This assignment will require you to submit a word document and a powerpoint slidedeck. For this assignment we will build the profile of the APT group identifying likely related personas victims infrastructure tools etc. using the Diamond model and then map the group’s tools techniques and procedures (TTPs) to the Lockheed Martin Cyber Kill Chain stages.this assignment has 2 parts. IT 462 Homework #2: “Applying Cyber Threat Intelligence pt. 1” This homework assignment builds on the work you have done earlier in the semester on APT threat groups.For this assignment we will build the profile of the APT group identifying likely related personas victims infrastructure tools etc. using the Diamond model and then map the group’s tools techniques and procedures (TTPs) to the Lockheed Martin Cyber Kill Chain stages. This assignment will require you to use several (at least 4) industry reports on the APT group you chose. Include citations in each of the deliverables including the specific page number where the information can be found. Assignment Deliverables: A Powerpoint presentation on the APT actor using the Diamond Model (Slide 1: “APT X” summary and subsequent slides on each of the four quadrants) and how its TTPs map to each stage of the Kill Chain as well as a Word document summarizing your findings (Section 1: “APT X” Section 2: “APT X Mapping to Cyber Kill Chain”). Applying Cyber Threat Intelligence pt. 2” This homework assignment builds on Homework #2 where you identified core characteristics and TTPs of a specific APT group.For this assignment the focus is to develop actionable signatures that would detect your APT actor on a network. This assignment is to create signatures aka actionable detection measures for your APT group. I am expecting that you will develop unique signatures based on the information you provided in Homework #2 not ones lifted from the Internet; plagiarism of this sort will result in an immediate 0 for the assignment and will be recommend to the University for an honor code violation Assignment Deliverables: Use at least 4 incident reports (i.e. individual reports on your APT actor like “Operation Troy” Operation Blockbuster” etc.) from cyber security vendors (FireEye/Mandiant CrowdStrike Symantec Novetta etc.) to fill in the diamond model with virtual personas email addresses domains WhoIs registration records infrastructures malware exploits vulnerabilities and victims. On subsequent slides map the TTPs to each stage of the Cyber Kill Chain. If you are having trouble identifying how the TTPs map I suggest looking over MITRE’s ATT&CK matrix. In a Word document write up your findings dedicating at least a paragraph to each of the points in the diamond model. Who organizationally is likely responsible for conducting these attacks what is their end goal what type of victim do they tend to target how technologically savvy is the actor based on its tools and techniques does the actor favor one type of attack or exploit over others etc. A Powerpoint slide or Word document containing YARA-based detection signatures for each stages of the Kill Chain. These YARA signatures must include all three sections; you are the author of the signature so make sure that is reflected in the meta section. Since reconnaissance is often outside of the control of network defenders you do not need to create a yara or network-based (Snort Bro etc.) signature for phase 1 of the Kill Chain. In cases where YARA signatures are not applicable SIEM rules/heuristics would also be acceptable so long as it is tailored to your APT group’s TTPs and not a generalized measure. Also identify any other relevant mitigations that would prevent this attacker from being able to gain a foothold into the network based on the TTPs you identified in Homework #2 that we would need to be put in place in our network security appliances and across the enterprise. ‘
We value our customers and so we ensure that what we do is 100% original..
With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.Read more
The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.Read more
The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.Read more
By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.Read more