Bright Academic Experts

Category: Cyber Security

  • Cyber Security Question

    q1- Identify the three foundational processes of digital forensics and briefly describe the primary objective of each as defined in the forensic examination framework.

    q2- Define “Key Disclosure Law” and list two specific “abstract boundaries” that a forensic examiner should never overstep regarding their professional conduct.


    q3- Explain how a forensic examiner is able to recover a deleted file from an NTFS partition on a mechanical hard drive and describe why this process is generally less successful on a Solid-State Drive (SSD).


    q4- Define what a Windows Registry “hive” is and identify which specific hive a forensic examiner should analyze to find information regarding a user’s browser settings and account history.

  • MODULE 2 PROJECT DELIVERABLE 1

    Part 1, Project Overview Data Acquisition Report (Part 1 of 4)Due at end of week 2, Sunday at 11:59 p.m. ET

    Submit a two-page (minimum) report describing your analysis focus area, your initial set of requirements,your hypothesis, and a description of your data acquisition. Describe your data investigations, sourceslooked at, initial review of data obtained, and data formats encountered. Provide initial impressions of datavalidity and quality. Consider the following:

    1. Research potential data sources in your area of interest. Many sources are available from the U.S.Government and private organizations. For instance, check out and selectDatasets from the top.

    2. Determine the focus area.

    -Determine an area of interest in which to perform analysis and which has a data sourceavailable.

    3. Develop Initial Requirements.

  • Access the results of the analysis that are to be achieved and develop specific requirements foroutcomes that you expect.
  • Identify data/information necessary as inputs to the analysis, which is specified based upon the requirements of those directing the analysis or customers (who will use the finished product of the analysis).
  • Develop a set of questions that you will attempt to answer with your analysis.
  • Develop specific variables regarding a population that you will attempt to obtained
  • Data may be numerical or categorical.
  • Avoid textual data unless you plan to perform some form of Natural Language Processing or word vectorization. This type of analysis is highly technical and not recommended.

    • 4. Develop a hypothesis of what you expect to determine in your analysis.

  • A hypothesis is a supposition or proposed explanation based on limited evidence as a starting point for further investigation.
  • An initial hypothesis helps to guide your investigation and search for data to support the hypothesis and/or the null hypothesis

    • 5. Collect Datasets and Information based on your chosen area of interest.

  • Collect data and information from a variety of sources, as required.
  • Evaluate your data sources for validity and quality.
  • Consider the following data characteristics:
  • Defined, Measurable, Unitized, Relatable, Normalized, and Quality.

  • please use the template to answer the questions.

    please use the template to answer the questions. and the lab attachment for the lab

    Introduction

    • Write a brief introduction (2-3 paragraphs) describing your lab setup that includes a network diagram, tools used, and operating systems.

  • CYB 320 MODULE FOUR PROJECT

    SEE RUBRIC PLZ

  • CYB 320 SWOT ANALYSIS

    SEE RUBRIC PLEASE

  • CYB 320 JOURNAL ENTRY MODULE FOUR

    SEE RURBIC PLZ

  • CYB 410 MODULE 4 PROJECT

    SEE RURBIC PLEASE

  • CYB 410 MODULE THREE DISCUSSION POST WITH REPLY TO TWO PEERS

    SEE RUBRIC PLZ

  • Cybersecurity discussion post

    Please see attached documents

  • Compliance & Risk Management

    Weight: 20% of course grade

    Word Limit: ~3000 words (excluding references, tables, and appendices)

    Group Size: 3 students per group Submission Mode: Upload as a single PDF document via LMS

    Submission: Single PDF document uploaded to FORUM

    Deadline: October 30, 2025

    Overview

    This group assignment requires you to design a comprehensive security program for a chosen sector. The assignment builds on your work in Assignment #1 (threat analysis survey) and progresses through three main components:

    1. Security Policies for Risk Management
    2. Risk Management Framework & SETA Program
    3. Information Security Management System (ISMS)

    Your project should produce a professional-level security program that could be presented to senior management for approval.

    Assignment Parts:

    The assignment offers each group an opportunity to select the type of the organization they need to deal with as follows:

    *********************

    Step 1: Select a Sector

    You will choose one sector from the following five options:

    1. Healthcare (Hospitals and Clinics and Insurance Companies)
      • Particularities: Strict privacy/confidentiality requirements (HIPAA/GDPR equivalents); reliance on IoT/medical devices; insider risks from staff accessing patient records; availability is critical for patient safety in addition to local regulations of UAE.
    2. Banking and Financial Services
      • Particularities: High-value assets attract cybercriminals; compliance with regulations (Basel, PCI-DSS, ISO, GRDP, etc.); phishing and social engineering common; availability of online/mobile banking services is critical in addition to local regulations of UAE.
    3. Higher Education Institutions
      • Particularities: Open access culture; diverse users (faculty, students, researchers, contractors); compliance with regulations (GDRP, CIS, COBIT, ITIL, ISO, etc.), research data protection; BYOD environment; limited IT security budgets compared to financial or government institutions in addition to local regulations of UAE..
    4. Energy and Utilities (Power Plants, Smart Grids, Oil & Gas)
      • Particularities: SCADA/ICS systems with legacy vulnerabilities; nation-state level threats; safety and resilience are paramount; downtime has severe societal and economic consequences. compliance with regulations (NIST, ISO, etc.) in addition to local regulations of UAE.
    5. E-Commerce and Retail
      • Particularities: Handling large amounts of PII and payment data; heavy reliance on cloud platforms and third-party services; DDoS and ransomware threats; brand reputation directly tied to customer trust. compliance with regulations (PCI-DSS, ISO, etc.) in addition to local regulations of UAE.

    Your Task:

    Your group should state clearly in the introduction which sector is chosen, and explain briefly why (based on risk, importance, or group preference).

    Part 1 Security Policies for Risk Management (Approx. 800 words)

    Develop security policies based on threats identified in Assignment #1. For each two types of threats (Human + Cyber):

    1. Human Threat Example:
      • Employee deliberately grants unauthorized access OR unintentionally shares sensitive data.
    2. Cyber Threat Example:
      • Hacker breaches the access control database, steals data, or alters permissions.

    Deliverables:

    Draft two security policies per threat (total 4 policies minimum).

    Each policy must have:

    • Non-technical measures (awareness, procedures, compliance).
    • Technical measures (system configurations, monitoring, access controls).
    • Implementation steps for each technical policy (detailed and actionable).

    **********************

    Part 2 Risk Management Framework & SETA Program

    Develop a risk management framework and SETA program for your chosen organization/sector.

    Deliverables:

    1. Risk Management Framework
      • Align to ISO 27001/2 and ISO 27005.
      • Define: risk appetite, tolerance levels, likelihood/impact (use a scale).
      • Quantify residual risk after controls are applied.
      • Justify risk treatment options with evidence (research, case studies, references).
    2. SETA Program Components
      • Workshops: Topics relevant to the identified threats.
      • Quizzes: At least 57 questions linked to Assignment #1 threats.
      • ISO Mapping: Link each training/control activity to specific clauses/controls of ISO 27001/2 and ISO 27005.
      • Show how controls mitigate threats (reducing likelihood or impact).
    3. Cross-reference Frameworks:
      • Support analysis with concepts from GDRP,CIS, NIST CSF, COBIT, SANS, etc.

    Output should resemble a professional training & risk report to be presented to senior management.

    *********************

    Part 3 Design of ISMS (Approx. 1200 words)

    Combine Parts 1 & 2 into a complete Information Security Management System (ISMS) for the selected sector.

    Deliverables:

    1. Current Security Posture Assessment
      • Evaluate existing strengths and weaknesses of the chosen sector.
      • Identify compliance requirements (ISO, GRC, industry regulations).
    2. ISMS Roadmap Proposal
      • Tools, techniques, frameworks, and control sets to adopt.
      • Integration of GRC (Governance, Risk, Compliance) requirements.
      • Short-term vs. long-term priorities (e.g., quick fixes vs. structural changes).
    3. Holistic View
      • Show how the ISMS ties policies, risk management, and training into one program.
      • Demonstrate measurable improvements to organizational security posture