Cybersecurity Project: Google Hacking and Security Program Outline

Verified

Added on  2022/08/12

|19
|1026
|29
Project
AI Summary
This project is divided into two main parts. Part 1 focuses on Google hacking and open-source intelligence (OSINT), using Google Dorking techniques to gather information about a target organization (Facebook). The student experiments with various search queries to uncover potential vulnerabilities and information. Part 2 outlines a security program management tabletop exercise, covering configuration and patch management, incident response, email security awareness training, and disaster recovery planning. The outline includes documentation, change justification, testing, and communication protocols. The incident response plan details steps for handling security breaches, while the email security training emphasizes awareness of email-borne threats. Finally, the disaster recovery plan outlines steps for resuming operations after an unplanned incident. The project concludes by emphasizing the importance of a comprehensive information security plan in protecting organizational data and ensuring confidentiality, integrity, and availability.
tabler-icon-diamond-filled.svg

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
S O FT WA R E
F O U N DAT I O N S
F O R CY B E R
S E C U R I T Y
N A M E O F T H E S T U D E N T
N A M E O F T H E U N I V E R S I T Y
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
PART 1:
GOOGLE HACKS AND OPEN SOURCE
INTELLIGENCE
Document Page
GOOGLE HACKING
TECHNIQUES:
The Google hacking techniques that is also
known as Google Dork is basically a vulnerable
resource for the security researchers. For normal
people, Google is only a search engine that is
used for finding images, texts, videos and many
more. But in the world of infosec, Google is a
much useful tool for hacking. The search engine
of Google is having their own query language
that is built in. It can help in finding information
about SEO backlinks, competitors, tacking
Document Page
EXPERIMENTING GOOGLE
HACKING TECHNIQUES WITH
FACEBOOK.COM:
For the research with queries of Google hacking,
I have chosen facebook.com. Facebook is having
a huge database as it is having billions of
members. The organisation has been subject for
covering extensive media as well as many
controversies. They are often involving political
manipulation, privacy of the users, copyright
infringement etc. Various Google hacking
techniques will be experimented by using the
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Document Page
Document Page
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Document Page
Document Page
REFERENCES:
Baloch, R. (2017). Ethical hacking and penetration testing guide. Auerbach
Publications.
Amara, N., Zhiqui, H., & Ali, A. (2017, October). Cloud computing security
threats and attacks with their mitigation techniques. In 2017 International
Conference on Cyber-Enabled Distributed Computing and Knowledge
Discovery (CyberC) (pp. 244-251). IEEE.
Nastase, R. (2018). Hacking with Kali Linux: A step by step guide for you to
learn the basics of cybersecurity and hacking. Independently published.
Smith, L. (2016). Information Behaviors of Ethical Hackers.
Ahmed, M., Mahmood, A. N., & Hu, J. (2016). A survey of network anomaly
detection techniques. Journal of Network and Computer Applications, 60,
19-31.
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
PART 2.
OUTLINE FOR A SECURITY
PROGRAM MANAGEMENT
TABLETOP EXERCISE
Document Page
METHOD FOR
CONFIGURATION AND PATCH
MANAGEMENT.The methods for configuration and patch management
are including:
Documentation and identification of changes.
Rationale or justification.
Assessment if potential changes and impact that
include criticality and implications of security.
Testing processes for ensuring the changes are
functioning as intended.
Updating all of the system documentations those are
appropriate upon the completion of significant changes.
Document Page
CONTD.:
Communication of important changes as well as
the planned schedule of them to the
stakeholders by utilizing a standard template.
Contingency or rollback plan.
Documented review as well as approval by the
authority of designated change control.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
INCIDENT RESPONSE PLAN:
The incident response is basically a structured methodology that is
used for handling the security breaches, security incidents as well as
cyber threats. An incident response plan that is well defined allows
an organisation to minimize and identify the damage as well as it
helps in reducing the cost of a cyber attack. The phases of incident
response plan are as follows:
Assembling a team.
Detect and ascertain the source
Contain and recover
Assess the damage and severity
Begin the notification process
Start immediately for preventing the similar type of incident in
future.
Document Page
EMAIL SECURITY
AWARENESS TRAINING:
The email security training is basically a program of security
awareness which helps the employees of an organisation to deal
with different types of attacks of email borne. The training should
include about links, attachments, scams and spear phishing.
The threats can be sent as attachments, the employees have to
aware about the attacks.
The attacks can also be done by sending vulnerable links. The
employees have to be ensure that the link is safe before opening.
The employees need to be aware about any money related scams
or invitation sent via emails.
The employees have to understand that the hackers can target
specially to their organisation.
Document Page
DISASTER RECOVERY PLAN:
The disaster recovery plan is basically a structured and
documented approach which describe how the
organisation can resume their work quickly after an
unplanned incident. It is one of most essential part of
BCP (business continuity plan). The plan includes:
Inventory hardware and software
Define the tolerance for downtime and data loss
Lay out the responsible person as well as identify
backup personnel
Create a communication plan
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
CONCLUSION:
Thus, it can be concluded that the information
security plan is basically a documentation of a plan of
an organisation. The plan is used for protecting the
company data and information as well as the personal
information that are sensitive. The plan is having the
ability to mitigate the threats that are against an
organisation and it helps an organisation to protect
confidentiality, integrity as well as availability of data.
Document Page
REFERENCES:
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs
more holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines
for effective information security management. Auerbach Publications.
Ortmeier, P. J. (2017). Introduction to security. Pearson.
Pereira, T., Barreto, L., & Amaral, A. (2017). Network and information security challenges
within Industry 4.0 paradigm. Procedia manufacturing, 13, 1253-1260.
Safa, N. S., Maple, C., Watson, T., & Von Solms, R. (2018). Motivation and opportunity
based model to reduce information security insider threats in organisations. Journal of
information security and applications, 40, 247-257.
Document Page
chevron_up_icon
1 out of 19
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]