In previous modules, you studied different types of cyberattacks and the concepts and practices of threat modeling. Tools like the Lockheed Martin Cyber Kill Chain can help extend threat modeling into incident handling. Discuss using tools like the Cyber Kill Chain to handle incident response for emerging technologies.
In response to your peers, discuss the possible gaps left by using a tool like the one described in their initial posts.
To complete this assignment, review the Discussion Rubric.
RESPONSE ONE
Hello all,
Regarding all of the research experienced, the fourteen (14) page paper discussing the Kill Chain Defense Process from Lockheed Martin has inciteful information. Intelligence driven defense is the most effective form of protection for the network. Noting that every threat actor creates their own unique profile and personal attack signature to recognize helps an analyst narrow down the list of suspects for an attack. The attacks are further defined as Advanced Persistent Threats (APT). As each attack is attempted, every nuance is recorded and archived to anticipate future attacks.
From reading the paper, it notes that there is another way to recognizing the threat actor:
Find, Fix, Track, Target, Engage, and Assess.
The same way the military plans for an assault, this method is helpful to create an effective strategy to retaliate against a known threat. The paper also notes a case study that examines an email that proves and documents attack attempts by outside threats, or indicators. It shows how innocent messages can have elaborate code that gets embedded and can infiltrate the system undetected would like to see more examples of the case study in the future as there are threats that will be different from the last.
RESPONSE TWO
Good evening,
One tool that i found that is similar to the Lockheed Martin Cyber Kill Chain is the MITRE ATT&CK frame work. Both of these tools illustrate the phases of a cyber attack that include reconnaissance, weaponization and deliver, exploitation, installation, command and control, and finally actions. All of these tools do a great job in starting the process of incident response, and each have their advantages and disadvantages. Where they both succeed is that they are to identify how cyber attacks occur and the process in which they are trying to attack. These tools can help us during incident response as we are able to see the attacks and respond accordingly within procedures.
Undergraduate Discussion Rubric
Overview
Your ac�ve par�cipa�on in the discussions is essen�al to your overall success this term. Discussion ques�ons will help you make meaningful connec�ons between the course content and
the larger concepts of the course. These discussions give you a chance to express your own thoughts, ask ques�ons, and gain insight from your peers and instructor.
Directions
For each discussion, you must create one ini�al post and follow up with at least two response posts.
For your ini�al post, do the following:
Write a post of 1 to 2 paragraphs.
In Module One, complete your ini�al post by Thursday at 11:59 p.m. Eastern.
In Modules Two through Eight, complete your ini�al post by Thursday at 11:59 p.m. of your local �me zone.
Consider content from other parts of the course where appropriate. Use proper cita�on methods for your discipline when referencing scholarly or popular sources.
For your response posts, do the following:
Reply to at least two classmates outside of your own ini�al post thread.
In Module One, complete your two response posts by Sunday at 11:59 p.m. Eastern.
In Modules Two through Eight, complete your two response posts by Sunday at 11:59 p.m. of your local �me zone.
Demonstrate more depth and thought than saying things like “I agree” or “You are wrong.” Guidance is provided for you in the discussion prompt.
Discussion Rubric
Criteria Exemplary Proficient Needs Improvement Not Evident Value
Comprehension Develops an ini�al post with an
organized, clear point of view
or idea using rich and
significant detail (100%)
Develops an ini�al post with a
point of view or idea using
adequate organiza�on and
detail (85%)
Develops an ini�al post with a
point of view or idea but with
some gaps in organiza�on and
detail (55%)
Does not develop an ini�al
post with an organized point of
view or idea (0%)
40
Timeliness N/A Submits ini�al post on �me
(100%)
Submits ini�al post one day
late (55%)
Submits ini�al post two or
more days late (0%)
10
10/30/24, 10:53 AM Undergraduate Discussion Rubric – CYB-250-15105-M01 Cyber Defense 2024 C-6 (Oct – Dec)
https://learn.snhu.edu/d2l/le/content/1748997/viewContent/36623160/View 1/2
Criteria Exemplary Proficient Needs Improvement Not Evident Value
Engagement Provides relevant and
meaningful response posts
with clarifying explana�on and
detail (100%)
Provides relevant response
posts with some explana�on
and detail (85%)
Provides somewhat relevant
response posts with some
explana�on and detail (55%)
Provides response posts that
are generic with li�le
explana�on or detail (0%)
30
Wri�ng (Mechanics) Writes posts that are easily
understood, clear, and concise
using proper cita�on methods
where applicable with no errors
in cita�ons (100%)
Writes posts that are easily
understood using proper
cita�on methods where
applicable with few errors in
cita�ons (85%)
Writes posts that are
understandable using proper
cita�on methods where
applicable with a number of
errors in cita�ons (55%)
Writes posts that others are
not able to understand and
does not use proper cita�on
methods where applicable (0%)
20
Total: 100%
10/30/24, 10:53 AM Undergraduate Discussion Rubric – CYB-250-15105-M01 Cyber Defense 2024 C-6 (Oct – Dec)
https://learn.snhu.edu/d2l/le/content/1748997/viewContent/36623160/View 2/2