System and Communication Security Paper

Overview

As you have learned, this course employs a targeted approach to measuring your mastery of the course competencies. Your competency project for this course is a composition demonstrating mastery of the key skills in automating security-relevant tasks, implementing public key infrastructure (PKI) technology using a certificate authority (CA) server, and hardening computer systems. PKI is a common protection technology used in the industry and comes in many different forms. Using a CA server is one method that provides security to a large infrastructure. Important skills for a security analyst are automating security controls to save time and resources. This can be done through hardening scripts and system checklists.

The project is divided into three milestones, which will be submitted at various points throughout the course to scaffold learning and ensure quality final submissions. In Milestone One, due in Module Three, you will develop an automated script and submit your Milestone One Worksheet. In Milestone Two, due in Module Four, you will submit your completed checklist and analysis Word document. In Milestone Three, due in Module Five, you will submit your Milestone Three Worksheet. The final product will be submitted in Module Seven. Some of its parts will require the CYB 300 Sandbox environment.

In this assignment, you will demonstrate your mastery of the following course competencies:

• Implement a public key infrastructure (PKI)
• Securely configure (harden) a common computer operating system according to appropriate security standards and organizational requirements
• Use a scripting language to automate security-relevant tasks

Scenario

Part I
In Milestone One, you developed a script to create a baseline for newly acquired computer assets. In this project, some of these assets are being relocated to a remote location with additional requirements. Develop a script to implement this new baseline configuration to meet the following requirements:

1. Rename computer to First Initial_Last Name (use your first initial and your last name)
2. Change time zone to the time zone associated with Denver, Colorado
3. Get a list of running processes
4. Set idle lock time for screensaver to 3 minutes
5. Send the output of the last 50 entries in the /var/log/messages log to a text file named “SecurityLog_LastName.txt”

Part II
For this part, you will document the commands to create a CA. As a result of relocation, in addition to the scripts associated with the baseline hardening, you need to create a new CA for this remote location that meets the following set of security requirements:

1. Hash value = SHA256
2. Key type = AES 256
3. Key length = 4096
4. Common Name = CN = Colorado Office Root, C=US, ST-CO,O-your_name-Org
5. Validity period = One Year

Part III
For this part, you will discuss the importance of industry guidelines, organizational baselines, and checklists as they pertain to system and communication security.

Prompt

You must address the critical elements listed below. Most of the critical elements align with the competencies (shown in brackets).

1. Automated Hardening Scripts: Compose a single executable script to automate hardening tasks to meet the requirements in the scenario.
   1. Screenshot of a single executable script in the Linux shell environment
   2. Screenshots that evidence each requirement has been met
   3. One of the main reasons that practitioners use automated scripts is to save time by avoiding manual configurations. Describe additional benefits of using automated scripts for configuring systems in a secure manner for organizations.
2. Certificate Authority:
   1. Provide a screenshot of the OpenSSL commands to create a CA with settings that meet the organizational requirements
   2. Discuss how to create Certificate Signing Requests (CSRs) for the servers and workstations in the new location and submit to the CA for approval (CA Applied)
   3. Discuss how implementing PKI addresses two of the Fundamental Security Design Principles and how this maintains the tenets of the confidentiality, integrity, and availability (CIA) triad in an organization
3. Hardening Systems:
   1. Discuss how to make the transition from industry guidelines to a baseline that is appropriate for your organization
   2. Create an operating system security-configuration checklist representing the elements used in Part I: Automated Hardening Scripts
   3. Explain why operating system security-configuration checklists are an important part of the cybersecurity practices in an organization

Scripting Administrative Tasks

Overview

Scripting is an essential skill that helps all IT professionals increase productivity and handle tasks that are repetitive in nature. Learning how to write or modify scripts can save you an immense amount of time. Using the Linux Bash scripting provides an avenue to manipulate the internals of a computer while abiding by policies and security controls that have been put in place within the computer. It should be noted that Bash scripts do not circumvent user rights and privileges. Therefore, if you are trying to run a script and your access is denied to any of the commands, you need to seek to escalate your privileges for that script to run. This is a key safety control in operating systems to ensure individuals cannot perform tasks above their security levels.

You will be working in the CYB 300 Sandbox environment. Your submission will include three documents: two .txt script files and a Word document containing screenshots.

Note: The Learning Management System will not accept .sh files for submission. You can open your .sh file in a text editor and save the file as a .txt file for submission.

Scenario

You are an analyst at a small firm, and your manager has tasked you with writing a script to automate tasks. To test your script, you have been given a sandbox environment that mimics your live Linux system. Your manager has identified the need for scripts to automate the following tasks, to be divided up by you and your coworkers:

• Create three groups: Human Resources, Finance, and Sales. Create 12 user accounts and place them in one of the three groups. Set the passwords to NewP@$$w0rd
• Create a script to back up the /home directory as a compressed tar file to a folder called /backup
• Use the Ping utility to report connections of all IP addresses that end in an odd number in the network, and output them to a text file called ping.txt
• Create a user group named Audit and include all the employees of the HR and Finance organizational units
• Find all users with inactive and disabled accounts across all organizational units and output the list to a text file named inactive_users.txt
• Get a list of all running processes and output the list to a text file named running_processes.txt

Your work assignment is to select two of the above tasks and create a script to automate each one that you have chosen.

Prompt

In this assignment, incorporate the following elements in each script:

• Repetition structure
• Compound conditional statement
• Variable declaration and usage

For each element, add a comment describing the element for each of the three requirements above. You must also add your name, date, and course title as a comment at the beginning of your script. Each script must contain at least four comments.

You must address the critical elements listed below.

1. Automated Script One
   1. Script contains a repetition structure
   2. Script contains a compound conditional statement
   3. Script contains variable declaration and usage
   1. Script file
   2. Results: Provide screenshot evidence that the script has performed the desired task
2. Automated Script Two
   1. Script contains a repetition structure
   2. Script contains a compound conditional statement
   3. Script contains variable declaration and usage
   1. Script file
   2. Results: Provide screenshot evidence that the script has performed the desired task
3. Scripting Best Practices
   1. Name, date, and course title
   2. Comments for the three required elements of the script
   1. Code is properly commented and contains the following comments:

PKI, FSDP, and CIA

Overview

In previous coursework, you have explored the Fundamental Security Design Principles (FSDP) and the confidentiality, integrity, and availability (CIA) triad. It is important that we correlate how public key infrastructure (PKI) and these security controls interact with each other. When you examine the FSDPs and explain how they interact with PKI and the CIA triad, you develop analysis skills that enhance your skill set as a security analyst. A key takeaway from this assignment is a playbook-worthy artifact that encourages you to synthesize ideas on how security methodologies can be taken to the next level. It is important that we use frameworks like the FSDP and the CIA triad as they apply to contemporary topics; this will help you develop the next generation of protections that are found in industry security practices.

The purpose of this assignment is to prepare you to discuss the FSDPs in your final project, which will be submitted in Module Seven.

Prompt

Complete the table and answer the short- response questions in your Milestone Three Worksheet, which is linked in the milestone assignment in Module Five of your course. You must address the critical elements listed below.

1. Security Analysis Table: Complete the table by filling in the columns for the following FSDPs. Describe how they relate to PKI and the CIA triad.
   1. Isolation
   2. Modularity
   3. Minimization of Implementation
   4. Layering
   5. Least Privilege
   6. Fail-Safe Defaults/Fail Secure
   7. Trust Relations
2. Scenario-Based Short Response Questions
   1. Temporary Contractor: The use of certificates of authority (CAs) as part of PKI provides a mechanism for key management and secure communications. If you were asked to provide access to information systems to a temporary contractor, what areas of a PKI and CIA triad would you be concerned with? Which of the FSDPs most applies here?
   2. Cryptography: As part of PKI, a cryptographic system is established. Explain how cryptography is used and what forms of implementation can be accomplished.

CYB 300 Milestone Three Worksheet

1. Security Analysis Table

2. Scenario-Based Short Response Questions
   1. Temporary Contractor: The use of CAs as part of PKI provides a mechanism for key management and secure communications. If you were asked to provide access to information systems to a temporary contractor, what areas of a PKI and CIA triad would you be concerned with? Which of the FSDPs most applies here?
3. 2. Cryptography: As part of PKI, a cryptographic system is established. Explain how cryptography is used and what forms of implementation can be accomplished.

Checklist Analysis and Modification

Overview

Checklists play an important role in the maintenance and protection of systems. They also play a part in hardening a system. Most security analysts identify components and settings within systems that need to be modified to enhance security. Following checklists, engineers can implement the identified security enhancements from the analysts. Certificate Authority (CA) is part of public key infrastructure (PKI) that helps secure the communications within a system. In this activity, you will evaluate an existing checklist to ensure that it is relevant and up to date. Additionally, you will be asked to update the checklist according to directions in your scenario. These checklist elements rely heavily on the steps you completed in your lab in Module Three and your lab this week in Module Four. Make sure you complete your Module Four lab before beginning your milestone. Refer to that lab if you have any questions.

Your submission will include two documents: one for Part I and a second for Part II. For Part II, use the checklist template provided.

The purpose of this assignment is to explore the use of checklists. Your work on this milestone will contribute to your Final Project, where you will need to create a checklist. Furthermore, the revised checklist created in this milestone can be used as a guide for your work in Part II of your final project, which will be submitted in Module Seven.

Scenario

Your manager has provided a checklist for setting up a CA server. They would like you to review the checklist for several criteria. It is essential to verify that the checklist covers the elements needed for a CA server. They would like you to identify any possible gaps within the checklist. Your manager is aware that the checklist is old and there are items on the checklist that may require updates. Your manager has prioritized three new items for the checklist, which include automatic certificate revocation, encryption, and validity period of certificates. Your manager needs your recommendations as a security analyst for those three areas in the checklist. They would like you to fill in the Requirements and Control Overview sections of the checklist for those areas.

Your manager has identified three parameters that should be added to the Root Certificate Requirements section of the checklist. These parameters are an essential part of the root certificate and should be present for the requirements to be implemented.

Parameters

Prompt

Review the Milestone Two Checklist, which is linked in Module Four of your course, and address the critical elements listed below.

Part I: Analysis of Existing Checklist

1. Evaluate the checklist: Provide feedback on the Milestone Two Checklist provided by your manager. Identify at least two areas of the checklist that require updating or improvement. Note: The checklist you are evaluating is modeled after section 4.5 of the NIST 800-70, Guidelines for Checklist Users and Developers.
2. Evaluate the applicability of the checklist. Given the requirements in the scenario, is the checklist accurate in addressing the needs identified? Justify your evaluation.

Part II: Additional Checklist Elements

1. Add additional checklist elements for automatic certificate revocation. Complete the Requirements and Control Overview sections for additional elements.
2. Add additional checklist elements for encryption. Complete the Requirements and Control Overview sections for additional elements.
3. Add additional checklist elements for the validity period of the certificate. Complete the Requirements and Control Overview sections for additional elements.
4. Add identified parameters to the Root Certificate Requirements section of the checklist.

CA Server Root Certificate Requirements Checklist (CA-1)

Requirements

1. Identify information systems that support organizational missions/business functions
2. Identify and select the following types of information system accounts that support organizational missions/business functions: [administrative, service]
3. Identify authorities from each department for root certificate assignment approval
4. Secure protocols used, TLS v1.2
5. Client renegotiation disabled
6. Account notification to CA authorities:
   1. When user or system accounts are terminated
   2. When individual information system usage changes
   3. When account inactivity is for a period of 90 days
7. Authorize root certificate assignment for information systems based on:
   1. A valid access authorization
   2. Other attributes as required by the organization or associated missions/business functions
8. <Add element for automatic certificate revocation here>
1. <Add element for encryption here>
10. <Add element for validity period of the certificate here>

CA-1 Root Certificate Requirements

Control Overview

Scripting for Automation

Overview

It is important to familiarize yourself with a variety of Linux commands. One approach to accomplish this task is to practice different commands. In this assignment, you will apply the commands explored in previous activities to complete specific requirements. In many cases, creating a baseline image for a device is a common practice for implementing security standards. Although the application of these commands to creating a baseline may not be directly clear, many of them are useful actions in creating a baseline; an understanding of the structure and capabilities of what the command is attempting to do can be used in a larger picture to secure a system.

Scenario

Your organization has recently acquired a number of assets as the result of a merger. Your manager has asked you to develop a script to create a baseline for these newly acquired computer assets. Complete the Milestone One Worksheet, including screenshots of results; you will find the worksheet linked in Module Three of your course. In addition, develop a single executable script to implement this new baseline configuration to meet the following requirements:

• Change time zone to Pacific/Tahiti Time
• Set date/time to 6:00 a.m. on March 1 of this year
• Create a user group called CYB300
• Create a new local user with the following parameters:
  1. Username: First-Name-Last-Name
  2. Password: Password123
  3. Add user to the CYB300 group
• Display a list of running processes beginning with “n” and send them to a text file named “n_Services.txt”
• Export Bash history to a text file named “CYB_300_History_Firstname_Lastname.txt”

Prompt

Submit the completed Milestone One Worksheet with screenshots of each configuration requirement and your final executable script. You will find the worksheet linked in the milestone assignment in Module Three of your course. You will be working in the CYB 300 Sandbox environment. Specifically, you must address the following critical elements:

1. Change time zone to Pacific/Tahiti Time. Provide a screenshot of the Linux shell environment showing the successful configuration.
2. Set date/time to 6:00 a.m. on March 1 of this year. Provide a screenshot of the Linux shell environment showing the successful configuration.
3. Create a new local user that meets the requirements. Provide a screenshot of the Linux shell environment showing the successful configuration.
4. Create a text file containing the list of running processes beginning with “n”. Provide a screenshot of the Linux shell environment showing the successful results.
5. Export Bash history to a text file named “CYB_300_History_Firstname_Lastname.txt”. Provide a screenshot of the Linux shell environment showing the successful results.
6. Create a single executable script that contains all the Bash script statements. Provide a screenshot of the Linux shell environment showing the successful completion of the script.

CYB 300 Milestone One Worksheet

For each required script element, a command is given that will display the results of the script. Use this validation command as the source for your screenshot. Complete this worksheet by replacing the bracketed phrases in the Bash Script Statement and Screenshot columns with the relevant information.

Complete this worksheet by replacing the bracketed phrases in the Response column with the relevant information. For all screenshots, include your name in the command line.

Lab: Customize or Write Simple Scripts

Exercise 1: Customize or Write Simple Scripts

Complete this worksheet by replacing the bracketed phrases in the Response column with the relevant information. For all screenshots, include your name in the command line.

Lab: Linux Scripting Techniques

Exercise 3: Create a Non-Interactive Script

Exercise 4: Create an Interactive Script

Exercise 5: Create Scripts Using Loops and Conditions

Complete this worksheet by replacing the bracketed phrases in the Response column with the relevant information. For all screenshots, include your name in the command line.

Lab: Securing Linux Devices

Exercise 1: Secure an Alma Device

Exercise 2: Secure an Ubuntu Device

In your initial post, briefly introduce yourself. Next you will consider encryption, a major component of system and communication security. Encryption is essential to secure all forms of data communications. As a professional and a consumer, you must be aware of how technologies are integrated and the different layers of protection that exist. Describe an example of how encryption is used in your daily life.

In your response posts to your peers, use the lens of a security professional to discuss the strengths and weaknesses of the encryption in their examples.

Sample Response

Hello everyone my name is [your names here], I am currently serving active duty in the U.S Navy as a recruiter. I am originally from New Jersey but I am now stationed in Houston. Only have a couple of more classes to go until I have my degree and that day can't come fast enough. But to answer the discussion post. The way in which encryption plays a role in my daily life, is when I am using online banking. When logging into my bank account either by website or app. Encryption is used to make sure my connection is secure, so that my sensitive data like my login and account details are not compromised.