Monthly Archives: January 2024

In this report paper, you will explore in detail one of the statistical learning techniques or data mining (if you have the background) approaches to research discussed in the course, applying it in the context of a specific application or methodological study. This will help you gain a deeper understanding of your chosen topic as well as gain experience in translating these ideas into practice. 

Find a data set, generate your topic based on the type of dataset and what questions you want to answer from the dataset. The following task need to be performed:

• Data      Selection (Check the lecture slides for the online data set resources).
• Data      Exploration and visualization
• Data      Analysis (Explain the Statistical methods you used in the project)
• Discussion and Summarization of      the work and results

Your report is base on the hands-on project.

Note: Use MS Excel or SPSS or WEKA

TOPIC- Advantech – WebAccess (SCADA)

OVERVIEW

A key objective of any academic program is the refinement and reinforcement of strong communication skills. 

The same ability of a cyber security professional to compile information and present findings, observations, and recommendations in a clear, 

concise, and understandable manner is equally important. 

It is for these reasons that a requirement exists for the successful completion of this course to perform research centering on a 

specific automation vendor and their industrial solution offering and compile a paper summarizing the findings in a form of security assessment.

The paper will focus on selecting a company and one of their industrial control system offerings. 

Solutions are often aligned to specific industry sectors and customer bases. These solutions should be understood to then look at vulnerabilities

that have been disclosed targeting these systems. Equally important is the impact to the business operations of the end-user or asset owner should 

any of these vulnerabilities be exploiting – either intentionally or accidentally.

It is essential to evaluate the unmitigated risks associated with these vulnerabilities and develop a recommended list of actions that would help the asset 

owner in mitigating some of these risk in order to improve the operational integrity of their cyber-physical systems.

1-The paper shall be at least five (6) and no more than ten (10) pages in length excluding figures, tables, and references. 

2-The paper shall be formatted using an 11-point font of either Arial, Helvetica, or Times Roman type using 1″ margins on the sides and double-spacing between 

3-lines with 0.5″ indentation on first line of paragraphs. 

4-The paper shall be written using the APA style guide seventh edition published in October 2019. Online guidance can be viewed at https://apastyle.apa.org.

5-All tables and figures shall be captioned and specifically referenced in the body of the document. 

6-All references shall be stated and included as endnotes in this paper. Citations must meet the following requirements:

7-No more than two (2) citations shall be from Wikipedia

8-At least two (2) references shall be from United States government sites (e.g. CISA, NIST)

9-At least two (2) references from vendor web (html) or printed (pdf) material

10-At least two (2) references shall be from independent sources including but not limited to

   News Media Outlets (e.g. Reuters, Washington Post, Wired, CSOOnline)

   Industry Publications (e.g. Automation, ISSSource, Control)

   Trade Sources (e.g. Oil and Gas Journal, ChemWeek, PharmaTimes)

   Security Solution Providers (e.g. McAfee, Trend Micro, Dragos, Claroty) to name several.

 Grading for term research paper and associated presentation will be based on the following metrics:

     20% = Ideas and Analysis

     20% = Organization

     20% = Development and Support

     10% = Style

     20% = Mechanics

     10% = miselaneous

The term research paper should be logically divided into sections that follow sound research paper style and address each of the following areas. 

You are free to organization the paper and presentation as appropriate,

 however a template has been provided for both the paper and presentation to help start the initial paper structure.

The section titles (paper) and slide titles (presentation) in the templates are for reference only.

Your paper shall address and develop each of the following items:

1-System overview (textual) and architecture (graphical) covering devices and network topology explaining the function of each of the key assets

2-Communication protocols used by the system

3-Industry sectors that use the system

4-Vulnerabilities publicly disclosed for the system and the publication of any exploitation packages

5-Potential or actual impact of the vulnerabilities discovered to the industry sectors served

5-Cyber security measures taken by the vendor to secure the system

7-Additional cyber security measures that could be taken by the end-user user if the vendor recommendations are not feasible (e.g. an upgrade could not be performed in a timely manner)

Reference links

https://icscsi.org/library/#osint

https://us-cert.cisa.gov/ncas

https://icscsi.org/library/#news

https://training.icscsi.org/mod/resource/view.php?id=2568

Discussion Question #1: Discuss the difficulties in measuring the intelligence of machines.

Exercise #4: In 2017, McKinsey & Company created a five-part video titled “Ask the AI Experts: What Advice Would You Give to Executives About AI? View the video and summarize the advice given to the major issue discussed.

Exercise #5: Watch the McKinsey & Company video (3:06 min.) on today’s drivers of AI at https://www.youtube.com/watch?v=yv0IG1D-OdU and identify the major AI drivers. Write a report.

Exercise #15: Explore the AI-related products and services of Nuance Inc. (nuance.com) Explore the Dragon voice recognition product. Write a report. (limit to one page of analysis for exercise 15).

Do a bit  if research into File Inclusion Vulnerability.

• What is it?
• Why is is dangerous?
• What is the difference of low and remote inclusion?
• What methods can me employed to prevent a security breach?
• What programming languages are vulnerable to this type of attack.

Post between 100-300. Use your own words. Do not copy the work of another students.

NIST Cyber Security Framework

For this assignment, use the Cyber Security Framework (CSF) to create a security plan for the Cloud.    Make sure the plan covers the categories and sub categories of the NIST CSF framework.  

Required Textbook: Tapscott, D., &Tapscott, A. (2016). Blockchain revolution: how the technology behind bitcoin is changing money, business, and the world. Penguin. 

This week’s reading introduced an overview of blockchain and its impact on business(see the attachment). 

Discussion:

 1.choose a use case from section III, and a risk for adoption from section IV. 

2.Describe a real blockchain-based product that implements your chosen use case and how your chosen risk could impact the project’s success. 

3.Then think of three questions you’d like to ask other students and add these to the end of your thread. The questions should be taken from material you read or videos you watched from this week’s assigned activities. You’re not trying to test each other, but you are trying to start a discussion. 

Write one page document

 Timeline AssignmentInstructions

1. Do you have the two Dr. Evil E01 images downloaded to your computer? If not, please do this.
2. Did you already download and install Autopsy on your workstation? If not, please do this. Also, don’t forget to watch the video on using Autopsy if you are not familiar with it. Note – the tool is very intuitive so you should not have problems with it.
3. Ingest (load) the two E01 images into Autopsy by selecting File à Add Data Source. If you are not sure what is the data source– then select the Disk Image data source and you can browse to the E01 images. 
4. Autopsy will then process the images. This should take about 10-20 minutes.

1. Now click on the Timeline button on top of the Autopsy GUI and then familiarize yourself with the environment before answering these questions for total of 50 points. This timeline functionality is extremely powerful so click everywhere. Check out the different options. Right click a file and see what options are existing. I think you will be able to immediately grasp the possibilities of how you can pivot to a very specific MINUTE. See sample screenshot.

Questions (100 points)

1. What website was searched on 8-25-2004?
2. What was search query used on that website on 8-25-2004. Please provide screenshots.
3. What websites were visited on 8-27-2004?. Please provide screenshots.
4.  There was email activity on 07-27-1992. What was that email activity? Please provide screenshots.
5. You want proof that Dr. Evil used Ghostware and you think it was done in August 2004. When exactly was this? Please provide screenshots.
6. What software / driver is keys.text associated with? Please provide screenshots.
7. Please send me a snapshot report.

Use the internet to research and find one example of a data visualization each for categorical data, time-series data, and spatial data. Discuss the data set and the following topics.

How effective is the visualization? Why?

What elements would you modify?

Does the example reveal the tool used ( PowerBI, R, Tableau, Qlikview….? What problem is the visualization addressing? 

Your research paper should be at least 2 pages (600 words), double-spaced, have at least 4 APA references, and typed in an easy-to-read font in MS Word (other word processors are fine to use but save it in MS Word format). Your cover page should contain the following: Title, Student’s name, University’s name, Course name, Course number, Professor’s name, and Date.

• How should cache handling be accomplished in order to minimize the ability of the attacker to deliver a payload through the cache?

 This assignment should be in APA format and have to include at least two references. 

Which role do you feel is more  important in the organization – being the data administrator or the  database administrator? Explain the difference as well as explain your  selection. Provide a business use case example that exemplifies this  choice clearly. 

Instructions

• This is a required assignment, worth 15 points. The assignment  must be submitted by the due date. Late assignment are not allowed. 
• You are required to submit a minimum of two postings. Points will be deducted for not fulfilling this minimum requirement.
• Apply and use the basic citation styles of APA is required. Points are deducted per the rubric for this behavior.
• Do not claim credit for the words, ideas, and concepts of  others. Use in-text citation and list the reference of your supporting  source following APA’s style and formatting. Points are deducted per the  rubric for this behavior.
• Do not copy and paste information or concepts from the Internet  and claim that is your work. It will be considered Plagiarism and you  will receive zero for your work. A second offense results in a zero for  the course. A third is termination from the university.