Cybersecurity Management

Throughout your career in cybersecurity management, you will be asked to manage and protect your company’s IT department to support the company’s
strategic goals and mission. Computer security incident response is an important component of IT programs. Performing an incident response is a complex
undertaking. Establishing the capability to respond successfully to an incident requires substantial planning and resources.
As a leader in a company’s network operations center (NOC), you will be tasked with assessing the company’s risk management and cybersecurity posture.
As vulnerabilities and threats arise, you will be responsible for determining the who, what, when, where, and why of these events. Additionally, you will report
your findings to upper management, describe how you contained these events, and provide recommendations to limit or prevent these events from
happening again.
SCENARIO
You are an incident response (IR) manager working in the newly formed Network Operations Center (NOC) for Psinuvia Inc. After a number of web exploits
were reported in the news, the Board of Directors for Psinuvia asked you to validate the company’s security. Following the NOC’s standard operating
procedure (SOP), you are asked to review the attached outputs from the vulnerability assessment and regular scans for intrusions on Psinuvia’s systems.
Along with detecting and reporting intrusions, per the SOP, you must evaluate the vulnerability scan output to determine whether or not a vulnerability exists
on the system(s) with the potential issue and provide a report to upper management for review.
REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of a submission and no more than a 10% match to any one individual
source can be directly quoted or closely paraphrased from sources, even if cited correctly. An originality report is provided when you submit your task that
can be used as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each
requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
Introduction
A. Summarize the events that lead to the discovery of the potential vulnerability. Record your summary in the attached “NOC Reporting Template.”
Scan Summary
B. Summarize the results of the security vulnerability report, nmap host scan and alarm report; including which systems and data were compromised. Be
sure to address the basic assessment questions from the attached “Incident Response Plan” as part of your submission. Record your responses in the
attached “NOC Reporting Template.”
Detailed Analysis
C. Explain the steps you will take to identify any exploited systems and data that are included in the scope of the incident as part of your documentation in
the attached “NOC Reporting Template.”