This Competency Assessment assesses the following outcome(s):
IT484M5-5: Evaluate cryptology, network, and communications technology used to protect private information from public disclosure and supported by cybersecurity policies.
GEL-7.02: Apply ethical reasoning to ethical issues within your field of study.
Purpose
Part 1: Knowledge of keys and Active Directory is important for the cybersecurity professional. Part 1 of this assessment reinforces these concepts.
Part 2: Ethical considerations are important for any professional. However, for systems professionals, their access to sensitive data and the information resources of an organization requires a great awareness of ethical issues faced by their discipline. Part 2 of this assessment helps reinforce the importance of ethics in cybersecurity.
Part 3: Part 3 of this assessment will highlight the concepts and topics related to networks and remote cybersecurity policy considerations that you reviewed in this module.
Instructions
Part 1: Cryptography and Cybersecurity Policies
Section 1
Using the Internet and/or the Library, research and complete the following:
In 1,000 words or more words, respond to the following:
Explain how Active Directory implements PKI. Be sure to detail the use of certificates, the use of keys, and key security.
Section 2
In 200 or more words for each answer, respond to the following:
• Give an example of a protocol that uses both public key and private key cryptography and explain how and why it does so.
• How are the public key and private key of an asymmetrical key set related? What about this relationship makes it a “one-way” process?
Part 2: Ethics and Mass Data Collection
Based on the knowledge you have achieved thus far in this class, compose a minimum 2-page, double-spaced research paper using the current APA version with a title page and reference page.
Discuss the ethical arguments of mass data collection. Should the government be able to capture everything and store it in a data center like the NSA’s Bluffdale, Utah, facility and search it for keywords? Has it done so in the past? Should the government be able compel companies like Google®, Microsoft, SilentCircle®, and Lavabit® to reveal their customers’ encryption keys? Why or why not? What did the Snowden incident teach people about government surveillance? Be sure to include the ethical issues of your discussion.
Your paper needs to include a title page and follow APA formatting guidelines.
Part 3: Cryptography and Cybersecurity Policies
Section1
Using the Internet and/or the Library, research and complete the following:
In 1,000 or more words, respond to the following:
Evaluate how to implement a secure wireless network using Active Directory and RADIUS server.
Explain how to do this and provide it in a step-by-step implementation guide using screenshots and explanations.
Section 2
In 200 or more words for each answer, respond to the following:
• Explain step by step how a hacker would crack passwords, starting with extracting the hash file in a non-Active Directory and an Active Directory client.
• Write a remote access cybersecurity policy for remote users.
