This project is to create an incident analysis brief for your manager. Cybersecurity incidents will occur regardless of the level of protection and prevention an organization has in place. The response to the incident is what may make or break an organization. As you progress through your degree, you will build your skills to address all stages of incident response: preparation, detection and analysis, containment, eradication and recovery, and post$-$incident activity.

A critical aspect of incident response is using the information gained from an incident to improve the organization$$s security. The insight helps security professionals develop solutions that reduce the likelihood of similar incidents in the future. It also helps balance the potential negative impacts on the people, processes, and technologies the solutions ultimately affect. In this project, you will examine a past incident and use the Fundamental Security Design Principles to develop recommendations that will protect the organization in the future.

In this assignment, you will demonstrate your mastery of the following course competency:

Describe fundamental principles of cybersecurity

Scenario

In a course announcement, your instructor will provide you with a scenario to base your work on$.$ In the scenario, you are a security analyst creating an incident analysis brief that explains to the security or IT director explaining how to apply the Fundamental Security Design Principles to strengthen the organization$$s security posture following the incident described in the case. The scenario will provide all the specific technical information you need for your brief. You should address each critical element in the Project Two prompt, speaking broadly to your analysis and recommendations based on your research from the course materials in previous modules.

Prompt

Using evidence from the scenario, prepare an incident analysis brief for your manager. Limit your analysis to one security objective and two Fundamental Security Design Principles from the lists below.

Security Objective $($Choose One$)$:

Confidentiality

Integrity

Availability

Fundamental Security Design Principles $($Choose Two$)$:

Separation $($of domains and duties$)$

Isolation

Encapsulation

Modularity

Simplicity of design $($economy of mechanism$)$

Minimization of implementation $($least common mechanism$)$

Open design

Complete mediation

Layering $($defense in depth$)$

Least privilege

Fail$-$safe defaults and fail secure

Least astonishment $($psychological acceptability$)$

Minimization of trust surface $($reluctance to trust$)$

Usability

Trust relationships

Specifically, you must address the critical elements listed below:

Scenario Analysis: Using your work in the case study analyses $($Modules Two through Four$)$ and other course resources as reference, select the security objective you think is most relevant to the organization in the case.

Describe why the loss of your selected security objective $($confidentiality$,$ integrity, or availability$)$ reflects the greatest overall negative impact on the organization. Use evidence from the scenario and your coursework to support your selection.Summarize the negative impacts on people, processes, and technologies associated with the loss of your selected security objective.

Recommendations: Select two Fundamental Security Design Principles as criteria, and recommend solutions to remedy the loss of the selected security objective based on your assessment of the incident.

Explain how your solution implements the selected Fundamental Security Design Principles. Provide evidence from the scenario and your coursework to support your selections.Describe how your solution balances impacts on people, processes, and technologies.Explain which aspect of your solution you would recommend to your manager as the most important to the organization. Support your response with evidence from the coursework or scenario