Academic Master

Technology

Cybersecurity Processes & Technologies Assignment

Part (a)

1 a) Create a system restore point for a Windows 10 system. To create a restore point in windows is first your launch the Cortana and say open control panel after which the control panel opens and select Recovery in the next screen select Configure System Restore next turn the system restore Utility on and everything is set click OK and the system restore will be created.

b) Use a specific system restore point to roll-back changes made to a Windows 10 system. Open Cortana and search for Create a restore point on the next screen click on System Properties

Click on Next button, then select the most recent known working restore point this helps to fix the problem. The click on the Scan for affected programs button click close and then click Next and finish button and the computer will be restored to its state before the occurrence of the event.

c) Delete system restore points from a Windows 10 system restore points are stored in protected hidden OS to delete restore points. Search for control panel and open the control panel, click on the Recovery icon and click on Configure System Restore then on the next screen click on system Protection from the protection setting select a drive to delete all restore points and click on configure button and click on delete button and click on continue button to confirm then close when finishing the restore points will be deleted from the computer.

2. a) incidence response. First, the resources needed are defined and a plan for the response- before the occurrence highlight framework to respond to the incidence. Stop anything from being further removed.in case of hacking of e website is to prevent further hacking by blocking communication channels like internet access to prevent further data access or data loss.

What has happened after the hacking or the incidence-identify what has been done or changed or the data that has been stolen? Use system logs to identify what has happened. This can be achieved by running internet connectivity monitors. After which is to identify the consequence of the data that has gone public that is data that has gone to competitor domain in business. Rebuild, backup and recovery- depending on what happened to the system or website, Get to know what was unauthorized accessed and fix the vulnerable points to prevent any occurrence from happening again and resetting system passwords. Using the backup and the rebuilt system, use recovery tools to recover the system to normal. Windows registry is a database where all settings and operating systems are stored and components of the OS programmed to use the OS. In occurrence, in the window, a key is added to the windows registry. To back up the windows registry go to the start and search for regedit.exe and click on the registry key to backup select File and then Export and save the backup.

b) Blocking network request -minimizing administrator privileges this limits execution of content that requires registry modifications this prevent system configuration change from unauthorized changes. Also, use of monitor mode which provides logs of changes executed

Ensure the files that have been accessed are in good version, creation and modification date. Monitor the changes made by the unauthorized access and reconcile changes. Focuses on the priority and take alerts before more damages are done to the file.

c) In windows 10 go to start> setting > update and Security >recovery click get started and then click on reset this PC. On the next screen click on keep my files and choose the files to remove and confirm your action.

d) Cleaning of the control panel using the windows registry you can remove the installed app and changes that are HKEY_LOCAL_MACHINE\SOFTWARE\windows\currentVersion\uninstall identify the applications to remove and delete by deleting its key.

Part 2

Use of local group policy in Windows 10 to prevent automatic update: use the windows key +R and type gpedit.msc and browse to windows update, right click to configure automatic update, enable the policy and choose auto download and notify for install click on apply and ok to complete. Planning of the incident where you assess threat detection and conduct cyber hunting practice. After preparation monitor event occurrence to detect any and alert. After analysis of the event, coordinate shutdown of the device.rebuild the OS and change the passwords for all accounts. After the rebuild complete the documentation and update intelligence threats and create preventive measures to prevent future incidents. The following are notes, warning and restrictions to put in place: turn of compatibility view, turn off the windows defender and other Microsoft networks turn off automatic download and installation of applications and do not allow automatic update location. Turn off all automatic update of Microsoft features and specify Microsoft intranet update service location. Turn off the download of ActiveX version list automatically. For tailored experience do not use diagnostic data and enable NTP client

Also, protect clipboard and what is copied in it, ensure browsing protection through input spoofing and also by protecting messages from queueing.

Reference

https://www.nist.gov/programs-projects/cybersecurity-framework

http://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructurecybersecurity

https://www.federalregister.gov/articles/2013/02/26/2013-04413/developing-a-framework-to-improvecritical-infrastructure-cybersecurity

http://csrc.nist.gov/cyberframework/rfi_comments.html

http://csrc.nist.gov/cyberframework/nist-initial-analysis-of-rfi-responses.pdf http://www.nist.gov/itl/csd/cybersecurity-framework-workshop.cfm http://www.nist.gov/itl/csd/cybersecurity-framework-workshop-may-29-31-2013.cfm http://www.nist.gov/itl/upload/draft_outline_preliminary_framework_standards.pdf http://www.nist.gov/itl/csd/3rd-cybersecurity-framework-workshop-july-10-12-2013-san-diego-ca.cfm http://www.nist.gov/itl/upload/draft_framework_core.pdf

SEARCH

Top-right-side-AD-min
WHY US?

Calculate Your Order




Standard price

$310

SAVE ON YOUR FIRST ORDER!

$263.5

YOU MAY ALSO LIKE

Pop-up Message