Case Study: CIA Exercise Part 1 And Database Creation Instru

Posted on December 27, 2025

Case Study: CIA Exercise Part-1 and Database Creation Instructions

Analyze media articles related to cybersecurity incidents, identify properties of compromised information or systems, vulnerabilities exploited, root causes, and preventative security practices at various organizational levels. Additionally, design and implement a student information system database using MySQL, following specific entity, attribute, key, relationship, and constraint requirements, including data insertion and script execution.

Paper For Above instruction

Analysis of Cybersecurity Incidents

Understanding the properties of information and systems that might have been compromised during cybersecurity incidents is critical for developing effective defense strategies. Generally, the three core properties affected are confidentiality, integrity, and availability. The impacts on these properties vary depending on the attack vector and nature of the breach.

Part 1: Guardian Article Analysis

The Guardian article details a cybersecurity attack involving unauthorized access or data breaches. Such incidents frequently threaten confidentiality, as sensitive information like personal data, corporate secrets, or classified intelligence could be accessed or leaked. Integrity may also be compromised if data is altered by malicious actors, leading to misinformation or data corruption. Availability could be impacted if the attack results in system downtime, denial of service, or resource exhaustion, hindering legitimate users' access to systems and information.

In particular, confidentiality breaches undermine user privacy and organizational secrets, which can have far-reaching legal and reputational consequences. Integrity breaches compromise data accuracy and trustworthiness, potentially affecting decision-making processes. Availability impacts operational continuity, vital for organizations that depend on real-time data processing and system accessibility.

Part 2: New York Times Article Analysis

The New York Times report describes a hacking incident exploiting specific vulnerabilities. The attack exploited a known security flaw, such as an outdated software component, weak password practices, or misconfigured systems, leading to unauthorized access.

The exploited vulnerability could be a software misconfiguration, weak authentication mechanisms, or unpatched software vulnerabilities, which are common in enterprise environments. Root causes of such vulnerabilities often include inadequate patch management, poor security awareness among staff, insufficient security governance, or lack of routine security assessments and updates.

Root causes may also be linked to human error, such as neglecting timely patch deployment or using default passwords, and organizational factors like insufficient security training or a culture that undervalues cybersecurity.

Part 3: NBC News Article Analysis

The NBC News article highlights a cybersecurity breach compromising certain information or system properties. Similar to previous cases, confidentiality, integrity, and availability could be affected depending on the attack scope and method.

Prevention of such incidents involves implementing security best practices across multiple levels:

Technical: Regular patch management, strong authentication protocols, encryption, intrusion detection systems, and minimal privilege access.
Documentary: Maintaining comprehensive security policies, incident response plans, employee training, and audit logs.
Managerial: Establishing a security-aware culture, conducting regular risk assessments, allocating resources for security measures, and enforcing compliance with best practices.

Database Schema Design for Student Information System

The project involves analyzing an Entity-Relationship Diagram (ERD) for a student information system, creating SQL scripts to define tables with appropriate constraints, relationships, and data, and executing these scripts in MySQL.

Step-by-step Process

1. Entities and Attributes

The entities include STUDENT, CAMPUS, ROOM, COURSE, INSTRUCTOR, APPROVED_INSTRUCTOR, CLASS, and STUDENT_GRADE. Attributes encompass student names, IDs, course names, instructor details, room numbers, etc. Primary keys are designated for each entity, with foreign keys establishing relationships.

2. SQL Script Creation

Scripts start with disabling foreign key checks, dropping existing tables, and then recreating tables with precise data types, primary keys, foreign keys, and constraints. Data integrity constraints include non-null requirements, value restrictions (e.g., grades), and range limitations (e.g., credit hours).

3. Data Population

Insert at least three rows per table with valid data, ensuring parent tables are populated first before child tables to maintain referential integrity.

4. Script Execution and Output Collection

Scripts conclude with COMMIT, SHOW TABLES, and SELECT statements to verify table creation and data insertion. The output is documented in a Word file for submission.

Key Technical and Conceptual Requirements

Proper data types for dates, coordinates, and text.
Automatic surrogate key generation.
Constraint enforcement: non-null, unique, range restrictions, predefined value sets.
Relationship integrity with cascade updates.
Data validation via constraints and insert statements with valid data.

Conclusion

The combined analytical and technical approach enhances understanding of cybersecurity vulnerabilities, incident prevention, and robust database design. Strict adherence to best practices and precise implementation ensures system security and data integrity, supporting organizational resilience and operational efficiency.

References

Vacca, J. R. (2013). Computer and Information Security Handbook. Elsevier.
Stallings, W. (2017). Cryptography and Network Security: Principles and Practice. Pearson.
Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). NIST.
Kim, D., & Solomon, M. G. (2016). Fundamentals of Information Systems Security. Jones & Bartlett Learning.
Booth, W. C., Colomb, G. G., & Williams, J. M. (2009). The Craft of Research. University of Chicago Press.
MySQL Documentation. (2023). MySQL 8.0 Reference Manual. Oracle Corporation.
Vaswani, V. (2010). MySQL Database Usage & Administration. McGraw Hill.
Whitman, M. E., & Mattord, H. J. (2018). Principles of Information Security. Cengage.
ISO/IEC 27001 Standards. (2013). Information technology — Security techniques — Information security management systems — Requirements.
Cybersecurity and Infrastructure Security Agency (CISA). (2020). Best Practices for Cybersecurity in Government. CISA Publication.

« Previous Next »

Hire Dr Jack for Homework & Academic Writing Help

Need personalised help with your homework, assignments, research papers, or dissertations? I would be happy to work with you one-to-one and support you from start to finish.

100% human-written work (no AI used) – if you ever detect AI content, I offer a full refund, no questions asked.
Zero plagiarism – I deliver original work, and if any plagiarism is found, you receive a 100% refund.
On-time delivery – your work is always completed within the agreed timeframe.
Available 24/7 – you can reach out whenever it is convenient for you.
Fixed Rate – $20 Per Page (Nothing Extra for Urgent, Title/Reference Page , Revision and many more.).

To discuss your requirements, please email me at drjack9650@gmail.com . I will respond as soon as possible.