Cybersecurity Capstone Project 14 - weeks
Timeline
-
May 6, 2024Experience start
-
August 10, 2024Experience end
Experience scope
Categories
Security (cybersecurity and IT security) Information technology Networking Cloud technologiesSkills
cybersecurity networking it security policies and compliancePerform automatic and manual network and host monitoring, analysis and troubleshooting to determine efficient and secure operations.
Develop strategies for dealing with common network vulnerabilities and security issues to protect information in a business, industry or other organization.
Design multi-site enterprise operating system infrastructures using a security architecture framework.
Design secure wireless mobile device management policies and best practices to secure enterprise data.
Implement a cloud computing focused environment to address security risks associated with incorporating virtualization into an organization’s security systems.
Plan and configure network applications to conform to corporate security policies.
Identify needs, and plan for IT network and security services to support an organization’s business goals and objectives.
Perform security audits of systems to identify the extent of security breaches.
Identify and report on the current threat landscape to protect the business against cybersecurity attacks.
Implement security strategies to protect against current cybersecurity threats.
Learners
Research and analyze a topic related to Cybersecurity or an approved Cybersecurity project with a business and how it can support or improve business activities in a specific scenario or in the current global economy.
Facilitate the success of your project by following project scope, time, quality, and communication management principles.
Present deliverables to a group of peers, faculty, stakeholders, or industry partners.
Project timeline
-
May 6, 2024Experience start
-
August 10, 2024Experience end
Project Examples
Requirements
Cybersecurity/IT Best Practices/Policies
· Evaluate current policies and provide input on areas that might be lacking
· Create new policy templates using best practices
· Password policies
· Acceptable user policies
· Software/Operating System Update policies/tracking
· Business Continuity Planning
· Cybersecurity Response Plans
· Backup policies
Cyber Awareness Training
· Fake phishing email tests
· Fake texting tests
· Fake call tests
· Training packages for staff
Email Security
· IP Geo-blocking
· Known Spam subnets blocking
· Prevent spoofing with SPF, DKIM, DMARC
· Virus/Spam filtering
Getting your business ready for Certification with CyberSecure Canada
· https://ised-isde.canada.ca/site/cybersecure-canada/en
The National Standard includes the 13 cybersecurity controls areas outlined in the Canadian Centre for Cyber Security baseline cybersecurity controls. It also introduces 3 new organizational controls and 2 new baseline controls.
Organizational controls
- Leadership (new)
- Accountability (new)
- Cybersecurity risk assessment (new)
- Cybersecurity / employee awareness training
Baseline controls
- Develop an incident response plan
- Automatically patch operating systems and applications
- Enable security software
- Securely configure devices
- Use strong user authentication
- Back up and encrypt data
- Establish basic parameter defenses
- Implement access control and authorization
- Secure mobility
- Secure cloud and outsourced IT services
- Secure websites
- Secure portable media
- Point of sale and financial systems (new)
- Computer security log management (new)
Risk Management
· Review current controls and provide suggestions for improvement
· Identifying the risks to your organization
· Assessing the level of each risk and how likely they are to impact your organization
· Provide you with recommendations on how to mitigate or control the risks
Zero Trust Endpoint Detection (HIPS) and Incident Response (IR)
· Evaluate current End point products
· If new deployments are needed evaluate both closed and open-source options and provide report with pro’s and con’s and recommendations based on industry best practices
· Integrate with Security Operations Centre
· Incident Response Processes
Security Operations Centre
· Evaluate setting up in house SOC or outsourcing to another company
· Evaluate both closed and open-source options
· SIEM/SOAR functionality – Focusing on Automation
· Log monitoring
· Log reporting
· Security Reports
· Compliance Reports
· Incident Response
Multi Factor Authentication
· Do your users login to a VPN with only a username and password?
· Does your MFA rely on SMS?
· Do you have Offce365 authentication and have not enabled MFA?
· If you answered yes to any of the above questions, then we can look at making your business more secure with MFA
Firewall evaluation
· Students are trained on Palo Alto Next-Gen Firewalls
· Can investigate if your current firewall meets your needs and provide options both closed and open source options
Penetration Testing and Vulnerability Scanning
· Tenable Nessus Scanning – Using Education Edition
· Scope of testing will be well defined and no vulnerabilities would be exploited
· Can involve both internal and external testing to find vulnerable services
Past CSEC Capstone projects that Cambrian students have completed
· Students testing SentinelOne Antivirus and writing custom ransomware that evaded detection on a fully updated host running the software.
· Creating Cybersecurity Educational Materials for a First Nations community to try to educate their community about phishing attacks, MFA, using secure passwords online etc.. There was a measurable impact on the community and it started some very good conversations around Cybersecurity.
· Cyber Awareness and sending fake emails using systems like Phish line and KnownBe4.
· Exploring Splunk as a SEIM/SOAR and deploying it, connecting to cloud resources, and pulling down logging information from different systems.
· Risk Management and Business Continuity planning.
· Gap Analysis and aligning a security posture to CyberSecure Canada.
· Gap Analysis and aligning a security posture to NIST.
· Evaluating different SOC systems and implementing a test SOC at an agency. (had a focus on some open source SOC’s like Wazuh)
· Network Segmentation and Zero Trust policies.
· Creating a DevSecOps Jenkins pipeline using OWASP and open-source toolsets. They undertook the deployment, integration, and configuration of these tools with the Jenkins pipeline.
Timeline
-
May 6, 2024Experience start
-
August 10, 2024Experience end