WIL PROJECT

Program Name: Cyber Security & Forensics Security

Project Code: CPL-5559-CSFM

WIL Project Case Study Orientation

Vocational Learning Outcomes Covered in this WIL Project Case Study:

• Develop and implement cyber defence solutions considering the affordances and
limitations of the computer operating systems, networks, application software and
packages available
• Design cyber security solutions for business processes and applications in order to
protect business resources.
• Outline the processes and procedures involved in the maintenance and deployment
of network security solutions.
• Develop cyber security strategies and processes for business communications that
respond to the needs of all the internal stakeholders.
• Design and implement cyber defence solutions in compliance with security policies,
standards, and regulations within the organization.
• Plan, implement and evaluate cyber defence and network security policies and
strategies using project management principles to effectively respond to the needs of
the organization’s information security requirements.
• Implement forensic computer audits, vulnerability scans, penetration testing and ethical
hacks to evaluate cyber security system effectiveness and correct security issues.
• Develop and deliver appropriate internal cyber security training to ensure compliance
with security policies
• Communicate cyber defence protocols, policies and audit results and related
documentation to any level to the organization.

Essential Employability Skills (EESs) Covered in this WIL Project Case Study

• Communication
o It helps to communicate clearly, correctly, and concisely in different forms.
These include oral, written, and visual.
• Numeracy
o This skill set helps to solve mathematical operations effectively with accurate
precision.
• Critical thinking & problem solving
o It is a systemic approach to attempting to resolve problems by analyzing the
pros and cons of a decision.
• Information management

WIL PROJECT 1
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

o It helps to locate, select, organize, and document information with the use of
technology by analyzing aspects and gathering information from a variety of
sources.
• Interpersonal Skills
o This skill set is important as it helps to respect others’ opinions or input. It helps to
build teams and maintain relationships to achieve overall team or
organizational goals.
• Personal Skills
o These soft skills are important in developing employability talents, such as
dependability, adaptability, and problem-solving skills.

WIL PROJECT 2
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 1
Applicable VLOs or EESs for This Week’s Case Study
None for this week.

This Week’s Detailed Case Study Information

SOCs need a platform that intelligently brings together all relevant security data and reveals
advanced adversaries. As adversaries use more complex tactics, techniques, and procedures
(TTPs) to successfully circumvent and exploit traditional security controls, organizations are
scrambling to secure increasing numbers of vulnerable digital assets both inside and outside
the traditional network perimeter.

Security teams have been historically stretched for years, and with recent work-from-home
requirements the strain on resources has been amplified – security professionals are being once
again required to do more with the same or fewer resources, and with strict budget constraints.
Enterprises need unified and proactive security measures to defend the entire landscape of
technology assets, spanning legacy endpoints, mobile, and cloud workloads without
overburdening staff and in-house management resources.

With bad actors including “lone wolf” attackers, hacking groups, nation states and even
potentially malicious insiders constantly circling, enterprise security and risk managers are left
to overcome too many disconnected security tools and data sets from too many vendors.
Security staff struggle with a sea of data that results in alert overload, with too many false
positives and little integration of data with analysis tools or incident response, and all under
historic levels of operational stress.

ACS Cyber Professional (https://acscyberpro.com/) provides network and security consulting

to a wide range of businesses. It decided to partner with a local school to hire students to work
on their projects. One of its clients is Hierarchical Access Limited (HAL).

WIL PROJECT 3
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Established in June 2019, Hierarchical Access LTD (HAL) provides basic Internet access, fast
Internet access, and Web registration and hosting alternatives for small office/home office
(SOHO) individual and organizations. It is a privately-owned company managed by its founder
and CEO, Alan Hake.

The CIO, Amanda Wilson, has 15 years of technical experience and 10 years of experience as
a senior IT manager. Short after taking a position as CIO, Amanda hired Paul Alexander as
manager of information security. A reorganization in 2020 resulted in an enhanced recognition
of the role of information security at HAL. It also resulted in Paul being named chief information
security. Along with this increased recognition came a group of dedicated personnel and a
budget of approximately $500,000 for equipment, personnel, and training. As shown in Figure
3, Paul currently as two full-time security technician positions (one of which is unfilled) and an
intern.

HAL runs a mix of workloads on Rackspace and AWS. The company needs to ensure that all of
its systems meet a minimum level of security and that its information is protected from attacks.
The company also needs a way to collect and act on security events from across its digital
estate.

HAL decided to establish a network infrastructure to provide authentication, authorization, and

accounting of its network assets. It will also require contingency system in place in a form of
Load-Balancing and Cluster Management to provide redundancy and risk mitigation.

WIL PROJECT 4
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

HAL has decided to adopt a zero-trust architecture in their cloud-hosted applications in

Rackspace and AWS and has secured the service of ACS Cyber Professional to implement
such solution.

Zero Trust is an IT security model that eliminates the notion of trust to protect networks,
applications and data. This is in stark contrast to the traditional perimeter security model, which
presumes that bad actors are always on the untrusted side of the network, and trustworthy
users are always on the trusted side. With Zero Trust, these assumptions are nullified and all users
are presumed to be untrustworthy.

A zero-trust solution must:

• Ensure only known, allowed traffic or legitimate application communication is allowed

by segmenting and enabling Layer 7 policy
• Leverage a least-privileged access strategy and strictly enforce access control
• Inspect and log all traffic. Otherwise, it can be fairly simple for an attacker to gain
access to a company’s network.

In this project, you will explore network/server roles and features required to put in place a
network infrastructure, system redundancy of critical components of the system with the
intention of increasing reliability of the system, usually in the form of a backup or fail-safe, or to
improve actual system performance. It will also involve the following tasks:

WIL PROJECT 5
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

• Design and implement a unified security architecture for a zero-trust framework that
achieves the following:
1. Gives users secure access to HAL’s applications and data across the public cloud,
SaaS applications, and private cloud/data centers.
2. Controls and limits who has access to those assets, and how they can be used.
3. Inspects traffic and enforces security policies on an ongoing basis.

• Plan and implement an Active Directory Domain Services (ADDS) which is the core
functions in Active Directory that manage users and computers and allow systems
administrators to organize and manage network assets and resources. ADDS provides
for security certificates, Single Sign-On (SSO), LDAP, and rights management.
• Develop a DNS server that will contain a database of public IP addresses and their
associated hostnames, and in most cases serves to resolve, or translate, those names to
IP addresses as requested.
• Design a Dynamic Host Configuration Protocol (DHCP) that will automate the process
of configuring devices on IP networks, thus allowing them to use network services such
as DNS, NTP, and any communication protocol based on UDP or TCP. A DHCP server
dynamically assigns an IP address and other network configuration parameters to each
device on a network so they can communicate with other IP networks.
• Design and deploy a RADIUS solution to offer HAL with the ability to preserve the privacy
and security of their system and their users, thus helping in security management and in
creating policies for server administration.
• Design and develop a system redundancy configuration for the network infrastructure
with the intention of increasing reliability of the system, usually in the form of a backup
or fail-safe, or to improve actual system performance.
• Develop a Business Continuity Plan to serve as HAL runbook to create a system of
prevention and recovery from potential threats to a company. The plan ensures that
personnel and assets are protected and are able to function quickly in the event of a
disaster.
• Implement forensic computer audits, vulnerability scans, penetration testing and ethical
hacks to evaluate cyber security system effectiveness and correct security issues.
• Create a virtual Machine from a Physical Computer using a virtualization infrastructure
software
• Research and identify three virtualization security tools and create a chart that
compares their features. Provide your own recommendation and reasons.
• Research and identify three different tools/solutions for creating and managing network
servers, compare their features, your recommendation and reasons.

WIL PROJECT 6
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 1 Onboarding Expectations and Participation

Your task this week is to participate in training and orientation for the WIL Project. You will
participate in a variety of exercises that are designed to get to know you better and to
understand your role within the team. You will participate in exercises that prepare you for
success within the WIL Project. As with any position, you will have an excellent opportunity to
build on your skills as a leader so long as you put forth your best effort. Use this week to develop
a communication plan with your team and be ready to dive into the deliverables starting next
week.

Note: You can make any assumptions that are deemed necessary for each case on a week-
by-week basis. You will not be provided direct answers or 100% of the information necessary to
complete each deliverable. Instead, focus on delivering the highest quality outcome that you
can, as a group, to showcase your talent. Remember that if you were in the workplace, you
would be presenting these deliverables to your manager and would want to ensure that the
work is of the highest quality.

This section will be available to you for the entirety of the project. However, each subsequent
week’s case study information may only be available for that week. Be sure to download and
save this week’s information for future use.

WIL PROJECT 7
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 2
Applicable VLOs or EESs for This Week’s Case Study

• Develop cyber security strategies and processes for business communications that
respond to the needs of all the internal stakeholders.
• Plan, implement and evaluate cyber security policies and strategies using project
management principles to effectively respond to the needs of the organization’s
information security requirements

This Week’s Detailed Case Study Information

So now here you are starting the research work but before that, you need the approval of your
plan from the Manager so you will be preparing a plan/algorithm or layout and discuss with
your teammates before getting approval from your manager. You need to set a meeting with
your manager after week 1 (Introduction week) to discuss your idea and strategy and need
your manager's approval/feedback on your project understanding. Once you get the
approval then you can start with the project.

In order to achieve your project goals, you and your stakeholders need clarity on your overall
project timeline and schedule. Aligning on the time frame you have can help you better
prioritize during strategic planning sessions.

Please review your project description to fully understand the problem you and your team are
expected to solve in this WIL work experience.

Deliverables for This Week’s Case Study

1. Analysis of the core problem and its current state

2. Create team logo and name
3. Outline client benefits

WIL PROJECT 8
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 3
Applicable VLOs or EESs for This Week’s Case Study

• Design and implement cyber defence solutions in compliance with security policies,
standards, and regulations within the organization.
• Plan, implement, and evaluate cyber defence and network security policies and
strategies using project management principles to effectively respond to the needs of
the organization’s information security requirements.

This Week’s Detailed Case Study Information

Project descriptions provide the following details to the applicants: the problem the project will
address, a set of goals for the project, the overall objectives for the project, as well as a project
plan that describes the activities the members will undertake.

A Gantt chart is a horizontal bar chart used in project management to visually represent a
project plan over time. Gantt charts typically show you the timeline and status—as well as
who’s responsible—for each task in the project.

In This week, you need to connect with your extended team/stakeholders and tell them what
your scope, timelines, and strategies are, your analysis and ask them for input/feedback as
they understand the flow better.

Deliverables for This Week’s Case Study

1. Project descriptions (scope, dependencies, milestones, deliverables)

2. Proposed Solution
3. Gantt Chart
4. Technical and business objectives
5. Proposed method to fix the problem

WIL PROJECT 9
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 4
Applicable VLOs or EESs for This Week’s Case Study

• Design and implement cyber defence solutions in compliance with security policies,
standards, and regulations within the organization.
• Plan, implement, and evaluate cyber defence and network security policies and
strategies using project management principles to effectively respond to the needs of
the organization’s information security requirements.

This Week’s Detailed Case Study Information

Before you’re able to do a project risk analysis, you have to acknowledge that risk is going to
happen in your project and you’ll need to be prepared with a risk management plan. This plan
is the tool project managers use to oversee the risk management process. It has five steps: risk
identification, analysis, prioritization, response and monitoring.
Risk analysis is very important because it sets the stage for your risk management plan.

You will be connecting with Project Manager and analyse, identify and tracking the risks.
Use a risk breakdown structure to list out potential risks in a project and organize them
according to level of detail, with the most high-level risks at the top and more granular risks at
the bottom.

Deliverables for This Week’s Case Study

1. Discuss the network administration principles.

2. Design the appropriate security policies for the company to maximize the security
without affecting the business.
3. Budget and resource allocation.
4. Risk analysis and management
5. Identify milestones of the project and how it would be overcome.

WIL PROJECT 10
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 5
Applicable VLOs or EESs for This Week’s Case Study

• Develop cyber defence strategies and processes for business communications that
respond to the needs of all the internal stakeholders.
• Plan, implement, and evaluate cyber defence and network security policies and
strategies using project management principles to effectively respond to the needs of
the organization’s information security requirements.

This Week’s Detailed Case Study Information

Organizational structure aligns and relates parts of an organization, so it can achieve its
maximum performance. The structure chosen affects an organization's success in carrying out
its strategy and objectives. Leadership should understand the characteristics, benefits and
limitations of various organizational structures to assist in this strategic alignment.

In addition to organizational transition, you may want to change the framework or introduce
a new if it doesn’t exist before. You need a proper report and analysis should be done before
going to HR for this change.

You should have the techniques/model you will be working on as you will be connecting with
HR department for all the shifting/transition happening this week, so if you are changing the
structure you need to involve the HR department for approvals too for transiting the team.

Deliverables for This Week’s Case Study

1. Outline roles and responsibilities in the Organizational Structure & Chart below

WIL PROJECT 11
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

2. Create a process Model. It could be any., for example DevOps model would look
something like this-

3. Prepare for Mid-Term Panel Evaluation

WIL PROJECT 12
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 6- Mid Term Week

Applicable VLOs or EESs for This Week’s Case Study

• Develop cyber security strategies and processes for business communications that
respond to the needs of all the internal stakeholders.
• Design and implement cyber defence solutions in compliance with security policies,
standards, and regulations within the organization.

This Week’s Detailed Case Study Information

Just take this midterm as your meeting with stakeholders who are coming to review progress
on the work that has been done so far, and what are the plans for next quarter.
You have to make a PPT till this week of whatever work, research you have done and present
them the work.
At the end, the feedbacks will be taken from stakeholders/panel members about your team’s
progress.

Few things you need to keep in mind:

• Present importance/benefit of work to organization
• Demonstrate to industry panel how you successfully function as a team
• Team effort: every team member needs to present, contribute and account for the
contribution towards the presentation

Deliverables for This Week’s Case Study

1. Create Mid term PPTs and deliver it to the stakeholders.

WIL PROJECT 13
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 7
Applicable VLOs or EESs for This Week’s Case Study

• Develop cyber defence strategies and processes for business communications that
respond to the needs of all the internal stakeholders.
• Develop and deliver appropriate internal cyber defence and network training to
ensure compliance with security policies.

This Week’s Detailed Case Study Information

If the network is not adequately secured, a company risks not only losing data but trust and
reputation in the market in the event of an attack. All the effort a company puts into promoting
and generating traffic to a site can suddenly be destroyed if a company fails to properly
secure its network. Therefore, it’s important to familiarise yourself with best practices and
different types of network security.

Zero Trust is an IT security model that eliminates the notion of trust to protect networks,
applications and data. This is in stark contrast to the traditional perimeter security model, which
presumes that bad actors are always on the untrusted side of the network, and trustworthy
users are always on the trusted side. With Zero Trust, these assumptions are nullified and all users
are presumed to be untrustworthy.

So now to get a better idea you are asked to connect with consulting department to check
about the network security solution and then make a list of possible network safety measure
they ask you to take which you can use in coming week when you will be designing a network.

Deliverables for This Week’s Case Study

1. Methods and techniques for building secure networks.

2. Investigating industry arrangements presented by various specialist organizations on the
web.
3. Understand the gap between your product/solution and one currently available in
market. (Work found on internet. It could be hypothetical as well) and own work.
4. Determine the critical components of your network
5. Discuss about Zero trust solution.

WIL PROJECT 14
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 8
Applicable VLOs or EESs for This Week’s Case Study

• Develop cyber defence strategies and processes for business communications that
respond to the needs of all the internal stakeholders.
• Develop and deliver appropriate internal cyber defence and network training to ensure
compliance with security policies.

This Week’s Detailed Case Study Information

Basically, network infrastructure is the collection of hardware and software that constitutes a
particular network. These various components work together in a physical or virtual network to
provide users with the capability to accomplish tasks through the various applications and
services that run on that network.

With Implementation of firewalls, need to take care of security policies too.

Here comes the implementation part, now before implementing anything you will be checking
with network administrators to discuss the changes, you will be doing and the implementation
you are planning to do, please also check if the expected results are valid before moving the
solution to the Production environment. Conduct a Sanity Test here.

Deliverables for This Week’s Case Study

1. Deploy a network infrastructure

2. Develop redundant system architecture through load-balancing and cluster
management
3. Implementation of firewall rule and security policies
4. Identify single points of failure in your network and address them.
5. Inspects traffic and enforces security policies on an ongoing basis.
6. Design a zero-trust architecture for HAL’s cloud infrastructure.

WIL PROJECT 15
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 9
Applicable VLOs or EESs for This Week’s Case Study

• Plan, implement, and evaluate cyber defence and network security policies and
strategies using project management principles to effectively respond to the needs of
the organization’s information security requirements
• Develop and deliver appropriate internal cyber defence and network training to ensure
compliance with security policies.

This Week’s Detailed Case Study Information

Hardware and software failures are among the most devastating types of losses, resulting in a
massive loss of time and money for an organization. Identifying the cause of hardware and
software failures is key when restoring business operations, comparing restoration costs to pre-
loss conditions to assist with resolving insurance claims, and expediting litigation.

In week 9, you will be connecting with IT consultant to discuss all the possible cases that have
already happened, find the root cause and see if you can manage to drop the number of
failures as compared to previous year.

Deliverables for This Week’s Case Study

1. Software and hardware used

2. Responses to hardware, software and data failures
3. Get a clear idea about System interface (hardware, operating systems, network)
4. How can you prevent data loss from system failure?
5. Design a secure network for the company.

WIL PROJECT 16
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 10
Applicable VLOs or EESs for This Week’s Case Study

• Implement forensic computer audits, vulnerability scans, penetration testing and ethical
hacks to evaluate cyber security system effectiveness and correct security issues.
• Communicate cyber defence protocols, policies, and audit results and related
documentation to any level of the organization.

This Week’s Detailed Case Study Information

A network vulnerability is a weakness or flaw in software, hardware, or organizational

processes, which when compromised by a threat, can result in a security breach.
Prior to investing in security controls, a vulnerability risk assessment is performed to quantify the
cost and acceptable loss of the equipment and its function.

Now we will be connecting to Security Auditor to conduct the assessment. For example -
review the risk levels, including employee passwords, how you collect payment from customers
and even internal process you use for communication. Compile a list of potential security gaps
and the current controls in place to mitigate those vulnerabilities. You will also be responsible
for recommending a risk assessment process to better mitigate those risks further.

Deliverables for This Week’s Case Study

1. How to Identify and Prepare for Network Security Threats and Vulnerabilities.
2. Perform risk mitigation strategies.
3. Perform business contingency and system hardening.
4. Deploy back and restoration procedures
5. Scope of attacker
6. Discuss NIDS and HIDS

WIL PROJECT 17
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 11
Applicable VLOs or EESs for This Week’s Case Study

• Plan, implement, and evaluate cyber defence and network security policies and
strategies using project management principles to effectively respond to the needs of
the organization’s information security requirements.
• Communicate cyber defence protocols, policies, and audit results and related
documentation to any level of the organization.

This Week’s Detailed Case Study Information

An incident response plan is a set of tools and procedures that your security team can use to
identify, eliminate, and recover from cybersecurity threats. It is designed to help your team
respond quickly and uniformly against any type of external threat.
Incident response plans ensure that responses are as effective as possible. These plans are
necessary to minimize damage caused by threats, including data loss, abuse of resources, and
the loss of customer trust.

Now you will be connecting to Incident Recovery Team and making a plan or modifying the
existing plan. Discuss strategy and how it supports business objectives

Deliverables for This Week’s Case Study

1. Create an incident response plan

2. Impact on Business if attack occurs
3. Scope of attacker
4. Compare/contrast RTO and RPO results

WIL PROJECT 18
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 12
Applicable VLOs or EESs for This Week’s Case Study

• Communicate cyber defence protocols, policies, and audit results and related
documentation to any level of the organization.
• Implement forensic computer audits, vulnerability scans, penetration testing and ethical
hacks to evaluate cyber security system effectiveness and correct security issues.

This Week’s Detailed Case Study Information

So now the implementation is done and your project is ready to be in Pilot mode. Now the
project will enter POC (Proof of Concept) stage.

A proof of concept (POC) exploit is a non-harmful attack against a computer or network. POC
exploits are not meant to cause harm, but to show security weaknesses within software.
Identifying issues allows companies to patch vulnerabilities and protect itself against attacks.

Blue teams typically begin by gathering data and creating an in-depth risk assessment that
outlines what steps need to be taken to strengthen overall security. This may include technical
solutions and tighter user protocols, such as stronger password policies.
Blue teams will often deploy monitoring tools, allowing information to be logged, checked and
scanned. Anything anomalous can then be subjected to greater analysis. Blue teams will also
launch countermeasures, engaging in exercises such as DNS audits, footprint analysis and
configuration checks to ensure that defenses are robust

You will be given a chance to be part of the blue team and perform audit on your own project
before going in POC.

Deliverables for This Week’s Case Study

1. What does a blue Team attacks?

2. What are the benefits of blue teaming?
3. How does the blue team’s security test process work?
4. What are the results of the audit you have done as blue team on your project?

WIL PROJECT 19
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 13
Applicable VLOs or EESs for This Week’s Case Study

• Communicate cyber defence protocols, policies, and audit results and related
documentation to any level of the organization.

This Week’s Detailed Case Study Information

Now here you will be presenting your project to all Department heads and getting the
feedback before you send your report to VP of the company. You need the approvals before
the release for product live. Get some demos for this meeting.

Deliverables for This Week’s Case Study

1. Final Project Report – this is your final document with all supporting resources: including
any appendices. Bibliography and reference in APA format required.
2. Prepare for Final Panel Evaluation (Week 13)

WIL PROJECT 20
P
A
 WIL PROJECT
Program Name: Cyber Security & Forensics Security
Project Code: CPL-5559-CSFM

Week 14
Preparing for Your Final Week Activities

It is the end of your work term. Your supervisor is grateful for your efforts. The final week contains
activities which include both individual and teamwork efforts. Take this opportunity to shine
bright in the final activities.

Final Week Deliverables and Format Requirements

Your supervisor will provide you with more detail about the Final Week responsibilities.

WIL Project Completion

Following completion of the Final Week activities, you will be notified by your supervisor if you
pass or fail the WIL Project.

WIL PROJECT 21
P
A