Overview
Threat modeling is an important skill set that a security analyst should have in their toolbox. Evaluating different models and being familiar with each model will come with time. Integrating the results of threat modeling with different types of network protections can be challenging, as is evaluating and recommending different types of emerging technology integrated with existing technology. A security analyst needs to be able to think outside the box and integrate different models with the tasks at hand. A strong understanding of cryptography is valuable in protecting data in motion and at rest.
The final project builds off skills you practiced in the Module Three and Module Four Stepping Stones. The project also incorporates one milestone, which will be submitted in Module Five. The final project will be submitted in Module Seven. In this assignment, you will demonstrate your mastery of the following competencies:
Describe fundamental strategies of cyber defense
Describe the impact of emerging trends on security strategies
Compare and contrast different cryptographic techniques and select the appropriate solution for a given scenario
Scenario
For this final project, put yourself in the role of a security analyst who is performing an audit of your company. Your organization is a mid-sized manufacturing company that released its own smart headset. The headset has the ability to project important documents on an optical screen for the technicians in the field. The documents could be product schematics, invoices, emails, text messages, or any documents put in the shared drive on the server. The headset has constant communication with the server that resides in the central office; the connection is made through the technicians’ cell phones via the Bluetooth connection.
Prompt
Apply your experience using threat models to describe a particular attack, and your understanding of cryptography to write a Cyber Defense and Emerging Trends paper. Be sure to integrate feedback from the Final Project Milestone into your submission.
You must address the critical elements listed below. The codes shown in brackets indicate the competency to which each critical element is aligned.
Personnel or Human Factor Trend
Select a personnel or human factor trend and discuss the following critical elements:
Describe how the trend or strategy provides protection to an organization.
Defend the trend as a credible solution based on your analysis of the threat model for the scenario.
Describe the security risks and rewards associated with the trend.
Analyze how an emerging personnel or human factor trend is affecting the cybersecurity landscape. In your response, detail the impact this trend has on existing security strategies, technologies, or policies.
Data Protection Strategy or Technology
Select a data protection strategy or technology and discuss the following critical elements:
Describe how the strategy or technology provides protection to an organization.
Defend the strategy or technology as a credible solution based on your analysis of the threat model for the scenario.
Describe the security risks and rewards associated with the strategy or technology.
Describe how cryptographic techniques are used with this data protection strategy or technology to achieve security objectives.
Discuss the advantages and disadvantages of the encryption method used in the data protection strategy or technology.
Discuss the security concerns related to cryptographic techniques.
System Protection
Select a technology in one of the following areas:
Network protection technologies
Endpoint and server protection technologies
Software code protection strategies and technologies
For your selected technology, discuss the following critical elements:
Describe how the selected technology provides protection to an organization.
Defend the technology as a credible solution based on your analysis of the threat model for the scenario.
Describe the security risks and rewards associated with the technology.
Analyze how an emerging security technology is affecting the cybersecurity landscape. In your response, detail the impact this technology has on existing security strategies, technologies, or policies.