UKRAINE POWERPLANT In ICS/SCADA System

UKRAINE POWERPLANT In ICS/SCADA System

 

Part 1 : Research about involving SCADA….which is UKRAINE POWERPLANT ATTACK

Need 2 pages Research with Reference APA format

 

Part 2 : need 3 page Description of Industry

  1. What type of industry is this?
  2. What is the importance of this industry to society?

Industrial Control System Processes Employed

  1. List industrial control system processes specific to industry.
  2. List the control systems that control those processes and how they control those processes.
  3. Create a network diagram displaying the interconnections of the industrial control system devices listed in item 3.
  4. For example: Use ICS CERT CSET, Visio, Excel, Word, etc.

    Part 3 ; Need 3 Page

This assignment is a part of your overall final project.  Please make sure to incorporate this assignment to your final project; reference to Week 1 Final Project Template.

 

Profile ICS Devices

  1. For each ICS device document:
  2. Logical Ports

For example, 80, 443, etc.

http://www.digitalbond.com/tools/the-rack/control-system-port-list/

  1. Protocols Running

For example, SMTP, SNMP, DNP3, Modbus, Fieldbus, Ethernet, etc.

  1. Physical Connection Types

For example, serial, RJ45, USB, parallel, etc.

http://www.digitalbond.com/tools/the-rack/control-system-port-list/

  1. Default Accounts:

Research the manufacturer’s information on the device.  Look for default account information to login with.

Check “Default Password List” for an entry: http://www.defaultpassword.com/

  1. Services

Research manufacturer’s information on the device and document services running.

  1. Authentication

Research manufacturer’s website for the device and locate information on how the device authenticates users.

  1. Use of Encryption

Research manufacturer’s website for the device and locate information about encryption.  For example, does the device use encrypted connections?  Is the back-end database encrypted?  What type of encryption does it use?  Is public/private key encryption like RSA?

  1. Logging Capability

Research manufacturer’s website for the device and locate information about logging.  Answer questions like is logging enabled?  Are logs stored locally or remotely?

  1. Other Security Documentation

Does the manufacturer have any security related documentation not provided above that would be of use?

 

 

 

 

Part 4 : Need 2 Page

Identify, Measure, and Manage Risks

  1.         Identify risks:

Risk is a function of M, AV, T, and V:

R = f (M, AV, T, V)

R – risk, M – mission importance, AV – asset values, T – threats, V – vulnerabilities

  1. “What”: what is the problem/challenge in managing risks and auditing the ICS? Explain how you might measure

“Why”: why do you need and want to solve the problem?

                              “How”: how do you economically solve it?

Identify Security Controls

  1. Select security controls based on results from “Industrial Control System Processes Employed” and “Profile ICS Devices”:

Reference either ICS CERT CSET or NIST 800-53, Security and Privacy Controls for Federal Information Systems and Organizations,

http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf

 

Part 5 : Need 3 Page

Apply ICS Security Best Practices

  1. NIST 800-82, Industrial Control System Security, http://csrc.nist.gov/publications/drafts/800-82r2/sp800_82_r2_draft.pdf
  2. Identify unremediated risks and choose risk strategy: Accept risk, avoid risk, mitigate risk, share risk, transfer risk, combination.

Reference: NIST 800-37, Guide for Applying the Risk Management Framework to Federal Information Systems, http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r1.pdf

Identify Vulnerability Continuous Monitoring Strategy

  1.  Examples:
  2. Nessus – Bandolier modules.
  3. Metasploit – ICS exploits.
  4. Snort
  5. Nmap – Identify ICS “friendly” scans.
  6. Are these IA certified tools?  How so?
  7. For example:
  8. NIAP: https://www.niap-ccevs.org/CCEVS_Products/pcl.cfm
  9. Common Criteria: https://www.commoncriteriaportal.org/products/
  10. For example: Are these tools SCAP-compliant?
  11. Create script rules for baselining each ICS system.
  12. For example scripts rules should audit:
  13. Installed programs.
  14. Users, groups.

iii. Shares.

  1. Services.
  2. Processes.
  3. Etc.

Part 6 need 2 pages

 

 

Please revise your rough draft to address three attributes: a) “What”: what is the problem/challenge in managing risks and auditing the ICS, b) “Why”: as an ICS/ SCADA Information Assurance expert, why do you need and want to solve the problem, and c) “How”: how do you economically solve it?

 

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more