describe 5 factors that can affect the effective implementation of int.docx

•Download as DOCX, PDF•

0 likes•2 views

describe 5 factors that can affect the effective implementation of internal IT audit control Solution Internal IT audit control : The role of internal audit is to provide independent assurance that an organisation\'s risk management, governance and internal control processes are operating effectively. Improvement is fundamental to the purpose of internal auditing. But it is done by advising, coaching and facilitating in order to not undermine the responsibility of management. Effective internal control over financial reporting provides reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes. If one or more material weakness es exist, the company\'s internal control over financial reporting cannot be considered effective. Factors affecting internal audit and controls : Factors that affect the risk associated with a control include - 1.The nature and materiality of misstatements that the control is intended to prevent or detect; 2.The inherent risk associated with the related account(s) and assertion(s); 3.Whether there have been changes in the volume or nature of transactions that might adversely affect control design or operating effectiveness; 4.Whether the account has a history of errors; 5.The effectiveness of entity-level controls, especially controls that monitor other controls; 6.The nature of the control and the frequency with which it operates; 7.The degree to which the control relies on the effectiveness of other controls . 8.Whether the control relies on performance by an individual or is automated control would generally be expected to be lower risk if relevant information technology general controls are effective.The complexity of the control and the significance of the judgments that must be made in connection with its operation. 9.The size of the internal audit department was measured by the number of internal auditors employed within it. Management support for internal audit was measured by a number of indicators, these being: involvement in the internal audit plan, providing management with reports about the work the internal audit team performs, the managementâ€™s response to internal audit reports, the resources of the internal audit department. The independence of the internal audit department was measured by nine items, these being: the level of independence, reporting level, direct contact to the board and senior management, conflict of interest, interference, unrestricted access to all departments and employees, appointment and removal of the head of internal audit, and performing non-audit activity. .

Education

8.Whether the control relies on performance by an individual or is automated control would
generally be expected to be lower risk if relevant information technology general controls are
effective.The complexity of the control and the significance of the judgments that must be made
in connection with its operation.
9.The size of the internal audit department was measured by the number of internal auditors
employed within it.
Management support for internal audit was measured by a number of indicators, these being:
involvement in the internal audit plan, providing management with reports about the work the
internal audit team performs, the managementâ€™s response to internal audit reports, the
resources of the internal audit department.
The independence of the internal audit department was measured by nine items, these being: the
level of independence, reporting level, direct contact to the board and senior management,
conflict of interest, interference, unrestricted access to all departments and employees,
appointment and removal of the head of internal audit, and performing non-audit activity.

Similar to describe 5 factors that can affect the effective implementation of int.docx

Internal auditors roles and responsibilities

SALIH AHMED ISLAM

Internal Auditors’ Roles and Responsibilities

Salih Islam

Assessing risks and internal controls training

shifataraislam

Chapter 9 Audit Risk Assessment Prepared by Dr Phil Saj 1 Learning objectives Appreciate the importance of audit risk assessment and why it is linked to financial statement assertions. Explain the importance of business risks in audit planning. Describe the procedures performed by an auditor to assess risk. Appreciate the importance of internal control to an entity and to its independent auditors. 2 Learning objectives Indicate the procedures for obtaining and documenting an understanding of the entity’s internal control. Explain why and how a preliminary assessment of control risk is made. Explain the importance of the concept of audit risk and its three components. 3 Management’s financial statement assertions Existence or occurrence Assets or liabilities of the entity exist at a given date and whether recorded transactions or events have occurred during the period. Completeness Transactions, events and accounts that should be presented in the financial statement are included. Cut-off All transactions, events and accounts have been recorded in the correct period. 4 Management’s financial statement assertions Rights and obligations Assets represent rights of the entity and liabilities are the obligations of the entity at a given date. Valuation and allocation Asset, liability, components have been included in the financial statements at the appropriate amounts. Accuracy Transactions have been appropriately recorded in the proper accounts. 5 Management’s financial statement assertions Presentation and disclosure Particular components of the financial statements are properly classified, described and disclosed. Refer to the textbook Table 9.1, page 363, for illustrations of each of these assertions. 6 Business risk assessment A business risk approach allows the auditor to: Identify threats faced by the organisation. Recognises that most business risks will eventually have an effect on the financial statements. Increase the chances of identifying risks of material misstatements in the financial reports Categories of business risk: Financial risk Operational risk Compliance risk 7 Risk assessment procedures Enquiries Management, staff, internal auditors, company bankers, legal advisors. Analytical procedures Provide a broad indication of the likelihood of possible errors. Observations and inspections Inspection of manuals, visiting business premises, observing procedures taking place. 8 Importance of internal control The Committee of Sponsoring Organisations (COSO) of the Treadway Commission defines internal control as: a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: Effectiveness and efficiency of ...

Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docx

mccormicknadine86

Good Corporate governance is a key factor in ensuring sound financial reporting and deterring misappropriations of capital and resources. Internal control and corporate governance go hand in hand. Many SME have an ambitious goal of reaching a reliable, continuous and integrated internal control state. However, many SME’s are still grappling to build a comprehensive control process. In this paper, we present an internal maturity framework that SME can use to benchmark and know how they can discourage frauds, improve compliance and adoption of standards.

Internal controls maturity and SME corporate governanance

Browne & Mohan

Mf0013 – internal audit and control

ak007420

SEATA by TOMMY SEAH

Tommy Seah

Evaluation of the effect of monitoring and control activities on fraud detect...

Alexander Decker

Audit Interview: Commonly Asked Questions & Expert Answers | Academy Tax4wealth

Academy Tax4wealth

24201843 studdy-note-8

Akash Saxena

Auditing.docx

JoelEdau1

Chapter 11, Tests of Controls

Sazzad Hossain, ITP, MBA, CSCA™

The “internal audit” versus “external audit” in details

Mohammad Wahid Abdullah Khan

Unit 3 internal control

Radhika Gohel

Internal control system

Madiha Hassan

Internal control system

Madiha Hassan

Internal Audit

Ahmad Tariq Bhatti

The most comprehensive definition of internal audit is given by the IIA, USA. It is, "Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes." The purpose of the presentation is to provide clarification for a better understanding of what internal audit definition, objectives, functions, stages and reporting are all about? What difference does it make in the presence of an external audit? How different is its scope from that of the external audit? How internal audit standards contribute to better performance of internal audit work and its reporting to the Board or Audit Committee?

The Internal Audit Framework

Ahmad Tariq Bhatti

Improving effectiveness of internal auditing

PECB

Ensuring Financial Integrity: Conducting Effective Audits of Branch Office Ac...

MiMOiQ1

Similar to describe 5 factors that can affect the effective implementation of int.docx (20)

Internal auditors roles and responsibilities

Internal Auditors’ Roles and Responsibilities

Assessing risks and internal controls training

Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docx

Internal controls maturity and SME corporate governanance

Mf0013 – internal audit and control

SEATA by TOMMY SEAH

Evaluation of the effect of monitoring and control activities on fraud detect...

Audit Interview: Commonly Asked Questions & Expert Answers | Academy Tax4wealth

24201843 studdy-note-8

Auditing.docx

Chapter 11, Tests of Controls

The “internal audit” versus “external audit” in details

Unit 3 internal control

Internal control system

Internal Audit

The Internal Audit Framework

Improving effectiveness of internal auditing

Ensuring Financial Integrity: Conducting Effective Audits of Branch Office Ac...

More from earleanp

Create your own variant of both a hiring and a termination policy related to security and keeping company info secure. Solution Information Security management is a process of defining the security controls in order to protect the information assets. Security Program The first action of a management program to implement information security is to have a security program in place. Security Program Objectives: Protect the company and its assets. Manage Risks by Identifying assets, discovering threats and estimating the risk. Objects are- Information Classification, Security Organization, and Security Education. Security Management Responsibilities: Determining objectives, scope, policies,re expected to be accomplished from a security program. Evaluate business objectives, security risks, user productivity, and functionality requirements. Approaches to Build a Security Program Security Controls Security Controls can be classified into three categories- Administrative Controls, Technical or Logical Controls ,Physical Controls. The Elements of Security Vulnerability: Vulnerability characterizes the absence or weakness of a safeguard that could be exploited. Threat: Any potential danger to information or systems. A threat is a possibility that someone (person, s/w) would identify and exploit the vulnerability. Risk: Risk is the likelihood of a threat agent taking advantage of vulnerability and the corresponding business impact. Reducing vulnerability and/or threat reduces the risk. Exposure: An exposure is an instance of being exposed to losses from a threat agent. Vulnerability exposes an organization to possible damages. Countermeasure or Safeguard: It is an application or a s/w configuration or h/w or a procedure that mitigates the risk. The Relation Between the Security Elements Example: If a company has antivirus software but does not keep the virus signatures up-to-date, this is vulnerability. The company is vulnerable to virus attacks. The likelihood of a virus showing up in the environment and causing damage is the risk. .

Create your own variant of both a hiring and a termination policy rela.docx

earleanp

Determine the valuation of long-term liabilities. Donald Lennon is the president, founder, and majority owner of Wichita Medical Corporation, an emerging medical technology products company. Wichita is in dire need of additional capital to keep operating and to bring several promising products to final development, testing, and production. Donald, as owner of 51% of the outstanding stock, manages the company\'s operations. He places heavy emphasis on research and development and long-term growth. The other principal stockholder is Nina Friendly who, as a nonemployee investor, owns 40% of the stock. Nina would like to deemphasize the R&D functions and emphasize the marketing function to maximize shortâ€“run sales and profits from existing products. She believes this strategy would raise the market price of Wichita\'s stock. All of Donald\'s personal capital and borrowing power is tied up in his 51% stock ownership. He knows that any offering of additional shares of stock will dilute his controlling interest because he won\'t be able to participate in such an issuance. But, Nina has money and would likely buy enough shares to gain control of Wichita. She then would dictate the company\'s future direction, even if it meant replacing Donald as president and CEO. The company already has considerable debt. Raising additional debt will be costly, will adversely affect Wichita\'s credit rating, and will increase the company\'s reported losses due to the growth in interest expense. Nina and the other minority stockholders express opposition to the assumption of additional debt, fearing the company will be pushed to the brink of bankruptcy. Wanting to maintain his control and to preserve the direction of â€œhisâ€ company, Donald is doing everything to avoid a stock issuance and is contemplating a large issuance of bonds, even if it means the bonds are issued with a high effectiveâ€“interest rate. Instructions Answer the following questions. Who are the stakeholders in this situation? What are the ethical issues in this case? What would you do if you were Donald? Solution a)Donald and nina are the stakeholders in this situation . b)Ethical issue involved in this case is to Raise additional funds by issue of stock or to raise additonal debts to meet fund requirement. If funds are raised through issue of stock ,Donald stock ownership will be diluted and when bonds are issued ,it will be costlier to a company to raise additional funds. c) Donald can either go for BOOTSTRAPPING where funds are raised by investing the retained earnings of a company and finding a means within a company. Also Donald can also suggest Right issue of shares where shares are offered to existing shareholders at concessional price (lower than market) so that his ownership is not diluted. .

Determine the valuation of long-term liabilities- Donald Lennon is the.docx

earleanp

Describe three of the following attack types in the Operation Security domain: man-in-the-middle, mail bombing, war-dialing, ping-of-death, teardrop, and slamming-and-cramming Solution The description of the attack types in the operation security domain is given below: 1) man-in-the-middle: In this type of attack, the intruder insert himself or insert any malicious code between the secure communication of two parties. This malicious code act as an third party, and its get the secure information that is being transfer between the two parties. Its third person or the intruder having access to the information send by both the parties involve in the communication. 2) mail bombing : Its refer to attack in which intruder try to send bulk of mails to the person\'s system, which may cause to disk full on persons system or even can crash the server, which is handling the mails. In this type of attack, the main aim is to crash the user\'s machine by fulling the disk space or can crash or stop the mail server. 3) War dialing: In this type of attack, hacker\'s uses the modem\'s to dial the range of numbers, for finding the computer machiner, servers and other devices. and after dialing they also get access to these type of devices. 4) Ping to death : Its a type of attack, in which the hacker send the incorrect ping packet to the user. There are various computer system which are designed not to handle the incorrect ping packets. Which results into system crash or system going into the abnormal state. 5) teardrop: Its a type of attack, in which the hacker sends the packets in incorrect way or in the fragmented way, that the end user is not able to reassemble these packets at their end, and results into the system crash and denial of service at user\'s end. 6)slamming-and-cramming: slamming refers to the activity in which hacker, switches the long distance calll carrier at user\'s phone, without its permission, its results into heavy bill at customer end. Cramming refers to the attack in which some extra bill is added into user\'s actual phone bill, and its keep on happening again and again .

Describe three of the following attack types in the Operation Security.docx

earleanp

Describes the concept of ADTS and illustrates the concept with three of the most common abstract data types. Solution An abstract data type is a set of values, some of which may be distinguished as constants, together with a collection of operations involving members of the set.The primary objective is to seperate the implementation of the abstract data types from their function.The program must know what the operations do. List,stack and queues are three fundamental data structures.When you declare a variable in a .NET application, it allocates some chunk of memory in the RAM. This memory has three things: the name of the variable, the data type of the variable, and the value of the variable.Depending on the data type, your variable is allocated that type of memory. There are two types of memory allocation: stack memory and heap memory Stack memory stores data types like int , double , Boolean etc. While heap stores data types like string and objects.Stack is used for static memory allocation and Heap for dynamic memory allocation, both stored in the computer\'s RAM .Variables allocated on the stack are stored directly to the memory and access to this memory is very fast.When a function or a method calls another function which in turns calls another function etc., the execution of all those functions remains suspended until the very last function returns its value. The stack is always reserved in a LIFO order.Variables allocated on the heap have their memory allocated at run time and accessing this memory is a bit slower, but the heap size is only limited by the size of virtual memory . Element of the heap have no dependencies with each other and can always be accessed randomly at any time. You can allocate a block at any time and free it at any time. This makes it much more complex to keep track of which parts of the heap are allocated or free at any given time. The Queue works like FIFO system , a first-in, first-out collection of Objects. Objects stored in a Queue are inserted at one end and removed from the other. The Queue provide additional insertion, extraction, and inspection operations. We can Enqueue (add) items in Queue and we can Dequeue (remove from Queue ) or we can Peek (that is we will get the reference of first item ) item from Queue. Queue accepts null reference as a valid value and allows duplicate elements. A list is a collection of items that can be accessed by index and provides functionality to search, sort and manipulate list items. This can store any data types to create a list.The List class can be used to create any type including a class. In this article, we will see how to create a list of a class with several properties. .

Describes the concept of ADTS and illustrates the concept with three o.docx

earleanp

Describe, manage, and install Active Directory replication, federation services, and certificate services. Demonstrate the ability to plan an advanced AD, DHCP, and DNS solution. Describe and plan for configuring a domain and forest as well as configuring trusts. Use technology and information resources to research issues in advanced network infrastructure environments. Write clearly and concisely about advanced network infrastructure topics using proper writing mechanics and technical style conventions. Solution Active directory replication Replication is the process by which the changes that are made on one domain controller are synchronized with all other domain controllers in the domain or forest that store copies of the same information. Active Directory replication uses a connection topology that is created automatically, which makes optimal use of beneficial network connections and frees the administrators from having to make such decisions. Manage and install active directory replication Active Directory relies on site configuration in sequence to manage and optimize the process of replication. Active Directory make available automatic configuration of these settings in some cases as well as configure site-related information for network using Active Directory Sites and Services. Configurable information includes settings for site links, site link bridges, and bridgehead servers. Federation service: Active Directory Federation Services (AD Federation Services) is a feature of the Windows Server operating system. It uses a claims-based access-control authorization model to maintain application security and to implement federated identity and aims to reduce the complexity around password management and guest account provisioning. AD Federation Services builds upon this functionality to authenticate users on third-party systems. Certificate service Active Directory Certificate Services (AD CS) provides customizable services for issuing and managing public key certificates used in software security systems that employ public key technologies. AD CS include Secure/Multipurpose Internet Mail Extensions (S/MIME), secure wireless networks, virtual private networks (VPN), Internet Protocol security (IPsec), Encrypting File System (EFS), smart card logon, Secure Socket Layer/Transport Layer Security (SSL/TLS) and digital signatures. .

Describe- manage- and install Active Directory replication- federation.docx

earleanp

Describe the process to start and restart apache on CENTOS command line. Also describe how to have apache start automatically when the server is rebooted. Solution In order to stop or restart the Apache HTTP Server, you must send a signal to the running httpd processes. There are two ways to send the signals. First, you can use the unix kill command to directly send signals to the processes. You will notice many httpd executables running on your system, but you should not send signals to any of them except the parent, whose pid is in the PidFile. Start: Starting httpd using the apachectl control script sets the environmental variables in /etc/sysconfig/httpd and starts httpd. You can also set the environment variables using the init script. You can also start httpd using /sbin/service httpd start. This starts httpd but does not set the environment variables. If you are using the default Listen directive in httpd.conf, which is port 80, you will need to have root privileges to start the apache server. Restart: Signal: HUP apachectl -k restart Sending the HUP or restart signal to the parent causes it to kill off its children like in TERM, but the parent doesn\'t exit. It re-reads its configuration files, and re-opens any log files. Then it spawns a new set of children and continues serving hits. If you want your server to continue running after a system reboot, you should add a call to apachectl to your system startup files (typically rc.local or a file in an rc.N directory). This will start Apache as root. Before doing this ensure that your server is properly configured for security and access restrictions. The apachectl script is designed to act like a standard SysV init script; it can take the arguments start, restart, and stop and translate them into the appropriate signals to httpd. So you can often simply link apachectl into the appropriate init directory. But be sure to check the exact requirements of your system. .

Describe the process to start and restart apache on CENTOS command lin.docx

earleanp

Describe, in your own words, the mechanism for establishing a HTTPS connection. Solution HTTPS consists of communication over HTTP (Hypertext Transfer Protocol) with an encrypted layer such as Transport Layer Security (TSL) or Secure Sockets Layer (SSL). The connection between Client and Server using HTTPS is established by a handshake process which has 3 main phases namely Hello, Certificate exchange and key exchange. a) Hello- This is the first phase where the client sends a message ClientHello which contains all the necessary information such as various cipher suites, SSL version number etc. for the server to connect to the client via SSL. Then the server responds with a ServerHello message which contains similar information for client. b) Certificate Exchange â€“ Once the contact is established between the Server and the Client, the server has to prove its identity to the client using its SSL certificate. The SSL certificate contains various information such as name of the owner, the domain it is attached to, the certificateâ€™s public key, certificateâ€™s validity dates etc. The client then verifies the certificate whether it is a trusted certificate or it is verified and trusted by one of several Certificate Authorities (CAs) which client trusts. c) Key Exchange â€“ In this phase the exchange of encryption key is happened by the client and server using a symmetric algorithm which was already agreed during the Hello phase. The client generates a random key for the symmetric algorithm. It then encrypts the key using an algorithm (which was also agreed upon during the Hello phase) and the serverâ€™s public key from the SSL certificate. Client then sends this encrypted key to the server, where it is decrypted using the serverâ€™s private key. Once the client and server have verified each overâ€™s identity and have secretly agreed on a key to symmetrically encrypt the data that they are about to send each other, then the HTTP requests and responses can start flowing form one party to other in the form of a plaintext message with encryption. The other party using the key decrypt is while reading. .

Describe- in your own words- the mechanism for establishing a HTTPS co.docx

earleanp

Describe the process of creating and exporting a schedule report for the medicalpractice. What is the purpose of the schedule report? Solution Purpose of the Schedule report: A shedule report is a task that lets you export data from one or more dash boards on one-time or recurring basis. The following are the main purposes that are considered mainly. you can create and manage your own scheduled reports while viewing dashboards. A scheduled report has both a name and a schedule which is defined in the same way as scheduled in the import of a file. You can export the dashboard in a report to the same excel file has png image or url links to the dashboard. Other export formats are available depending on the addons you have installed. The exported data can be delivered to you via email attachment or has file stored on the disk. Creating and exporting a schedule report for the medical practice: When creating a new schedule report first view the Dashboard in that view the first dashboard that you want to include in your report ,Set any parameter controls on the dashboard to desired filter parameters, Now click schedule on the toolbar After that schedule report definition window is opened. Steps: 1) Select the Create new schedule option in the Schedule Report Definition. In that click next to go the next step. 2) In this step enter the Report name and choose when to send the report by schedulling it. After that select a schedule type A dialy schedule,A Weekly schedule, A monthly Schedule, A custom schedule. now click on the edit button besides your selected schedule type to launch define report schedule window. Click on next to goto next step. 3) choose the report file format from the drop down list microsoft excel, png image, link only. If you choose excel options click excel settings to set advanced excel export option then click next to goto next page. 4) This is the last step you have to set the delivery option for the report by first choosing the delivery method from that drop down list email, create files. After setting delivery optins click finish to complete the scheduled report definition window. .

Describe the process of creating and exporting a schedule report for t.docx

earleanp

Describe the principal technologies that have shaped contemporary telecommunications systems. Compare Web 2.0 and Web 3.0. It has been said that within the next few years, smartphones will become the single most important digital device we own. Discuss the implications of this statement. Solution Describe the principal technologies that have shaped contemporary telecommunications systems. Current networks have been influenced by the ascent of client-server computing, the use of packet switching, and the adoption of Transmission Control Protocol-Internet Protocol as a universal communications standard for linking disparate networks and computers, including the Internet. Protocol provides a mutual set of guidelines that enable communication among numerous components in a telecommunications network. Compare Web 2.0 and Web 3.0. It has been said that within the next few years, smartphones will become the single most important digital device we own. Discuss the implications of this statement Web2.0 refers to second-generation interactive Internet based services that enable people to collaborate, share information, and create new services online. Web2.0 is distinguished by technologies and services like cloud computing, software mashups and widgets, blogs, RSS, and wikis. These software applications run on the Web itself instead of the desktop and bring the vision of Web-based computing closer to realization. Web2.0 tools and services have fueled the creation of social networks and other online communities where people can interact with one another in the manner of their choosing. Web3.0 focuses on developing techniques to make searching Web pages more productive and meaningful for ordinary people. Web3.0 is the promise of a future Web where all digital information and all contacts can be woven together into a single meaningful experience. Sometimes referred to as the semantic Web, Web3.0 intends to add a layer of meaning a top the existing Web to reduce the amount of human involvement in searching for and processing Web information. It also focuses on ways to make the Web more .

Describe the principal technologies that have shaped contemporary tele.docx

earleanp

Describe the typical duties of a security manager that are strictly managerial and not technical in nature. Solution Duties of a Security Mamger: Write or review security-related documents, such as incident reports, proposals, and tactical or strategic initiatives. Train subordinate security professionals or other organization members in security rules and procedures. Plan security for special and high-risk events. Review financial reports to ensure efficiency and quality of security operations. Develop budgets for security operations. Order security-related supplies and equipment as needed. Coordinate security operations or activities with public law enforcement, fire and other agencies. Attend meetings, professional seminars, or conferences to keep abreast of changes in executive legislative directives or new technologies impacting security operations. Assist in emergency management and contingency planning. Arrange for or perform executive protection activities. Respond to medical emergencies, bomb threats, fire alarms, or intrusion alarms, following emergency response procedures. Recommend security procedures for security call centers, operations centers, domains, asset classification systems, system acquisition, system development, system maintenance, access control, program models, or reporting tools. Prepare reports or make presentations on internal investigations, losses, or violations of regulations, policies and procedures. Identify, investigate, or resolve security breaches. Monitor security policies, programs or procedures to ensure compliance with internal security policies, licensing requirements, or applicable government security requirements, policies, and directives. Analyze and evaluate security operations to identify risks or opportunities for improvement. Create or implement security standards, policies, and procedures. Conduct, support, or assist in governmental reviews, internal corporate evaluations, or assessments of the overall effectiveness of the facilities security processes. Conduct physical examinations of property to ensure compliance with security policies and regulations. Communicate security status, updates, and actual or potential problems, using established protocols. Collect and analyze security data to determine security needs, security program goals, or program accomplishments. Supervise subordinate security professionals, performing activities such as hiring, training, assigning work, evaluating performance, or disciplining. Plan, direct, or coordinate security activities to safeguard company assets, employees, guests, or others on company property. .

Describe the typical duties of a security manager that are strictly ma.docx

earleanp

Describe the four categories of international airports in the federal classification of international airports. Solution Commercial Service Airports are publicly owned airports that have at least 2,500 passenger boardings each calendar year and receive scheduled passenger service. Passenger boardings refer to revenue passenger boardings on an aircraft in service in air commerce whether or not in scheduled service. The definition also includes passengers who continue on an aircraft in international flight that stops at an airport in any of the 50 States for a non-traffic purpose, such as refueling or aircraft maintenance rather than passenger activity. Passenger boardings at airports that receive scheduled passenger service are also referred to as Enplanements. Nonprimary Commercial Service Airports are Commercial Service Airports that have at least 2,500 and no more than 10,000 passenger boardings each year. Primary Airports are Commercial Service Airports that have more than 10,000 passenger boardings each year. Hub categories for Primary Airports are defined as a percentage of total passenger boardings within the United States in the most current calendar year ending before the start of the current fiscal year. For example, calendar year 2014 data are used for fiscal year 2016 since the fiscal year began 9 months after the end of that calendar year. The table above depicts the formulae used for the definition of airport categories based on statutory provisions cited within the table, including Hub Type described in 49 USC 47102. Cargo Service Airports are airports that, in addition to any other air transportation services that may be available, are served by aircraft providing air transportation of only cargo with a total annual landed weight of more than 100 million pounds. \"Landed weight\" means the weight of aircraft transporting only cargo in intrastate, interstate, and foreign air transportation. An airport may be both a commercial service and a cargo service airport. Reliever Airports are airports designated by the FAA to relieve congestion at Commercial Service Airports and to provide improved general aviation access to the overall community. These may be publicly or privately-owned. General Aviation Airports are public-use airports that do not have scheduled service or have less than 2,500 annual passenger boardings (49 USC 47102(8)). Approximately 88 percent of airports included in the NPIAS are general aviation. .

Describe the four categories of international airports in the federal.docx

earleanp

Describe the major types of VPNs and technologies, protocols, and services used to deploy VPNs. Also describe the business benefits of VPNs. Solution A virtual private network (VPN) is a technology that creates an encrypted connection over a less secure network. The benefit of using a VPN is that it ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it. The justification for using a VPN instead of a private network usually boils down to cost and feasibility: It is either not feasible to have a private network (e.g., for a traveling sales rep) or it is too costly to do so. The most common types of VPNs are remote-access VPNs and site-to-site VPNs A remote-access VPN uses a public telecommunication infrastructure like the Internet to provide remote users secure access to their organization\'s network. A VPN client on the remote user\'s computer or mobile device connects to a VPN gateway on the organization\'s network, which typically requires the device to authenticate its identity, then creates a network link back to the device that allows it to reach internal network resources (e.g., file servers, printers, intranets) as though it was on that network locally. A remote-access VPN usually relies on either IPsec or SSL to secure the connection, although SSL VPNs are often focused on supplying secure access to a single application rather than to the whole internal network. Some VPNs provide Layer 2access to the target network; these require a tunneling protocol like PPTP or L2TP running across the base IPsec connection. A site-to-site VPN uses a gateway device to connect the entire network in one location to the network in another, usually a small branch connecting to a data center. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the Internet use IPsec. It is also common to use carrier MPLS clouds rather than the public Internet as the transport for site VPNs. Here, too, it is possible to have either Layer 3 connectivity (MPLS IP VPN) or Layer 2 (Virtual Private LAN Service, or VPLS) running across the base transport. VPNs can also be defined between specific computers, typically servers in separate data centers, when security requirements for their exchanges exceed what the enterprise network can deliver. Increasingly, enterprises also use VPNs in either remote-access mode or site-to-site mode to connect (or connect to) resources in a public infrastructure as a service environment. Newer hybrid-access scenarios put the VPN gateway itself in the cloud, with a secure link from the cloud service provider into the internal network. .

Describe the major types of VPNs and technologies- protocols- and serv.docx

earleanp

Describe the different metrics that BGP can use in building a routing.docx

earleanp

Describe the ethnic city and the benefit of ethnic communiti? (. I need 4 paragraphs please . Explain what you believe social justice meant to Progressive? ( 1 paragraph Solution 1ans) An â€˜ethnic groupâ€™ has been defined as a group that regards itself or is regarded by others as a distinct community by virtue of certain characteristics that will help to distinguish the group from the surrounding community. Ethnicity is considered to be shared characteristics such as culture, language, religion, and traditions, which contribute to a person or groupâ€™s identity. Ethnicity has been described as residing in: â€¢ The belief by members of a social group that they are culturally distinctive and different to outsiders; â€¢ Their willingness to find symbolic markers of that difference (food habits, religion, forms of dress, language) and to emphasized their significance â€¢ Their willingness to organize relationships with outsiders so that a kind of â€˜group boundaryâ€™ is preserved and reproduced This shows that ethnicity is not necessarily genetic. It also shows how someone might describe themselves by an ethnicity different to their birth identity if they reside for a considerable time in a different area and they decide to adopt the culture, symbols and relationships of their new community. It is worth noting that the Traveller Community is recognised as a distinct ethnic group in the UK and Northern Ireland, but only as a distinct cultural group in the Republic of Ireland. Ethnicity is also a preferential term to describe the difference between humans rather than â€˜raceâ€™. This is because race is a now a discredited term that divided all peoples based on the idea of skin colour and superiority. There is only one â€˜raceâ€™, the human race as we are essentially genetically identical. For example, there is no French â€˜raceâ€™ but the French people could be described as a separate ethnic group. Advantages Disadvantages 2ans) Progressivism is a term commonly applied to a variety of responses to the economic and social problems that arose as a result of urbanization and the rapid industrialization introduced to America in the 19th Century. Progressivism began as a social movement to cope with a variety of social needs and eventually evolved into a reform movement and greater political action. The early progressives rejected Social Darwinism. In other words, they were people who believed that the problems society faced (poverty, poor health, violence, greed, racism, class warfare) could best be addressed by providing good education, a safer environment, an efficient workplace and honest government. Progressives lived mainly in the cities, were college educated, and believed that government could be a tool for change. .

Describe the ethnic city and the benefit of ethnic communiti- (-I need.docx

earleanp

Describe the different types of qualitative analysis and indicate which is most persuasive. Solution A qualitative analysis or a research is based on the collection and analysis of non-numeric data like words or pictures. Qualitative methods have three distinct dimensions which are as follows: 1. Understanding Concept 2. Understanding People 3. Understanding Interaction Four major types of qualitative research are: 1. Phenomenology - The analysis of data is done by getting access to individuals life-worlds, which is actually their world of experience. This can be done by conducting in-depth interviews. In this analysis the commonalities across individuals are sought. Once the data is collected it will be analyzed and report will be prepared based on the collected data and understandings. 2. Ethonography - It is a analysis based on the study of a group of people based on their culture. People from same or similar culture share beliefs, customs, rituals, practices and language norms. This will be highly effective in analyzing data qualitatively. The data that are collected in this method of analysis are based on the cultural standards, insider\'s perspective, external and social scentific view. 3. Grounded Theory - Here the analysis is based on the theoretical approach. The major characteristics of grounded theory are Fit, Understanding, Generality and control. Theories provide explanation and they tell us how and why of any situiation. 4. Case Study - In this analysis the various cases are considered and in-depth analysis is performed to study the variations and deviations. In all the above steps Data coding and analysis takes place. Data Analysis is done in three different steps and they are: 1. Open Coding -Â Â Reading transcripts 2. Axial Coding - Organizing concepts 3. Selective Coding - Focusing on main ideas Phenomenology is the most pursuasive method of qualitative analysis since the data is sought directly from the individuals. Hence this can be relied upon thoroughly. .

Describe the different types of qualitative analysis and indicate whic.docx

earleanp

Describe neo-evolution. What is it and what are its primary tenets? Provide an example of a technology that is altering or may alter human evolution. What are the potential benefits of this type of technology? What are the potential drawbacks? What are the moral and ethical implications of neo-evolution? Should we continue to pursue this form of technology? Why or why not? Solution oevolutionism , school of anthropology concerned with long-term culture change and with the similar patterns of development that may be seen in unrelated, widely separated cultures. It arose in the mid-20th century, and it addresses the relation between the long-term changes that are characteristic of human culture in general and the short-term, localized social and ecological adjustments that cause specific cultures to differ from one another as they adapt to their own unique environments. Further, neoevolutionists investigate the ways in which different cultures adapt to similar environments and examine the similarities and differences in the long-term historical trajectories of such groups. Because most neoevolutionists are interested in the environmental and technological adjustments of the groups they study, many are identified with the cultural ecological approach to ethnography, with the culture process approach to archaeology, and with the study of early and protohumans in biological anthropology. Neoevolutionary anthropological thought emerged in the 1940s, in the work of the American anthropologists Leslie A. White and Julian H. Steward and others. White hypothesized that cultures became more advanced as they became more efficient at harnessing energy and that technology and social organization were both influential in instigating such efficiencies. Steward, inspired by classifying the native cultures of North and South America, focused on the parallel developments of unrelated groups in similar environments; he discussed evolutionary change in terms of what he called â€œlevels of sociocultural integrationâ€ and â€œmultilinear evolution,â€ terms he used to distinguish neoevolution from earlier, unilineal theories of cultural evolution. In the years since Whiteâ€™s and Stewardâ€™s seminal work, neoevolutionary approaches have been variously accepted, challenged, rejected, and revised, and they continue to generate a lively controversy among those interested in long-term cultural and social change. .

Describe neo-evolution- What is it and what are its primary tenets- Pr.docx

earleanp

Describe ip protocol security pros and cons. Solution IP Protocol Security: Internet Protocol Security ( IPsec ) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec can be used in protecting data flows between a pair of hosts ( host-to-host ), between a pair of security gateways ( network-to-network ), or between a security gateway and a host ( network-to-host ). Security architecture: Pros of IPsec: Â·Security at the Network Layer Level - Being based at the network level, this technology is completely invisible in its operation . The end users are never required to learn about it, and neither do they ever directly interact with it. This in itself is an added layer of security for the VPNs running on IPsec. Â·No Application Dependence - While SSL-/ SSH-/ PGP-based VPNs are application-dependent, IPsec-based VPNs do not need to worry about application dependence. Since the entire security system is implemented at the network level, there are no application compatibility issues. Cons of IPsec: Â·CPU Overhead - Having to perform encryption and decryption on the hundreds of megabytes of data flowing through the machines requires quite a bit of processing power, and this translates to higher processor loads . Â·Compatibility Issues - IPsec is a standardized solution today, and yet, some large software developers may not adhere to it, and may go ahead with standards of their own. As a result, this can lead to compatibility issues . Â·Broken Algorithms - Some of the security algorithms that are still being used in IPsec have already been cracked. This poses a huge security risk, especially if the network administrators unknowingly use those algorithms instead of newer, more complex ones that are already available. .

Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx

earleanp

Describe core competencies and their relationship to operations management. Please provide an example for a manufacturing environment and a service environment. Solution core competency fullfills three key criteria: A core competency can take various forms, including technical/subject matter know-how, a reliable process and/or close relationships with customers and suppliers. It may also include product development or culture, such as employee dedication, best Human Resource Management (HRM), good market coverage, or kaizen or continuous improvement over time. Core competencies are particular strengths relative to other organizations in the industry, which provide the fundamental basis for the provision of added value. Core competencies reflect the collective learning of an organization and involve coordinating diverse production skills and integrating multiple streams of technologies. It includes communication, involvement, and a deep commitment to working across organizational boundaries, such as improving cross-functional teams within an organization to address boundaries and to overcome them. Few companies are likely to build world leadership in more than five or six fundamental competencies. As an example of core competencies, Walt Disney World Parks and Resorts has three main core competencies: core competencies their relationship to operations management Operations management is an area of management concerned with overseeing, designing, and controlling the process of production and redesigning business operations in the production of goods or services. It involves the responsibility of ensuring that business operations are efficient in terms of using as few resources as needed, and effective in terms of meeting customer requirements. Core competencies are the collective learning in the organization, especially how to coordinate diverse production skills and integrate multiple streams of technologies.It embodies an organization .

Describe core competencies and their relationship to operations manage.docx

earleanp

Describe in detail a man-in-the-middle attack on the Diffie-Hellman key-exchange protocol whereby the adversary ends up sharing a key k A with Alice and a different key k B with Bob, and Alice and Bob cannot detect that anything has gone wrong. What happens if Alice and Bob try to detect the presence of a man-in-the-middle adversary by sending each other (encrypted) questions that only the other party would know how to answer? Solution In man-in-the-middle attack, an opponent Eve intercepts Alice\'s public key K A and sends her own public key as K A to Bob. When Bob transmits his public key K B , Eve substitutes it with her own and sends it as K B to Alice. Eve and Alice thus agree on one shared key and Eve and Bob agree on another shared key. After this exchange, Eve simply decrypts any messages sent out by Alice or Bob, and then reads and possibly modifies them before re-encrypting with the appropriate key and transmitting them to the other party. This vulnerability is present because Diffie-Hellman key exchange does not authenticate the participants. The man-in-the-middle attack may be prevented by using digital signatures and other cryptographic schemes. Bob to encrypt a message so that only Alice will be able to decrypt it, with no prior communication between them other than Bob having trusted knowledge of Alice\'s public key. Alice\'s public key is g K A mod p, g,p. . To send her a message, Bob chooses a random K B and then sends Alice g K B mod p together with the message encrypted with ( g K A ) K B mod p symmetric key. Only Alice can determine the symmetric key and hence decrypt the message because only she has K A. .

Describe in detail a man-in-the-middle attack on the Diffie-Hellman ke.docx

earleanp

Describe events that led to the signing of the Homeland Security Act 2002 into law on November 25, 2002. What was the intent of this Act and what department did it create? How did the Act change FEMAâ€™s emergency response role? Several agencies resisted efforts to be incorporated in the new department. Identify three such agencies and explain why they may have been reluctant to join. Do you agree? Solution Department of Homeland Security (DHS) was formed during the incorporation of all or part of 22 various federal departments into a united, incorporated Department. It was initiated to make the Americans safe. The President of America says to form a novel DHS, by considering all the departments into a single to safeguard the America under the name of DHS. It is the strategic plan applied by him after the terrorist attack in pennenslavia. The DHS mission is to keep the Americans safe from any of the attacks. Blue campaign and citizen corps involved in the Department of Homeland security. The Blue Campaign gives its support to the DHS and believe that every people has a right to have a freedom and then it combines with other NGOâ€™s, to fulfill its belief. The mission of Citizen Corps is to bind the people of Americans to enhance their knowledge with education, providing training centers, and volunteer service to make people strong and prepare them how to handle situations when they were troubles or attacks by other or some other natural disasters occurs. The Federal Emergency Management Agency (FEMA) is an organization of theUnited States Department of Homeland Security, initially created by Presidential Reorganization Plan No. 3 of 1978 and implemented by twoExecutive Orders on April 1, 1979.The goal is to organize the reply to a disasters that has happened in the US and then provide the funds to local and state government. The governer from that state that is where the disaster took place is the right person to intimate to the FEMA and to president .

Describe events that led to the signing of the Homeland Security Act 2.docx

earleanp

More from earleanp (20)