Questions and Topics We Can Help You To Answer:
Paper Instructions:

Can you identify any concepts which are culturally based that have affected how your nation views cyberspace issues – either domestically or internationally? (i.e.  privacy, surveillance, intellectual property)  What are they?

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Does your country have a Ministry of Information or a Ministry of Information Technology?  What departments or ministries are involved in making information technology policy in your country, and how does the decision to devolve power to this set of institutions affect the decisions that get made?

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Does your country play a role in regional or international governance?  IS it generally supportive or not supportive of international governance institutions?  The development of norms?

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Does your nation claim sovereignty in cyberspace?  Does it regard the internet as its territory?  What powers does it claim in Cyberspace – the power to control the flow of information, to regulate speech on the internet, to have an internet kill switch?  Has it ever shut down the internet in your country?  When and under what circumstances?

Questions and Topics We Can Help You To Answer:
Paper Instructions:

What are some key terms that have been defined by your nation – including cybersecurity, cyberterrorism, critical infrastructure.  How does your nation’s definition of these terms differ from that of other members of the international community, if it does?  

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Does your nation ‘buy into’ the generally accepted understandings regarding the applicability of international law to cyberspace?  In what ways, does it accept or reject these understandings?  

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Network Controls and Monitoring

Your company has noticed a substantial decline in productivity over the past months and wants to find out why. The CEO has asked you about network controls and monitoring that they might use within the company. Begin by researching the laws both nationally and in your state regarding employers and network monitoring. Next, suggest some devices and/or software the company might employ to help keep employees on task or, in the alternative, to identify when they are not. Finally, explain how you would implement the plan.

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Briefly describe the two general types of honeypots. Explain how honeypots are used with an organization to help address computer security concerns. Include two required references at the end of the paper. Include in-text formatting of the references. References are in correct APA format. Paragraphs are used throughout the paper. Two page essay, double line spacing, times new Roman 12 pt. font. Include the keywords in the paper.

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Implementation of the Chosen Solution
a. On-premise implementation or hosted
b. System changeover - four changeover options (direct cutover, parallel operation, pilot operation, and phased operation)
c. Discuss and justify the chosen options
d. Recommendation of user documentation, and justify reasons
e. Short discussion of the post-implementation evaluation criteria

Questions and Topics We Can Help You To Answer:
Paper Instructions:

This assessment is designed to enable students to demonstrate their knowledge of the dark web and how to deconstruct it – what it is, how it has emerged, what fuels the rhetorics? Students must evaluate the main debates with regards to the constructions and representations of the dark web, evaluate the academic research studies that relate to the dark web, and examine and discuss the theoretical perspectives that relate to the study of cybercrime and the dark web. Students must demonstrate that they understand the issues and are able to inform them with their knowledge from core academic literature, via a coherent logical narrative throughout the essay.

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Screening/security in Ghana, Schipol Airport, Amsterdam

Questions and Topics We Can Help You To Answer:
Paper Instructions:

Congratulations on recently passing your Certified Ethical Hacker Exam. You have been contracted to perform a LIMITED penetration test on Security Target Incorporated′s network. Security Target Inc. wants you to remotely access a system on their network to simulate an attacker who has already completed part of the Attacker Methodology and gained entry to the network. Your assignment is to discover FTP servers on the network, document your findings, and make recommendations based on any vulnerabilities you find. Security Target, Inc. has recently grown to offer their services online. They have added a web server allowing for web developers to update the website design and application code on an FTP server. Security Target, Inc. realizes that putting this proprietary information on the internet can represent a security risk. They have decided to hire you to assess their FTP server for weaknesses. You have been hired to assess whether their FTP server and service is secure. The target is ftp.cit40600-test.com. You should NOT assess services other than FTP. Remember from the lecture which port FTP listens on. Use nmap to scan that port and only that port (remember, your contract says that you should only test FTP). Scan FTP on the server. You will find information telling you that the port associated with FTP is open. Perform an Aggressive scan against ONLY the FTP port. An example of a command which will work for this purpose with some modification for this exercise: nmap -p FTPPORT TARGET The above command will scan just FTP on the server, nmap -p FTPPORT TARGET The above command will scan FTP aggressively giving you a bit more information about the service as well as the server OS and other information. You must scan the target (detailed below) only on the FTP port. Do NOT run an aggressive scan on the fully qualified domain name without supplying the ″-p″ and port number of FTP. Scanning a particular port on a server was demonstrated in the FTP recorded demo in Module 4. For this lab, you should only use nmap, and an FTP client to exploit the insecure configuration of the FTP server. Do NOT use metasploit or other tools to take advantage of the server. An example of an FTP client would be one which you used when taking the CIT212 class something like WinSCP (winscp.net), FileZilla (filezilla-project.org). You should find the following on the target ftp.cit40600-test.com: You should find that there is an FTP service running. You should find using nmap that the FTP server allows for anonymous login. Anonymous login allows anyone who can see the IP address to be able to login to view the data chosen by the organization to allow FTP access to. Some things to remember: FTP is a plaintext protocol which does not encrypt any of the data which you send to the server, or the server sends to you! Is this a concern for the client? There are fixes to FTP which were discussed previously in the lectures which encrypt the data between the client and the server, but it they don′t protect the data on the server from outside access. There must be some other controls implemented on the server. Research ways to protect data on the server specifically relating to anonymous login FTP servers. Usually this means that you enable authentication. Anonymous means that there is no authentication. Document all of the files which you find on the FTP server, there will be several. You can download the files. You will not be able to see all of the files directly from the FTP client which you use. You will be using an FTP client only to access the files on the FTP server. In your report document the following: 1. A screenshot showing the username that nmap used to login to the FTP server when using the ″-A″ flag for the Aggressive scan. 2. A screenshot showing the client count at session startup. This shows you how many users were connected when you ran the nmap scan. 3. Give all of the scan results shown between PORT STATE SERVICE VERSION and STAT (Give me all of the text information printed here). The details of this will show you some of the insecurities built-in to network services. Especially when authentication is not implemented. 4. A screenshot showing the operating system and version running on the server. You will be required to submit a formal lab report including screenshots of you completing the lab. More screenshots than the ones specifically highlighted above will help you to write the report. Your formal lab report should follow the approved lab format here (Approved Lab Format.docxPreview the document). In each section, you will be graded on: The quality of the desсrіption in the report Your ability to illustrate points using screenshots and interweave the knowledge that you′ve gained up to this point in the course (i.e. you will need to incorporate desсrіptions of the Attacker Methodology and demonstrate the use of terminology learned in class) Your ability to describe the events from the perspective of the attacker (using the Attacker Methodology) You will be expected to discuss about what you were asked to do in the contract, what methods you used to perform the penetration test, and relate this to the Attacker Methodology. You will also make recommendations in the conclusions section to mitigate the risks represented by the vulnerabilities you found, as well as those which you exploited.