To complete this assignment, review the prompt and grading rubric in the
Stepping Stone Two Guidelines and Rubric PDFdocument. When you have finished your work, submit the assignment here for grading and instructor feedback. You will also need the
Stepping Stone Two Template Word.
CYB 250 Stepping Stone Two Template CYB 250 Stepping Stone Two Template Howard Threat Model Incident Bank Attacks Bluetooth Bug Attackers Tools Vulnerability Action Target Unauthorized Result Objective CYB 250 Stepping Stone Two Guidelines and Rubric Threat Modeling and Cryptographic Techniques CYB 250 Stepping Stone Two Guidelines and Rubric Threat Modeling and Cryptographic Techniques Overview In the last module, you were introduced to threat modeling using the Howard Threat Model. Practicing threat modeling develops a valuable skill; therefore, in this exercise you review two lesser known attacks and identify the components of the Howard Threat Model. This exercise is meant to expand your skill set in identifying events and threats while analyzing attacks reported by other organizations. If the component of the Howard Threat Model is not directly discernable, it is important that you use your previous knowledge and inference experience to try and identify the component. Within the articles that are linked in the Stepping Stone Two assignment in Module Four of your course, you will find different uses of cryptography and man-in-the-middle attacks. Analyzing cryptographic techniques is an important skill that security analysts practice to better understand data protection. This activity relates directly to the final project, where you will be required to complete a threat model for your project scenario and analyze cryptographic techniques. Take advantage of feedback on this assignment to prepare you for your final project submission in Module Seven. Prompt Analyze the two articles linked in the Reading and Resources section in Module Four of your course. Use this information to fill out the template and address the critical elements listed below. I. Threat Modeling A. To complete this assignment, first download the Stepping Stone Two Template from the Stepping Stone assignment in Module Four of your course. Identify the elements of the Howard Threat Model by filling in the template for the case studies below. i. Complete column for Bank Attacks thoroughly and accurately. ii. Complete column for Bluetooth Bug thoroughly and accurately. II. Cryptographic Techniques A. Select one of the incidents from the table and analyze the following: i. Describe the cryptographic techniques employed by the organization in the article. ii. Describe how a man-in-the-middle attack compromised the cryptographic technique identified above. 1 iii. Describe techniques that could have been used to prevent the man-in-the-middle attack from your selected article. Stepping Stone Two Rubric Guidelines for Submission: Your submission should be 2 to 3 pages in length including the table. Use double spacing, 12-point Times New Roman font, and one-inch margins. All sources must be cited using APA format. Use a file name that includes the course code, the assignment title, and your name—for example, CYB_123_Assignment_Firstname_Lastname.docx. Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value Threat Modeling: Bank Attacks Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Completes column for Bank Attacks thoroughly and accurately Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 18 Threat Modeling: Bluetooth Bug Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Completes column for Bluetooth Bug thoroughly and accurately Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 18 Cryptographic Techniques: Techniques Employed Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Describes the cryptographic techniques employed by the organization in the article Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 18 Cryptographic Techniques: Man-in-the-Middle Attack Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Describes how a man-in- the-middle attack compromised the cryptographic technique identified above Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 18 2 Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value Cryptographic Techniques: Prevent Meets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner Describes techniques that could have been used to prevent the man-in-the- middle attack from the selected article Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail Does not address critical element, or response is irrelevant 18 Articulation of Response Submission is free of errors related to citations, grammar, spelling, and organization and is presented in a professional and easy-to-read format Submission has no major errors related to citations, grammar, spelling, or organization Submission has some errors related to citations, grammar, spelling, or organization that negatively impact readability and articulation of main ideas Submission has critical errors related to citations, grammar, spelling, or organization that prevent understanding of ideas 10 Total 100% 3 CYB 250 Stepping Stone Two Guidelines and Rubric Threat Modeling and Cryptographic Techniques Overview Prompt Stepping Stone Two Rubric