Category: Cyber Security

Explain into detail the following discussion topics.
Discuss the significance of web application security controls, with a focus on HTTPS and web application firewalls (WAF). How does HTTPS enhance the security of web communications, and what are the benefits of implementing SSL/TLS certificates? Share examples of how HTTPS can protect sensitive data transmitted between users and web servers. Additionally, explore the role of web application firewalls in safeguarding web applications from common vulnerabilities and attacks, such as SQL injection and cross-site scripting (XSS).
Delve into the technical aspects of web application security controls, specifically HTTPS and web application firewalls (WAF). Discuss the complexities of implementing HTTPS across different web applications and servers, considering aspects like certificate management, perfect forward secrecy, and HTTP/2 support. Share insights into the challenges faced when securing legacy web applications with HTTPS and explore strategies for managing mixed-content issues. Furthermore, discuss advanced techniques for configuring WAF rules to detect and block sophisticated web application attacks, while avoiding false positives and performance impacts.

I hope this message finds you well. I require your assistance with Lab 2, which involves accessing the following website: www.infoseclearning.com.
For your convenience, I have provided the login details below:
Email: eng.mesfer2024@gmail.com
Password: ALwaked99%
Additionally, I have attached a friend’s Lab 2 as a reference. I would like to use the same format, especially in terms of image layout, as shown in the attached example. Please also include sections on “Risk” and “Remediation” in the table of contents. It is crucial to be cautious about copying and using AI tools, as the university has a plagiarism detection system.Thank you for your assistance

I want to writepoerpoin 10 slide for this topic Introduction to Networking
Fundamentals of Computer Security I will post it

Background
You work as a SOC analyst for a remote facility of a large corporate finance organization. An individual you support has just reported a problem with their system. Your task is to analyze the attack and collect as much information as you can to describe what type of attack occurred and identify the specific aspects of the attack that may be used to describe it. Use the techniques you learned from the previous lab assignment when reviewing both the attack as it took place and the analysis process that was used. First, review the following video and perform the exercise it asks of you. Make sure you take good notes, this will be helpful for the quiz portion of the assignment.

Now that you have reviewed the attack as it has taken place and the some of the analysis process used, answer the following questions about the attack and course of action required to perform the analysis of a specific threat.
Outcomes
Hope you found the above exercise interesting and informative. I hope you noticed that it acts as an introduction to another course you will be allowed to take in the future, Malware Analysis and Reverse Engineering. After completing this assignment, you should have a better feel for how analytics is performed, and the observations observed mapped to STIX objects we have been learning and the relationships between them. This should aid you when working on your final report. I also hope you noticed how virtualization was again used, this time to create a safe environment to run the “sample” malware that was used. Virtualization is a powerful tool for many of the analyst tools that are used within this environment. Additional tools used within the example were tools that allowed you to examine task and registry key entries. The combination of these tools plus forensic tools and of course a good Security Information Sharing tool are key to the analysis and reporting of incidents.
Flag question: Question 1Question 13 pts
The type of system used was which of the following?
Group of answer choicesDeveloper SystemPersonal System
Researcher System
Server System
Flag question: Question 2Question 23 pts
The Windows operating system used was a standard end-user licensed system.
Group of answer choicesTrueFalse
Flag question: Question 3Question 33 pts
What “OS Version:” of the operating system is used? Provide the version as listed in the desktop background page.
Flag question: Question 4Question 43 pts
What is the “Service Pack:” version used? Provide the version as listed in the desktop background page.
Flag question: Question 5Question 53 pts
What is the “User Name:” used on this system. Provide the name as listed in the desktop background page.
Flag question: Question 6Question 63 pts
What is the “Password:” used on this system? Provide the password as listed in the desktop background page.
Flag question: Question 7Question 73 pts
What is the “Host Name:” used on this system? Provide the Host Name as listed in the desktop background page.
Flag question: Question 8Question 83 pts
What is the slmgr command to extend the trial period for the version of the operating system we are using?
Flag question: Question 9Question 93 pts
Analyst use snapshots to allow them to go back to a known good state. Using the VMware Snapshot Manager, what is our current “start” location before we perform our analysis?
Flag question: Question 10Question 103 pts
What is the location, device and directory path, of the malware we are running?
Flag question: Question 11Question 113 pts
What is the filename of the malware that we will run? Only provide the filename and not the directory specification.
Flag question: Question 12Question 123 pts
What is the password commonly used to compress and encode malware so it can be shared without worry of being detected/deleted or invoked accidentally?
Flag question: Question 13Question 133 pts
What is the name of the tool used to monitor the malware to see what operations it is performing?
Flag question: Question 14Question 143 pts
What operation in the monitoring tool do we use to start recording all system activity. Provide the one word/feature used
Flag question: Question 15Question 153 pts
When we launch malware, what do we call this action? Provide the one word used to describe this operation.
Flag question: Question 16Question 163 pts
What standard system tool do we use to determine why the system is running slow? Provide the name of the tool as it appears in the application title bar.
Flag question: Question 17Question 173 pts
What is the name of the process that is taking up a majority of the CPU recourses?
Flag question: Question 18Question 184 pts
The malicious software creates/modifies which of the following:
Group of answer choicesNew FilesDesktop Background
Personal Files
Registry
System Files
Flag question: Question 19Question 193 pts
What is being asked of to “decrypt” our files? How much do we need to send, and in what denomination? Only enter the value amount in bitcoin.
Flag question: Question 20Question 203 pts
How many days before the payment will be raised?
Flag question: Question 21Question 213 pts
How many days before the files will be lost (destroyed).
Flag question: Question 22Question 225 pts
What is the bitcoin address the money needs to be sent to? You can enter the full address or use the abbreviation …, for eample:
123456…abcdef
NOTE: There are three “.” (Periods), separating each set of numbers.
Flag question: Question 23Question 233 pts
When using the monitoring tool, what two high-level attributes did we filter on?
Flag question: Question 24Question 244 pts
List 4 operations that were observed by the MysteryMalware process, use the “Operation” column and ignore any operations that include a “…”.
CreateFile CloseFile WriteFile RegOpenKey Process Create ProcessCreate QuerySecurityFile
Flag question: Question 25Question 255 pts
What is the name of the file/executable that is created and then invoked as a process? Provide just the filename.
Flag question: Question 26Question 263 pts
We did not find a reference to one of my files, “Bill”, this may mean we do not have all events logged from the MysteryMalware process.
Group of answer choicesTrueFalse
Flag question: Question 27Question 273 pts
A new registry key was created during this attack.
Group of answer choicesTrueFalse
Flag question: Question 28Question 283 pts
What version of the Wanna Decrypt0r is being used?
Flag question: Question 29Question 293 pts
What is the only file in the “Documents” directory that is not encrypted?
Flag question: Question 30Question 303 pts
What is the extension used on all the encrypted files?
Flag question: Question 31Question 314 pts
What VMware virtual image snapshot is used to restore the image to a “clean” state?

I want to solve the project in a way that depicts the screen and put a simple explanation on each part.
Please shoot the screen clearly

the professor asked us to create a library resource of about 1 to 2 articles for each topic
“You should have entries on the follwing topics:
Artifical Intelligence
Large Language Models
Mobile Devices/MDM/BYOD/Mobile policies
Cloud Storage and Computing
Working from Home
Internet of Things
Embedded Programming
Automation and Automotive
State Sponosered Hacking (Cyberwarfare)
Social Engineering” and I want you to write what I have learned from them in very short sentence

Follow HW6_Brar and complete all the necessary steps and provide all appropriate screenshots and answers. Use both files provided to you. Thanks!

I uploaded the guidelines and a sample. Our project talks about Walmart e-commerce you can continue based on the past 2 phases.
please be aware that telegram project is just a sample

There is a considerable amount of confusion in the industry regarding the differences between vulnerability scanning and penetration testing, as the two phrases are often used interchangeably. However, their meaning and implications are very different. A vulnerability assessment simply identifies and reports noted vulnerabilities, whereas a penetration test (Pen Test) attempts to exploit the vulnerabilities to determine whether unauthorized access or other malicious activity is possible.
Penetration testing typically includes network penetration testing and application security testing; it also includes controls and processes around the networks and applications and should occur from both outside the network trying to come in (external testing) and from inside the network.
Given this information, review the two links on how Kali Linux is often used in penetration testing, the tools it contains, and how it can assist a penetration tester to identify vulnerabilities in the network:
https://linuxhint.com/penetration_testing_kali_linux/
https://tools.kali.org/
Once you have done that, answer the following questions as though you were an internal or external penetration test firm assisting a Saudi company in strengthening their systems, framework, and network.
How does the penetration test differ from other types of security testing—such as a vulnerability assessment?
What is your process for performing the penetration test?
Discuss the process and tools that would be used.
How will you protect the data during and after testing?
How will you ensure the availability of the systems and services while the test is taking place?
These last two will be key. Unless you are performing the penetration test when their users are not active, it will be necessary to catalog how you will do this without disrupting business or destroying data.
Your paper is required to be 5 pages in length, not including the title and reference pages, and should cite at least one scholarly resource other than the course materials. It should follow Saudi Electronic University academic writing standards and APA style guidelines, as appropriate.
CT Rubric
with references

Class,
Physical Requirements: The physical location of the computer forensics lab is critical. It should be situated in a secure area with restricted access to authorized personnel only. This ensures that the integrity of the evidence is maintained and prevents unauthorized individuals from tampering with sensitive information. Adequate space is also crucial to accommodate workstations, storage for evidence, and specialized equipment required for forensic analysis. Environmental controls, such as temperature, humidity, and airflow, are essential to protect equipment and ensure the accuracy of forensic analysis. Additionally, the lab should have a reliable power supply, with backup generators or uninterruptible power supplies (UPS), to prevent data loss due to power outages. Fire suppression systems should also be in place to protect equipment and data from fire damage.
Technical Requirements: The computer forensics lab should be equipped with the necessary hardware and software tools for forensic analysis. This includes high-performance workstations with sufficient processing power, memory, and storage capacity. Network connectivity is essential for accessing and analyzing digital evidence. The lab should also have specialized forensic software for acquiring, analyzing, and documenting digital evidence. Additionally, the lab should have secure storage solutions, such as encrypted drives or secure servers, for storing sensitive information and evidence.
Legal Requirements: Compliance with legal requirements is paramount in a computer forensics lab. This includes adherence to chain of custody procedures to ensure the integrity of evidence. The lab should also comply with data protection regulations, such as the General Data Protection Regulation (GDPR) or the Health Insurance Portability and Accountability Act (HIPAA), depending on the nature of the data being processed. Additionally, the lab should have policies and procedures in place for obtaining and handling evidence in a manner that is admissible in court. Regular audits and compliance checks should be conducted to ensure that the lab is meeting all legal requirements.
Hardware and Software Tools: For hardware, I would recommend high-performance workstations with multicore processors, ample RAM (at least 16GB), and high-speed solid-state drives (SSDs) for fast data access. Network forensics tools, such as network packet capture devices or network intrusion detection systems (NIDS), would also be beneficial. For software, I would recommend a mix of open-source and commercial forensic tools. Open-source tools like Autopsy, The Sleuth Kit, and Volatility Framework are widely used and offer comprehensive forensic capabilities. Commercial tools such as EnCase Forensic, FTK (Forensic Toolkit), and Cellebrite UFED can provide additional advanced features and support. Additionally, tools for data encryption, password cracking, and file analysis would be essential for a comprehensive forensic lab setup.
Thank you,
Julian