Category: Cyber Security

You have been hired as a consultant to evaluate a medium-sized financial services company’s network architecture. The company has experienced significant growth and is concerned about both performance bottlenecks and security vulnerabilities. Currently, they operate a primarily flat network with basic segmentation between client-facing and internal systems.

The company’s IT director has shared the following concerns:

• Network traffic congestion during peak business hours
• Difficulty implementing consistent security policies across departments
• Challenges in meeting compliance requirements for financial data protection
• Limited visibility into network traffic patterns and potential threats
• Concerns about the network’s ability to scale with continued business growth

Discussion Questions:

1. What architectural changes would you recommend to balance performance, scalability, and security needs? Consider specific network segmentation strategies, security frameworks, and infrastructure components that would address the company’s concerns.
2. How would you prioritize these recommendations based on the specific financial industry requirements? Think about regulatory compliance, data protection standards, and business continuity needs that are critical in financial services.
3. .What potential challenges or trade-offs might arise when implementing these changes, and how would you address them? Consider factors such as implementation costs, staff training requirements, and potential disruption to business operations.

1. (250 words) addressing all three discussion questions
2. Demonstrates clear understanding of network architecture principles
3. Shows consideration of financial industry requirements and constraints
4. Uses appropriate technical terminology and concept

see rubric please

see rubric plz

Imagine you work for a 60-employee company that performs forensic investigations of employees’ use of company equipment (usually computers and mobile devices). The company has seven different U.S. federal agencies as its only clients and generally works directly with their human resources department. Many of these agencies must complete annual risk assessments of their IT infrastructure and will investigate random employees every year. They will also investigate employees that they think might be misusing organizational resources. You work in their IT department with three other individuals (IT department head, hardware specialist, and software specialist). You mainly work on risk assessments and educating the company employees on how to keep the IT systems safe. You also serve as the incident response manager.

One major risk you have been worried about is malware. It can be embedded in almost any file, from a photo to a PDF document, and has caused IT issues a few times this year. While it is important for forensic investigators to be able to search for malware within a file using the latest forensic techniques, it is also important for your forensic investigators not to infect your companys computers when they are investigating malware.

You have decided to conduct a malware investigation safely and share the results with your companys investigators.

Complete the following steps:

1. Select a PDF file, a Microsoft Office file, and a third file of your choosing that is not a PDF or Microsoft Office file
2. Identify static malware analysis software tools you will need and install them, if needed. You can use online tools such as malwaretracker.com, malwr.com, or virustotal.com.
3. Identify safety precautions you need to take to keep your computer free from malware
4. For this assignment, you will consider the files as having a high risk of containing malware. Perform static analysis on the file that should include the following steps:
5. Search for hidden code or programs.
6. Search for PE headers.
7. Search for potentially malicious strings.
8. Search for linked libraries.
9. When relevant, review or disassemble the code.

Write a 1- to 2-page report on the potential risk of malware in the three files and how the investigators should handle malware when investigating it. Your report should do the following:

• Document the important aspects of output from any software used.
• Document all suspicious elements of the file and any suspicious aspects of the code, which could include DLLs, packages, or strings.
• Describe each files risk level for containing malware.
• Describe how you were able to perform the malware investigation while minimizing the risk of infecting company computers.
• Recommend steps investigators should take to reduce the risk of malware exposure at the company.

when a computer is connected with outside would through a public network like internet important using. in cyber safety & security.

Analyzing and Comparing Cybersecurity Risk Management Approaches in Business

This assignment challenges you to critically examine different risk management approaches-such as qualitative, quantitative, and scenario-based-and compare their effectiveness, practicality, and impact within a real or hypothetical business context.

Instructions

1. Select a Business Context

• Choose a real company (e.g., a Saudi bank, healthcare provider, or e-commerce firm other than Saudi Aramco) or create a hypothetical organization. Briefly describe its core business, digital assets, and key cybersecurity concerns.

1. Identify and Assess Risks

• List at least three significant cybersecurity risks relevant to your chosen business.
• For each risk, perform a qualitative assessment (e.g., high/medium/low impact and likelihood) and a quantitative assessment (e.g., estimate potential financial loss using available data or reasonable assumptions).

1. Compare Risk Management Approaches

• Analyze how qualitative, quantitative, and scenario-based risk assessments would influence the organizations decision-making and prioritization of controls.
• Discuss the advantages and limitations of each approach in your selected context (e.g., speed, accuracy, data requirements, business relevance).

1. Apply Risk Treatment Strategies

• For each risk, recommend a treatment strategy (avoidance, mitigation, transference, or acceptance) and justify your choice based on business objectives, risk appetite, and resource constraints.
• Consider how continuous feedback and monitoring would affect

This assignment will help you develop the analytical and evaluative skills essential for effective cybersecurity risk management in real-world business environments.

Provide information from your readings to support your statements.

Your well-written paper should meet the following requirements:

• Four to five pages, not including the title and reference pages.
• You should include two external references in addition to the textbook.
• Your paper must follow Saudi Electronic University academic writing standards and APA style guidelines, citing references as appropriate.
• You are strongly encouraged to submit all assignments to the Turnitin Originality Check before submitting them to your instructor for grading. If you are unsure how to submit an assignment to the originality check tool, review the Turnitin Originality Check Student Guide.

Analyzing and Comparing Cybersecurity Risk Management Approaches in Business

This assignment challenges you to critically examine different risk management approaches-such as qualitative, quantitative, and scenario-based-and compare their effectiveness, practicality, and impact within a real or hypothetical business context.

Instructions

1. Select a Business Context

• Choose a real company (e.g., a Saudi bank, healthcare provider, or e-commerce firm other than Saudi Aramco) or create a hypothetical organization. Briefly describe its core business, digital assets, and key cybersecurity concerns.

1. Identify and Assess Risks

• List at least three significant cybersecurity risks relevant to your chosen business.
• For each risk, perform a qualitative assessment (e.g., high/medium/low impact and likelihood) and a quantitative assessment (e.g., estimate potential financial loss using available data or reasonable assumptions).

1. Compare Risk Management Approaches

• Analyze how qualitative, quantitative, and scenario-based risk assessments would influence the organizations decision-making and prioritization of controls.
• Discuss the advantages and limitations of each approach in your selected context (e.g., speed, accuracy, data requirements, business relevance).

1. Apply Risk Treatment Strategies

• For each risk, recommend a treatment strategy (avoidance, mitigation, transference, or acceptance) and justify your choice based on business objectives, risk appetite, and resource constraints.
• Consider how continuous feedback and monitoring would affect

This assignment will help you develop the analytical and evaluative skills essential for effective cybersecurity risk management in real-world business environments.

Provide information from your readings to support your statements.

Your well-written paper should meet the following requirements:

• Four to five pages, not including the title and reference pages.
• You should include two external references in addition to the textbook.
• Your paper must follow Saudi Electronic University academic writing standards and APA style guidelines, citing references as appropriate.
• You are strongly encouraged to submit all assignments to the Turnitin Originality Check before submitting them to your instructor for grading. If you are unsure how to submit an assignment to the originality check tool, review the Turnitin Originality Check Student Guide.

Continue your work for a cybersecurity company that offers a full range of forensic tools and services. As part of an ongoing marketing effort toward forensic investigators, the company is publishing a series of short articles that will be posted to LinkedIn and other social media sites. This will be the second of 2 LinkedIn posts related to log files (the first one you wrote in Week 1).

In an effort to educate the companys customers and show off their expertise, write a 2- to 3- page article comparing the use of log files in network forensics, database forensics, and cloud forensics. Complete the following in the article:

• Describe the importance of log files in network forensics, database forensics, and cloud forensics.
• List the most important and common log files used in network forensics, database forensics, and cloud forensics.
• Describe the process and difficulty in acquiring the log files in network forensics, database forensics, and cloud forensics.
• Discuss software that can be used to acquire and analyze log files.
• Research and discuss the possibility of log files being changed or not containing the pertinent information in network forensics, database forensics, and cloud forensics.

You will need to do additional research to complete this report. Be sure to properly cite your sources using APA formatting.

1. Inside the VM (Guest)

Make sure the SSH service is installed and active:

Install: sudo apt install openssh-server

Check Status: sudo systemctl status ssh

2. In VirtualBox Settings (Host)

Go to your VM Settings > Network > Advanced > Port Forwarding, then add a new rule:

Name: SSH

Protocol: TCP

Host IP: 127.0.0.1

Host Port: 2222

Guest Port: 22 (Leave the Guest IP blank).

3. How to Access

Open Terminal/PowerShell on the main PC (Host), then type:

Bash

ssh -p 2222 username_vm@127.0.0.1

see rubric plz