1. Create a network infrastructure design communications document that includes identified hardware components, connections to outside world, identified physical layer connectivity (media) and addressing, including operational and security components in the design.
osi_model_explained.docx - Goes over the 7 layers of the OSI model and gives examples on how they are used.
basic_network_diagram_1_page_pager.docx - Goes over how a switch can connect to different hardware within an office setting (Printer, computers, etc). Also talks about the configuration of a switch to the outside world and how it interacts with it.
2. Install, configure and test security hardware and software tools with supporting documentation such as port scanners, vulnerability detection systems, intrusion detection systems, firewalls, system hardening, anti-virus tools, patch management, auditing and assessment.
final_unix.docx - Goes over all the implementation of the FREEBSD UNIX server we worked on all semester, finally ending with adding a GUI so that you can view what you are doing within the system and not run strictly through the UNIX file system (command line).
firewall_setup.docx - Goes over setting up and configuring the firewall that is used within the FREEBSD system.
3. Construct, implement and document a script or a program to automate a security-related process or other tasks such as installation, administration, management, mapping resources, logon scripts, patch management, updates, auditing, analysis and assessment.
simple_script_challenge.docx - Goes over a script that prompts you what function you want to use and will collect system and network configuration/information.
nmap_script.docx - Creates a script that will ask you to enter a starting range and ending range of ips, then will scan them and return the results.
4. Create a policy or procedure that addresses events such as: a disaster recovery plan, a business continuity plan, an incident response policy, an acceptable usage document, an information security policy, a physical security policy, assessments or troubleshooting procedures.
business_continuity_and_disaster_recovery.docx - BCDR document. Complete with risk analysis, emergency routes, insurance information, and important contact and procedures.
paper_defining_risk.docx - Acted as a security engineer within a company and provided an analysis on how to better improve the security of the company going over the different points of risk.
5. Develop a research report or implementation plan concerning legal and ethical best practices and mandated requirements that pertain to information security.
daubert_and_frye.docx - Going over the differences of the Daubert and Frye cases within legal and ethical practices, along with the pros and cons on why each standard was used or should be used.
security_frameworks.docx - Goes over the OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation) framwork. includes the weakness, strengths, methodology, implementation, and history.
6. Research, document, test and evaluate several current industry information security-based threats, risks, malicious activities, covert methodology, encryption technologies, mitigation techniques or unconventional tactics to prevent loss of sensitive information and data confidentiality, integrity and availability.
final_practical_exam.docx - Goes over pulling information from a threat actors machine and pulling hashes/evidence of their illegal activities.
assignment_vm_ware.docx - Goes over setting up a virtual machine (for safe use) then pulling all the information into Autopsy and running a report and findings on the machine.
osi_model_explained.docx - Goes over the 7 layers of the OSI model and gives examples on how they are used.
basic_network_diagram_1_page_pager.docx - Goes over how a switch can connect to different hardware within an office setting (Printer, computers, etc). Also talks about the configuration of a switch to the outside world and how it interacts with it.
2. Install, configure and test security hardware and software tools with supporting documentation such as port scanners, vulnerability detection systems, intrusion detection systems, firewalls, system hardening, anti-virus tools, patch management, auditing and assessment.
final_unix.docx - Goes over all the implementation of the FREEBSD UNIX server we worked on all semester, finally ending with adding a GUI so that you can view what you are doing within the system and not run strictly through the UNIX file system (command line).
firewall_setup.docx - Goes over setting up and configuring the firewall that is used within the FREEBSD system.
3. Construct, implement and document a script or a program to automate a security-related process or other tasks such as installation, administration, management, mapping resources, logon scripts, patch management, updates, auditing, analysis and assessment.
simple_script_challenge.docx - Goes over a script that prompts you what function you want to use and will collect system and network configuration/information.
nmap_script.docx - Creates a script that will ask you to enter a starting range and ending range of ips, then will scan them and return the results.
4. Create a policy or procedure that addresses events such as: a disaster recovery plan, a business continuity plan, an incident response policy, an acceptable usage document, an information security policy, a physical security policy, assessments or troubleshooting procedures.
business_continuity_and_disaster_recovery.docx - BCDR document. Complete with risk analysis, emergency routes, insurance information, and important contact and procedures.
paper_defining_risk.docx - Acted as a security engineer within a company and provided an analysis on how to better improve the security of the company going over the different points of risk.
5. Develop a research report or implementation plan concerning legal and ethical best practices and mandated requirements that pertain to information security.
daubert_and_frye.docx - Going over the differences of the Daubert and Frye cases within legal and ethical practices, along with the pros and cons on why each standard was used or should be used.
security_frameworks.docx - Goes over the OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation) framwork. includes the weakness, strengths, methodology, implementation, and history.
6. Research, document, test and evaluate several current industry information security-based threats, risks, malicious activities, covert methodology, encryption technologies, mitigation techniques or unconventional tactics to prevent loss of sensitive information and data confidentiality, integrity and availability.
final_practical_exam.docx - Goes over pulling information from a threat actors machine and pulling hashes/evidence of their illegal activities.
assignment_vm_ware.docx - Goes over setting up a virtual machine (for safe use) then pulling all the information into Autopsy and running a report and findings on the machine.