Introduction The question becomes less if you will have an incident and more whe

Introduction
The question becomes less if you will have an incident and more when you will have one. Ignoring this fact will place you and your organization in a precarious position. Proper planning for an incident will indicate to your customers, stakeholders, and key leadership that you take security seriously and will instill confidence in their business systems. Should an incident occur, your preparation will allow you to quickly identify the scope of damage because you will have identified the data that requires special handling and protection, including PII, PHI, intellectual property, corporate confidential information, and financial information about your organization.
However, preparation isn’t just an effort for your security team.
Note: Security Team
Students may find it incredibly helpful to start by defining and creating a graphical representation of the Cybersecurity Incident Response Team (CSIRT). Definition of the CSIRT should be based upon your understanding of the organization. You may need to conduct some research for illustrative examples.
Starting the exercise with a defined understanding of the CSIRT will result in more a focused, better defined incident response.
It means that you assist organizational leadership in communicating the goals of the security policy and the importance of the employees’ roles in supporting it. Aside from the benefit of having a smoother recovery, having a comprehensive incident-handling process regarding special data may protect you from civil or criminal procedures should your organization be brought to court for failing to protect sensitive data. Once you’ve gotten buy-in from organization leadership for your incident response plan, you need to continue to refine and improve it as threats evolve. 
Incident Scenario
For this assignment, you will create an incident response runbook (aka. playbook or “use case”), which is a written guide for identifying, containing, eradicating, and recovering from cybersecurity incidents. The document is usually the output of the preparation phase of the Incident Response process and is a part of your overall Incident Response Plan.
An end-user receives an email from the help desk stating that there was irregular activity associated with their email account and they will not be able to send or receive emails until it is resolved. Several end users click on the link in the email and immediately items on his/her workstation begin to act strangely. Suddenly, none of the files on the workstation can be opened and now end in “.crypt”. A message pops up on the end user’s screen demanding payment of 1.84 Bitcoins as a ransom for the organization’s now encrypted data. As of May 2021, Bitcoin is Approximately $54,301/Bitcoin, making the ransom in this scenario just shy of $100,000. 
Soon after that, other employees begin to report they have a strange note popping up on their screen as well. Before long, all computers – workstations and servers – have the popup on their screens and are unable to function. This is where the Incident Response process begins.
Create Your Runbook
There are several Runbooks for several types of threats (Malware, DDoS, Botnet, Social Engineering). Make sure the Runbook is the correct Runbook for the scenario. An Incident Response Playbook (Runbook) is designed to provide a step-by-step walk-through for most probable and impactful cyber threats to your organization. The Playbook will ensure that certain steps of the Incident Response Plan are followed appropriately and serve as a reminder if certain steps in the IRP are not in place.
Your Runbook should consist of:
An overview section of the identified threat details information about the threat.
Preparation steps or triage processes needed to prevent or recover from the threat
Contact information of the in-house IR team
Communication tree
Escalation & notification procedures and reporting mechanism
Detection, Identification & Analysis of the likely symptoms from the type of threat
Steps implemented for detection
Identification matrix for High, Medium, and Low threat categories
Incident validation – tools or systems used to confirm and verify the possible delivery vector of the threat
Containment, Eradication & Recovery
The third phase, containment, is the initial attempt to mitigate the attacker’s actions. It has two major components: stopping the spread of the attack and preventing further damage to systems. It is important for an organization to decide which methods of containment to employ early in the response. Organizations should have strategies and procedures in place for making containment-related decisions that reflect the level of risk acceptable to the organization according to the threat type.
Post Incident Activity/Lessons Learned
Post-incident refers to the process of identifying lessons to be learned after actions and review. This section needs to address questions such as:
What happened?
Have we done well in protecting the organization’s network?
What could we have done better?
What should we do differently next time?

Information security policy development, cyber resiliency, and frameworks such a

Information security policy development, cyber resiliency, and frameworks such as Zero Trust Architecture can be considered complex when evaluated in isolation. However, cybersecurity practitioners must be able to ground cybersecurity programs with solid architecture recommendations, policy, and tactics to ensure business resiliency.
Drawing on several of your course readings, write at least two paragraphs identifying at least two challenges that a new practitioner may face while trying to incorporate these three concepts into a cybersecurity program.

Readings and Media Please review the following material for this week’s Assignme

Readings and Media
Please review the following material for this week’s Assignment:
Reading
•    Chapter 1 (Foundations), The Code Book (See the attached file)
•    Chapter 1, Understanding Cryptography (See the attached file)
Video:
•    Mary Queen of Scots 1

————————————————-
Paper Requirement
•    Please follow APA guidelines for all assignments, which includes the bibliography and in-text citations.  This is a Master’s level course, so please put in the effort to make your papers the best they can be.  Proof reading goes a long way in catching spelling and grammatical errors.
•    Please do not plagiarize the works of others; give credit for works cited. Also, do not attempt to turn in a paper you have previously written for another class!
•    Length: 3 pages
————————————————-
Week 3 Quiz: (3 pages)
QUESTIONS:
1.  Outline the issues with the Case of Mary, Queen of Scots to include the factors related to the encryption methods, the failures of Mary and her cohorts, the importance of this case to the field of encryption, and the lessons of the case. (Length: 1 ½ pages)
Note: Reading Material – The Code of Book (Chapter 1) See the attached file.
2.  Explain and outline the concept of Cryptanalysis, what it is, its linkage to the field of encryption, its three sub-system methods for breaking cryptosystems (hint: assigned reading), and its relevance in the modern realm of encryption. (Length: 1 ½ pages)
Note: Reading Material “Understanding Cryptography” – (Page 9 Section 1.3.1) See the attached file.

Certain organizational structures may work well in some situations and yet be co

Certain organizational structures may work well in some situations and yet be completely ineffective under a different set of circumstances. Consider the following very different organizational architectures for a firm: (a) A strictly hierarchical top down organizational structure where all decisions are made at the top and are then carried out by those on the lower rungs of the organizational chart. (b) A decentralized structure where different kinds of decisions are made by separate teams working independently of one another.
Write a short essay providing examples of situations where each of these structures is likely to be effective as well as situations where that same structure is likely to be ineffective in achieving the organizational goals of the firms in question.
Note that this essay assignment will be reviewed for originality using Turnitin. While you do not have to conform to the full writing guidelines that were posted for the term paper, note that the same general strictures on originality apply:
ORIGINALITY:
The assignment must be your own original work and it must be written specifically for this class. The assignment will be checked for originality using turnitin.com. Any citation omissions will affect your assignment grade, but significantly plagiarized assignments will receive a grade of zero, with no exceptions and with no do-overs.
CITATIONS & CITATION STYLE:
You must cite all your sources.
PROPER QUOTATIONS & QUOTATION MARKS:
You must use quotation marks, or else use indented blocks, to identify all quotations. It is OK to paraphrase and not use direct quotes only when your language is completely different from the original, but you must still give proper credit to your sources. It is not OK to just insert a few words of your own into another writer’s text and then appropriate it without using quotation marks.
TEXT BOOK:
Brickley, Smith and Zimmerman, Managerial Economics and Organizational Architecture: 3rd, 4th, 5th, 6th or 7th edition. (New York: McGraw Hill). 

In or around July 2014, ALEXANDRE CAZES, aka “ALPHA02,” aka “ADMIN,” with other

In or around July 2014, ALEXANDRE CAZES, aka “ALPHA02,” aka “ADMIN,” with other persons, known and unknown to the authorities, created AlphaBay (also referred to as the “AlphaBay Market”), a dark-web marketplace designed to enable users to buy and sell illegal goods, including controlled substances, stolen and fraudulent identification documents and access devices, counterfeit goods, malware and other computer hacking tools, firearms, and toxic chemicals. The site also enabled users to purchase and sell illegal services, including “tumbling” and “mixing” services, which are forms of money laundering used for digital currencies.
From its official launch in December 2014 AlphaBay was used by thousands of vendors to distribute controlled substances and other illegal goods and services to buyers throughout the world, and to launder hundreds of millions of dollars deriving from these illegal transactions. AlphaBay also provided a private, internal messaging service through which staff, vendors, and buyers could communicate, as well as an associated web forum called the “AlphaBay Market Forum.” On 1 June 2017, an arrest warrant would be issued for Alexandre CAZES that would be satisfied approximately one month later on 5 July 2017. CAZES was arrested during a raid on his home in Bangkok, Thailand and was held by the Royal Thai Police for approximately seven days before apparently committing suicide while in custody on 12 July 2017. On 19 July 2017 U.S. Attorney’s Office of the Eastern District of California filed a civil forfeiture complaint against CAZES and his wife.
Based on the facts of this case, discuss and analyze the impact that technology and the internet specifically have had and will have going forward in the field of organized crime (A maximum of 1500 words).
kindly add references to support the answers

United States of America v. Alexandre Cazes aka “ALPHA02” aka “ADMIN” In or arou

United States of America v. Alexandre Cazes aka “ALPHA02” aka “ADMIN”
In or around July 2014, ALEXANDRE CAZES, aka “ALPHA02,” aka “ADMIN,” with other persons, known and unknown to the authorities, created AlphaBay (also referred to as the “AlphaBay Market”), a dark-web marketplace designed to enable users to buy and sell illegal goods, including controlled substances, stolen and fraudulent identification documents and access devices, counterfeit goods, malware and other computer hacking tools, firearms, and toxic chemicals. The site also enabled users to purchase and sell illegal services, including “tumbling” and “mixing” services, which are forms of money laundering used for digital currencies.
From its official launch in December 2014 AlphaBay was used by thousands of vendors to distribute controlled substances and other illegal goods and services to buyers throughout the world, and to launder hundreds of millions of dollars deriving from these illegal transactions. AlphaBay also provided a private, internal messaging service through which staff, vendors, and buyers could communicate, as well as an associated web forum called the “AlphaBay Market Forum.” On 1 June 2017, an arrest warrant would be issued for Alexandre CAZES that would be satisfied approximately one month later on 5 July 2017. CAZES was arrested during a raid on his home in Bangkok, Thailand and was held by the Royal Thai Police for approximately seven days before apparently committing suicide while in custody on 12 July 2017. On 19 July 2017 U.S. Attorney’s Office of the Eastern District of California filed a civil forfeiture complaint against CAZES and his wife.
Based on the facts of this case, discuss and analyze the impact that technology and the internet specifically have had and will have going forward in the field of organized crime (A maximum of 1500 words).  Please include references with APA style.

Readings and Media Please review the following material for this week’s Assignme

Readings and Media
Please review the following material for this week’s Assignment:
Reading
– Chapters 2-5, The Code Book
Video:
– Charles Babbage and His Difference Engine #2 – YouTube

– Babbage’s Difference Engine No. 2, Part 2: The Calculation Section – YouTube

– Guglielmo Marconi Wireless Telegraphy – YouTube

– The Enigma Machine Explained – YouTube

– The Inner Workings of an Enigma Machine – YouTube

– Navajo Code Talkers – YouTube

———————————–
Why does Cryptography exist? (2 pages)
First, to understand cryptography’s place, role and prominence within society, I believe people must understand that cryptography is simply a tool. A tool born from mankind’s use and need for secrecy. Although, a topic in itself with origins as old as time, the relevance within todays society has grown from the vast amount of information being generated and shared nearly instantaneously.
Going as far back as the Greek times, Sophocles said “Do nothing secretly; for Time sees and hears all things, and discloses all”. A simple quote that has never remained so true, especially in an age of information sharing and social media. However, this has not always been the case, as we have read in our assigned text “The Code Book”, the royal families conspiring wanted to keep plans secret which eventually led to their plans being revealed and their death.
References:
Hipponous. Frag. 280
The Code Book
Discussion Question #1 (2 pages)
Why do you think Cryptography has been prominent in the history of mankind? What is it about encryption that has led to war, death, and intrigue over and over throughout history? (Browse the internet)
———————————–
Week 2: This Week in Cybersecurity and Encryption Technology (2 pages)
Each week, we will have a “This Week in Cybersecurity” discussion that focuses on developing issues in Cybersecurity, with a focus on encryption related topics when possible. This discussion will provide you the opportunity to stay ‘attuned’ to current Cybersecurity issues in the news and share at least one event, activity, or development with the class. For example, if a major cyber-attack on a nation-state or major company (i.e., North Korea attack on Sony) were to occur, this would be the type of story to share.
Browse the internet to find an encryption and/or Cybersecurity-related current event, activity, or development in the news. In your discussion post, briefly summarize the event and reflect on its significance. You should use any legitimate news source (television, internet, periodicals, etc.) to support your topical input. (A few sites related to cybersecurity are suggested on the Student Resources page, but you are not limited to these.)
Discussion Question #2 (2 pages)
Questions to address:
How does the event relate to issues addressed in class?
How might similar situations be mitigated?
What is the broader impact of the event (e.g., nationally, globally, etc.)

What is the Dark Web? What content does the Dark Web contain? That must be a que

What is the Dark Web? What content does the Dark Web contain? That must be a question that makes many people curious. Why do the government and security agencies feel so “hatred” towards it? People often describe the Dark Web as a hidden web that exists only to serve its visitors’ evilest, crazy, and lewd desires. The things that users can buy on the Dark Web are terrible. People can buy everything from tigers to grenades to illegal drugs. On the other hand, some people believe that the Dark Web is essential for freedom. Whether you agree with the above viewpoints or not, if you intend to access the Dark Web, you must carefully understand the structure of the Web (Surface Web, Deep Web, Dark Web) and consider the potential dangers that such websites may have.
Using provided sources to write an essay about the topic: What is the Dark Web? How is it used by Ethical Hackers?  How can you access the dark web? Should you access the dark web?  What are the dangers?  What are some specific cybersecurity concerns that use the dark web?
https://www.csoonline.com/article/3249765/what-is-the-dark-web-how-to-access-it-and-what-youll-find.html

Dark Web Price Index 2021


https://www.koaa.com/news/deep-dive/what-is-the-dark-web-and-why-are-cybersecurity-experts-concerned
https://www.ccdcoe.org/uploads/2019/06/ART_27_BlackWidow.pdf
https://www.kaspersky.com/resource-center/threats/deep-web
https://www.guru99.com/deep-web-vs-dark-web.html
•    At least 5 resources should be cited in MLA format. You can use extra sources if you need them.
•    Resources cited need to be no older than 5 years.
•    At least 3 pictures or diagrams need to be included.  If copying pictures, be sure to cite where the picture/diagram source.

Background Refer back to your Business Impact Analysis (BIA) in Unit 1. In that

Background
Refer back to your Business Impact Analysis (BIA) in Unit 1. In that unit, several essential business functions were identified and prioritized. The Business Continuity Plan is aptly named, as it details how a company will continue doing business in the event of a disaster. Do not confuse this with an Incident Response Plan (IRP) which focuses on restoration of systems, try to maintain a focus on continuity of business operations.
Deliverables
1) Use the Internet to find a Business Continuity Plan (BCP) template and complete for your company. If unemployed, consider how homework could still be completed if your home computer breaks.  Note: Because each business will have its own mission and set of essential business functions, there is no single BCP that fits every organization. This document should be tailored to redirect business functions when the systems supporting these functions fail.
2) Your Business Continuity Plan should include, at a minimum:
a) Responsible parties for each business function
b) Contact information
c) Minimum resources needed to continue business functions such as:
1) Technological continuity (alternate site, data backups, etc.)
2) Administrative continuity (move of personnel, recovery teams, etc.)
d) Plans for testing and lessons learned (dry runs, table-top exercises, etc.)
Reminder:  After locating a template, the document must be tailored to your organization and operating environment. Simply changing names on the template or presenting existing documents without significant modification may result in a reduced score and possible academic integrity violations.
APA Requirements
Cite sources using APA format, including in-text citations and references page.  APA formatting of your BCP is not required.

Learn from the resources listed this week and do any additional research. Number

Learn from the resources listed this week and do any additional research. Number your answers to match with the discussion topic numbers (1, 2, 3). Answer them based on your learning and research with analysis. Cite the references being researched inline within the body of the writing, and also note them at the end of the answer as a reference. It is adequate to research from three to five references if that meets your research need. The number of words (quantity) is not a measure of quality and vice versa, but an adequate coverage for the primary post for the discussion topics below is possible between 400 and 500 words (500 words is typically one page with single-spaced, 12 font, standard margin).
Submit the primary answer by Thursday of the week and two additional responses by the deadline.
Discussion 1. Explain 5 ways to secure the software to prevent any failure. For each security measure that you are proposing, state what the security measure is, why you need to take this measure (meaning, what would happen if it is not secured), how to secure (not a detailed step, but at least touch upon the broad way to address it with any tool, technology, etc.). Number the five security measures as i, ii, iii, etc. so that I can differentiate them in your answer. A few examples to consider (you can use them and also come up with your own) are patching of software and why and with any specific patch, patch in the operating system and security fixes, software fix to prevent unauthorized access, etc. The answers can be based on what you have learned on the organization(s) based on your research, and/or your learning and analysis on the areas of a security vulnerability in the software.
Discussion 2. Research how a business in an organization could be affected because of a software failure, and provide your analysis on how to address it. This question asks you to analyze any impact in a business of an organization because of the software failure. An example could be the unavailability of an e-commerce website because of a bug in the software and it resulted in a loss of sales. You can cite any real example from an organization based on your research, or use a fictitious company.
Discussion 3. From your research, share one technical tool (either open-source and publicly available or a commercial product) that can be used to prevent the software failure. Investigate this tool and share your findings on its purpose, how it might be used. It is not expected for you to be an expert but this gives you an opportunity to explore a tool. For your own interest, you may consider downloading the tool of your choice and explore it further.