Our Previous Samples

CYB 260: Legal and Human Factors of Cybersecurity

2-1 Discussion: Convenience vs. Privacy

Review the "Internet of Things: Convenience vs. Privacy and Secrecy" resource. Then create an initial post in which you consider the following questions:

• As internet of things (IoT) devices become more widely adopted, to what extent are you willing to sacrifice your privacy for convenience?
• Given your stance on privacy, what effect does the pervasiveness of IoT have on your choices as a consumer?

In your response posts, imagine that you are developing a new IoT device for a company. What aspects of privacy would influence your design based on the points your peers made in their initial posts?

Note: Privacy can be a highly personal topic. In your posts, remember to maintain professionalism. Focus on the topic and not on the person.

Sample Solution

Hello everyone,

Happy Monday! Internet connected devices are new and convenient. Since I have moved out of my parents house, there have been advancements in thermostats that I could not believe at first. When my husband and I moved into our house, the base thermostat was a Honeywell that had a few features but mostly just raised and lowered the temperature like our old apartment. When we invested in solar we were offered a google nest device which worried me. What if someone else gained access and controlled our temperature? What if the device lose connection and we cannot change the temperature? We live in Texas and that could be deadly for our dogs. My husband assured me that everything would be fine and we set it up. For the last 6 years it had run perfectly and we never had any issues. This summer has been different, the city has been changing our temperature on the thermostat and setting it to the upper 70's. We have a new baby and that will not work for us so we had to switch back to the Honeywell. We had to give up our convenience of changing the temp from our phone to having to change it manually so that we can use our thermostat as we need to. I think that the IoT can be incredibly useful and also scary to put your trust in a device to not fail.

The question of privacy vs convenience has also had me thinking. There are so many devices that make our lives easier like smart locks that allow you to come and go from your house or room without a key, you only need a passcode or fingerprint. Some locks even let you give one time codes to people like pet sitters so they can come in and walk your dog and then leave. However, the ease of these locks can also be their down fall. Before, we used to need keys to enter a house and these were not easily duplicated. The person trying to break in would either need to take your keys or make an impression of them to gain access. Now, a person only needs to watch you enter the code or know enough about you to guess what your passcode is. There is also the issue of having the lock die and you being locked out until you can get a battery to fix it. 

Finally, police body cams are important when they are used correctly. Body cams can show an unbiased video of what happened in a particular scenario. They are there for both the police officer and citizens safety. Just like if you get into an accident that is not your fault and you have a dash cam, the insurance can look at that footage and show/argue that it was not your fault and save yourself the struggle of determining fault. 

References

http://ezproxy.snhu.edu/login?url=https://heinonline.org/HOL/P?h=hein.journals/nclr96&i=1521

Sample Response 

Hello ****,

Your experiences with IoT devices like thermostats and smart locks highlight both the conveniences and concerns associated with their adoption. As a developer creating a new IoT device, I would prioritize user control and reliability. Your story with the Google Nest thermostat underscores the importance of ensuring robust security measures to prevent unauthorized access and maintain reliable connectivity, especially in critical situations like extreme weather conditions in Texas. Designing intuitive interfaces that allow easy manual override in case of connectivity issues, like your switch back to the Honeywell thermostat, would be crucial. Additionally, for devices like smart locks, emphasizing strong encryption and secure authentication methods would address the privacy and security concerns you raised about potential vulnerabilities and unauthorized access.

CYB 260: Legal and Human Factors of Cybersecurity

1-2 Worksheet Activity: Summation of Privacy Laws Part 1

Summation of Privacy Laws Part 1

Overview

This assignment is the first of three activities where you will explore privacy laws that govern personally identifiable information (PII). Your completed table will include the following requirements:

• A summary of the laws
• Information about who the laws apply to
• Who is responsible for ensuring compliance in an organization

It is important that you fill out this table using your own words because it will help you master the material. Since the descriptions will be in your own words, you are not required to cite the sources. This exercise introduces a small sample of laws. You will examine more laws in future course activities. By the end of Module Four, the completed table will be a great addition to your cyber playbook and provide a useful reference for Projects One and Two.

Prompt

Complete the Module One Worksheet, linked in the What to Submit section, by filling in the three columns for each law provided in the table. The following information is required to complete your worksheet:

• Briefly describe the law in fewer than 50 words.
• Whose rights are covered by the law? Identify the main party covered under the law.
• Who in an organization is responsible for ensuring compliance with the law? Identify the entity in the organization that is responsible for ensuring compliance with the law.

What to Submit

Fill in the required information directly in the provided Module One Worksheet and submit it as a Word document. Use a file name that includes the course code, the assignment number, and your name—for example, CYB_100_Project_One_Neo_Anderson.docx.

CYB 260: Legal and Human Factors of Cybersecurity

CYB 260: 1-1 Discussion: What Is Privacy?

Introduce yourself briefly. Based on your own personal ideas and viewpoint, provide a definition of privacy. This definition can be based on any aspect of privacy.

In your response posts, compare and contrast your thoughts with those of your peers. Did anything influence your perspective?

Note: Privacy can be a highly personal topic. In your posts, remember to maintain professionalism. Focus on the topic and not on the person.

SAMPLE SOLUTION

Hello Everyone,

My name is ***** and I am a stay at home mom to a 6 month old. Before my baby was born I was a lead programming instructor for a local non profit that teaches low income students. Most of my work experience is in early childhood education and I would like to take the information I have learned to create resources to teach children safe practices online. In my free time, I love to spend time with my family, crochet and listen to audiobooks/podcasts. I also like to use my free time to create cosplays for my local conventions. 

Privacy is a personal topic, everybody is going to have their own preferences. For example, in the paragraph above, I did not name the city I live in or company I used to work for. This is information that other people might be comfortable sharing but I am not. When I was younger and the internet was younger, I used to be very active on social media and post about every thought I had. Over time I grew up and saw the downsides to the internet as it grew. Now, I prefer to keep the information about me limited and try to keep what I can private but also understand that its inevitable. Like I might not post photos of my family online often but my in-laws love to share photos of their grandchildren and policing every photo they put online would ruin our relationship. So I try to do what I can to limit it while accepting that there are some things out of my control. I also do not judge others who choose to live their life online. Another aspect of privacy is the information we give to businesses. Information like social security numbers, credit card information, etc. can end up online due to data breaches. It is important that businesses offer ways to opt out of sharing personal information and make sure there is adequate encryption and security set up. Privacy is something we should all be allowed to choose for ourselves and when we work in the professional world, the businesses we work for will decide what information they want private.

References

https://iapp.org/about/what-is-privacy/ 

Sample response

Hello ****,

I agree that the use of social media and the Internet can create conflicts of privacy, both individually and between real world relationships. My mother and father up until recently did the same thing, to the point where I had to explain to them that their complaints about "Big Brother" and being watched was largely due to the choices they were making about what to post. For example, they would be posting about a vacation we were on with a geotag, and then say that the government was monitoring them because all their ads would be for tourist locations and events occurring around us. They couldn't really see that they were practically walking around with a huge sign saying to advertise here. Also, my mother would shop online a decent amount, and in her spirit of saving money would go to sites like Wish or Temu that are known for data harvesting. These are commonplace now, but the average consumer typically doesn't care until an issue arises, such as someone stealing their credit card information. Good luck in this course, and best wishes to you and your family. 

    
In your reading this week, you will explore multiple network and port scanners. If you could create the network or port scanner of your dreams, what aspects of the tools you read about this week would you include and why? Make sure you name your creative and groundbreaking new tool!

In your response posts, describe how you could use the new tools developed by your peers, and suggest a new feature for each tool.

Sample Post

Hello Everyone, 

I hope this week is treating you all well. As we delve deeper into the world of network and port scanning, I can not help but imagine the perfect scanner that would combine the best features of all the tools we have encountered. If I could create my dream scanner, I would call it "ZymNet"

ZymNet would be a powerhouse scanner with the following features:

• Speed and Efficiency: ZymNet would incorporate the lightning fast scanning capabilities of tools like nmap, allowing for quick identification of active hosts and open ports on a network.
• Versatility: It would support a wide range of scan types, including TCP, UDP, SYN and ACK scans, similar to nmap, to cater to different network environments and security needs.
• Stealth and Evasion: ZymNet would excel at evading detection by intrusion Detection System (IDS) and firewalls, drawing inspiration from advanced scanners that employ techniques like packet fragmentation and source address spoofing.
• Comprehensive OS and Service Detection: It would accurately identify operating systems and services running on target machines, providing valuable information for vulnerability assessment and penetration testing.
• User Friendly Interface: Unlike some command line scanners, ZymNet would feature an intuitive graphical user interface (GUI) that makes it accessible to both novice and experienced users.
• Customizable Reporting: It would generate detailed and customizable reports that can be tailored to specific audiences and purposes.
• Integration with Other Tools: ZymNet would seamlessly integrate with other security tools, such as vulnerability scanners and exploitation frameworks, to streamline the security assessment process.

In essence ZymNet would be the ultimate all in one scanner that combines speed, versatility, accuracy and user friendliness. It would be the go to tools for network administrators, security professionals and ethical hackers alike.

Sample Reply

Hello,

Great work on conceptualizing ZymNet. It sounds like this would be a great tool for any offensive security specialist, especially as a starting point to begin an offensive operation. 

One thing that stood out to me about ZymNet was its user-friendly UI and customizable reporting. These features could make ZymNet a good fit for corporate pen-testing environments. A robust UI would help offensive teams to train new members. The GUI could also be helpful in tweaking and recreating steps within a particular attack. Lastly, the customizable reports could save significant time and make the lives of the team members much better. From what I have heard, offensive security teams can spend half of their time or more just writing reports. These reports are obviously extremely important (and ultimately what the client is paying for), but integrated assistance in generating reports could prove highly popular amongst red teams. 

One feature that could be added on to what you have outlined with ZymNet is a portable version of the software package that could be stored on a USB or similar drive and used in physical penetration tests. While not every test will have physical access to a client's hardware, the ability to scan for open ports within a network could be valuable when access allows for it. 

Thank you for the thorough post!

CYB-310-18578-M01 Network Defense 2024 C-6

1-1 Discussion: Introduction and Networking Experience 

In your initial post, briefly introduce yourself.

Next you will consider your IT networking experience. We all experience network problems, either as a user or as a professional in the field. Provide an example of your personal or professional experience with networking, and describe a situation where you had to troubleshoot or resolve an issue. Include details about how you approached the problem. Feel free to draw on previous coursework for your examples.

In your response posts, what other techniques to solving the problems described by your peers could you suggest from your experience? Alternatively, what questions would you ask to help diagnose or solve the problem?

CJ 4440 Quizz #1: Week #2: October 21 - October 27, 2024

Due Oct 27 at 11:59pm

Score for this attempt: 10 out of 10
Submitted Oct 26 at 2:43pm
This attempt took 11 minutes.

Question 1                                                  1 / 1 pts
1. The British government define terrorism as "any activity that involves an act that is dangerous to human life or potentially destructive of critical infrastructure or key resources; ..."

•   True 
•   False 

 
Question 2                                              1 / 1 pts
2. Based on your reading which of the government agency listed below define terrorism as "is intended to produce fear in someone other than the victim"?

A) Federal Bureau of Investigation (FBI)

B) U. S. Department of Defense (DOD)

C) U. S. Department of State

D) U. S. Department of Homeland Security (DHS)

 
 
Question 3                                                        1 / 1 pts
3. The USA Patriot Act was enacted with nearly partisan votes in both the Senate and House to provide law enforcement with new authority to assist detection and prevention of terrorism.

•   True 
•   False 

 
Question 4                                                 1 / 1 pts
4. Acts of violence are described as a logical progression of what steps?

A) Reasons, execution, and outcome

B) Systematic, execution, and immediate consequence

C) Organization of thought, execution, and outcome

D) Formation of intent, execution, and immediate consequence

 
Question 5                                                 1 / 1 pts
5. Law enforcement and Intelligence agencies are experiences most problems in the twenty-first century with detection, infiltration, and prevention of what type of terrorist?

A) Jihadist

B) State-sponsor

C) Lone Wolf

D) Islamic Jihad

 
Question 6                                                           1 / 1 pts
6. The 1993 bombing of the World Trade Center was the first significant terrorist act in the United States, unlike worldwide terrorism activities in the twenty-first century.

•   True 
•   False 

 
Question 7                                                       1 / 1 pts
7. Based on required reading, which violent acts are defined as terrorist incidents?

• A) 1941 Attack on Pearl Harbor, 1995 Oklahoma City Bombing, and 2000 Bombing of the USS Cole
• B) 1995 Oklahoma City Bombing & 2000 Bombing of the USS Cole
• C) 1941 Attack on Pearl Harbor & 2000 Bombing of the USS Cole
• D) 1941 Attack on Pearl Harbor & 1995 Oklahoma City Bombing

 
Question 8                                              1 / 1 pts
8. Under Homeland Security Presidential Directive 6, the Department of Homeland Security Secretary established Terrorist Screening Centers (TSCs) in September 2003 to consolidate the watch list for the lawful use of terrorist information in screening processes.

•   True 
•   False 

 
Question 9                                                           1 / 1 pts
9. Identified reasons for RCMP and CSIS joint investigation failures that span over twenty years regarding the bombing of Air India Flight 182, the worst act of terrorism in Canadian history (Spindlove & Simensen, 2018).

• A) Lack of intelligence and investigative tools
• B) Interference and management of the investigation
• C) Lack of investigative tools
• D) Lack of intelligence tools

 
Question 10                                                                      1 / 1 pts
10. Which of the following factors did not contribute to Francois "Papa Duvalier" having Haiti's most prolonged leadership regime?

• A) Decrease the illiteracy rate of Haiti's population to below 70 percent
• B) Use of Secret Police to form a brutal regime
• C) Support of the Haitian Army
• D) Alleged supernatural powers from the practice of Voodoo