Case Study

The assignment requires learners to read an informative article about a cyberattack on Citrix NetScaler gateways. The attack exploited an unpatched flaw, resulting in a high CVSS score of 9.8. The article highlights the malicious campaigns initiated by threat actors, the subsequent backdooring of thousands of NetScaler instances, and user credential theft via JavaScript injections. 

After reading the article, learners had to analyze and determine how the events described relate to broader cybersecurity concepts. They had to identify the existing security gap that made the attack possible, determine the most suitable implementation group for the entity in question, and ascertain which CIS controls should have been in place. Furthermore, they had discerned which controls were absent, leading to the breach. This assignment aimed to deepen the understanding of cybersecurity incidents and encourage learners to think strategically about mitigating future threats.

In the Project and Portfolio II: Information Technology course, I embarked on a comprehensive practical and theoretical learning journey, focusing on advanced IT systems and their integration. This project's core involved extending an existing project by implementing system scripting, application servers, and storage systems to construct a sophisticated networked multi-server environment. 

Key aspects of my project included the setup and configuration of a Docker environment hosting a Ghost container, which served as the foundation for the web infrastructure. I developed this using an Nginx reverse proxy to facilitate secure and efficient web traffic management. The project also involved setting up and configuring an Ubuntu LAMP stack, a critical component for running dynamic websites. 

A significant achievement in this project was successfully deploying a fully functional WordPress blog site. This demonstrated my technical skills in web development and encompassed comprehensive security settings and configuration within WordPress to ensure robust cybersecurity. Rigorous testing and validation procedures were followed to guarantee the functionality and security of the site. 

The project culminated in a detailed written report documenting each milestone, including the Docker setup, NginX reverse proxy configuration, and the LAMP stack implementation. The report also contained appendices with crucial technical documentation such as NginX configuration, access logs, and error logs, providing a complete overview of the system architecture and design decisions grounded in industry best practices.