English 108 Spring 2015
Lexicon Assignment Sheet
A lexicon is a vocabulary or stock of terms used in a particular profession, subject, or branch of knowledge. In this class, you will be asked to develop your own lexicon with terms and vocabulary specific to academic writing. A list of at least ten(10) new vocabulary words must be used in and accompany each of your three major Writing Projects, with your full Lexicon due at the end of the semester.
Each entry in your lexicon must include:
1. The term (i.e., vocabulary word)
2. The most common definitions or meanings of the term in an academic setting
3. Variations of the term, if available
4. An example of the term being used in academic writing (i.e., a quotation in which the term is being used appropriately, taken from class readings or other academic materials)
5. The full MLA citation for each quotation.
To get you started, a good list of academic terms can be found here: http://www.esldesk.com/vocabulary/academic
During the semester, we will also create and add to a list of terms as a class, which can be found on Google Drive:
https://docs.google.com/document/d/1zQ0Cr3Oqg2FS977zDqVJg8PKjh074p0rYVo1ZZbwTFE/edit?usp=sharing
Sample Lexicon entry:
Argument: a statement backed by evidence; a reason or set of reasons given with the aim of persuading others that an action or idea is the one they should choose or support; a matter of finding, through a process of rational inquiry, the best solution to a problem or issue.
Variations: Argue, argumentation, argumentative
Example: “Think about the conversations that we’ve had in class. We’ve identified arguments of the heart, arguments based on character, on value, and on logic. Where do you see these arguments in the text you’ve chosen? Consider how they work in the text to inform, to move the audience to action, to think differently, to consider other perspectives, etc.” (29).
Singh-Corcoran, Nathalie. “Composition as a Write of Passage.” Writing Spaces: Readings of Writing, vol. 2 (2011): 24-36. Web. 12 Jan. 2015.
QWD Vulnerability and weakness analysis
Laila Panjawani
Submitted to: William Crumm
SE571 Principles of Information Security and Privacy
Keller Graduate School of Management
Submitted: March 22, 2015
Table of Content
Introduction3
Two Security Vulnerabilities4
Software Vulnerability4
References7
Introduction
Quality Web Design is company that focuses on creating Web site for numerous businesses. System security is crucial asset in any company and should be protected in order to stay in business for extensive period of time. Quality Web Design requires analyzing their system to understand weakness in their Security system so that their system is not compromised. QWD Software security and hardware are potential Vulnerabilities that needs to be addressed in order to avoid compromising their system Security Vulnerabilities
1Two Security Vulnerabilit ...
English 108 Spring 2015Lexicon Assignment SheetA lexicon is a .docx
1. English 108 Spring 2015
Lexicon Assignment Sheet
A lexicon is a vocabulary or stock of terms used in a particular
profession, subject, or branch of knowledge. In this class, you
will be asked to develop your own lexicon with terms and
vocabulary specific to academic writing. A list of at least
ten(10) new vocabulary words must be used in and accompany
each of your three major Writing Projects, with your full
Lexicon due at the end of the semester.
Each entry in your lexicon must include:
1. The term (i.e., vocabulary word)
2. The most common definitions or meanings of the term in an
academic setting
3. Variations of the term, if available
4. An example of the term being used in academic writing (i.e.,
a quotation in which the term is being used appropriately, taken
from class readings or other academic materials)
5. The full MLA citation for each quotation.
To get you started, a good list of academic terms can be found
here: http://www.esldesk.com/vocabulary/academic
During the semester, we will also create and add to a list of
terms as a class, which can be found on Google Drive:
https://docs.google.com/document/d/1zQ0Cr3Oqg2FS977zDqVJ
g8PKjh074p0rYVo1ZZbwTFE/edit?usp=sharing
Sample Lexicon entry:
Argument: a statement backed by evidence; a reason or set of
reasons given with the aim of persuading others that an action
or idea is the one they should choose or support; a matter of
finding, through a process of rational inquiry, the best solution
2. to a problem or issue.
Variations: Argue, argumentation, argumentative
Example: “Think about the conversations that we’ve had in
class. We’ve identified arguments of the heart, arguments based
on character, on value, and on logic. Where do you see these
arguments in the text you’ve chosen? Consider how they work
in the text to inform, to move the audience to action, to think
differently, to consider other perspectives, etc.” (29).
Singh-Corcoran, Nathalie. “Composition as a Write of Passage.”
Writing Spaces: Readings of Writing, vol. 2 (2011): 24-36.
Web. 12 Jan. 2015.
QWD Vulnerability and weakness analysis
Laila Panjawani
Submitted to: William Crumm
SE571 Principles of Information Security and Privacy
Keller Graduate School of Management
Submitted: March 22, 2015
4. Introduction
Quality Web Design is company that focuses on creating Web
site for numerous businesses. System security is crucial asset in
any company and should be protected in order to stay in
5. business for extensive period of time. Quality Web Design
requires analyzing their system to understand weakness in their
Security system so that their system is not compromised. QWD
Software security and hardware are potential Vulnerabilities
that needs to be addressed in order to avoid compromising their
system Security Vulnerabilities
1Two Security Vulnerabilities
Software Vulnerability and Hardware Vulnerability:
The first potential hardware threat is inherent with use of VPN
Tunnels that can cause damage to their hardware system.
According to Bank Security Report, remote access can cause
security breach by user not using necessary security precautions
that are used in the company, institution’s servers, and data
that’s transmitted through wireless internet. VPN fails to
protect all of this weakness that can cause security breach due
to not having proper protections in place (Bank Security Report,
2012). For example, QWD allows employees to access their
server through corporate owned computer and mobile phone to
Virtual point Network, email, and Exchange server however,
this could leave company vulnerable to intruders having access
to their laptops, mobile device, data, compromising user names,
and passwords.
Organization system may also have potential risk of new viruses
being transmitted via encrypted packet due to wireless network
used (Bank Security Report, 2012). In Addition to, having
access to VPNs means that the user has full access to the
internal server, thus allowing the hacker to have full access to
internal network if it is compromised (Roy Hills, 2005). This
means that the intruder will have access to confidential
information of accounting, payroll and marketing operations
that can be used to cause company some damage.
6. The likelihood that the threat will occur is most likely due to
being easily hacked over unsecured network, full access to
internal network through mobile, and being invisible to IDS
monitoring can be easy target for any intruders (Roy Hills,
2005). Company can loose its competitive advantage against
other competitors by hackers damaging system through virus,
getting hold of sensitive data and having direct access to
internal network. This could damage the trust QWD
confidentially and reliability it has with its customers and
company.
QWD system can also be subjected to SQL injection
attack. SQL injection attack is caused by using Structured
Query language code to gain unauthorized access to the backend
database (Abdoulaye, Pathan, 2012). In other words, the
attacker may use malicious code through SQL query and injects
that to input box of Web Application (Abdoulaye, Pathan,
2012).
QWD could be at potential risk of compromising their database
in such a way that it can alter or destroy their data, and give
unauthorized access to confidential data such as customer’s
addresses, phone numbers, credit card information and much
more. SQL injection is known to by bass firewall and gain
access to the database (Kindey, Patha, 2013). For example,
QWD customers can be entering information on their
“feedback” screen and click submit, the attacker can easily get
the confidential information send back by entering the correct
SQL quires into those fields and gaining easy access to their
information (Richards, 2006).
In addition to, SQL injections can also be potential threat
to company’s confidentiality, integrity and authority if the
attacker succeeds to attack the backend data on the system
(Abdoulaye, Pathan, 2012). This could greatly hurt their
competitive advantage against other competitors in the market.
7. For example, hacker can have access to customer’s information
that might be simply browsing through their website, which may
cause serious damage to company reputation and reliability.
According to Jonathan Richards, more than 50% of the
company computers systems are not securely protected from
hacker to gain administrative privileges. This could cause
company large amount of money if proper steps are not taken to
prevent this. This could most likely happen to QWD due to the
vulnerability in their system that can allow hackers to gain
unlimited access to their backend database and cause
irreversible damage to the company. There is several
preventative solutions QWD can take in order prevent hackers
from intruding their software and hardware, which will help
company protect their asset for long time to come.
Recommended solutions
QWD is required to take necessary steps to protect their
hardware from being effected through usage of VPN tunnels
that may cause security breach in the company. According to
research, VPN can be considered as a weak link in a secure
system if proper protections are not set. QWD must consider
effective way to avoid split tunneling, define central
authentication, ensure safe encryption and SSL connection, and
aim for customizability and versatility. In addition to, look for
VPN gateways to prevent access abuse, verify IP addresses and
ports with a protocol analyzer, make sure applications are
supported, and most importantly have effective policy
implementation (Dan,2014).
Figure 1. Threat-Protected VPN Services Use Onboard Security
to Protect Against VPN
QWD can achieve this level of protection by implementing
CISCO ASA 5500 series adaptive security router appliance, that
includes top of the line security and VPN services for small and
medium-sized business (SMBs) and enterprise applications
(cisco.com, n.d). According to BarcodesInc, ASA 5500 series
adaptive security appliance cost approximately $779.50
8. (barcordsinc.com, n.d). The IT staff, at no additional cost to the
company can load this appliance and meet QWD remote office
needs.
Figure 2. Customizable VPN Services for Any Deployment
Scenario (Cisco. Com, nd.)
This software provides Internet transport by ensuring integrity
through advanced endpoint and network level security (Figure
2). Cisco ASA 500 series offers top of the line VPN
technologies with scalability up to 10,000 simultaneous users
per device (cisco.com, n.d).
Impact on Business
According to Cisco, Cisco ASA 500 will reduce the cost
associated with equipment needed to scale and protect a VPN.
QWD employees will have “SSL (TLS &DTLS), and IPsec-
based full network access, Superior clientless network access,
Cisco any connect secure mobility solution, network-aware site
to site VPNs, threat-protected remote access VPNs, cost
effective VPN deployment and operations, scalability and
resiliency, openSSL technology ( cisco.com,n.d).”
In addition to, QWD is recommended to take several
precautions to prevent SQL injections attacks. According to
How to Prevent SQL Injection Attacks, QWD will have to filter
all the data entered via websites known as data sanitization. In
addition to, use free web application firewall known as Mod
Security, which provides protection from threatening request
(Aaron, 2012). QWD will also have to limit database privileges
by context and avoid constructing SQL queries with user input
(Aaron,2012).The company may also buy software Acunetix,
web application security. Acunetic software helps scans for
SQL injections, and blind SQL injections along with cross-site
scripting. This software can be purchased at the cost of $ 4,995
and maintenance cost $1,000 yearly (acunetix.com, n.d). These
preventative actions will help protect QWD organization from
compromising their network, data, and control of their website.
Impact on business
9. QWD implementing recommended solutions would gain
customer satisfaction. In addition to, will save lot of money by
avoiding unauthorized access and control to intruders. Will
insure competitive advantage by enforcing reliability and
confidentially against SQL injections.
In conclusion, QWD is susceptible to hardware and
software vulnerability. It is recommended that QWD invest in
recommended solution to sustain their competitive advantage in
the market. QWD will save thousands of dollars by taking
preventative actions vs. fixing the problem after their system is
compromised. Research have shown that approximately 90% of
the of the sites using VPN tunnels had substantial
vulnerabilities in three years of testing (Roy, 2005). Company
must take necessary steps to protect their assets and customers
information from being compromised.
References
· Abdoulaye, D, Pathan,K. (2013). A Detailed Survey on
10. Various Aspects of SQL Injection in Web Applications:
Vulnerabilities, Innovative Attacks, and Remedies, International
Journal of Communication Networks & Information, Vol. 5
Issue 2, p, 80.
· Identifying VPN Security Weaknesses. (2012). Bank Security
Report, 41(4), 5-8.
· Jonathan, R. (n.d). On the hackers' trail - have they got your
number? Times, The (United Kingdom).
· Roy, H. (2005). Common VPN Security Flaws. Roy Hills,
NTA Monitor LTD. Retrieved on March 22 March.2015 from
http://www.nta-monitor.com/files/whitepapers/VPN-Flaws-
Whitepaper.pdf
http://www.cisco.com/c/en/us/products/collateral/security/asa-
5500-series-next-generation-
firewalls/product_data_sheet0900aecd80402e3f.html
http://www.acunetix.com/ordering/
http://www.esecurityplanet.com/hackers/how-to-prevent-sql-
injection-attacks.html
Aaron Weiss posted August 16,2012
http://www.barcodesinc.com/cisco/asa-5500-series.htm
http://www.cisco.com/c/en/us/products/collateral/security/asa-
5500-series-next-generation-
firewalls/product_data_sheet0900aecd80402e3f.html
https://books.google.com/books?id=AhkEAAAAMBAJ&pg=PA
60&lpg=PA60&dq=how+much+does+Cisco+VPN+client+softwa
re+cost+for+business&source=bl&ots=LugVUzZKyz&sig=DW1
HjIe0ecmk57U9PEe-Mzs-
zpY&hl=en&sa=X&ei=BuMyVfTIH8WfsAXapIHwCg&ved=0CI
IBEOgBMAk#v=onepage&q=how%20much%20does%20Cisco%
11. 20VPN%20client%20software%20cost%20for%20business&f=fa
lse
http://resources.infosecinstitute.com/importance-effective-vpn-
remote-access-policy/
Writing Project 3: Critical Evaluation Essay
Technology, Language & Writing
Context & Description
Technology impacts most of our lives on a daily basis. From
the smart phones we hold in our hands to the laptops and tablets
we use for school, work or leisure, technology has changed, and
continues to influences the ways in which we communicate,
work, learn, and play.
While some developments in technology are well-received and
widely used in effective ways that benefit society, other
developments bring about controversy and disagreement over
how specific technologies are used and to what extent. For
instance, video games have become popular among people of all
generations, but its uses and effects on people and society has
created some very different views. Video games are sometimes
blamed for promoting negative behavior among children and
adolescents, such as criminal activities and physical violence
(Barlett, et al., O’Toole). Some people also argue that habitual
uses of video games lead to health issues such as addiction and
obesity (Grüsser et al.). Video game addiction can also lead to
sleep deprivation and lack of concentration, and in some cases
affect people’s performance at work or school. Others argue
that not all video games or all uses of video games are
problematic. James Gee, a literacy specialist and advocate for
the use of video games in teaching and learning, argues that
“any learning, whether it's books, a movie, or a game, can lead
12. to bad or good results depending on the environment in which
it's [played], not the game itself” and that good video games can
be extremely useful as a learning tool, facilitating the
development of problem-solving abilities and language skills”
(Sheffield 11).
Various forms of technology has also changed what it means to
be literate. In 2008, The National Council of Teachers of
English issued a statement defining twenty-first century
literacies, recognizing the role of technology in shaping the
meaning of literacy: “Because technology has increased the
intensity and complexity of literate environments, the twenty-
first century demands that a literate person possess a wide range
of abilities and competencies.” Literacy in this sense includes
many types of activities that are “multiple, dynamic, and
malleable”--such as reading online newspaper articles to
participating in virtual class discussion and even interacting on
social networking sites such as Facebook and Twitter. The goal
of this project is to critically assess the impact that a specific
type of technology has had on our language and literacy
practices.
Write a critical evaluation essay in which you identify a form of
technology and assess its impact on language or literacy
practices. For the purpose of this project, technology can be
defined broadly to include hardware (e.g., cell phones, tablets,
computers, video projectors) and software (e.g., word
processors, Internet browsers) as well as online resources (e.g.,
websites, online apps and social networking sites).
Step 1: Identify a form of technology
Think about the ways that different technologies have helped
you to acquire new literacy skills or, perhaps, have caused
13. problems. As you explore different technology forms, consider
the following questions:
· What are some of the new forms of technology that you have
encountered in your literacy practices--both within and outside
the classroom?
· How has technology shaped your literacy practices?
· What are your reactions to them?
· What would happen if you lost access to those forms of
technology?
Step 2: Determine evaluation criteria
Once you have identified a form of technology for your project,
you will need to think about the criteria for evaluating the
technology. Some of these criteria may reflect your own values
and beliefs surrounding literacy and learning, but you will also
need to take into consideration the values and beliefs of your
audience.
· What are shared goals for literacy and learning in our society
and/or education system(s)?
· How do we define “literacy”? How do we know when someone
is “literate”?
· How do we define “learning”? How do we measure effective
learning in our society? In our education system(s)?
· How do we evaluate technology? How do we know if it is
helping us acquire new skills?
· What are some specific ways we can judge a technology’s
effect on literacy and learning?
Step 3: Analysis
Using the criteria you’ve developed, evaluate the form of
technology you have chosen, thinking carefully about how it
meets (or does not meet) each criterion. Based on your analysis,
consider the role of technology in language and literacy
practices and learning as well as the use of the particular form
14. of technology you have examined.
As you explore your ideas, consider the following questions:
· What are some forms of technology that you have always had
access to and have come to take for granted?
· How have they influenced the ways in which you read and
write as well as think, learn and interact with others?
· What are some of the benefits of the technology?
· What are some of the problems introduced by the same
technology?
· How are people reacting to the technology--enthusiastic
acceptance, outright rejection, or critical engagement?
· How can the technology be altered or adapted to facilitate
literacy practices and learning while avoiding the problems
associated with it?
· What’s the next step? Where do we go from here?
Learning Objectives
In this project, you will learn to:
· Demonstrate your understanding of the multiple perspectives
and representations of your object
· Identify a set of criteria by which you can evaluate your object
· Identify the audience for your writing
· Articulate the criteria for your evaluation and persuade the
audience if some of the criteria have not already been shared
with the audience
· Formulate a claim based upon your evaluation of your object
· Consider larger implication of the evaluation
· Identify, develop and organize supporting evidence
Audience
The audience for this project will be students and scholars of
literacies who are interested in learning more about how
technologies impact language and literacy practices. Keep in
15. mind that some of the readers may not be familiar with the
technology being analyzed--you need to describe it as well as
its relevant parts for them before analyzing the details.
Requirements
· 1,500 word minimum
· MLA format (i.e., paper is double spaced throughout with one
inch margins; 12 point Times New Roman font preferred)
· Additionally, a complete project must include your:
· Lexicon (see assignment sheet); 10 entries with MLA citations