7-1 Final Project: CyberLeet Training ManualInstructionsBased on the feedback provided in the first two milestones, revise Sections One through Three and complete Section Four to finish your training

Cyber fleet technology is a company that provides cybersecurity services to the sole proprietorship firm. The firm is fully committed to protecting small firm IT system in order to ensure the firms operate seamlessly. The company provides value to small firms because it helps the firm avoid incurring cost related to adopting internal IT departments or worry about IT maintenance. Due the technological development and risk in cybercrime, more organization are focusing on how they can protect their IT system in order to protect customer data, employee’s information, and firm assets from cyber threat. Cyber leet came in play to seal that gap by proving reliable cyber security services. The cybersecurity issues may have a huge impact on the company as it may lead to loss of important resource for example finance, loss of reputation due to data breach, loss of important time while there are major errors in the system caused by outsider to block users from accessing the system which may result to major business disruption making firm make loses per the time the site was not available.

The role of information security Analysts is to monitor the company computer network in order to combat hackers and compile reports of a security breach. The specific roles include creating, testing and implementing network disaster recovery plans, performing risk assessments and testing of the data processing system, installing a firewall, data encryption and other security measures. The cybersecurity specialist will also train staffs on network and information procedure and recommend security enhancements and purchase. The automate goal once assigned the task to ensure the company IT system are secured

This manual will provide a guideline for training new employee about security awareness. The security analysts will apply the guidelines and principles outlined in this manual such as confidentiality, integrity, and availability that will guarantee a secure system. The organization policies and mitigation policies will guide staffs on what to do to avoid a security breach. If the company fails to appropriately apply their training and provide high-quality services to the client to business, the company IT system will be vulnerable to cyber threat arising internally for example when an employee opens an email that contains a virus, share a password with other staff hence compromising the IT system security of the company. The hacker may try to access company data or steal some private information through that.

Confidentiality is a security principle that control access to information. Its main purpose is to ensure the wrong people cannot gain access to the sensitive information in the company and while on other it provides access to those authorized. The access to information should always be authorized to those who are authorized to view the information. For example, there must be a proper training done to employees on sharing sensitive data as well as familiarizing the authorized users with key security risk factors as well as teaching the staffs on to guard applicable data assets. The training majorly focuses on training staffs on password best practice. The password should be protected and change occasionally and not to be store as reminder password in the computer system because someone can guess and be able to access the system where they are not authorized

The integrity as a core component of cybersecurity assures the sensitive data is trustworthy and accurate. The data which is accurate and that is reliable to the organization should be maintained over its life cycle and sensitive data should not be altered in transit. There should be a proper security control on file access and those who are allowed to access. In the file management, therefore, should be version control that prevents unintentional changes and deletion form authorized. There should be measures that help in protecting data changes through a non-human caused event for an example server crash. The organization loses important file due to unintentional file deleted or files that are deleted intentionally but with the right mechanism in place, it will help protect data integrity and reliability.

Availability as a key core tenet of cybersecurity provides a guarantee for reliability and constants access to the company sensitive data by authorized people. The software's and hardware's should be well maintained to ensure there is the reliability of the data. The disaster recovery plan should be adopted that will provide a recovery plan and provide guidelines that might be employed against interruption and data loss. Companies' faces issued such as a denial of service DOS attack and network intrusion because of lack of proper software that will prevent such issues.

The three information security principles include confidentiality, integrity, and availability of information.

• The confidentiality principle focuses on controlling access to information by ensuring the wrong people cannot access to the sensitive information in the company while others can access information if authorized. The access should be protected using strong password right policies followed to prevent unauthorized access.

• The integrity principle ensures the sensitive data is trustworthy and accurate and through password policies, there would be proper security control on file access and those allowed to access hence ensuring sensitive data is not altered in transit.

• The availability information principle guarantees for reliability and constant access to the company sensitive data by authorized people. This requires appropriate password management system to ensure an authorized individual can have access to the information by being updated on when the password will expire.

• The length of password should have a minimum of 10 characters which include uppercase (Capital Letters), Number: 1, 2, 3...9 and special characters such as _, -. +, =, @, %, *, &,”, :, ., .This method will help avoid cracker to guess the password.

• The time to rest the password should be at least a year because changing password frequently will only encourage noting down the password or choosing an easy password.

• The system administrator policies include locking the account for a few minutes after several attempts failed login attempt, practice measure shall be put in place to login successfully and failed login attempt. For example, requesting for new password through emails to change for failed login and Minimum of characters followed should be 10 including upper case, non-numeric characters and numbers.

• The regular users will require 4 attempts before the account can lock and the same approach of recovering login information is used and no re-use of the first two numbers.

• The confidentiality principle focuses on controlling access to information by ensuring the wrong people cannot access to the sensitive information in the company while others can access information if authorized. The acceptable policies should be used to control authorized users’ entry to the computing system.

• The integrity principle ensures the sensitive data is trustworthy and accurate through protecting the information from virus or alteration.

• The availability information principle guarantees for reliability and constant access to the company sensitive data by authorized people. The acceptable policies should be applied to make it possible for users to access the data, application, utilities.

• The users are allowed to encrypt their laptop that might contain confidential information, for example, current antivirus software's, updates to date system patches and screen saver password. This will help in protecting the computers from unauthorized access and it is usually allowed when the departments or the computing system contain important data.

• The user is prohibited from their computing and network to access prohibited sites that might lead to a phishing email, that might give access to other users and sharing password with other users or allowed someone to login to your computers and opening emails attachment which is not familiar. This method will help avoid issues of a hacker gaining access to the computer system; protect critical data in the system from loss or manipulation.

• The user can be trained on the usage of the computing system and through users’ policies shared to each user. The reason of sharing this information is in order to make the users aware of the security issues that might arise when each policy is not adhered to for example opening strange emails might contain malware which exposes the computer to security threats. The organization can keep track of these policies through checking how the staffs use the computers through interview and through connecting computer to a central computer system where the administrator can know when and which site the users visited and their intention.

The information security principle includes confidentiality, integrity use, and availability tenets

• The confidentiality principle focuses on controlling access to information by ensuring the wrong people cannot access to the sensitive information in the company while others can access information if authorized. The staffs should be trained on the right use of the system to avoid gaining access to unauthorized users.

• The integrity principle ensures the sensitive data is trustworthy and accurate through training staffs on how to use the system in order to avoid alteration of key information making the information unreliable.

• The availability information principle guarantees for reliability and constant access to the company sensitive data by authorized people. The training policies should be applied to make it possible for users to access the data, application, utilities and to avoid denial for access in the company system.

• Those will be trained are those who use the computer system and those relating to the organization, for example, the security personnel should be trained on how to use biometric doors in order to allow those authorized to gain access. The staffs should be trained on networking and computing system policies and how to protect the computers and the administrators is trained system on maintenance and how to ensure they can restore the system to normalcy in case of attack.

• The frequency of the training depends on the system upgrade and the introduction of a new computing system or training of new staffs. This factor will determine how frequently training is conducted.

• Depending on staff’s specific roles and nature of their duties some staffs may require additional training. For example, the training for system administrator should not be the same as other staffs and those with more managerial powers. This allows managers to give authority to when and how systems are used so long as they have more skills than other staffs.

The information security principle on basic user policies include confidentiality, integrity use, and availability tenets

• The confidentiality principle focuses on controlling access to information by ensuring the wrong people cannot access to the sensitive information in the company while others can access information if authorized. The basic user policies help allow an authorized individual in the company.

• The integrity principle ensures the sensitive data is trustworthy and accurate through basic user policies to protect physical access in order to avoid alteration of key information making the information unreliable.

• The availability information principle guarantees for reliability and constant access to the company sensitive data by authorized people.

• The user should display identification when the access the company premises especially when accessing certain machine or server in order to authenticate if the staffs are truly allowed to access the computer system or server.

• The physical access that might be allowed without company ID or with include printer. This is because the printer serves all staffs and it will not be possible to put password even though it can be encrypted. The automatic access allows the staffs to do their work effectively and serve customers much better.

• The employees with identification are allowed to access the company when they show their identification which proves they have rights to access the company premises so long as the identification gives automatic access to all areas for example if the company identification is for senior executive can have access to all offices of all juniors and staffs without limitations.

• The employees can be allowed to bring work home when the job needs the following day and the working policies allow for that. The guesses are allowed when they are given authority to check the company system or to access how employees work in order to implement working condition standards to be followed.

Prompt: In the last month, two break-ins have occurred at a client’s office, which resulted in the theft of employee laptops during both incidents. The first incident occurred in the evening when the thieves broke through a ground-floor window. The second incident occurred during the day when the thieves walked right into the business area and removed two laptops. What physical and technical controls would be helpful to address the issue and prevent this type of vulnerability in the future? Compare and contrast the different methods that could be used to mitigate the given threat.

Prompt: Recently, one of your client’s staff has been inundated with phishing emails that are targeted at individuals and related to current business opportunities for the company. These messages are linked to malware and sent by known threat actors. What physical and technical controls would be helpful to address the issue and prevent this type of vulnerability in the future? Compare and contrast the different methods that could be used to mitigate the given threat.

Prompt: Create your own illustrative scenario of a common threat that an information security analyst may face. Explain what physical and technical controls would be helpful to address your chosen issue and prevent that type of vulnerability in the future and compare and contrast the different methods that could be used to mitigate the given threat.

Bashy, F. (Feb 02, 2018).Cybersecurity. Retrieved from https://www.difenda.com/blog/what-is-the-cia-triangle-and-why-is-it-important-for-cybersecurity-management

Smith, A. D. (2004). Cybercriminal impacts on online business and consumer confidence. Online Information Review, 28(3), 224-234.

SANS. (October, 2017). Password Protection Policy. Sans.org.com: Retrieved from https://www.sans.org/security-resources/policies/general/pdf/password-protection-policy

SANS Policy Team. (June. 2014). Acceptable Use Policy. www.sans.org.com: Retrieved from https://www.sans.org/security-resources/policies/general/pdf/acceptable-use-policy