Objective 5- legal and ethical best practices in information security.

In NTS330 – Applied Exploits, I completed a detailed report titled "Ethics in Penetration Testing". This assignment focused on the boundaries and responsibilities of ethical hackers, covering topics like informed consent, scope of testing, responsible disclosure, and the legal consequences of unauthorized access. Through this project, I explored real-world ethical dilemmas and studied frameworks such as the EC-Council Code of Ethics and Computer Fraud and Abuse Act (CFAA). This helped me better understand the fine line between ethical hacking and illegal activity.

In NTS201 – Security Essentials, I applied legal and ethical best practices into a broader context by designing a Comprehensive Security Strategy for a simulated organization. This final project incorporated regulatory compliance (such as HIPAA and FERPA), acceptable use policies, physical and network security standards, and strategic mitigation planning. The assignment reinforced the importance of not only knowing how to protect a system, but also doing so in a way that meets industry laws, respects user privacy, and upholds professional integrity.