training approaches from published examples.
Measurement and Reinforcement: Review literature on cybersecurity culture metrics and KPIs; research documented recognition/accountability systems from case studies and published continuous improvement frameworks.
Threat Intelligence Sharing Analysis and Trust Framework: Research whether threat indicators related to your incident appeared in public ISAC bulletins or CISA alerts; analyze literature on sharing barriers and review published trust frameworks including TLP implementation guides.
Operational Integration of Shared Intelligence: Research technical documentation on SIEM integration with threat feeds (STIX/TAXII); examine published examples of translating threat intelligence into operational actions and reciprocity models.
Public-Private Partnership Engagement: Research sector-specific ISAC structure and benefits through published materials; examine CISA/ENISA resources and frameworks; analyze published reports on CTA, GCA platforms and their documented successes.
Conclusion: Summarize the key findings of your research.
References: Cite all references using APA style. You need to use at least three recent, credible references.
Introduction You will be doing a site assessment and design proposal for a wireless installation at a virtual site. This project will be done as an individual. Case Study The Building A company, MyCo, has rented a two-floor office space in a commercial/industrial area measuring 132’x78′. The facility is located in Lake County, Illinois. The space is broken up into fixed wall offices and cubicles. The internal structure consists of 15′ ceilings, with a suspended ceiling dropping down to 12′ leaving a 3′ plenum above the suspension system. We have Armstrong Cortega Second Look tiles in an Armstrong Prelude XL Fireguard system. The tiles are wet-formed mineral fiber with an insulation R-factor of 1.6 and an energy absorption of 0.28 watts/sqm. The grid uses a 15/16 T-rail suspended from the support structure at 4 increments. It can support 42lbs in its current configuration per 4 segment after taking into consideration the tile and structure weight. The T-rail is recessed 1/4 into the tile. The cubicles are selected from the Allsteel Concensys system. They are a combination of steel frames, laminate and composite horizontal surfaces and fabric covered vertical surfaces. There are small 2×2 whiteboards in use throughout the cubical areas. These are aluminum backed board with a laminate coating. The plenum space contains a combination of flexible and non-flexible ductwork as well as a sprinkler system. It is an active plenum so all components installed in this space need to be plenum-rated. Fluorescent tube lighting fixtures are situated in regular patterns throughout the space. Ceiling tiles are replaced with 2×4 fixtures leveraging electronic ballasts fed with 240vac power. Exterior-facing windows and doors meet energy star requirements for this area. They take advantage of low-e glass, triple pane with argon fills. Interior glass is not filmed but is tempered per local building code. Interior doors are hollow core with no metal reinforcement. The interior walls are constructed using type-C gypsum board. They are fixed to steel studs 16 on-center. Window and door casings interior to the building are painted steel. Floors are constructed of pre-cast/pre-stressed flexicore concrete panels. The concrete panels are 12 thick. Functional Requirements The staff require wireless service throughout the building, but special care must be taken to cover the meeting and break rooms as these are concentrated areas of mobile users. The staff request no less than 802.11ac wave 2 infrastructure be installed. Many users will likely give up their wired connections and leverage the convenience of the new wireless network, so planning for capacity and density over simply coverage would be advantageous. You will have to carefully balance the coverage and AP density dynamics. There are currently 185 users within the space at any given time. We expect this to grow to roughly 250 users within three years. Each user can be assumed to have 2.2 devices, a mix of corporate and BYOD (e.g., company-issued laptop, personal phone and many will have another device). Deliverables You will need to provide markups of the provided drawing to show AP placement and coverage, channel designations on a per-AP basis, etc. Furthermore, all equipment used (APs, antennas, cables, controllers etc.) will need to be documented as a total solution to the sites request. All of this information must be included in a single cohesive document. It must be delivered electronically in a format of your choosing via the Sakai assignment tool. All deliverables must be provided no later than 11pm CDT on Thursday, April 9, 2025. Grading Grading will be as follows: 50pts – Floor one layout, including channels (2.4GHz, 5GHz, and 6GHz if appropriate) 50pts – Floor two layout, including channels (2.4GHz, 5GHz, and 6GHz if appropriate) 50pts – Hardware selections (APs, antennas, cables, controllers, etc.) 150pts total
Working for a company that performs investigations for the government makes you more prone to receiving malicious emails. You have been personally receiving a lot of malicious emails over the last few weeks. You have decided to perform a forensic investigation into a subset of questionable emails you have received to see if there is a trend or larger attack occurring.
Complete the following steps:
Select at least 10 emails to investigate. If you can safely examine them, try to include spam folder emails. For this assignment, you should consider these to be the selected questionable emails.
Acquire the following information from the headers for all emails being investigating:
Received headers
Return path
Recipients email address
IP address of sending server
Date and time email was sent
Validate email addresses for all emails. One possible tool you can use is Email Dossier from CentralOps.net.
Examine the originating IP address.
Validate email header information and email origin, when possible.
Determine, when possible, if email was sent from an installed email program or through web-based email.
Examine email log files, if possible and if necessary.
Determine if the emails are malicious and if there is a trend or larger attack occurring.
Document your investigation in a 1- to 2-page report.
provide multiple zero trust architecture and NIST CSF 2.0 framework implementation examples based on the above reference architecture diagram and present them in a security architecture implementation plan. Recall that key components of implementing a zero trust architecture include: