Identifying Potential Malicious Attacks, Threats and Vulnerabilities

/in /by

Assignment 1: Identifying Potential Malicious Attacks, Threats and Vulnerabilities

Due Week 4 and worth 75 points

You have just been hired as an Information Security Engineer for a videogame development company. The organization network structure is identified in the below network diagram and specifically contains:

1) 2 – Firewalls

5) 2 – Windows Server 2012 Active Directory Domain Controllers (DC)

2) 1 – Web / FTP server

6) 3 – File servers

3) 1 – Microsoft Exchange Email server

7) 1 – Wireless access point (WAP)

4) 1 – Network Intrusion Detection System (NIDS)

8) 100 – Desktop / Laptop computers

 

9) VoIP telephone system

Network Diagram

The CIO has seen reports of malicious activity being on the rise and has become extremely concerned with the protection of the intellectual property and highly sensitive data maintained by your organization. As one of your first tasks with the organization, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. Further, the CIO would like you to briefly explain each item and the potential impact it could have on the organization. 

Write a four to five (4-5) page paper in which you:

  1. Analyze three (3) specific potential malicious attacks and / or threats that could be carried out against the network and organization.
  2. Explain in detail the potential impact of the three (3) selected malicious attacks.
  3. Propose the security controls that you would consider implementing in order to protect against the selected potential malicious attacks.
  4. Analyze three (3) potential concerns for data loss and data theft that may exist in the documented network.
  5. Explicate the potential impact of the three (3) selected concerns for data loss and data theft.
  6. Propose the security controls that you would consider implementing in order to protect against the selected concerns for data loss and data theft.
  7. Use at least three (3) quality resources in this assignment (no more than 2-3 years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

  • Explain the concepts of information systems security as applied to an IT infrastructure.
  • Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems.
  • Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
  • Explain the means attackers use to compromise systems and networks, and defenses used by organizations.
  • Use technology and information resources to research issues in information systems security.
  • Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. 

Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills. Click hereto access the rubric for this assignment.

module review 8.5 part 2

/in /by

Mark Grossman, a Florida attorney who specializes in computer and Internet law, gives answers to some basic questions.

 

Scenario 1

Nobody told you that your Internet use in the office was being monitored. Now you’ve been warned you’ll beyou’ll be fired if you use the Internet for recreational surfing again. What are your rights?

 

Bottom Line: When you’re using your office computer, you have virtually no rights. You’d have a tough time convincing a court that the boss invaded your privacy by monitoring your use of the company PC on company time. You should probably be grateful you gto a warning.

 

Scenario 2

Your employees are abusing their Internet privileges, but you don’t have an Internet usage policy. What do you do?

 

Bottom Line: Although the law ins’t fully developed in this area, courts are taking a straightforward approach: If it’s a company computer, the company can control the way it’s used. You don’t need an Internet usage policy ot prevent inappropriate use of your company computers. To protect yourself in the future, distribute an Internet policy to your employees as soon as possible.

 

Scenario 3

Employee John Doe downloads adult material to his PC at work, and employee Jane Smith sees it. Smith then proceeds to sue the company for secual harassment. As the employer, are you liable?

 

Bottom Line: Whether it comes from the Internet or from a magazine, adult material simply has no place in the office. So Smith could certainly sue the company for allowing a sexually hostile environment. The best defense is for the company to have an Internet usage policy that prohibits visits to adult sites. Of course, ou have to follow through. If someone is looking at adult material in the office, you must at least send the offending employee a written reprimand. If the company lacks a strict Internet policy, though, Smith could prevail in court.

 

A. Do you agree with the advice of attorney Mark Grossman in each of the scenarios? Why or Why not.

 

B. What would your advice be? Explanin your positions.

 

C. Identify any ethical principles you may be using in exxplaining your position in each of the scenarios.

 

Assignment 3: Mobile Computing and Social Networking

/in /by

Assignment 3: Mobile Computing and Social Networking 
Due Week 7 and worth 75 points 
Mobile computing has dramatically changed how information is accessed and shared. Wireless networking has been an enabler of mobile computing. One profession that mobile computing has had a big impact on is health care management. Patients are now able to monitor their vital signs such as blood pressure, glucose levels, etc. without having to periodically visit a doctor’s office or hospital. There are devices such as the Withings Blood Pressure Monitor that works with an iPhone, iPod Touch, or iPad to record, track, and graph a patient’s blood pressure. There are other devices that can measure blood glucose levels, oxygen levels, heart rate, etc. and use an iPhone to send the results to a clinical server. Doctors and caregivers are then able to access the data on the clinical server. According to the American College of Gastroenterology, social networking sites like Facebook, Twitter, and YouTube are used as powerful platforms to deliver and receive health care information. Patients and caregivers are increasingly going online to connect and share experiences with others with similar medical issues or concerns Patients are able to take advantage of social networks to do more than just share pictures and tweets. Write a four to five (4-5) page paper in which you:

  1. Compare and contrast monitoring of patient vital signs using mobile computing technology to in-patient visits to the doctor’s office or hospital.
  2. Analyze the advantages and disadvantages of using mobile computing technology to monitor patients.
  3. Assess the security concerns with regard to the transmission of personal medical information over wireless networks.
  4. Assess the use of social networking for group support for patients with similar medical concerns.  
  5. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

 

  • Describe the use of network management, Web, wireless, and mobility technologies.
  • Outline the strategic implications of information assurance and security in an information technology environment.
  • Use technology and information resources to research issues in information systems and technology.
  • Write clearly and concisely about topics related to information systems for decision making using proper writing mechanics and technical style conventions.

Can you help please.

/in /by

I am working on the assignment using MYSQL. 

Here the scripts and attached is the questions. THIS SHOULD BE DONE USING MYSQL.

 

/*SQL script to create the PREMIERE database and associated tables and then load the data*/

/*Create the database and switch to it*/
CREATE DATABASE PREMIERE;

USE PREMIERE;

/*Create REP table*/
CREATE TABLE rep (
  rep_num    CHAR(2)  PRIMARY KEY,
  last_name  VARCHAR(15) NOT NULL,
  first_name VARCHAR(15),
  street     VARCHAR(15),
  city       VARCHAR(15),
  state      CHAR(2),
  zip        CHAR(5),
  commission DECIMAL(7,2),
  rate       DECIMAL(3,2) 
);


/*Create CUSTOMER table*/
CREATE TABLE customer (
  customer_num  CHAR(3)  PRIMARY KEY,
  customer_name VARCHAR(35) NOT NULL,
  street        VARCHAR(15),
  city          VARCHAR(15),
  state         CHAR(2),
  zip           CHAR(5),
  balance       DECIMAL(8,2),
  credit_limit  DECIMAL(8,2),
  rep_num       CHAR(2),
  FOREIGN KEY (rep_num) REFERENCES rep(rep_num)
);


/*Create ORDERS table*/
CREATE TABLE orders (
  order_num    CHAR(5) PRIMARY KEY,
  order_date   DATE,
  customer_num CHAR(3),
  FOREIGN KEY (customer_num) REFERENCES customer(customer_num)
);


/*Create PART table*/
CREATE TABLE part (
  part_num    CHAR(4) PRIMARY KEY,
  description VARCHAR(15),
  on_hand     DECIMAL(4,0),
  class       CHAR(2),
  warehouse   CHAR(1),
  price       DECIMAL(6,2)
);


/*Create ORDER_LINE table*/
CREATE TABLE order_line (
  order_num    CHAR(5),
  part_num     CHAR(4),
  num_ordered  DECIMAL(3,0),
  quoted_price DECIMAL(6,2),
  PRIMARY KEY (order_num, part_num),
  FOREIGN KEY (order_num) REFERENCES orders(order_num),
  FOREIGN KEY (part_num)  REFERENCES part(part_num)
);


/*Insert data into tables*/
INSERT INTO rep VALUES ('20','Kaiser','Valerie','624 Randall','Grove','FL','33321',20542.50,0.05);
INSERT INTO rep VALUES ('35','Hull','Richard','532 Jackson','Sheldon','FL','33553',39216.00,0.07);
INSERT INTO rep VALUES ('65','Perez','Juan','1626 Taylor','Fillmore','FL','33336',23487.00,0.05);

INSERT INTO customer VALUES ('148','Al''s Appliance and Sport','2837 Greenway','Fillmore','FL','33336',6550.00,7500.00,'20');
INSERT INTO customer VALUES ('282','Brookings Direct','3827 Devon','Grove','FL','33321',431.50,10000.00,'35');
INSERT INTO customer VALUES ('356','Ferguson''s','382 Wildwood','Northfield','FL','33146',5785.00,7500.00,'65');
INSERT INTO customer VALUES ('408','The Everything Shop','1828 Raven','Crystal','FL','33503',5285.25,5000.00,'35');
INSERT INTO customer VALUES ('462','Bargains Galore','3829 Central','Grove','FL','33321',3412.00,10000.00,'65');
INSERT INTO customer VALUES ('524','Kline''s','838 Ridgeland','Fillmore','FL','33336',12762.00,15000.00,'20');
INSERT INTO customer VALUES ('608','Johnson''s Department Store','372 Oxford','Sheldon','FL','33553',2106.00,10000.00,'65');
INSERT INTO customer VALUES ('687','Lee''s Sport and Appliance','282 Evergreen','Altonville','FL','32543',2851.00,5000.00,'35');
INSERT INTO customer VALUES ('725','Deerfield''s Four Seasons','282 Columbia','Sheldon','FL','33553',248.00,7500.00,'35');
INSERT INTO customer VALUES ('842','All Season','28 Lakeview','Grove','FL','33321',8221.00,7500.00,'20');

INSERT INTO orders VALUES ('21608','2007-10-20','148');
INSERT INTO orders VALUES ('21610','2007-10-20','356');
INSERT INTO orders VALUES ('21613','2007-10-21','408');
INSERT INTO orders VALUES ('21614','2007-10-21','282');
INSERT INTO orders VALUES ('21617','2007-10-23','608');
INSERT INTO orders VALUES ('21619','2007-10-23','148');
INSERT INTO orders VALUES ('21623','2007-10-23','608');

INSERT INTO part VALUES ('AT94','Iron',50,'HW','3',24.95);
INSERT INTO part VALUES ('BV06','Home Gym',45,'SG','2',794.95);
INSERT INTO part VALUES ('CD52','Microwave Oven',32,'AP','1',165.00);
INSERT INTO part VALUES ('DL71','Cordless Drill',21,'HW','3',129.95);
INSERT INTO part VALUES ('DR93','Gas Range',8,'AP','2',495.00);
INSERT INTO part VALUES ('DW11','Washer',12,'AP','3',399.99);
INSERT INTO part VALUES ('FD21','Stand Mixer',22,'HW','3',159.95);
INSERT INTO part VALUES ('KL62','Dryer',12,'AP','1',349.95);
INSERT INTO part VALUES ('KT03','Dishwasher',8,'AP','3',595.00);
INSERT INTO part VALUES ('KV29','Treadmill',9,'SG','2',1390.00);

INSERT INTO order_line VALUES ('21608','AT94',11,21.95);
INSERT INTO order_line VALUES ('21610','DR93',1,495.00);
INSERT INTO order_line VALUES ('21610','DW11',1,399.99);
INSERT INTO order_line VALUES ('21613','KL62',4,329.95);
INSERT INTO order_line VALUES ('21614','KT03',2,595.00);
INSERT INTO order_line VALUES ('21617','BV06',2,794.95);
INSERT INTO order_line VALUES ('21617','CD52',4,150.00);
INSERT INTO order_line VALUES ('21619','DR93',1,495.00);
INSERT INTO order_line VALUES ('21623','KV29',2,1290.00);

 

Security Regulation Compliance

/in /by

Security Regulation Compliance

This assignment consists of two (2) sections: a written paper and a PowerPoint presentation. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for.

 
In the day-to-day operations of information security, security professionals often focus the majority of their time dealing with employee access issues, implementing security methods and measures, and other day-to-day tasks. They often neglect legal issues that affect information security. As a result, organizations often violate security-related regulations and often have to pay heavy fines for their non-compliance.  Thus, as a Chief Information Officer in a government agency, you realize the need to educate for senior leadership on some of the primary regulatory requirements, and you realize the need to ensure that the employees in the agency are aware of these regulatory requirements as well.
 
Section 1: Written Paper
1. Write a six to eight (6-8) page paper in which you:

a. Provide an overview that will be delivered to senior management of regulatory requirements the agency needs to be aware of, including:

i. FISMA

ii. Sarbanes-Oxley Act

iii. Gramm-Leach-Bliley Act

iv. PCI DSS

v. HIPAA

vi. Intellectual Property Law

b. Describe the security methods and controls that need to be implemented in order to ensure compliance with these standards and regulatory requirements.
c. Describe the guidance provided by the Department of Health and Human Services, the National Institute of Standards and Technology (NIST), and other agencies for ensuring compliance with these standards and regulatory requirements.
d. Use at least five (5) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources. 
 
Your written paper must follow these formatting requirements:
  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required page length.
Section 2: PowerPoint Presentation
2. Create an eight to ten (8-10) slide security awareness PowerPoint presentation that will be presented to the agency’s employees, in which you:

a. Include an overview of regulatory requirements and employee responsibilities, covering:

i. FISMA

ii. Sarbanes-Oxley Act

iii. Gramm-Leach-Bliley Act

iv. PCI DSS

v. HIPAA

vi. Intellectual Property Law

Your PowerPoint presentation must follow these formatting requirements:
  • Include a title slide, six to eight (6-8) main body slides, and a conclusion slide. 
The specific course learning outcomes associated with this assignment are:
  • Explain the concept of privacy and its legal protections. 
  • Describe legal compliance laws addressing public and private institutions. 
  • Analyze intellectual property laws.
  • Examine the principles requiring governance of information within organizations.
  • Use technology and information resources to research legal issues in information security.
  • Write clearly and concisely about information security legal issues and topics using proper writing mechanics and technical style conventions.

Project Deliverable 5: Infrastructure and Security

/in /by

Project Deliverable 5: Infrastructure and Security

Due Week 8 and worth 110 points

This assignment consists of two (2) sections: an infrastructure document and a revised Gantt chart or project plan. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.

The infrastructure which encompasses the network solution and security considerations is a major consideration for your company. Considering that the company will be expanding from one (1) floor to three (3) floors in the very near future you, as the CIO, are responsible for the design of the infrastructure and security protocols. You have been tasked with designing a network that is stable, redundant, and scalable. In addition, speed and reliability are important considerations. Assumptions should be drawn regarding network usage in relationship to network services and resources. All the established criteria that were set at the onset should be adhered to within your plan. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. In addition, access paths for Internet access should be depicted. Additionally, the security of the network should be in the forefront of your design because protecting your data is a primary consideration. 

Section 1: Infrastructure Document

  1. Write a four to six (4-6) page infrastructure document in which you:
    • Justify and support the relationship between infrastructure and security as it relates to this data-collection and analysis company.
    • Present the rationale for the logical and physical topographical layout of the planned network.
    • Design a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
    • Illustrate the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls. Note: Facility limitations, workstations, databases, printers, routers, switches, bridges, and access points should be considered in the illustration.
    • Create and describe a comprehensive security policy for this data-collection and analysis company that will:

 

  • Protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA). Note: CIA is a widely used benchmark for evaluation of information systems security, focusing on the three (3) core goals of confidentiality, integrity, and availability of information. 
  • Address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
  • Include charts or diagrams created in MS Visio or Dia as an appendix of the infrastructure document. All references to these diagrams must be included in the body of the infrastructure document.

Section 2: Revised Project Plan

Use Microsoft Project to:

  1. Update the project plan from Project Deliverable 4: Analytics, Interfaces, and Cloud Technology, with three to five (3-5) new project tasks each consisting of five to ten (5-10) sub-tasks.

The specific course learning outcomes associated with this assignment are:

  • Develop information systems-related activities to maximize the business value within and outside the organization.
  • Demonstrate an understanding of existing and emerging information technologies, the functions of IS, and its impact on the organizational operations.
  • Evaluate the issues and challenges associated with information systems integration.
  • Use technology and information resources to research issues in information systems.
  • Write clearly and concisely about strategic issues and practices in the information systems domain using proper writing mechanics and technical style conventions.

  • Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.

 

Points: 110

Project Deliverable 5: Infrastructure and Security

Criteria

 

Unacceptable

Below 60% F

Meets Minimum Expectations

60-69% D

 

Fair

70-79% C

 

Proficient

80-89% B

 

Exemplary

90-100% A

Section 1: Infrastructure Document

1a. Justify and support the relationship between infrastructure and security as it relates to this data- collection and analysis company.

Weight: 15%

Did not submit or incompletely justified and supported the relationship between infrastructure and security as it relates to this data-collection and analysis company.

Insufficiently justified and supported the relationship between infrastructure and security as it relates to this data-collection and analysis company.

Partially justified and supported the relationship between infrastructure and security as it relates to this data-collection and analysis company.

Satisfactorily justified and supported the relationship between infrastructure and security as it relates to this data-collection and analysis company.

Thoroughly justified and supported the relationship between infrastructure and security as it relates to this data-collection and analysis company.

1b. Present the rationale for the logical and physical topographical layout of the planned network.

Weight: 20%

Did not submit or incompletely presented the rationale for the logical and physical topographical layout of the planned network.

Insufficiently presented the rationale for the logical and physical topographical layout of the planned network.

Partiallypresented the rationale for the logical and physical topographical layout of the planned network.

Satisfactorilypresented the rationale for the logical and physical topographical layout of the planned network.

Thoroughlypresented the rationale for the logical and physical topographical layout of the planned network.

1c. Design a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia.

Weight: 15%

Did not submit or incompletely designed a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia.

Insufficiently designed a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia.

Partially designed a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia.

Satisfactorilydesigned a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia.

Thoroughlydesigned a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia.

1d. Illustrate the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls.

Weight: 15%

Did not submit or incompletely illustrated the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls.

Insufficiently illustrated the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls.

Partiallyillustrated the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls.

Satisfactorilyillustrated the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls.

Thoroughlyillustrated the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls.

1ei. Create and describe a comprehensive security policy for this data collection and analysis company that will protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA).

Weight: 10%

Did not submit or incompletely created and described a comprehensive security policy for this data collection and analysis company that will protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA).

Insufficiently created and described a comprehensive security policy for this data collection and analysis company that will protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA).

Partiallycreated and described a comprehensive security policy for this data collection and analysis company that will protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA).

Satisfactorilycreated and described a comprehensive security policy for this data collection and analysis company that will protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA).

Thoroughlycreated and described a comprehensive security policy for this data collection and analysis company that will protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA).

1eii. Create and describe a comprehensive security policy for this data-collection and analysis company that will address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.

Weight: 10%

Did not submit or incompletely created and described a comprehensive security policy for this data-collection and analysis company that will address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.

Insufficiently created and described a comprehensive security policy for this data-collection and analysis company that will address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.

Partiallycreated and described a comprehensive security policy for this data-collection and analysis company that will address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.

Satisfactorilycreated and described a comprehensive security policy for this data- collection and analysis company that will address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.

Thoroughlycreated and described a comprehensive security policy for this data- collection and analysis company that will address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.

Section 2: Revised Project Plan

2. Update the project plan from Project Deliverable 4: Analytics, Interfaces, and Cloud Technology,with three to five (3-5) newproject tasks each consisting of five to ten (5-10) sub-tasks.

Weight: 5%

Did not submit or incompletely updated the project plan from Project Deliverable 4: Analytics, Interfaces, and Cloud Technology,with three to five (3-5) newproject tasks each consisting of five to ten (5-10) sub-tasks.

Insufficiently updated the project plan from Project Deliverable 4: Analytics, Interfaces, and Cloud Technology,with three to five (3-5) newproject tasks each consisting of five to ten (5-10) sub-tasks.

Partially updated the project plan from Project Deliverable 4: Analytics, Interfaces, and Cloud Technology, with three to five (3-5)new project tasks each consisting of five to ten (5-10) sub-tasks.

Satisfactorily updated the project plan from Project Deliverable 4: Analytics, Interfaces, and Cloud Technology, with three to five (3-5) newproject tasks each consisting of five to ten (5-10) sub-tasks.

Thoroughly updated the project plan from Project Deliverable 4: Analytics, Interfaces, and Cloud Technology, with three to five (3-5) new project tasks each consisting of five to ten (5-10) sub-tasks.

3. Clarity, writing mechanics, and formatting requirements

Weight: 10%

More than 8 errors present

7-8 errors present

5-6 errors present

3-4 errors present

0-2 errors present

 

Information Systems Security

/in /by

Information Systems Security

Suppose you are the IT professional in charge of security for a small pharmacy that has recently opened within a shopping mall. The daily operation of a pharmacy is a unique business that requires a combination of both physical and logical access controls geared towards protecting medication and funds located on the premises, as well as the personally identifiable information and protected health information of your customers that resides on your system. Your supervisor has tasked you with identifying inherent risks associated with your pharmacy and establishing strong physical and logical access control methods to mitigate the identified risks.

1) Firewall (1)

4) Desktop computers (4)

2) Windows 2012 Active Directory Domain Controllers (DC) (1)

5) Dedicated T1 Connection (1)

3) File Server (1)

 

Technical Project Paper Graphic

Write an eight to ten (8-10) page paper in which you:

  1. Identify at least five (5) potential physical threats that require attention.
  2. Determine the impact of at least five (5) potential logical threats that require attention.
  3. Detail the security controls (i.e., administrative, preventative, detective, and corrective) that the pharmacy could implement in order to protect it from the five (5) selected physical threats.
  4. Explain in detail the security controls (i.e., administrative, preventative, detective, and corrective) that could be implemented to protect from the five (5) selected logical threats.
  5. For each of the five (5) selected physical threats, choose a strategy for addressing the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies.
  6. For each of the five (5) selected logical threats, choose a strategy for handling the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies.
  7. Use at least five (5) quality resources in this assignment (no more than 2-3 years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

  • Explain the concepts of information systems security as applied to an IT infrastructure.
  • Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
  • Explain the means attackers use to compromise systems and networks, and defenses used by organizations.
  • Explain the role of access controls in implementing a security policy.
  • Explain how businesses apply cryptography in maintaining information security.
  • Analyze the importance of network principles and architecture to security operations.
  • Use technology and information resources to research issues in information systems security.
  • Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. 

Term Paper: Legacy to Cloud Computing Migration Project

/in /by

Due Week 10 and worth 180 points

This assignment consists of three (3) sections: a written paper, a Work Breakdown Structure (WBS), and a Gantt Chart. You must submit each section as a separate file for the completion of this assignment. Label each file name according to the section of the assignment it is written for.

Imagine that you have been hired as a project manager to oversee the migration of a legacy system to a cloud computing based platform within a government agency. The resources within the organization are limited in number, knowledge, and availability. This project will require outsourcing of skilled resources and expertise to move forward with the initiative. The organization is characterized by working in silos and having redundant functional resources available within many of its divisions. 

To complete this assignment, you will be required to research similar cloud migration projects and understand the resources and challenges that an information systems project of this magnitude requires. Using the concepts presented throughout the course, you will develop a project plan that will meet the project goals and requirements.

Section 1: Written Paper

Required Format (MS Word File)

  • Write a ten to twelve (10-12) page paper in which you:
    • Use the Internet to research similar cloud migration projects that have been successful. Of the researched projects, recommend measurable organization values for a project of this type and include expected benefits in terms of money, percentage, or potential optimizations.
    • Write a two to three (2-3) paragraph executive summary which defines the phases and their activities that the project will require. Develop the executive summary for a senior management audience.
    • Perform a stakeholder analysis for the researched project in which you:
      • Include all major stakeholders that the project will require.
      • Describe each stakeholder’s title, role within the project, and objectives each should meet for the project.
      • Provide details if this organization is more of a functional organization or project based. 
      • Suggest at least three (3) risks that should be monitored based on the selected organization type.
    • Produce a procurement management plan for the activities that will be required within the project in which you: 
  • List the activities that will be outsourced, the skills / labor / material required, and the contract type.
  • Analyze the monitoring requirements and potential pitfalls for each selected contract type.
    • Provide a scope change control method that could be used within the project management process in which you:
  • Describe the review and approval process that will ensure scope control.
  • Suggest at least three (3) scenarios that could resemble scope creep.
    • Perform a risk impact analysis in which you:
    • List at least ten (10) risks that could take place within this project.
    • Provide the probability for each risk (%), level of impact, and a probability impact score.
    • Prioritize your list based on the probability impact score and develop a risk response plan for the top five (5) risks.
    • Include the risk, the trigger, response, and resources required for response.
  • Based on the Gantt Chart created in Section 3:
    • Explain the basis for your assumptions and constraints
    • Explain the basis for your estimates on tasks, skills, material, and equipment costs for each activity.
    • Identify the resources you used to arrive at your assumptions, constraints, and estimates.

Note: This criterion references criterion 3biii in Section 3: Gantt Chart. You will need to complete Section 3: Gantt Chart prior to completing this criterion for the written paper.

Section 1 of the assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

Section 2: Work Breakdown Structure (WBS)

Required Format (MS Project File)

  • Use MS Project or an Open Source alternative, such as Open Project to:
    • Develop a hierarchical Work Breakdown Structure (WBS) with defined activities and estimated budgets per activity in which you:
      • Group each activity under each major phase.
      • Identify a control account index number for each activity. 
      • Include at least twenty to twenty-five (20-25) work packages in the WBS that show the various efforts required to complete the project.

Section 3: Gantt Chart

Require Format (MS Project File)

  • Use MS Project to develop a Gantt chart in which you:
    • Group all activities (tasks) by phase, duration estimates of each activity, start and end dates, major milestones (with black diamond), resources required per activity (in terms of personnel, labor and material), activity precedence relationships, and costs per activity. 
    • Use at least (ten to fifteen) 10-15 resources in your Gantt chart.
    • For each activity:
      • Ensure that control account index numbers match the WBS in Section 2.
      • Provide resources required in terms of labor and material, estimates of duration, and risks that each activity may have. Note: To document risks, you will need to create a new column and label column titled “Risk”.
      • Base cost estimates on research you perform on the Internet for similar tasks, skills, material, equipment, etc. Note: Be sure to explain the basis and research sources for costs in your written paper.

Note: This criterion references criterion 1g in Section 1: Written Paper. You will need to complete Section 3: Gantt Chart prior to completing the criterion for the written paper.

 

The specific course learning outcomes associated with this assignment are:

  • Initiate, specify, and prioritize information technology projects, and determine various aspects of feasibility of these projects.
  • Describe the foundations of project management, including its definition, scope, and the need for project management in the modern organization.
  • Explain and apply the phases of the project management life cycle.
  • Develop processes that initiate technology projects, including project selection and defining project scope.
  • Analyze and develop project schedules with appropriate techniques and software tools.
  • Prepare strategies to manage project resources to include human resources, capital equipment, and time.
  • Identify project risk, and the techniques for ensuring project risk is managed and controlled in a technology setting.
  • Summarize the project procurement process including external acquisition and outsourcing.
  • Design project execution activities including change control and communicating project status.
  • Summarize methods to control technology projects through information tracking and cost and change control techniques.
  • Develop a complete information systems project plan using project management software tools.
  • Use technology and information resources to research issues in information systems.
  • Write clearly and concisely about Information Technology Project Management topics using proper writing mechanics and technical style conventions.

ITNA359 Network Administration – discussion 5

/in /by

The Discussion Board (DB) is part of the core of online learning. Classroom discussion in an online environment requires the active participation of students and the instructor to create robust interaction and dialogue. Every student is expected to create an original response to the open-ended DB question as well as engage in dialogue by responding to posts created by others throughout the week. At the end of each unit, DB participation will be assessed based on both level of engagement and the quality of the contribution to the discussion.

At a minimum, each student will be expected to post an original and thoughtful response to the DB question and contribute to the weekly dialogue by responding to at least two other posts from students. The first contribution must be posted before midnight (Central Time) on Wednesday of each week. Two additional responses are required after Wednesday of each week. Students are highly encouraged to engage on the Discussion Board early and often, as that is the primary way the university tracks class attendance and participation.

The purpose of the Discussion Board is to allow students to learn through sharing ideas and experiences as they relate to course content and the DB question. Because it is not possible to engage in two-way dialogue after a conversation has ended, no posts to the DB will be accepted after the end of each unit.

Discuss 4 software or hardware problems that will render two hosts unable to use the TCP/IP protocol to communicate.

Discussion Board Assignment Guidelines

   Use the course materials and the Web to research network component troubleshooting.

   Answer the following question:

                           What are 4 problems that will break TCP/IP communication between two hosts? Briefly explain.

                                                        The selected problems can pertain to hardware issues, software issues, or a combination of both.

   Post a new topic to the Discussion Board that contains your answers to the 4 questions above.

   Respond to 2 other students’ posts on the Discussion Board, and critique their answers.

   Use APA references and citations to support your assertions.

                           Do not include a table of contents or abstract.

Your submitted assignment (60 points) should include the following:

   40 Points: Your Discussion Board topic containing your responses to the question in the assignment guidelines

 

20 Points: Responses to 2 other students’ Discussion Board posts

Assignment 4: Performing Effective Project Monitoring and Risk Management

/in /by

Imagine that you are employed as an IT project manager by a prestigious coffeemaker organization. This organization operates many coffee shops within the region and would like to promote its brand by creating a mobile application that will provide its customers with the ability to view the nearest coffee shop location within their geographical area.

 

As a member of the software development team, you estimate a total project cost of $150,000. You have designated control points to measure project progress. At control point 2, the following data is available:

 

Budget Cost of Work Performed

$ 24,000

Actual Cost of Work Performed

$ 27,500

 

There are various stakeholders that are interested in the progress of the project. These stakeholders include the marketing management team (internal customers), software designers, programmers, testers, and upper management. The software development team has attempted to release a mobile application of this magnitude in the past; however, lack of sponsorship, mobile development expertise, and technical infrastructure has limited the team’s success.

 

Write a four to six (4-6) page paper in which you:

  1. Identify at least four (4) attributes of the mobile application development project that can be measured and controlled and evaluate how each is a critical factor for the success of the project.
  2. Generate a project plan summary of the various project milestones. Develop a WBS that details work packages required to complete project scope.
  3. Develop a workflow model that can be used to inspect and detect defects during the acceptance of this mobile product through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
  4. Describe how the defects detected during the acceptance of the mobile application should be reported and explain the circumstances in which a defect may not require reporting.
  5. Analyze the communication needs of the different project stakeholders. Explain the types of project status reports that would be useful to each.
  6. Compute the cost variance, schedule variance, cost performance index, schedule performance index, and estimated actual cost using the information presented at control point 2. Interpret the project schedule and budget status from the calculations.
  7. Explain how work package, binary tracking, and earned valued reporting can be used effectively during the maintenance phase of the software life cycle if various change requests may be assigned to individuals and processed on an individual basis.
  8. Develop a risk register that will document all of the estimated risks. Assign one (1) risk management technique for each risk and explain the basis for your selection.
  9. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

 

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
  • Include charts or diagrams created in Visio or Dia. The completed diagrams / charts must be imported into the Word document before the paper is submitted.

 

The specific course learning outcomes associated with this assignment are:

  • Develop a software project plan based on IEEE 1058 to solve a business problem.
  • Explain the methods of creating, measuring, and controlling work products and work processes.
  • Explain and analyze earned value reporting techniques in software projects.
  • Describe ethical issues and risk management factors inherent in software projects.
  • Use technology and information resources to research issues in IT Project Leadership Strategies.
  • Write clearly and concisely about topics related to IT Project Leadership Strategies using proper writing mechanics and technical style conventions.