Project 1 Part A: Planning a Security Assessment

Unit 1 Assignment Directions: Project 1 Part A: Planning a Security Assessment
Task
To start this task for the City of Gotham, you will plan for a security assessment against a target environment. The target environment will be comprised of multiple virtual machines that are arranged on a virtual network with intentional vulnerabilities. Please note you will use Nessus and OpenVAS in Unit 2. Consider this information as you go about planning your project.

• Exercise 1
• Exercise 2
• Exercise 3
• Exercise 4
• Conclusion

Instructions
Hands-on Exercises

Exercise 3: Design a detailed plan for immersive and hands-on cybersecurity learning experiences.

In this third exercise, you will create a detailed plan for immersive and hands-on cybersecurity learning experiences.

1. Identify key areas of focus, such as incident detection and response, vulnerability assessment, secure network design, or secure coding practices.
2. Develop practical exercises, simulations, or virtual labs that allow the IT security team to apply cybersecurity concepts in a controlled environment.
3. Incorporate real-life scenarios and case studies to enhance the relevance and effectiveness of the learning experiences.
4. Establish appropriate metrics and evaluation criteria to measure the success and impact of the hands-on learning activities.

Exercise 4: Establish clear, measurable goals and blueprints for executing the applied cybersecurity project effectively.

In this fourth exercise, you will establish clear and measurable goals for the implementation of the Cybersecurity Operation Center, addressing the identified needs and aligning with best practices.

1. Define goals such as reducing the number of successful intrusions, enhancing incident response capabilities, improving network security, and ensuring regulatory compliance.
2. Review and select 3-7 main competencies that your project is achieving based on the goals you defined. Use the CTCH Cybersecurity Technology Competencies Master List. You should already be familiar with many of these competencies as your projects in previous courses were assessed against them. The SMART goals you develop for your project should be based on these competencies. These competencies are directly reflective of the CAE / KUs (Center for Academic Excellence / Knowledge Units), which is the national center for security administration for cyber-affiliated schools. Any future employer in cybersecurity will be familiar with this center and the knowledge units; therefore, aligning the correct competencies to your project is critical.
3. Develop a detailed execution plan, including timelines, milestones, and resource allocation to guide the implementation of the cybersecurity project.
4. Create blueprints for the deployment of security technologies, such as firewalls, intrusion detection systems, or security information and event management (SIEM) solutions.
5. Define roles and responsibilities for team members involved in the project and establish a communication and reporting framework to ensure effective coordination.
6. Add your plan in the Project Charter template, which will be included as an appendix in your Comprehensive Assessment and Proposal.

Conclusion

By addressing the exercises outlined in the previous section, you will organize a comprehensive applied project that embodies current best practices in cybersecurity. You will apply a deep understanding of cybersecurity concepts, ensure adherence to national standards, design immersive, hands-on learning experiences, and establish clear, measurable goals and blueprints for effectively executing the applied cybersecurity project. Through your expertise and guidance, the City of Gotham will be equipped with a solid Cybersecurity Operation Center, effectively protecting its assets and user data, ensuring compliance with government regulations, and restoring trust in its security capabilities.

Tutorial For Project 1 Part A: Planning a Security Assessment