Breach Analysis Simulation One
Overview
In cybersecurity, data protection should be the first priority. There are two basic concepts: data at rest and data in transit. Each
version of data is protected slightly differently. It may be sufficient to protect data at rest with some type of encryption that is
difficult to crack over a long period of time, while the data in transit needs to be protected only until it gets past the entity that is
trying to decipher it. In either case, it is important to know what to do when a breach or incident occurs. Having a strong computer
incident response team (CIRT) is a valuable resource for any company. The premise behind incident response is: What is the shortest
amount of time it can take to restore the system to a safe state? The shortest amount of time might not be the most cost-effective;
therefore, the company must prioritize its actions and make sure that in trying to fix the cyber incident it doesn’t cause the company
more harm. There are many vulnerabilities that the CIRT needs to be ready for, so having a well-practiced and itemized incident
response plan is important for the company’s well-being. Having the proper resources, whether they are personnel or information
technology related, can play a role in how fast the company recovers from the incident. Being prepared for the worst possible cases;
having a strong understanding of the influences of the confidentiality, integrity, and availability (CIA) triad; and knowing how the
company will react to those situations could mean the difference between company survival and company closure. Having the
proper CIRT is about having the right people for the job. This does not mean that all of senior management needs to be on the CIRT.
This does mean that the company must figure out what the proper makeup of the team should be. The team members must be
good at what they do because they have to be sure that the decisions they make are in the best interests of the company.
Prompt
After reviewing Breach Analysis Simulation Scenario One, address the critical elements below:
I. Reflection on CIA and Data Protection
A. Select a tenet of the CIA triad and explain how the principle applies to the scenario. Justify your response with
details or examples from the scenario.
B. Explain the issues with Secure Sockets Layer (SSL) that facilitated its deprecation and how Transport Layer
Security (TLS) remedies those issues.
1
II. Incident Response Plan
A. In small organizations, there typically isn’t a large membership to form the CIRT. Explain how organizations with a
small IT department assure that the CIRT is prepared to handle all possible situations.
CYB 250 Short Response Rubric
Guidelines for Submission: Your submission should be one to two pages in length. Use double spacing, 12-point Times New Roman
font, and one-inch margins. All sources must be cited using APA format. Use a file name that includes the course code, the
assignment title, and your name—for example, CYB_123_Assignment_Firstname_Lastname.docx.
Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value
Reflection on CIA
and Data Protection:
Tenet of CIA Triad
Meets “Proficient” criteria
and addresses critical
element in an exceptionally
clear, insightful,
sophisticated, or creative
manner
Selects a tenet of the CIA
triad and explains how the
principle applies to the
scenario, including details
or examples from the
scenario
Addresses “Proficient” criteria, but
there are gaps in clarity, logic, or
detail
Does not address
critical element, or
response is irrelevant
30
Reflection on CIA
and Data Protection:
Issues with SSL
Meets “Proficient” criteria
and addresses critical
element in an exceptionally
clear, insightful,
sophisticated, or creative
manner
Explains the issues with SSL
that facilitated its
deprecation and how TLS
remedies those issues
Addresses “Proficient” criteria, but
there are gaps in clarity, logic, or
detail
Does not address
critical element, or
response is irrelevant
30
Incident Response
Plan:
Form the CIRT
Meets “Proficient” criteria
and addresses critical
element in an exceptionally
clear, insightful,
sophisticated, or creative
manner
Explains how organizations
with a small IT department
assure that the CIRT is
prepared to handle all
possible situations
Addresses “Proficient” criteria, but
there are gaps in clarity, logic, or
detail
Does not address
critical element, or
response is irrelevant
30
Articulation of
Response
Submission is free of errors
related to citations,
grammar, spelling, and
organization and is
presented in a professional
and easy-to-read format
Submission has no major
errors related to citations,
grammar, spelling, or
organization
Submission has some errors
related to citations, grammar,
spelling, or organization that
negatively impact readability and
articulation of main ideas
Submission has critical
errors related to
citations, grammar,
spelling, or organization
that prevent
understanding of ideas
10
Total 100%
2
0 comments