Software Deveolpment Matrix and an Business Continuity Plan (BCP) that addresses the mission needs and systems for recovery of the whole enterprise after a cyberattack event.
Requirements: 9pages
Business Continuity Plan
To help ease the concerns of the CISO and other executive officials tied into cyber operations, the chief technology officer (CTO) is asking for processes and procedures regarding exposed systems. You created a security baseline of your nation team's (AUSTRALIA) systems in Project 1, and that is a necessary part of determining mission priorities and identifying critical systems in the event of a cyber incident. You've also completed several steps that will provide an assessment of the software life cycle and development, including a development matrix.
Now you will create an 8 – to 10-page Business Continuity Plan (BCP) that addresses the mission needs and systems for recovery of the whole enterprise after a cyberattack event. This BCP will be used to help the CISO identify current systems and timelines that will be used to bring systems back online and the sequence of events that occur during deployment of the plan. Make sure that all citations are in proper APA format.
Refer to the following documents to assist you in creating the final portion of the BCP:
· Your team's security baseline from Project 1
· Contingency Planning Guide for Federal Information Systems for examples of what to include in your BCP
· Best Practices for Creating a BCP
Consider and include the following as you develop your BCP:
· The BCP should include the software development life cycle assessment and the software development matrix you completed in prior steps.
· The BCP should describe the normal operation standards, practices, and procedures for operating systems, including critical systems. Develop standard operating procedures based on what the team identifies as the most critical to least critical to continue business operations. Included in the standard operating procedures and best security engineering practices should be operating system fundamentals, operating system security, management of patches, and operating system protections.
· All partner nations at the summit have maintained that there will possibly be the use of an ad hoc wireless network. The nations' CISOs will have to determine differences between rogue and authorized access points with consideration to authorized service set identifiers (SSID). These considerations will have to be included in the BCP.
· Limit the scope to communications systems.
· The BCP should be tailored to recover from a ransomware attack. Include leadership decision-making options for payouts in such currencies as Bitcoin, which uses blockchain technology. Based on the recent outbreaks of ransomware attacks, identify key components of the given topology and describe how a ransomware incident would be contained or identified if an event occurred inside the given topology. What are the network security threats for a ransomware attack? Include these vectors as scenarios in the BCP and address remediation paths.
· The BCP should also include an incident response plan, IR response flow for DDoS, malware, insider threats—in case of a need to execute the plan, documentation will be used for identified parties to follow to ensure proper communication channels and flow of information/triggers are understood so breakdown does not occur.
,
Develop Software Development Matrix Template
Now that you have completed an assessment of the software development life cycle, you will research open source, commercial, and internally developed software methodologies available to the organization to fulfill future software assurance needs and expectations. You will use this information to develop your one-page Software Development Matrix, a component of the BCP.
Using this software development matrix template, develop and submit a matrix that compares and contrasts open-source, commercial, and internally developed software development methodologies. Evaluate each alternative to help inform your final recommendation. Consider cost, software assurance needs and expectations, software assurance objectives, and the merits of a software assurance coding and development plan. This matrix will provide options to be considered for evaluation of maintenance in the next step and will also be used in your final project briefing, with a look at improving the process for the future. Commit to accurate and complete findings for a fully accountable final project briefing.
In addition to the BCP, the matrix will be included in the cyber operations and risk management briefing, which you develop later in the project. At this point, you should have several of the components of the BCP to submit in the next step of the project.
,
Software Development Matrix
|
Software Development Methodology |
Pros and Cons |
Software Assurance Concerns |
|
Waterfall Model |
Pros: Cons: |
|
|
Prototype Model |
Pros: Cons: |
. |
|
Agile Software Development |
Pros: Cons: |
. |
|
Rapid Application Development |
Pros Cons: |
|
|
Dynamic Systems Development |
Pros: Cons: |
|
|
Spiral Model |
Pros: . Cons |
|
|
Extreme Programming |
Pros: Cons: |
|
|
Feature-Driven Development |
Pros: Cons: |
|
|
Joint Application Development |
Pros: Cons: |
|
|
Lean Development |
Pros: Cons: |
|
|
Rational Unified Process |
Pros: Cons: |
|
|
Scrum Development |
Pros: Cons: |
,
SECURITY BASELINE REPORT 1
Security Baseline Report
Table of Contents
Attribution Report 3 Network Security Checklist 7 System Security Risk Vulnerability R 13 Security Baseline 20 Network Forensics Considerations 28 Appendix A 32 References 33
Attribution Report
Nation-states have had different alliances and corporations in information and intelligence sharing over the years. One such alliance that has effectively existed is the Five Eyes (FVEY) Alliance, through which the United States, United Kingdom, Australia, Canada, and New Zealand collect, analyze, and share signal intelligence and, at the same time, not acting as an adversary to each other (Mansfield, 2017). Under this agreement, intelligence is gathered about specific individuals and groups and stored in the FVEY database to protect communication networks and prevent exploitations in member countries from foreign and domestic sources.
From an Australian Perspective, different Acts, Statutes, and policies by the federal government have been passed to ensure telecommunications, network, and information security. Among these are the Australian Privacy Act of 1988, the Telecommunications Act of 1997, the Intelligence Services Act of 2001, and the Data Retention Act of 2015 (Australian Government Federal Register of Legislation, 2015)
Bad actors, from domestic to nation states, consistently try to infiltrate into information systems of economies for different motives. It beholds any state to be on the alert about attackers constantly. As a result, the host of the FVEY summit has provided the IP addresses of potential attackers to member countries to avert any attacks that may come from these sources. Team Australia has investigated these IP addresses and established the sources, owners, and other relevant information to make better decisions on the network infrastructure the Australian Team will create.
The IP addresses given to the Australian Team are found below:
|
7.26.42.136 |
222.215.134.15 |
|
190.142.94.44 |
85.209.52.248 |
|
113.245.133.236 |
174.73.217.102 |
|
17.158.163.43 |
161.234.248.208 |
|
82.196.6.46 |
16.106.9.38 |
|
207.88.46.144 |
209.183.236.40 |
|
46.3.152.107 |
203.96.22.39 |
Team Australia has determined that the significant threat actors operate from Venezuela, China, the US, the Netherlands, Russia, Germany, and New Zealand. To gather thorough and accurate information about the IP addresses, our Team used tools such as ip2nation, Alien Vault, NordVPN IP Address Lookup, and GeoTEK IP Checker. The following information was gathered from analyzing the IP addresses:
|
IP Address |
Location |
Name/Owner |
Other Information |
|
7.26.42.136 |
United States |
DoD Network Information Center |
3990 E. Broad Street Columbus, OH- 43218 |
|
190.142.94.44 |
Venezuela |
Corporacion Telemic C.A. |
Av. Los Leones con Av. Caroni, 25133, Centro Empresarial Caracas, Piso 1 |
|
113.245.133.236 |
China |
Chinanet Hunan Province Network |
No.31, Jingrong street, Beijing, 100032 |
|
17.158.163.43 |
United States |
Apple – WWNET |
20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino, CA. 95014 |
|
82.196.6.46 |
Netherlands |
Digital Ocean LLC |
101 Ave of the Americas, 2nd Floor New York, NY, 10013 |
|
207.88.46.144 |
United States |
MCI Communication/ Verizon |
22001 Loudoun County Pkwy Ashburn |
|
46.3.152.107 |
Russia |
Dom Tehniki Ltd |
Nizhegorodskaya street 11 – 66 109029, Moscow |
|
222.215.134.15 |
China |
Chinanet Sichuan Province Network |
A12, Xin-Jie-Kou-Wai Street Beijing 100088, CN |
|
85.209.52.248 |
Germany |
Georg Kroeber |
Egerstrasse 2 65205 Wiesbaden |
|
174.73.217.102 |
United States |
Cox Communication |
1400 Lake Hearn Dr. Atlanta, GA |
|
161.234.248.208 |
Venezuela |
Telephonica Venezolana |
Rambla Republica de Mexico 6125 Montevideo 11400, UY |
|
16.106.9.38 |
United States |
Hewlett Packard |
3000 Hanover Street Palo Alto, CA |
|
209.183.236.40 |
United States |
Atlantech Online |
1010 Wayne Ave. Suite 630 Silver Spring, MD |
|
203.96.22.39 |
New Zealand |
ACTRIX Networks |
Actrix Networks PO Box 11-410 Wellington |
Network Security Checklist
A network's security enables a safe and productive work environment by preventing unauthorized access to sensitive data and other information security threats. Therefore, network infrastructure should be secure to ensure information confidentiality, integrity, and availability to the appropriate individuals for the intended purpose. Moreover, network security risks continuously evolve and pose a persistent threat to vital information resources. For instance, deploying wireless network devices without encryption protection measures could render a network infrastructure susceptible to attacks. According to Best 2021, security risks are associated with network-connected devices and applications, providing attackers the opportunity to steal sensitive data; however, a robust cybersecurity practice, such as a network security checklist, can protect the network from cyber-attacks. Consequently, a network security checklist is intended to evaluate the security and stability of an organization's network security best practices by identifying and verifying the potential threats associated with the network and ensuring that cyberattacks related to those threats are mitigated.
|
Firewall |
Yes |
In Progress |
No |
N/A |
|
The organization should have a firewall or equivalents to prevent unwanted access to its internal network and devices. |
||||
|
The default password on the firewall device should be changed to a strong alternative password. |
||||
|
Use stateful packet inspection on the firewall, preventing IP address spoofing and DOS attacks. |
||||
|
Ensure that all externally sourced IP addresses are not allowed inside the LAN but only to the DMZ. |
||||
|
Configure the firewall to block incoming access to unused ports. |
||||
|
Review the firewall policies for potential security risks periodically. |
||||
|
Make sure the firewall firmware and software are regularly updated. |
||||
|
IT Security Policy |
Yes |
In Progress |
No |
N/A |
|
A network-acceptable use policy that outlines the rules, rights, and obligations of all employees, contractors, and vendors requesting access to network resources |
||||
|
Conduct penetration testing for further vulnerability assessment. |
||||
|
Establish comprehensive onboarding and off-boarding procedure for all employees. |
|