Final Project Assignment Instructions
In order to fully comprehend the many aspects that factor into information forensics and risk management, you must examine a situation from the perspective of a computer forensic specialist. For the Final Project Assignment, you will be placed in a hypothetical scenario in which you must utilize all of the information gained throughout this course.
Assume that you are the Chief Information Security Officer (CISO) of <Place your full name here> Corporation. If your name is “Mariah Smith” the name of the company should be named the Mariah Smith Corporation. While performing your regularly scheduled duties, you receive a call from the Senior Vice President of the Human Resources Department informing you that, in the past 4 days, there have been 4 occurrences of money transfer to unauthorized recipients. Given your position and your understanding of recent cyber and information security attacks, you assume that an attack of some sort is at fault for the unauthorized transfers.
During the conversation, you are given the name of the department where the fund transfers have occurred. The department is internal to the organization but only certain fund transfers were committed internal to the network. In addition, you know the external public IP address of the system that executed the transfers. Privilege escalation, man-in-the-middle attacks, buffer overflows, and malicious code were all present during the Information Assurance Team’s initial investigation. Some of this is puzzling, given the IP address location that seems to be the source. You are given specific instruction not to engage anyone from the department where the money transfer have occurred; however, you are permitted to engage law enforcement and third party agencies if appropriate. This is to preserve any ongoing investigations and to allow the greatest opportunity to catch the suspect.
Refer to the Final Project Network Diagram. The enterprise network is much larger, with many additional pieces of hardware. Regardless, these are the only systems the initial investigation indicated were affected. The organization fund/money transfer systems are comprised of Microsoft, Linux, and Solaris servers. The firewall prior to the Cisco core switch only allows access to necessary web facing application ports. The Microsoft servers are responsible for authentication through directory services. Despite one firewall and some group policy being verified as sound and uncompromised by the investigation, the current information system components identified play certain roles in the unauthorized transfers.
The Final Project Network Diagram will be used as a point of reference in determining what is necessary to determine how this incident could occur in a real organization; this includes applications, information systems, human experts, and any other stakeholder involved in such an incident. Your goal is to identify where vulnerabilities and threats could exist specific to anauthorized transfers in this scenario and how to mitigate future occurances.
The final plan must identify the technology and equipment and all access and file data that is compulsory—including log files, auditing, group policies, firewall rules, and other information system elements—to determine the root cause. Upon the successful completion of the investigation plan, a subsequent plan will determine a superior information system and plan for future mitigation and prevention. This can include everything from firewall rules to policy.
Before being graded, all code, access control rules, diagrams, and/or Visio diagrams (each) must include screenshots with a valid date and piece of data that shows completion on the student’s personal computer. The Final Project Assignment must be comprehensive and include a minimum of 5,000 words (excluding the title page, diagrams, and reference page). Each project deliverable should be well supported by related, relevant, and current scholarly literature. In total, it should contain at least 20 peer-reviewed sources. The Final Project Assignment must also be written in current APA format, include a title page, table of contents, introduction, conclusion, references, and appendixes with appropriate data. You are encouraged to utilize Microsoft Visio or a similar application in order to provide visual aides to assist in your assessment of the situation as well as Microsoft Project and/or valid alternatives. In your analysis, be sure to include the following:
· A comprehensive literature review of unauthorized transactions, how this can occur, and a comprehensive review of the affected IT infrastructure;
· A project adhering to an industry standard methodology (such as PMBOK) to manage the Final Project completion;
· An appraisal of the situation using the knowledge gained from this course and personal experience;
· A thorough assessment of the Information Assurance Team’s initial findings;
· A performance of a forensic investigation on the matter;
· An illustration of your strategy for conducting this investigation;
· The formulation of a complete plan including: a proposed personnel structure/team, mechanisms of defense, budget, schedule, risk management, procurement management, secure systems analysis, and design to prevent this incident from occurring in the future;
· Over two (2) new unique IT architecture diagrams using at least two (2) network security frameworks that highlight the new strategy and design that could mitigate future unauthorized transactions. Diagrams must have screenshots from the user’s computer in the program they were designed and include the operating system date and time from the student’s person computer.
· A strong attempt to integrate a biblical worldview into the secure enterprise solution.
Introduction – More than 3 scholarly sources and 250 words
Review of literature – 2,500 words 10 scholarly journal articles
Mitigation Plan – Over two (2) new comprehensive network architecture diagrams with proper screenshots and over 20 pieces of hardware that 2,000 words 10 scholarly sources
Conclusion – More than 2 scholarly sources and 250 words
Total Overall – Over 5,000 words and Over 20 unique scholarly sources