Understand The Importance Of Logs In Cybercrime Investigations
THIS ASSIGNMENT IS IN TWO PARTS-Please Provide 2 Separate References List.
PART ONE
In cybersecurity, log files provide a record of users’ activity on a system and the network. Cybersecurity professionals can use logs to discover services that are altered in a system and the sources of illicit activities.
For this task, assume that the cybersecurity architect of an organization (it may help to select a specific organization with which you are familiar) asked you to present a white paper that will explain to the board of directors the following:
The importance of audit logs
The legality of using logs
Use of multiple log sources as evidence
Accuracy and authenticity of logs
In your white paper, present in the table form (see template below) the essential qualities of ten log audit mechanisms or tools that can be used for most commonly used operating systems in enterprise networks.
Audit tool/mechanismManufacturer/discovererBrief explanation of use
Length: 3 pages, not including titles and reference pages.
References: Support your paper with a minimum of 6 scholarly resources
Keep your audience in mind. Remember you are not preparing this for an academic audience. Your audience will not care about theoretical or conceptual issues in risk management. They will only care about specific issues, strategies, and scenarios that are relevant to their organization.
Your paper should demonstrate thoughtful consideration of the ideas and concepts that are presented in the course and provide new thoughts and insights relating directly to this topic. Your response should reflect scholarly writing and current APA standards
PART TWO
Recognize the Importance of Vulnerability Management
Organizations should develop strategies to constantly identify and quickly remediate discovered vulnerabilities. Effective identification and assessment of vulnerabilities will help in determining threats, potential impact, and the best course of action to address vulnerabilities. There are many tools to assist in determining vulnerabilities, but techniques such as vulnerability scanning and penetration testing play a significant role in helping detect vulnerabilities in resources. Although it may not be the most glamorous of techniques, vulnerability scanning can help a cybersecurity professional discover weaknesses that will not take much effort by attackers to capitalize on.
For this task, you will conduct research to address multiples areas of vulnerability assessment as listed below.
Differentiation between vulnerability scans and vulnerability assessment.
The effect of threat vectors in vulnerability assessment.
Different types of vulnerabilities and their causes.
Attack surface and vulnerability assessment.
Analysis of the use of operational critical threat, asset, and vulnerability evaluation (OCTAVE) and the common vulnerability scoring system (CVSSv2) as open vulnerability scoring systems.
Development of a relationship between vulnerability, threat, and risks with examples using mathematical calculations.
Length: 5 pages, not including titles and reference pages.
References: Support your assignment with a minimum of 10 scholarly resources
Your paper should demonstrate thoughtful consideration of the ideas and concepts that are presented in the course and provide new thoughts and insights relating directly to this topic. Your response should reflect scholarly writing and current APA standards.
Solution Preview
Vulnerabilities are defined as weaknesses in an information system, system security procedures, internal controls, or implementations that could be exploited by threat source (ISACA, 2017). Traditionally, cyber security professionals were trained to consider vulnerabilities from a technical perspective such as flaws that can be identified in software platforms or configuration issues,
(1,651 words)