What This Document Is
This document represents a student’s submission for a challenge assignment (M19) within the JUS 405 Cyber Security course at Pennsylvania Western University, California. It appears to be a practical exercise utilizing the Splunk security information and event management (SIEM) tool. The assignment focuses on analyzing security logs to identify and respond to simulated cyberattacks.
Why This Document Matters
This submission is intended for the course instructor for assessment purposes. It demonstrates the student’s ability to use Splunk to investigate security incidents, create alerts, and establish baselines for normal network activity. It’s used as a deliverable to prove competency in applying cybersecurity concepts to a real-world scenario.
Common Limitations or Challenges
This document is a completed assignment; it doesn’t offer instruction on *how* to use Splunk or interpret security data. It showcases a specific instance of analysis, and won’t cover all possible attack scenarios or Splunk functionalities.
What This Document Provides
The submission includes responses to questions regarding the timing of a simulated attack and system recovery. Screenshots are provided showing a Splunk search report identifying critical events, and evidence of alert creation for critical database vulnerabilities and brute force attacks. It also details a baseline for normal login attempts and a threshold for triggering a brute force alert. This preview *does not* include the full Splunk report data, detailed alert configurations, or the student’s complete reasoning behind their analysis.