9. In this step, your team will continue to develop the security checklist. You and your team members
will detail the method used to develop the checklist. While developing your checklist, you should
include (but you are not limited to) the following components:
communications and data-sharing policies and the network devices that will be used to
implement these policies
firewalls and how the rule sets will be determined
systems certification and accreditation demonstrations as required by network
administrators who are hosting the summit
secure communications protocols
digital authentication mechanisms—How will your nation team establish PKI systems
and develop public/private key mechanisms as well as digital certificates? Will your
nation team have a centralized key storage system? How else will you establish trust
between the nations? You do not have to build an encrypted communications system
for your nation team, but you should provide your plan for trusted communications
in your Network Security Checklist.
SSL and IPSEC protocols
As a team, complete the two- to three-page Network Security Checklist. Then, have a designated
member of your team submit the checklist for feedback.
10. Your Network Security Checklist is ready, and in this international domain, you and your team
members will now prepare to assess the networks for communication and information sharing which
have built-in multilevel security, based on trusted relationships between the different nations.
You have already seen that there are some suspicious behaviors involving the nations. The modes
and methods of those behaviors vary, and the attack vectors are just as diverse. The attendees at the
Global Economic Summit use different technologies for communications, and a cyber intelligence
analyst must demonstrate an understanding of the threats to those devices. To that end, your team
will collaborate in developing a System Security Risk and Vulnerability Report.
This report refers back to the Network Security Checklist and also to the policies you have created
and researched that define the levels and ways of communication and data transmission between
the nation teams.
Now that your team has provided the foundational network and policy information for your nation
communications systems, you and your team members will identify the threats, risks, and
vulnerabilities to those systems. Your team will determine the effect on your nation team and the
other teams if those risks and threats are exploited. Your team will provide what means should be
available to address the threats from a risk management perspective.
The report, which you will continue to develop in the next step, should accomplish the following:
List the different threats to authentication and credentials.
Explain how social engineering can be a threat to credentials as well as the defenses against
social engineering. How can social engineering be used to breach e-mail?
Explain the concept and use of public-key infrastructure and digital signatures (significance of
public-key infrastructure) and how it is used to protect access to networks, ensure
nonrepudiation of transmissions, and preserve the confidentiality of information sharing.
Describe "leapfrogging" across networks and what it means for the multiple networks. What
is escalation in the cyberattack phase?
The material in the report can come from research of current events or from your own ideas or
Explain the ways you and the team members can perform remediation and mitigationagainst the
threats you have identified? What are some of the countermeasures that can be used? Include these
explanations in your System Security Risk and Vulnerability Report.
You and team members will use these findings to write a system security risk and vulnerabili ty
assessment report in the next step.
11. You and your team members have gathered the information required for a two- to threepage System Security Risk and Vulnerability Report. Include the attack vectors to the nation system
in the report. This report should comply with information assurance standards, practices, and
procedures that are covered in the policies outlined in the policy matrix. This information collected is
your information that is needed in the baseline of your system and should be used to provide a
security baseline report.
When you have completed the Security Risk and Vulnerability Report, a designated team member
should submit it for feedback.
14. Based on the policy matrix and the environmental review and analysis you developed in previ ous
steps, the team should provide a two- to three-page Transnational Legal Compliance Report that
itemizes all of the compliance requirements that are overlapping or similar among all the nations on
the cyber security task force for the conference. Include a short analysis on how these requirements
are consistent (or not) with the Tallinn Manual 2.0 on the International Law Applicable to the
Conduct of Cyber Operations.
In accordance with your team agreement, a designated team member will submit the Digital Forensic
Environment Review and Analysis and the Transnational Legal Compliance Report to the dropbox.
Then, proceed to the next step in the project to identify the critical or key international stan dards
determined in previous steps.
Purchase answer to see full attachment