As an information security professional, you will often be called deal with security threats that impact the organization on an ongoing basis, and to provide guidance to multiple organizational units on ways to recognize, cope with, and avoid these threats. In this assignment, you will research in detail an attack type or threat assigned by your instructor. As a project group you will develop a mini-training course on your assigned topic and deliver that training to the class.
Deliverables for this assignment include (but aren’t limited to):
- A white paper on your assigned threat/attack. The paper will provide:
- A description of the threat/attack method, including the types of attacks performed (DoS, Access, etc). There are multiple versions of many attacks, so you should go over the major forms/groupings.
- A description of how the attack is performed. (What elements in the network are being attacked, tools used, vulnerability being exploited)
- Attack signature for inclusion in an organizational Incident Response Plan (How would we recognize the attack on our systems?)
- Faulty practices (programming, design, training, etc.) that enable the threat/attack
- Industry Best Practices for avoiding or mitigating the risk of this threat or attack form
- References for further study (Technical and Cases)
- 5 multiple choice and 1 essay question with grading rubric for use as part of the unit exam
Everyone must turn in a peer evaluation using the peer-evaluation form provided by the due date posted on Moodle. Use form and link provided in this assignment cluster to turn in your evaluation. Group peer evaluations will count 10% of the assignment. Failure to turn in an evaluation will result in a grade of 0 for that component of the assignment.
The white paper must: use APA format, use 12 point Courier or New-Courier font, be a minimum of 15 double spaced pages (excluding bibliography and graphics). Papers should use at least 10 references.