Final Project Incident Response Exercise & ReportYour Task
•Download as DOCX, PDF•
0 likes•7 views
Final Project: Incident Response Exercise & Report Your Task You have been assigned to work incident clean-up as part of the Sifers-Grayson Blue Team. Your task is to assist in analyzing and documenting the incident described below. The Blue Team has already created a set of enterprise architecture diagrams (see figures 1-4) to help with your analysis of the incident and preparation of the incident report as required by the company’s contracts with the federal government. After completing their penetration tests, the Red Team provided Sifers-Grayson executives with a diagram showing their analysis of the threat environment and potential weaknesses in the company’s security posture for the R&D DevOps Lab (see figure 5). Your Deliverable Complete and submit the Incident Report form found at the end of this file. Consult the “Notes to Students” for additional directions regarding completion of the form. Overview of the Incident Sifers-Grayson hired a cybersecurity consulting firm to help it meet the security requirements of a contract with a federal agency. The consulting firm’s Red Team conducted a penetration test and was able to gain access to the engineering center’s R&D servers by hacking into the enterprise network through an unprotected network connection (see figure 2). The Red Team proceeded to exfiltrate files from those servers and managed to steal 100% of the design documents and source code for the AX10 Drone System. The Red Team also reported that it had stolen passwords for 20% of the employee logins using keylogging software installed on USB keys that were left on the lunch table in the headquarters building employee lounge (see Figure 3). The Red Team also noted that the Sifers-Grayson employees were quite friendly and talkative as they opened the RFID controlled doors for the “new folks” on the engineering staff (who were actually Red Teamers). The Red Team continued its efforts to penetrate the enterprise and used a stolen login to install malware over the network onto a workstation connected to a PROM burner in the R&D DevOps lab (See Figure 3). This malware made its way onto a PROM that was then installed in an AX10-a test vehicle undergoing flight trials at the Sifers-Grayson test range (See Figures 1 and 4). The malware “phoned home” to the Red Team over a cellular connection to the R&D center. The Red Team took control of the test vehicle and flew it from the test range to a safe landing in the parking lot at Sifers-Grayson headquarters. Background Sifers-Grayson is a family owned business headquartered in Grayson County, Kentucky, USA. The company’s physical address is 1555 Pine Knob Trail, Pine Knob, KY 42721. The president of the company is Ira John Sifers, III. He is the great-grandson of one of the company’s founders and is also the head of the engineering department. The chief operating officer is Michael Coles, Jr. who is Ira John’s great nephew. Mary Beth Sifers is the chief financial officer and also ser ...
Report
Share
Report
Share
Recommended
Final Project Incident Response Exercise & ReportYour TaskYou hav.docx
Final Project: Incident Response Exercise & ReportYour Task
You have been assigned to work incident clean-up as part of the Sifers-Grayson Blue Team. Your task is to assist in analyzing and documenting the incident described below. The Blue Team has already created a set of enterprise architecture diagrams (see figures 1-4) to help with your analysis of the incident and preparation of the incident report as required by the company’s contracts with the federal government. After completing their penetration tests, the Red Team provided Sifers-Grayson executives with a diagram showing their analysis of the threat environment and potential weaknesses in the company’s security posture for the R&D DevOps Lab (see figure 5).
Your Deliverable
Complete and submit the Incident Report form found at the end of this file. Consult the “Notes to Students” for additional directions regarding completion of the form.
Overview of the Incident
Sifers-Grayson hired a cybersecurity consulting firm to help it meet the security requirements of a contract with a federal agency. The consulting firm’s Red Team conducted a penetration test and was able to gain access to the engineering center’s R&D servers by hacking into the enterprise network through an unprotected network connection (see figure 2). The Red Team proceeded to exfiltrate files from those servers and managed to steal 100% of the design documents and source code for the AX10 Drone System. The Red Team also reported that it had stolen passwords for 20% of the employee logins using keylogging software installed on USB keys that were left on the lunch table in the headquarters building employee lounge (see Figure 3). The Red Team also noted that the Sifers-Grayson employees were quite friendly and talkative as they opened the RFID controlled doors for the “new folks” on the engineering staff (who were actually Red Teamers).
The Red Team continued its efforts to penetrate the enterprise and used a stolen login to install malware over the network onto a workstation connected to a PROM burner in the R&D DevOps lab (See Figure 3). This malware made its way onto a PROM that was then installed in an AX10-a test vehicle undergoing flight trials at the Sifers-Grayson test range (See Figures 1 and 4). The malware “phoned home” to the Red Team over a cellular connection to the R&D center. The Red Team took control of the test vehicle and flew it from the test range to a safe landing in the parking lot at Sifers-Grayson headquarters.
Background
Sifers-Grayson is a family owned business headquartered in Grayson County, Kentucky, USA. The company’s physical address is 1555 Pine Knob Trail, Pine Knob, KY 42721. The president of the company is Ira John Sifers, III. He is the great-grandson of one of the company’s founders and is also the head of the engineering department. The chief operating officer is Michael Coles, Jr. who is Ira John’s great nephew. Mary Beth Sifers is the chief financial officer and also serves as ...
This week your focus should be on figuring out what the Red Team did.docx
This week your focus should be on figuring out what the Red Team did and how they did it. (See the - Incident Response Exercise & Report below - the detailed assignment description for the course final project).For your first posting this week, you must provide an analysis of the Red Team's report (as listed in the final project-check below). At a minimum you must identify and discuss three specific vulnerabilities that were exploited by the Red Team as part of its penetration testing. You will need to research similar types of attacks using Red Team or Ethical Hacking resources from the Internet.Final Project: Incident Response Exercise & Report
Your Task
You have been assigned to work incident clean-up as part of the Sifers-Grayson Blue Team. Your task is to assist in analyzing and documenting the incident described below. The Blue Team has already created a set of enterprise architecture diagrams (see figures 1-4) to help with your analysis of the incident and preparation of the incident report as required by the company’s contracts with the federal government. After completing their penetration tests, the Red Team provided Sifers-Grayson executives with a diagram showing their analysis of the threat environment and potential weaknesses in the company’s security posture for the R&D DevOps Lab (see figure 5).
Overview of the Incident
Sifers-Grayson hired a cybersecurity consulting firm to help it meet the security requirements of a contract with a federal agency. The consulting firm’s Red Team conducted a penetration test and was able to gain access to the engineering center’s R&D servers by hacking into the enterprise network through an unprotected network connection (see figure 2). The Red Team proceeded to exfiltrate files from those servers and managed to steal 100% of the design documents and source code for the AX10 Drone System. The Red Team also reported that it had stolen passwords for 20% of the employee logins using keylogging software installed on USB keys that were left on the lunch table in the headquarters building employee lounge (see Figure 3). The Red Team also noted that the Sifers-Grayson employees were quite friendly and talkative as they opened the RFID controlled doors for the “new folks” on the engineering staff (who were actually Red Teamers).
The Red Team continued its efforts to penetrate the enterprise and used a stolen login to install malware over the network onto a workstation connected to a PROM burner in the R&D DevOps lab (See Figure 3). This malware made its way onto a PROM that was then installed in an AX10-a test vehicle undergoing flight trials at the Sifers-Grayson test range (See Figures 1 and 4). The malware “phoned home” to the Red Team over a cellular connection to the R&D center. The Red Team took control of the test vehicle and flew it from the test range to a safe landing in the parking lot at Sifers-Grayson headquarters.
Background
Sifers-Grayson is a family owned business headquartered in G ...
Case Project 1-1 Defining and Designing a NetworkThe overview.docx
Case Project 1-1: Defining and Designing a Network
The overview of this book’s running case project is in the front matter. Please review this information carefully to guide you in completing each chapter’s project as you work through the remaining chapters.
You have been hired as a consultant to design a network for LedGrafix, a video and PC game design company. LedGrafix’s newest game has become a hot seller, and the company anticipates rapid growth. It’s moving into a new facility and will be installing a new network. Because competition is fierce in the game industry, LedGrafix wants the network fully secured, documented, and maintained while providing high availability, scalability, and performance.
Based on your current network technology and information security knowledge, for this project you design a network to meet the specified requirements and create a network diagram detailing your design. After you have created the diagram, you create a hardware and software inventory for the network. In addition to designing the network, you must also provide full documentation. The network should meet the following requirements:
· One location in Phoenix, AZ
· Capable of supporting 62 users in these departments: Accounting and Payroll, 4; Research and Development, 12; Sales and Marketing, 10; Order Processing, Shipping, and Receiving, 14; secretarial and office management staff, 4; upper management (including the president, vice president, and general manager), 10; Customer Relations and Support, 6;Technology Support, 2.
· Full T-1 Internet connection
Tasks
1. Design a network that meets the preceding requirements.
2. Examine the facility diagram your instructor provides. Using whatever drawing application you have available (MS Paint will work, if you have no other options), create a diagram of your network, showing the physical layout of the system.
3. Create a hardware and software inventory. Your instructor has blank forms you can use, or you can create or find your own. Your inventory should include at least the following:
· Operating systems
· Server operating systems
· Office applications
· Antivirus software
· Computers, servers, and peripherals
· Network connectivity equipment, such as hubs, switches, or routers
· Specialized imaging or multimedia devices or software
· Developer tools (you can make up tool names, if necessary)
· Other applications you think are necessary
Case Project 2-1: Conducting Risk Assessment and Analysis
Risk assessment can be as simple as noting an unlocked door or a password written on a note, or it can be a complex process requiring several team members and months to complete. A large enterprise environment probably has multiple locations, diverse activities, and a wide array of resources to evaluate. You don’t need such a complex network, however, for your running case project; the main idea is to learn how to apply your knowledge in a methodical fashion to produce useful and accurate data. Approaching ...
erm Paper Managing an IT Infrastructure AuditDue Week 10 and wo
erm Paper: Managing an IT Infrastructure Audit
Due Week 10 and worth 210 points
This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan.
You must submit all four (4) sections as separate files for the completion of this assignment.
Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.
Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.
In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:
They have a main office and 268 stores in the U.S.
They utilize a cloud computing environment for storage and applications.
Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.
They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.
They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.
They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.
They enable wireless access at the main office and the stores.
They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.
Section 1: Internal IT Audit Policy
Write a three to four (3-4) page paper in which you:
1. Develop an Internal IT Audit Policy, which includes at a minimum:
a. Overview
b. Scope
c. Goals and objectives
d. Compliance with applicable laws and regulations
e. Management oversight and responsibility
f. Areas covered in the IT audits
g. Frequency of the audits
h. Use at least two (2) quality resources in this assignment.
Note
: Wikipedia and similar Websites do not qualify as quality resources.
Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
2. Explain the management plan for conducting IT audits, including:
a. Risk management
b. System Software and Applications
c. Wireless Networking
d ...
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
Term Paper: Managing an IT Infrastructure Audit
Due Week 10 and worth 210 points
This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan.
You must submit all four (4) sections as separate files for the completion of this assignment.
Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.
Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.
In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:
They have a main office and 268 stores in the U.S.
They utilize a cloud computing environment for storage and applications.
Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.
They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.
They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.
They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.
They enable wireless access at the main office and the stores.
They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.
Section 1: Internal IT Audit Policy
Write a three to four (3-4) page paper in which you:
1. Develop an Internal IT Audit Policy, which includes at a minimum:
a. Overview
b. Scope
c. Goals and objectives
d. Compliance with applicable laws and regulations
e. Management oversight and responsibility
f. Areas covered in the IT audits
g. Frequency of the audits
h. Use at least two (2) quality resources in this assignment.
Note
: Wikipedia and similar Websites do not qualify as quality resources.
Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
2. Explain the management plan for conducting IT audits, including:
a. Risk management
b. System Software and Applications
c. Wireless Networking
...
Project Deliverable 5 Infrastructure and SecurityThis assignm.docx
Project Deliverable 5: Infrastructure and Security
This assignment consists of two (2) sections: an infrastructure document and a revised Gantt chart or project plan. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.
The infrastructure which encompasses the network solution and security considerations is a major consideration for your company. Considering that the company will be expanding from one (1) floor to three (3) floors in the very near future you, as the CIO, are responsible for the design of the infrastructure and security protocols. You have been tasked with designing a network that is stable, redundant, and scalable. In addition, speed and reliability are important considerations. Assumptions should be drawn regarding network usage in relationship to network services and resources. All the established criteria that were set at the onset should be adhered to within your plan. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. In addition, access paths for Internet access should be depicted. Additionally, the security of the network should be in the forefront of your design because protecting your data is a primary consideration.
Section 1: Infrastructure Document
1. Write a four pages infrastructure document in which you:
. Justify and support the relationship between infrastructure and security as it relates to this data-collection and analysis company.
. Present the rationale for the logical and physical topographical layout of the planned network.
. Design a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
. Illustrate the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls. Note: Facility limitations, workstations, databases, printers, routers, switches, bridges, and access points should be considered in the illustration.
. Create and describe a comprehensive security policy for this data-collection and analysis company that will:
· Protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA). Note: CIA is a widely used benchmark for evaluation of information systems security, focusing on the three (3) core goals of confidentiality, integrity, and availability of information.
· Address ethical aspects relat ...
Project Deliverable 5 Network Infrastructure and SecurityDu
Project Deliverable 5: Network Infrastructure and Security
Due Week 8 and worth 120 pointsThis assignment consists of two (2) sections: an infrastructure document and a revised project plan. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.With the parameters set forth at the onset of the project, present the infrastructure and security policy that will support the expected development and growth of the organization. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. Since the company will be merging with a multinational company, virtualization and cloud technology should be taken into consideration. In addition, access paths for Internet access should be depicted. A narrative should be included to explain all the nodes of the network and the rationale for the design. Lastly, using the Confidentiality, Integrity and Availability (CIA) Triangle, define the organizational security policy.
Section 1: Infrastructure Document
Write a five to ten (5-10) page infrastructure document in which you:
Identify possible network infrastructure vulnerabilities. Address network vulnerabilities with the appropriate security measures. Ensure that consideration is given to virtualization and cloud technology.
Design a logical and physical topographical layout of the planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Explain the rationale for the logical and physical topographical layout of the planned network. Note: The graphically depicted solution is not included in the required page length.
Illustrate the possible placement of servers, including access paths to the Internet and firewalls. Note: facility limitations, workstations, printers, routers, switches, bridges, and access points should be considered in the illustration.
Create and describe a comprehensive security policy for the company that will:
Protect the company infrastructure and assets by applying the principals of CIA. Note: CIA is a widely used benchmark for evaluation of information systems security, focusing on the three (3) core goals of confidentiality, integrity, and availability of information.
Address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or scho ...
Project Deliverable 5 Network Infrastructure and SecurityDue We.docx
Project Deliverable 5: Network Infrastructure and Security
Due Week 8 and worth 120 pointsThis assignment consists of two (2) sections: an infrastructure document and a revised project plan. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.With the parameters set forth at the onset of the project, present the infrastructure and security policy that will support the expected development and growth of the organization. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. Since the company will be merging with a multinational company, virtualization and cloud technology should be taken into consideration. In addition, access paths for Internet access should be depicted. A narrative should be included to explain all the nodes of the network and the rationale for the design. Lastly, using the Confidentiality, Integrity and Availability (CIA) Triangle, define the organizational security policy.
Section 1: Infrastructure Document
Write a five to ten (5-10) page infrastructure document in which you:
Identify possible network infrastructure vulnerabilities. Address network vulnerabilities with the appropriate security measures. Ensure that consideration is given to virtualization and cloud technology.
Design a logical and physical topographical layout of the planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Explain the rationale for the logical and physical topographical layout of the planned network. Note: The graphically depicted solution is not included in the required page length.
Illustrate the possible placement of servers, including access paths to the Internet and firewalls. Note: facility limitations, workstations, printers, routers, switches, bridges, and access points should be considered in the illustration.
Create and describe a comprehensive security policy for the company that will:
Protect the company infrastructure and assets by applying the principals of CIA. Note: CIA is a widely used benchmark for evaluation of information systems security, focusing on the three (3) core goals of confidentiality, integrity, and availability of information.
Address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or scho ...
Recommended
Final Project Incident Response Exercise & ReportYour TaskYou hav.docx
Final Project: Incident Response Exercise & ReportYour Task
You have been assigned to work incident clean-up as part of the Sifers-Grayson Blue Team. Your task is to assist in analyzing and documenting the incident described below. The Blue Team has already created a set of enterprise architecture diagrams (see figures 1-4) to help with your analysis of the incident and preparation of the incident report as required by the company’s contracts with the federal government. After completing their penetration tests, the Red Team provided Sifers-Grayson executives with a diagram showing their analysis of the threat environment and potential weaknesses in the company’s security posture for the R&D DevOps Lab (see figure 5).
Your Deliverable
Complete and submit the Incident Report form found at the end of this file. Consult the “Notes to Students” for additional directions regarding completion of the form.
Overview of the Incident
Sifers-Grayson hired a cybersecurity consulting firm to help it meet the security requirements of a contract with a federal agency. The consulting firm’s Red Team conducted a penetration test and was able to gain access to the engineering center’s R&D servers by hacking into the enterprise network through an unprotected network connection (see figure 2). The Red Team proceeded to exfiltrate files from those servers and managed to steal 100% of the design documents and source code for the AX10 Drone System. The Red Team also reported that it had stolen passwords for 20% of the employee logins using keylogging software installed on USB keys that were left on the lunch table in the headquarters building employee lounge (see Figure 3). The Red Team also noted that the Sifers-Grayson employees were quite friendly and talkative as they opened the RFID controlled doors for the “new folks” on the engineering staff (who were actually Red Teamers).
The Red Team continued its efforts to penetrate the enterprise and used a stolen login to install malware over the network onto a workstation connected to a PROM burner in the R&D DevOps lab (See Figure 3). This malware made its way onto a PROM that was then installed in an AX10-a test vehicle undergoing flight trials at the Sifers-Grayson test range (See Figures 1 and 4). The malware “phoned home” to the Red Team over a cellular connection to the R&D center. The Red Team took control of the test vehicle and flew it from the test range to a safe landing in the parking lot at Sifers-Grayson headquarters.
Background
Sifers-Grayson is a family owned business headquartered in Grayson County, Kentucky, USA. The company’s physical address is 1555 Pine Knob Trail, Pine Knob, KY 42721. The president of the company is Ira John Sifers, III. He is the great-grandson of one of the company’s founders and is also the head of the engineering department. The chief operating officer is Michael Coles, Jr. who is Ira John’s great nephew. Mary Beth Sifers is the chief financial officer and also serves as ...
This week your focus should be on figuring out what the Red Team did.docx
This week your focus should be on figuring out what the Red Team did and how they did it. (See the - Incident Response Exercise & Report below - the detailed assignment description for the course final project).For your first posting this week, you must provide an analysis of the Red Team's report (as listed in the final project-check below). At a minimum you must identify and discuss three specific vulnerabilities that were exploited by the Red Team as part of its penetration testing. You will need to research similar types of attacks using Red Team or Ethical Hacking resources from the Internet.Final Project: Incident Response Exercise & Report
Your Task
You have been assigned to work incident clean-up as part of the Sifers-Grayson Blue Team. Your task is to assist in analyzing and documenting the incident described below. The Blue Team has already created a set of enterprise architecture diagrams (see figures 1-4) to help with your analysis of the incident and preparation of the incident report as required by the company’s contracts with the federal government. After completing their penetration tests, the Red Team provided Sifers-Grayson executives with a diagram showing their analysis of the threat environment and potential weaknesses in the company’s security posture for the R&D DevOps Lab (see figure 5).
Overview of the Incident
Sifers-Grayson hired a cybersecurity consulting firm to help it meet the security requirements of a contract with a federal agency. The consulting firm’s Red Team conducted a penetration test and was able to gain access to the engineering center’s R&D servers by hacking into the enterprise network through an unprotected network connection (see figure 2). The Red Team proceeded to exfiltrate files from those servers and managed to steal 100% of the design documents and source code for the AX10 Drone System. The Red Team also reported that it had stolen passwords for 20% of the employee logins using keylogging software installed on USB keys that were left on the lunch table in the headquarters building employee lounge (see Figure 3). The Red Team also noted that the Sifers-Grayson employees were quite friendly and talkative as they opened the RFID controlled doors for the “new folks” on the engineering staff (who were actually Red Teamers).
The Red Team continued its efforts to penetrate the enterprise and used a stolen login to install malware over the network onto a workstation connected to a PROM burner in the R&D DevOps lab (See Figure 3). This malware made its way onto a PROM that was then installed in an AX10-a test vehicle undergoing flight trials at the Sifers-Grayson test range (See Figures 1 and 4). The malware “phoned home” to the Red Team over a cellular connection to the R&D center. The Red Team took control of the test vehicle and flew it from the test range to a safe landing in the parking lot at Sifers-Grayson headquarters.
Background
Sifers-Grayson is a family owned business headquartered in G ...
Case Project 1-1 Defining and Designing a NetworkThe overview.docx
Case Project 1-1: Defining and Designing a Network
The overview of this book’s running case project is in the front matter. Please review this information carefully to guide you in completing each chapter’s project as you work through the remaining chapters.
You have been hired as a consultant to design a network for LedGrafix, a video and PC game design company. LedGrafix’s newest game has become a hot seller, and the company anticipates rapid growth. It’s moving into a new facility and will be installing a new network. Because competition is fierce in the game industry, LedGrafix wants the network fully secured, documented, and maintained while providing high availability, scalability, and performance.
Based on your current network technology and information security knowledge, for this project you design a network to meet the specified requirements and create a network diagram detailing your design. After you have created the diagram, you create a hardware and software inventory for the network. In addition to designing the network, you must also provide full documentation. The network should meet the following requirements:
· One location in Phoenix, AZ
· Capable of supporting 62 users in these departments: Accounting and Payroll, 4; Research and Development, 12; Sales and Marketing, 10; Order Processing, Shipping, and Receiving, 14; secretarial and office management staff, 4; upper management (including the president, vice president, and general manager), 10; Customer Relations and Support, 6;Technology Support, 2.
· Full T-1 Internet connection
Tasks
1. Design a network that meets the preceding requirements.
2. Examine the facility diagram your instructor provides. Using whatever drawing application you have available (MS Paint will work, if you have no other options), create a diagram of your network, showing the physical layout of the system.
3. Create a hardware and software inventory. Your instructor has blank forms you can use, or you can create or find your own. Your inventory should include at least the following:
· Operating systems
· Server operating systems
· Office applications
· Antivirus software
· Computers, servers, and peripherals
· Network connectivity equipment, such as hubs, switches, or routers
· Specialized imaging or multimedia devices or software
· Developer tools (you can make up tool names, if necessary)
· Other applications you think are necessary
Case Project 2-1: Conducting Risk Assessment and Analysis
Risk assessment can be as simple as noting an unlocked door or a password written on a note, or it can be a complex process requiring several team members and months to complete. A large enterprise environment probably has multiple locations, diverse activities, and a wide array of resources to evaluate. You don’t need such a complex network, however, for your running case project; the main idea is to learn how to apply your knowledge in a methodical fashion to produce useful and accurate data. Approaching ...
erm Paper Managing an IT Infrastructure AuditDue Week 10 and wo
erm Paper: Managing an IT Infrastructure Audit
Due Week 10 and worth 210 points
This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan.
You must submit all four (4) sections as separate files for the completion of this assignment.
Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.
Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.
In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:
They have a main office and 268 stores in the U.S.
They utilize a cloud computing environment for storage and applications.
Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.
They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.
They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.
They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.
They enable wireless access at the main office and the stores.
They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.
Section 1: Internal IT Audit Policy
Write a three to four (3-4) page paper in which you:
1. Develop an Internal IT Audit Policy, which includes at a minimum:
a. Overview
b. Scope
c. Goals and objectives
d. Compliance with applicable laws and regulations
e. Management oversight and responsibility
f. Areas covered in the IT audits
g. Frequency of the audits
h. Use at least two (2) quality resources in this assignment.
Note
: Wikipedia and similar Websites do not qualify as quality resources.
Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
2. Explain the management plan for conducting IT audits, including:
a. Risk management
b. System Software and Applications
c. Wireless Networking
d ...
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
Term Paper: Managing an IT Infrastructure Audit
Due Week 10 and worth 210 points
This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan.
You must submit all four (4) sections as separate files for the completion of this assignment.
Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.
Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.
In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:
They have a main office and 268 stores in the U.S.
They utilize a cloud computing environment for storage and applications.
Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.
They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.
They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.
They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.
They enable wireless access at the main office and the stores.
They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.
Section 1: Internal IT Audit Policy
Write a three to four (3-4) page paper in which you:
1. Develop an Internal IT Audit Policy, which includes at a minimum:
a. Overview
b. Scope
c. Goals and objectives
d. Compliance with applicable laws and regulations
e. Management oversight and responsibility
f. Areas covered in the IT audits
g. Frequency of the audits
h. Use at least two (2) quality resources in this assignment.
Note
: Wikipedia and similar Websites do not qualify as quality resources.
Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
2. Explain the management plan for conducting IT audits, including:
a. Risk management
b. System Software and Applications
c. Wireless Networking
...
Project Deliverable 5 Infrastructure and SecurityThis assignm.docx
Project Deliverable 5: Infrastructure and Security
This assignment consists of two (2) sections: an infrastructure document and a revised Gantt chart or project plan. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.
The infrastructure which encompasses the network solution and security considerations is a major consideration for your company. Considering that the company will be expanding from one (1) floor to three (3) floors in the very near future you, as the CIO, are responsible for the design of the infrastructure and security protocols. You have been tasked with designing a network that is stable, redundant, and scalable. In addition, speed and reliability are important considerations. Assumptions should be drawn regarding network usage in relationship to network services and resources. All the established criteria that were set at the onset should be adhered to within your plan. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. In addition, access paths for Internet access should be depicted. Additionally, the security of the network should be in the forefront of your design because protecting your data is a primary consideration.
Section 1: Infrastructure Document
1. Write a four pages infrastructure document in which you:
. Justify and support the relationship between infrastructure and security as it relates to this data-collection and analysis company.
. Present the rationale for the logical and physical topographical layout of the planned network.
. Design a logical and physical topographical layout of the current and planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
. Illustrate the possible placement of servers including access paths to the Internet, intrusion detection systems (IDS), and firewalls. Note: Facility limitations, workstations, databases, printers, routers, switches, bridges, and access points should be considered in the illustration.
. Create and describe a comprehensive security policy for this data-collection and analysis company that will:
· Protect the company infrastructure and assets by applying the principals of confidentiality, integrity, and availability (CIA). Note: CIA is a widely used benchmark for evaluation of information systems security, focusing on the three (3) core goals of confidentiality, integrity, and availability of information.
· Address ethical aspects relat ...
Project Deliverable 5 Network Infrastructure and SecurityDu
Project Deliverable 5: Network Infrastructure and Security
Due Week 8 and worth 120 pointsThis assignment consists of two (2) sections: an infrastructure document and a revised project plan. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.With the parameters set forth at the onset of the project, present the infrastructure and security policy that will support the expected development and growth of the organization. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. Since the company will be merging with a multinational company, virtualization and cloud technology should be taken into consideration. In addition, access paths for Internet access should be depicted. A narrative should be included to explain all the nodes of the network and the rationale for the design. Lastly, using the Confidentiality, Integrity and Availability (CIA) Triangle, define the organizational security policy.
Section 1: Infrastructure Document
Write a five to ten (5-10) page infrastructure document in which you:
Identify possible network infrastructure vulnerabilities. Address network vulnerabilities with the appropriate security measures. Ensure that consideration is given to virtualization and cloud technology.
Design a logical and physical topographical layout of the planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Explain the rationale for the logical and physical topographical layout of the planned network. Note: The graphically depicted solution is not included in the required page length.
Illustrate the possible placement of servers, including access paths to the Internet and firewalls. Note: facility limitations, workstations, printers, routers, switches, bridges, and access points should be considered in the illustration.
Create and describe a comprehensive security policy for the company that will:
Protect the company infrastructure and assets by applying the principals of CIA. Note: CIA is a widely used benchmark for evaluation of information systems security, focusing on the three (3) core goals of confidentiality, integrity, and availability of information.
Address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or scho ...
Project Deliverable 5 Network Infrastructure and SecurityDue We.docx
Project Deliverable 5: Network Infrastructure and Security
Due Week 8 and worth 120 pointsThis assignment consists of two (2) sections: an infrastructure document and a revised project plan. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.With the parameters set forth at the onset of the project, present the infrastructure and security policy that will support the expected development and growth of the organization. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. Since the company will be merging with a multinational company, virtualization and cloud technology should be taken into consideration. In addition, access paths for Internet access should be depicted. A narrative should be included to explain all the nodes of the network and the rationale for the design. Lastly, using the Confidentiality, Integrity and Availability (CIA) Triangle, define the organizational security policy.
Section 1: Infrastructure Document
Write a five to ten (5-10) page infrastructure document in which you:
Identify possible network infrastructure vulnerabilities. Address network vulnerabilities with the appropriate security measures. Ensure that consideration is given to virtualization and cloud technology.
Design a logical and physical topographical layout of the planned network through the use of graphical tools in Microsoft Word or Visio, or an open source alternative such as Dia. Explain the rationale for the logical and physical topographical layout of the planned network. Note: The graphically depicted solution is not included in the required page length.
Illustrate the possible placement of servers, including access paths to the Internet and firewalls. Note: facility limitations, workstations, printers, routers, switches, bridges, and access points should be considered in the illustration.
Create and describe a comprehensive security policy for the company that will:
Protect the company infrastructure and assets by applying the principals of CIA. Note: CIA is a widely used benchmark for evaluation of information systems security, focusing on the three (3) core goals of confidentiality, integrity, and availability of information.
Address ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or scho ...
Cst 630 Inspiring Innovation--tutorialrank.com
For more course tutorials visit
www.tutorialrank.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).
You will get your information from a data-flow diagram and report from the Microsoft Threat Modeling Tool 2016. The scope should include network IT security for the whole organization. Click the following to view the data-flow diagram: [diagram and report]
Cst 630 Believe Possibilities / snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems
Cst 630Education Specialist / snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
CST 630 RANK Achievement Education--cst630rank.com
FOR MORE CLASSES VISIT
www.cst630rank.com
Project 1 Step 1: Conduct a Security Analysis Baseline In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report
CST 630 RANK Introduction Education--cst630rank.com
is a truly special teacher is very wise and sees tomorrow in every student’s eyes
CST 630 RANK Become Exceptional--cst630rank.com
is a truly special teacher is very wise and sees tomorrow in every student’s eyes
CST 630 RANK Educational Specialist--cst630rank.com
FOR MORE CLASSES VISIT
www.cst630rank.com
Project 1 Step 1: Conduct a Security Analysis Baseline In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR). You will get your information
CST 630 RANK Inspiring Innovation--cst630rank.com
is a truly special teacher is very wise and sees tomorrow in every student’s eyes
Cst 630 Enhance teaching / snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).
You will get your information from a data-flow diagram and report from the Microsoft Threat Modeling Tool
Cst 630 Education Organization-snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).
CST 630 Effective Communication - snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
CST 630 Exceptional Education - snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).
You will be doing a Health Policy Analysis Power Point on a releva.docx
You will be doing a Health Policy Analysis Power Point on a relevant medical issue in the Metro Detroit Area. Choose ONE.
You must include 1-2 scholarly sources WITHING THE PAST 5 YEARS to support the BACKGROUND, LANDSCAPE, OPTIONS AND RECOMMEDATIONS. IF YOU THIS IS NOT INCLUDED I WILL ASK THAT YOU RE-DO THE ASSIGNMENT
SPEAKER NOTES ARE REQUIRED
Research a healthcare issue that has been identified in your local community. Develop a power point presentation with speaker notes. You will then use the power point during your Kaltura recording. Structure a health policy analysis presentation that addresses the following topics particular to your health problem.
· Problem Statement
· Background
· Landscape
· Options
· Recommendations
Problem statement: Defines the problem addressed in the analysis
Background: Provides factual information needed to understand the problem
Landscape: Reviews the various stakeholders and their concerns
Options: Describes and analyzes several options to address the problem
Recommendation: Offers one option as the best action to pursue
.
Which of the three major sociological approaches to understanding so.docx
Which of the three major sociological approaches to understanding social problems related to work and the economy do you most prefer? Why?
Requirements (due Wednesday
before midnight):
Be Substantive.
Minimum of 250-words to 500-words (must have footnotes)
Must provide scholarly or current events in text citation (textbook, other scholarly/peer-reviewed sources found in the school's library database, internet sources ending in .gov or .edu; or newspapers) – Minimum of 2 references
Address current political climate and election
.
Throughout the course we have examined that the African American com.docx
Throughout the course we have examined that the African American communities have changed drastically as more Americans have become aware of the injustices faced by millions of people of color. Analyzing African American history, examine the historical processes that led to Black Lives Matters.
.
UnderstandingCultureFood,Faith,&CultureDr.FredFoy.docx
Understanding Culture
Food, Faith, & Culture
Dr. Fred Foy Strang
For this exercise you are conducting anthropological “field research” through participation,
participant observation, and data recording. This is a simple foray into the field so it does not
include a formal literature review or establishment of hypotheses. Our task is simply to
experience and reflect upon a ‘hands-on’ opportunity for actual observation, data recording, and
preliminary analysis.
Food is an important part of everyone’s culture. Food is also connected to religious
observance and spiritual ritual for many different faiths, including Christianity, Judaism,
Islam, Hinduism and Buddhism. The role of food in cultural practices and religious beliefs is
complex and varies among individuals and communities.
Focus on the Issue (Food, Faith, & Culture)
• To examine local and non-indigenous cultural influences reflected at various at public
eateries?
• To discover where these distinctives find convergence or how local culture is
reflected in the eatery/food.
• To observe social dynamics and cultural practices in public eateries and postulate
connections to local culture and/or religion.
Focus on Observation
What are the surroundings? What are people wearing? What language(s)/dialect(s) is/are
spoken? What customs are observed? Who is involved in these customs? What do you
notice about the participants (workers/owners/customers).
Focus on Interaction
Who is serving you? What do you observe about their work? Are their other people
involved in the establishment? What are their roles? You are encouraged to engage in ‘non-
directive interviewing’ on the topic of food and its relationship to culture & religion. (This is
simply getting a responder to talk and converse about a certain subject as opposed to
‘directive interviewing’ which asks specific questions or utilizes surveys.)
Focus on Participation
Place an order for something to eat. How is the food you ordered and will eat related to the
cultural influences you are observing? How do you pay for your food and recognize the
service you received?
Focus on Analysis
(This will be a minimum of 4 double spaced pages and a maximum of 7).
Document your research in a formal report format. Include in your analysis preliminary
answers to the initial issues. Finally, postulate a relationship between food, culture and faith.
What questions require further research? What kind of research might that be?
.
The Elderly populationPowerPoint Presentation.Discuss the as.docx
The Elderly population
PowerPoint Presentation.
Discuss the aspects of your chosen vulnerable population.
Discuss the reason why is this group considered vulnerable.
Discuss what are the most common communicable diseases in this population, and why.
Discuss barriers to healthcare and access to care for your vulnerable population.
Use information technology to identify resources that will improve health outcomes of the vulnerable population.
Examine evidence based practices that improve health outcomes of the vulnerable population.
Discuss how the issues this group is facing relates to the community/public health nursing.
Minimum 10/maximum 15 slides, including speaker notes, excluding the title and reference slides.
.
The leader of your organization just resigned because they were arre.docx
The leader of your organization just resigned because they were arrested. You are now in charge of guiding the organization through the process of picking a new leader. Which model of leadership will you pick and why? Make the case for one by comparing and contrasting with the others. 5-7 scholarly sources.
.
The Star Model™The Star Model™ framework for organization .docx
The Star Model™
The Star Model™ framework for organization design is the foundation on which a
company bases its design choices. The framework consists of a series of design policies
that are controllable by management and can influence employee behavior.
The policies are the tools with which management must become skilled in order
to shape the decisions and behaviors of their organizations effectively.
POLICIES STRATEGIES
They are general statements
that guide organizational
decision-making.
They are specific plans made
to achieve specific goals.
They don´t require action plan. They require action plan.
They are standing plans made
for repetitive activities.
They are single use plan made
for non- repetitive activities.
They are guidelines to
managerial action and decision
making.
They guide commitment of
organizational resources in a
specific direction.
They are made for smooth
conduct of the organization as
a whole.
The are made for achieve a
specific objective.
Strategies and Policies:
Both strategies and policies help to make decisions to achieve
organisational goals.
Clear strategies and policies provide right direction and guidance to organizational goals and plans.
The Star Model™
Strategy.
Strategy is the company’s formula for winning. The company’s strategy specifies:
goals and objectives, values, missions, and the basic direction of the company.
The strategy specifically delineates the products or services to be provided, the
markets to be served, and the value to be offered to the customer. It also specifies
sources of competitive advantage.
Area Description
Specialization.
It refers to the type and numbers of job specialties used in
performing the work.
Shape.
It refers to the number of people constituting the
departments (that is, the span of control) at each level of the
structure.
Distribution of power.
In its vertical dimension, refers to the classic issues of
centralization or decentralization. In its lateral dimension, it
refers to the movement of power to the department dealing
directly with the issues critical to its mission.
Departmentalization.
Is the basis for forming departments at each level of the
structure. The standard dimensions include functions,
products, workflow processes, markets, customers, geography.
The Star Model™
Structure.
The structure of the organization determines the placement of power and authority
in the organization. Structure policies fall into four areas:
The Star Model™
Processes.
-Information and decision processes cut across the organization’s structure.
-Management processes are both vertical and horizontal.
Horizontal Processes.Vertical Processes.
VP allocate the scarce resources of
funds and talent. Vertical processes
are usually business planning and
budgeting processes.
HP are designed around the workflow,
such as new product development or the
entry and fulfillment of a customer
order.
The Star Model™
Rewards.
Th.
STUDENT REPLIESDISCUSSION 2STUDENT REPLY #1 Darlene Milan On.docx
STUDENT REPLIES
DISCUSSION 2
STUDENT REPLY #1 Darlene Milan
One major technological advancement I think will affect profiling practices in the future is CGT (Criminal Geographic Targeting). CGT is a computerized geographic profiling technique used in police investigations of complex serial crimes (Rossmo, 1995). A criminal analysis technique that uses the locations of a connected series of crime sites to determine the most probable area of the offender's residence. According to Rossmo, geography plays an important role in the offender's selection of suitable victims, which is why this program will be important in the future. The CGT produces a map showing specific details, for example, patrol saturation, grid and area searches, police information and record systems, outside agency databases, and zip code prioritization. This process includes investigation reports, witness statements, autopsy reports, and psychological profiles (1995). In addition, a detailed examination of a crime scene, interviews with lead investigators, crime analysts, and demographic data (Holmes & Holmes, 2004).
The computer revolution has arrived in our world and is becoming the next major advance in our arsenal of weapons against crime. The computer revolution has dramatically influenced the criminal justice system and is used to track crimes and criminals. The future of computerized monitoring, for example, is that of the Drug Enforcement Administration (DEA), which uses a tracking system called the Drug Abuse Warning Network (DAWN). In addition, computerized profiling may soon help law enforcement personnel define efficiently the types of personalities associated with violent crimes such as murder, rape, and serial murder (Holmes & Holmes, 2004).
References
Holmes, R. M., & Holmes, S. T. (2009). Profiling violent crimes: An investigative tool (4th ed.). Thousand Oaks, CA: Sage Publications, Inc.
STUDENT REPLY #2 Shaquanta Frazier
I think the technology advancements in criminal profiling in the future and I do believe that GPS and Drones will be more effective in the future because with GPS it can give the location of the suspect, it helps with high-speed chases, and it even help the law enforcement where the victim was last seen through their cellphones tower and GPS systems. GIS systems help with keeping track of police vehicles and give the department their location at any time. Drones give more adapt process of the suspect and it can help you cover more area to help in locating the suspect, give you more details of crime and help in finding evidence that law enforcement missed during their first investigation. Drones can reach harder places and can be beneficial to the crime scene.
References:
Legal Technology Advancements for the Criminal Justice System
Legal technology for the criminal justice system has evolved and allow them to work more efficiently. Learn more about the new legal tech.
Practice Panther
Significance Test
A significance test (hyp.
the elderly populationIdentify a vulnerable population or a comm.docx
the elderly population
Identify a vulnerable population or a community health issue and use what you have learned during this course using EBP to guide health technology, community resources, screening, outreach, referral and follow up to improve health outcomes in the community.
Must address all of the topics.
At least 200 words minimum 350 words maximum.
APA format, including a minimum of two references within a 5 year span.
.
More Related Content
Similar to Final Project Incident Response Exercise & ReportYour Task
Cst 630 Inspiring Innovation--tutorialrank.com
For more course tutorials visit
www.tutorialrank.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).
You will get your information from a data-flow diagram and report from the Microsoft Threat Modeling Tool 2016. The scope should include network IT security for the whole organization. Click the following to view the data-flow diagram: [diagram and report]
Cst 630 Believe Possibilities / snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems
Cst 630Education Specialist / snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
CST 630 RANK Achievement Education--cst630rank.com
FOR MORE CLASSES VISIT
www.cst630rank.com
Project 1 Step 1: Conduct a Security Analysis Baseline In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report
CST 630 RANK Introduction Education--cst630rank.com
is a truly special teacher is very wise and sees tomorrow in every student’s eyes
CST 630 RANK Become Exceptional--cst630rank.com
is a truly special teacher is very wise and sees tomorrow in every student’s eyes
CST 630 RANK Educational Specialist--cst630rank.com
FOR MORE CLASSES VISIT
www.cst630rank.com
Project 1 Step 1: Conduct a Security Analysis Baseline In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR). You will get your information
CST 630 RANK Inspiring Innovation--cst630rank.com
is a truly special teacher is very wise and sees tomorrow in every student’s eyes
Cst 630 Enhance teaching / snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).
You will get your information from a data-flow diagram and report from the Microsoft Threat Modeling Tool
Cst 630 Education Organization-snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).
CST 630 Effective Communication - snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
CST 630 Exceptional Education - snaptutorial.com
For more classes visit
www.snaptutorial.com
Project 1
Step 1: Conduct a Security Analysis Baseline
In the first step of the project, you will conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points, including wireless. The baseline report will be part of the overall security assessment report (SAR).
Similar to Final Project Incident Response Exercise & ReportYour Task (13)
CST 630 RANK Achievement Education--cst630rank.com
CST 630 RANK Achievement Education--cst630rank.com
CST 630 RANK Introduction Education--cst630rank.com
CST 630 RANK Introduction Education--cst630rank.com
CST 630 RANK Educational Specialist--cst630rank.com
CST 630 RANK Educational Specialist--cst630rank.com
CST 630 Effective Communication - snaptutorial.com
CST 630 Effective Communication - snaptutorial.com
More from alisondakintxt
You will be doing a Health Policy Analysis Power Point on a releva.docx
You will be doing a Health Policy Analysis Power Point on a relevant medical issue in the Metro Detroit Area. Choose ONE.
You must include 1-2 scholarly sources WITHING THE PAST 5 YEARS to support the BACKGROUND, LANDSCAPE, OPTIONS AND RECOMMEDATIONS. IF YOU THIS IS NOT INCLUDED I WILL ASK THAT YOU RE-DO THE ASSIGNMENT
SPEAKER NOTES ARE REQUIRED
Research a healthcare issue that has been identified in your local community. Develop a power point presentation with speaker notes. You will then use the power point during your Kaltura recording. Structure a health policy analysis presentation that addresses the following topics particular to your health problem.
· Problem Statement
· Background
· Landscape
· Options
· Recommendations
Problem statement: Defines the problem addressed in the analysis
Background: Provides factual information needed to understand the problem
Landscape: Reviews the various stakeholders and their concerns
Options: Describes and analyzes several options to address the problem
Recommendation: Offers one option as the best action to pursue
.
Which of the three major sociological approaches to understanding so.docx
Which of the three major sociological approaches to understanding social problems related to work and the economy do you most prefer? Why?
Requirements (due Wednesday
before midnight):
Be Substantive.
Minimum of 250-words to 500-words (must have footnotes)
Must provide scholarly or current events in text citation (textbook, other scholarly/peer-reviewed sources found in the school's library database, internet sources ending in .gov or .edu; or newspapers) – Minimum of 2 references
Address current political climate and election
.
Throughout the course we have examined that the African American com.docx
Throughout the course we have examined that the African American communities have changed drastically as more Americans have become aware of the injustices faced by millions of people of color. Analyzing African American history, examine the historical processes that led to Black Lives Matters.
.
UnderstandingCultureFood,Faith,&CultureDr.FredFoy.docx
Understanding Culture
Food, Faith, & Culture
Dr. Fred Foy Strang
For this exercise you are conducting anthropological “field research” through participation,
participant observation, and data recording. This is a simple foray into the field so it does not
include a formal literature review or establishment of hypotheses. Our task is simply to
experience and reflect upon a ‘hands-on’ opportunity for actual observation, data recording, and
preliminary analysis.
Food is an important part of everyone’s culture. Food is also connected to religious
observance and spiritual ritual for many different faiths, including Christianity, Judaism,
Islam, Hinduism and Buddhism. The role of food in cultural practices and religious beliefs is
complex and varies among individuals and communities.
Focus on the Issue (Food, Faith, & Culture)
• To examine local and non-indigenous cultural influences reflected at various at public
eateries?
• To discover where these distinctives find convergence or how local culture is
reflected in the eatery/food.
• To observe social dynamics and cultural practices in public eateries and postulate
connections to local culture and/or religion.
Focus on Observation
What are the surroundings? What are people wearing? What language(s)/dialect(s) is/are
spoken? What customs are observed? Who is involved in these customs? What do you
notice about the participants (workers/owners/customers).
Focus on Interaction
Who is serving you? What do you observe about their work? Are their other people
involved in the establishment? What are their roles? You are encouraged to engage in ‘non-
directive interviewing’ on the topic of food and its relationship to culture & religion. (This is
simply getting a responder to talk and converse about a certain subject as opposed to
‘directive interviewing’ which asks specific questions or utilizes surveys.)
Focus on Participation
Place an order for something to eat. How is the food you ordered and will eat related to the
cultural influences you are observing? How do you pay for your food and recognize the
service you received?
Focus on Analysis
(This will be a minimum of 4 double spaced pages and a maximum of 7).
Document your research in a formal report format. Include in your analysis preliminary
answers to the initial issues. Finally, postulate a relationship between food, culture and faith.
What questions require further research? What kind of research might that be?
.
The Elderly populationPowerPoint Presentation.Discuss the as.docx
The Elderly population
PowerPoint Presentation.
Discuss the aspects of your chosen vulnerable population.
Discuss the reason why is this group considered vulnerable.
Discuss what are the most common communicable diseases in this population, and why.
Discuss barriers to healthcare and access to care for your vulnerable population.
Use information technology to identify resources that will improve health outcomes of the vulnerable population.
Examine evidence based practices that improve health outcomes of the vulnerable population.
Discuss how the issues this group is facing relates to the community/public health nursing.
Minimum 10/maximum 15 slides, including speaker notes, excluding the title and reference slides.
.
The leader of your organization just resigned because they were arre.docx
The leader of your organization just resigned because they were arrested. You are now in charge of guiding the organization through the process of picking a new leader. Which model of leadership will you pick and why? Make the case for one by comparing and contrasting with the others. 5-7 scholarly sources.
.
The Star Model™The Star Model™ framework for organization .docx
The Star Model™
The Star Model™ framework for organization design is the foundation on which a
company bases its design choices. The framework consists of a series of design policies
that are controllable by management and can influence employee behavior.
The policies are the tools with which management must become skilled in order
to shape the decisions and behaviors of their organizations effectively.
POLICIES STRATEGIES
They are general statements
that guide organizational
decision-making.
They are specific plans made
to achieve specific goals.
They don´t require action plan. They require action plan.
They are standing plans made
for repetitive activities.
They are single use plan made
for non- repetitive activities.
They are guidelines to
managerial action and decision
making.
They guide commitment of
organizational resources in a
specific direction.
They are made for smooth
conduct of the organization as
a whole.
The are made for achieve a
specific objective.
Strategies and Policies:
Both strategies and policies help to make decisions to achieve
organisational goals.
Clear strategies and policies provide right direction and guidance to organizational goals and plans.
The Star Model™
Strategy.
Strategy is the company’s formula for winning. The company’s strategy specifies:
goals and objectives, values, missions, and the basic direction of the company.
The strategy specifically delineates the products or services to be provided, the
markets to be served, and the value to be offered to the customer. It also specifies
sources of competitive advantage.
Area Description
Specialization.
It refers to the type and numbers of job specialties used in
performing the work.
Shape.
It refers to the number of people constituting the
departments (that is, the span of control) at each level of the
structure.
Distribution of power.
In its vertical dimension, refers to the classic issues of
centralization or decentralization. In its lateral dimension, it
refers to the movement of power to the department dealing
directly with the issues critical to its mission.
Departmentalization.
Is the basis for forming departments at each level of the
structure. The standard dimensions include functions,
products, workflow processes, markets, customers, geography.
The Star Model™
Structure.
The structure of the organization determines the placement of power and authority
in the organization. Structure policies fall into four areas:
The Star Model™
Processes.
-Information and decision processes cut across the organization’s structure.
-Management processes are both vertical and horizontal.
Horizontal Processes.Vertical Processes.
VP allocate the scarce resources of
funds and talent. Vertical processes
are usually business planning and
budgeting processes.
HP are designed around the workflow,
such as new product development or the
entry and fulfillment of a customer
order.
The Star Model™
Rewards.
Th.
STUDENT REPLIESDISCUSSION 2STUDENT REPLY #1 Darlene Milan On.docx
STUDENT REPLIES
DISCUSSION 2
STUDENT REPLY #1 Darlene Milan
One major technological advancement I think will affect profiling practices in the future is CGT (Criminal Geographic Targeting). CGT is a computerized geographic profiling technique used in police investigations of complex serial crimes (Rossmo, 1995). A criminal analysis technique that uses the locations of a connected series of crime sites to determine the most probable area of the offender's residence. According to Rossmo, geography plays an important role in the offender's selection of suitable victims, which is why this program will be important in the future. The CGT produces a map showing specific details, for example, patrol saturation, grid and area searches, police information and record systems, outside agency databases, and zip code prioritization. This process includes investigation reports, witness statements, autopsy reports, and psychological profiles (1995). In addition, a detailed examination of a crime scene, interviews with lead investigators, crime analysts, and demographic data (Holmes & Holmes, 2004).
The computer revolution has arrived in our world and is becoming the next major advance in our arsenal of weapons against crime. The computer revolution has dramatically influenced the criminal justice system and is used to track crimes and criminals. The future of computerized monitoring, for example, is that of the Drug Enforcement Administration (DEA), which uses a tracking system called the Drug Abuse Warning Network (DAWN). In addition, computerized profiling may soon help law enforcement personnel define efficiently the types of personalities associated with violent crimes such as murder, rape, and serial murder (Holmes & Holmes, 2004).
References
Holmes, R. M., & Holmes, S. T. (2009). Profiling violent crimes: An investigative tool (4th ed.). Thousand Oaks, CA: Sage Publications, Inc.
STUDENT REPLY #2 Shaquanta Frazier
I think the technology advancements in criminal profiling in the future and I do believe that GPS and Drones will be more effective in the future because with GPS it can give the location of the suspect, it helps with high-speed chases, and it even help the law enforcement where the victim was last seen through their cellphones tower and GPS systems. GIS systems help with keeping track of police vehicles and give the department their location at any time. Drones give more adapt process of the suspect and it can help you cover more area to help in locating the suspect, give you more details of crime and help in finding evidence that law enforcement missed during their first investigation. Drones can reach harder places and can be beneficial to the crime scene.
References:
Legal Technology Advancements for the Criminal Justice System
Legal technology for the criminal justice system has evolved and allow them to work more efficiently. Learn more about the new legal tech.
Practice Panther
Significance Test
A significance test (hyp.
the elderly populationIdentify a vulnerable population or a comm.docx
the elderly population
Identify a vulnerable population or a community health issue and use what you have learned during this course using EBP to guide health technology, community resources, screening, outreach, referral and follow up to improve health outcomes in the community.
Must address all of the topics.
At least 200 words minimum 350 words maximum.
APA format, including a minimum of two references within a 5 year span.
.
TECH460Module 2Organization Profile and Problem Statement.docx
TECH460
Module 2
Organization Profile and Problem Statement
RubricCriteriaTotalSelection of Organization 30Identification of products and services40Analysis of potential improvements40Problem statement40Total150
The Organization
Coca Cola was founded in 1892 by John Pemberton.
Coca Cola does sell 2800 products in more than 200 countries.
It is one of the largest corporation in USA and biggest distributor of beverage in the world.
In 1978 , Coca Cola was the only company allowed to sell cold packaged in China.
Coca Cola invest heavily in the betterment of their corporation and keeping the employees up to date.
Still Coca Cola has got a lot of issues that they need to take into consideration.
Products and Services
Coca Cola Market, manufacture and sell rea, coffee, plant based drinks, juice dairy, sports drinks, water, soft drinks, finished beverages and concentrated syrups.
The product is available in more than 200 territories and countries.
Some of the most prominent drinks in the company includes.
Sprite
Vitamin WATER
Fuze Tea
Gold Peak Teas
Smartwater
Areas for Improvement with Technology
Dealing with rivals
Continuous market research using high technologies.
Continuous competitor analysis using AI or ML.
Integration of Customer Focus
Incorporating CRM using technology can enhance customer focus.
Management can effectively communicate with customers.
Sales promotion
Improving sales promotion using blockchain technology.
Using IoT for sales promotion.
Supplier Relationship Management
Using SRM software for managing supplier relationships.
Problem Statement
Coca Cola Company needs to focus on incorporating technology to enhance customer focus.
It is possible that incorporating CRM, also known as customer relationship management, into daily technical operations can help the company in becoming more customer-focused. It refers to a system that enables businesses to control their interactions with customers.
For instance, Coca-Cola may achieve this aim by implementing customer relationship management software. This would enable management to communicate with customers more successfully.
The management of the company will be able to identify consumer complaints more quickly, which will allow them to quickly and effectively address these problems.
With the combination of Internet of Things IoT and CRM, Coca-Cola Company can collect the customer data in a more efficient and effective way.
References
Li, B., & Li, Y. (2017). Internet of things drives supply chain innovation: A research framework. International Journal of Organizational Innovation, 9(3), 71-92.
Chin, J., Callaghan, V., & Allouch, S. B. (2019). The Internet-of-Things: Reflections on the past, present and future from a user-centered and smart environment perspective. Journal of Ambient Intelligence and Smart Environments, 11(1), 45-69.
De Cremer, D., Nguyen, B., & Simkin, L. (2017). The integrity challenge of the Internet-of-Things (IoT): on understanding its dark .
Step 1Select ONE of the following viral agents for your assignme.docx
Step 1
Select ONE of the following viral agents for your assignment.
Human papillomavirus, Influenza A, Hepatitis B, Rotavirus, Norovirus, Varicella-zoster, Ebola, Zika virus, West Nile virus
Step 2
Research the chosen viral agent to examine the anatomical structures and diseases associated with it.
Step 3
Using the template below, answer the following:
Where the organism is normally found and how is it spread?
What are the virulence factors of the organism?
What are the symptoms and incubation period of the infection caused by the organism?
How would you diagnose an infection caused by the organism?
Describe how the organism infects different organs and how the immune system responds to infection.
What is the current treatment plan for the infections caused by the organism and the treatment success rate?
What populations are most at risk for infection?
What environments and sources are associated with the organism?
What are some public health implications of the infection caused by the agent?
What precautions can the public take to prevent infections?
Assignment File(s)
Unit 3 Virus Template
[Word document
.
The Christianity ReligionAdiesa BurgessD.docx
The Christianity Religion
Adiesa Burgess
Dr. Mixon
PSYC-401
11 November 2022
The Christianity Religion
Christianity is the largest religion in the world. It involves a large number of people globally who adhere to it. The religion has a number of customs and tenets that have to do with dying, bereavement, rites of grieving, burial and cremation. One of the most active areas of inquiry worldwide has been attempting to comprehend how different religions view death. This subject is significant since everyone must undergo death at some point in their lives. Students that are studying religion and culture will find this information useful. Additionally, this information will be extremely helpful to anyone who is interested in Christianity or, more specifically, death.
Christians consider that a person's physical existence begins at birth and ends at death. They have a steadfast conviction that there is only one journey through this world, and it ends in death. Christians believe that each person only experiences death once during their lifetime and that it can happen to anyone at any time. Anyone can die, regardless of their age or gender; in other words, whether you're young or old, male or female, you must pass away. They hold the view that God, their heavenly and spiritual father, decides who lives and who dies as well as planning everyone's death (Vail III & Soenke 2018). They refer to death as God's will, which they are obligated to accept despite their heart desires. They believe there is life after death. They hold the view that after passing away, the souls of the deceased begin a new existence.
Undoubtedly, one of the most frequently discussed subjects in literature is death. Themes like pain and grief, love, perseverance, illness, and immortality are frequently depicted in combination with death and are hence closely tied to it. Death typically has themes of pain and grief, particularly when it affects persons who were close to the departed. Mourning stems from suffering and grief (Vail III & Soenke 2018). Mourning is the sentiment of sadness for another person's passing. Christians believe that after a death, the bereaved person's immediate family should get together and grieve with them. They view it as something that has an impact on society as a whole. They pray for God to comfort the family members during the period of grieving. They also give God, who they believe is in charge of the departed, the soul of the individual who has passed away.
Once an individual has passed away a ceremony is carried out to celebrate the life of the deceased person, a funeral ceremony. Some of the ceremonies are held publicly or privately depending on the choice of the family members. During the ceremony, they share about the person’s life and bury their body. After the funeral ceremony, the body is either buried or cremated. Burring involves covering the body underground while cremation involves burning the body into ashes. Death is a stage.
Review the term Significance Test in the Statistics Visual Learner.docx
Review the term Significance Test in the "Statistics Visual Learner" media piece.
When a newspaper or magazine article reports the results of a study and draws a conclusion without also reporting whether the results are statistically significant, what are the possible reasons for doing so? How seriously should you take the conclusion offered in such a study? Discuss.
.
Research Paper PresentationWith the information you gathered.docx
Research Paper Presentation
With the information you gathered for your Research Paper, you will now create an intriguing visual presentation and present it to the class.
Presentation should include following slides-
Introduction (1 slide)
literature review (2 slide)
Analysis of the literature (1slide)
Discussion paragraphs 1, 2, 3 (2 slide)
Conclusion (1slide)
Title page and reference list (2 slides)
Your presentation should be between 5-7 minutes long; practice it several times beforehand!
.
Step 1 You are a registered nurse who works with wound-care patien.docx
Step 1
You are a registered nurse who works with wound-care patients. J. S. is a 34-year-old woman who had a mastectomy six weeks ago. She developed a staph infection, and the surgical site was debrided as part of the treatment.
You now care for J. S. at her home and photograph her wound. The photos are sent to the multidisciplinary care team at the wound center. The team makes changes in the treatment plan based on your assessment and photographs of the wound. A physician in a nearby state also has a weekly video conference with J. S. about the plan of care.
.
Objectives Unacceptable Below Average Acceptable Above Average.docx
Objectives Unacceptable Below Average Acceptable Above Average Exemplary Score
0 Points 20 Points
Student did not make any
post in the discussion board
Student posts were on time
0 Points 5 Points 10 Points 15 Points 20 Points
No reference to any course
reading
Makes reference to
assigned readings; attempts
to cite the source
Makes references to course
and/or outside reading
material but citations do not
conform to an acceptable
citation format
Refers to and properly cites
in APA format course and/or
outside reading in initial
posting only
Refers to and properly cites
in APA format either course
materials or external
readings in initial posts and
responses
0 Points 5 Points 10 Points 15 Points 20 Points
No postings for which to
evaluate language and
grammar
Poorly written initial posting
and responses including
frequent spelling, structure,
and/or grammar errors
Communicates in friendly,
courteous, and helpful
manner with some spelling,
grammatical, and/or
structural errors
Contributes valuable
information with minor
grammatical or structural
errors
No spelling, structure, or
grammar errors in any
posting; Contributes to
discussion with clear,
concise comments
0 Points 5 Points 10 Points 15 Points 20 Points
No initial posting
Response was not on topic,
the message was unrelated
to assignment, and post was
less than 150 words
The initial posting did not
adequately address the
question posed in the forum;
superficial thought and
preparation
Initial posting demonstrates
sincere reflection and
answers most aspects of the
forum; full development
Initial posting reveals a solid
understanding of all aspects
of the task; uses factually
and relevand information;
and the length of the posting
is at least 150 words
0 Points 5 Points 10 Points 15 Points 20 Points
Student did not participate in
this forum
Student participated on but
did not respond to other
student posts
Student participated but only
responded to one
Student participated and
commented on two other
student's posts
Student actively
participated, responded to at
least two other students'
posts, and replied to other
students' comments on their
original post.
Total Score 0
Frequency of
Participation
Reference to
Course Readings
Language and
Grammar
DISCUSSION FORUM RUBRIC
Timeliness of
Forum Posting
Quality of Initial
Posting
Module 6: Suicide
Suicide: Definition
An individual Act to cause his or her own death
(No one else is involved)
WITH
The Intention to Die
Suicide
• Suicide is one of the leading causes of death
in the world
o It is estimated that 700,000 people die of it each
year, with 31,000 suicides per year in the U.S.
alone
• Many more unsuccessfully attempt suicide
than actually succeed
o Such attempts are called “parasuicides”
Suicide
• It is difficult to obtain accurate figures on
suicide rates
o Many “accidents” may be inte.
Marketing Plan Analysis and Presentation Part 1– Rese.docx
Marketing Plan Analysis and Presentation: Part 1– Research
Company Name: Meta
Brand Story:
Meta is a cutting-edge technology company that is focused on the growth of communities, virtual realities, and thriving businesses in the future. Their new brand name reflects their dedication to bringing the metaverse to life in the not-too-distant future. The corporation once went by the name Facebook, and it is well-known for owning a number of well-known social media platforms, including Facebook and Instagram, which it continues to do so well even now. Their slogan, "Connection is evolving, so are we," is meant to convey that they are committed to fulfilling their purpose of bringing people together through a variety of channels of online communication (Meta, 2022). The corporation provides both merchandise (virtual reality gear, for example) and access to online communities in which users may collaborate with one another by exchanging information, photographs, and other forms of content. In addition, Meta is putting its efforts into the development of future technologies that will increase the level of online interactions to a whole new level. Through continuous innovation, the company continues to pursue its mission which targets to bring people together(de Oliveira Santini et al., 2020). From its website the company has made clear its commitment to diversity by ensuring that its employees reflect the diverse users of its platforms. The company has indicated on its website that its values and principles include moving fast, being bold, focus on impact, build social value and be open(Meta, 2022). The rate at which Meta is innovating is nothing short of these values as the company is moving fast toward the future of social media.
Company Vision:
“Help bring the metaverse to life.”
Company Mission:
“Bring people together.”
Company Marketing Objectives:
Raise brand awareness
Promote unity and community
Provision of helpful services while generating profits
Company Marketing Strategies and Tactics:
In order for them to achieve these marketing goals, it is necessary for them to follow through with the plans and techniques that they have devised. Meta's mission is to keep people protected and out of harm's way through increased brand awareness (Kretschmer et al., 2020). When the organization starts to get more traction, Meta's plan to secure people's information will already be in place and ready to use (Meta, 2021). The partnership with spark foundry is one of the strategies that meta is utilizing. A media management agency, Spark Foundry helps in the advertising of companies through strategic thought leadership, media innovation, and cross-channel methods. In order to contribute toward the goal of fostering togetherness. Facebook's goal of making the world a better place is aligned with the community Meta project's goals. Meta intends to continue expanding its brand by participating in community activities (Kretschmer et al., 2020). They will co.
Learning Objectives By the end of this presentation, you will b.docx
Learning Objectives: By the end of this presentation, you will be able to…
describe Loftus’ studies demonstrating how the power of suggestion plays a role in the misinformation effect and in creating false memories.
describe the history of unintentional memory manipulation in therapy; describe how memories might be intentionally manipulated to change present maladaptive behavior.
describe findings from the innocence project on the nature and rates of errors in eyewitness testimony.
describe cognitive processes that contribute to eyewitness error and how police procedures inadvertently capitalized on these processes.
Our Fallible Memories
I. The Power of Suggestion
A. To Alter Memories: The Misinformation Effect
Loftus & Palmer (1974)
B. To Create Memories: False Memories
Lost in the Shopping Mall
False Memories of Traumatic Events
C. To Alter Present Maladaptive Behavior: Better Parenting Though Lies
D. Meet the Expert:
Elizabeth Loftus
Our Fallible Memories
I. The Power of Suggestion
II. Errors in Eyewitness Testimony
A. Demo G. Wells’
Bomber On the Roof
B. nature and rates of error (from
the innocence project)
C. cognitive processes that contribute to eyewitness error
error at perception & attention: weapons focus
Our Fallible Memories
Weapons Focus (Stanny & Johnson, 2000)
I. The Power of Suggestion
II. Errors in Eyewitness Testimony
A. Demo G. Wells’
Bomber On the Roof
B. nature and rates of error (from
the innocence project)
C. cognitive processes that contribute to eyewitness error
error at perception & attention: weapons focus
error due to source monitoring: “sixpack” fosters familiarity at lineup
errors due to suggestion: assuming the perpetrator is present
errors due to construction: filling-in-the-blanks
D. Meet the Expert:
Scott Fraser
Our Fallible Memories
media1.mp4
image2.png
image3.png
image4.png
Learning Objectives: By the end of this presentation, you will be able to…
describe the various sources of information from which memories are constructed; identify the source responsible for constructing memory in Barlett’s “War of the Ghosts” study
explain how source misattribution in Jacoby’s “Famous Overnight Experiment” illustrates that memory is constructed from various sources.
define and describe the relationships among: expectations, schema, script and stereotype; explain how the “Office” and “Rumor” Studies demonstrate the role of expectancies in memory construction.
discuss memory construction in the broader context of challenges the mind must overcome and identify implication for false memories and confidence
Constructing Memories
I. Introduction
A. Createmem Astound Demo
B. A Classic Illustration: Bartlett’s (1932) “War of the Ghosts” Experiment
British participants read a Canadian Indian folktale…
over a period of time (u.
RACE, ETHNICITY, AND THE DEATH PENALTYConstitutionality.docx
RACE, ETHNICITY, AND THE DEATH
PENALTY
Constitutionality
Public Opinion
Empirical Evidence
OVERVIEW
• Current statistics
• Who’s on death row?
• Constitutionality of capital punishment
• Supreme Court case law
• Public attitudes towards capital punishment
• Racialized support
• Empirical evidence of racial bias?
• Race of defendant
• Race of victim
• Contemporary issues
Virginia abolished the death
penalty in 2021.
Current state status:
• Death penalty = 24
• No death penalty = 23
• Governor imposed
moratorium = 3
Death Penalty Information Center, 2021
CAPITAL PUNISHMENT STATISTICS
• 1890-1984
• 5,726 executions – 54% (2,915) non-White
• Between 1976 and 2021 (post-Furman)
• 1,538 people executed
• 55.6% White, 34.3% Black, 8.4% Hispanic
• Five states have accounted for nearly two-thirds of all executions since 1977
• Texas, Virginia, Oklahoma, Florida, and Missouri
• 2,508 inmates under a death sentence as of April 1, 2021
• 98% male
• 42.37% White, 41.29% Black, 13.5% Latinx
• 51 females under a sentence of death in 2021
• 58.8% White, 23.5% Black; 11.7% Latina
BJS, 2021; Death Penalty Information Center, 2021
CONSTITUTIONALITY
• The Eighth Amendment of the U.S. Constitution prohibits “cruel and unusual punishments”
• Interpretations of cruel and unusual left up to the Supreme Court
• The Fourteenth Amendment provides equal protection of the law
• Legal challenges cite racial disparities in capital cases
• Furman v. Georgia (1972)
• Ruled the death penalty unconstitutional under existing administration practices
• Violation of Eighth and Fourteenth Amendments
• 5 to 4 decision; all 9 judges wrote separate opinions
• The death penalty was being applied in an arbitrary and capricious manner
• Little uniformity across states
• Lack of appropriate guidance for jurors informing when the sentence was appropriate
• The degree of discretion available opened the door for discrimination
• 3 of 5 judges in the majority cited racial discrimination in the application of the penalty
Walker et al., 2018
CONSTITUTIONALITY (CONT’D)
• Capital punishment was essentially illegal between 1972 and 1976
• Furman invalidated death penalty statutes in 39 states, DC, and the federal government
• Vacated 765 cases involving death row inmates
• Gregg v. Georgia (1976)
• Guided discretion statutes addressed the arbitrary and capricious concerns
• Requiring jurors to consider specific aggravating and mitigating circumstances sufficiently narrowed
the pool of death eligible cases
• Narrowed death-eligible offenses with mandatory death penalty ruled unconstitutional
• Coker v. Georgia (1977)
• Capital punishment for rape is unconstitutional
• Although not cited by the majority, between 1930 and the 1970s, 405 Black men were
executed in the South for rape, compared to 48 Whites
Walker et al., 2018
PUBLIC SUPPORT FOR CAPITAL PUNISHMENT
• Public opinion matters
• CJ actors weigh public opi.
Part 1 Major Events DocumentationScenario You visit a retail.docx
Part 1: Major Events Documentation
Scenario: You visit a retail establishment, shop around, and finally carry several products to one of the point of sale (POS) terminals distributed openly around the store. You produce a credit card, the salesclerk processes the transaction, bags your goods, and hands you the receipt. On your way to the exit, a store employee asks to see your receipt and checks the contents of the store bag. Document each of the major events just described and explain them in terms of the PCI compliance standard. Include this report in your assignment.
Part 2: PCI Compliance
This part of the assignment will cover PCI. Please refer to the attached file in your responses.
Respond to and address the following in essay style:
1. Suppose HGA’s mainframe, depicted in Figure B-1, stored cardholder data in the private databases. What steps should be taken to protect that data in order to be PCI compliant?
2. HGA’s mainframe has network connectivity. Assuming that cardholder data is transmitted across these networks, describe how data should be protected in transmission.
3. Users are located at various sites connected to the HGA network. Suggest appropriate access controls to restrict unauthorized users from looking at cardholder data.
4. The PCI specification notes that all systems and network devices connected to a system that stores, transmits, or processes cardholder data is in scope and must comply with PCI specifications. To avoid having the whole network subject to PCI specifications, how would you segment the network to reduce the scope of compliance?
Assignment Requirements:
Submit your assignment in the usual double-spaced APA-styled report. At least four pages of material are expected beyond the title page, table of contents, abstract, and references page.
· Answers contain sufficient information to adequately answer the questions
· No spelling errors
· No grammar errors
CRSS Network Diagram
Copyright Rasmussen, Inc. 2013. Proprietary and Confidential.
1
1
image3.png
image5.png
FedRAMP Security Assessment Plan (SAP)
Third Party Assessment
Prepared by
<Your Name>
for
Country Roads Space Systems
&
NASA
CRSS Information Systems. Administration and Classified Networks
Version #.#
<DATE>
MOCK Plan
CRSS Information Systems. Administration and Classified Networks | Version #.# Date
Controlled Unclassified Information Page | 10
System Assessment Plan
Prepared by
Identification of Organization that Prepared this Document
Student NameEnter Your Name
Rasmussen Email AddressEnter Rasmussen Email Address
ClassEnter Class Name
Course and SemesterEnter Section Number and Semester
Prepared for
Identification of Cloud Service Provider
Organization NameNASA
Street Address300 E St. SW
Suite/Room/BuildingIA Office Floor 2
City, State ZipWashington DC 20546
Revision History
Date
Description
Version of SSP
Author<Date><Revision Description><Version><Author><Date><Revision Description><Versi.
More from alisondakintxt (20)
You will be doing a Health Policy Analysis Power Point on a releva.docx
You will be doing a Health Policy Analysis Power Point on a releva.docx
Which of the three major sociological approaches to understanding so.docx
Which of the three major sociological approaches to understanding so.docx
Throughout the course we have examined that the African American com.docx
Throughout the course we have examined that the African American com.docx
UnderstandingCultureFood,Faith,&CultureDr.FredFoy.docx
UnderstandingCultureFood,Faith,&CultureDr.FredFoy.docx
The Elderly populationPowerPoint Presentation.Discuss the as.docx
The Elderly populationPowerPoint Presentation.Discuss the as.docx
The leader of your organization just resigned because they were arre.docx
The leader of your organization just resigned because they were arre.docx
The Star Model™The Star Model™ framework for organization .docx
The Star Model™The Star Model™ framework for organization .docx
STUDENT REPLIESDISCUSSION 2STUDENT REPLY #1 Darlene Milan On.docx
STUDENT REPLIESDISCUSSION 2STUDENT REPLY #1 Darlene Milan On.docx
the elderly populationIdentify a vulnerable population or a comm.docx
the elderly populationIdentify a vulnerable population or a comm.docx
TECH460Module 2Organization Profile and Problem Statement.docx
TECH460Module 2Organization Profile and Problem Statement.docx
Step 1Select ONE of the following viral agents for your assignme.docx
Step 1Select ONE of the following viral agents for your assignme.docx
Review the term Significance Test in the Statistics Visual Learner.docx
Review the term Significance Test in the Statistics Visual Learner.docx
Research Paper PresentationWith the information you gathered.docx
Research Paper PresentationWith the information you gathered.docx
Step 1 You are a registered nurse who works with wound-care patien.docx
Step 1 You are a registered nurse who works with wound-care patien.docx
Objectives Unacceptable Below Average Acceptable Above Average.docx
Objectives Unacceptable Below Average Acceptable Above Average.docx
Marketing Plan Analysis and Presentation Part 1– Rese.docx
Marketing Plan Analysis and Presentation Part 1– Rese.docx
Learning Objectives By the end of this presentation, you will b.docx
Learning Objectives By the end of this presentation, you will b.docx
RACE, ETHNICITY, AND THE DEATH PENALTYConstitutionality.docx
RACE, ETHNICITY, AND THE DEATH PENALTYConstitutionality.docx
Part 1 Major Events DocumentationScenario You visit a retail.docx
Part 1 Major Events DocumentationScenario You visit a retail.docx
Recently uploaded
How to Make a Field invisible in Odoo 17
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Unit 8 - Information and Communication Technology (Paper I).pdf
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Embracing GenAI - A Strategic Imperative
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
678020731-Sumas-y-Restas-Para-Colorear.pdf
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
The Challenger.pdf DNHS Official Publication
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Operation Blue Star - Saka Neela Tara
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Polish students' mobility in the Czech Republic
Polish students mobility to the Czech Republic within eTwinning project "Medieval adventures with Marco Polo"
A Strategic Approach: GenAI in Education
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Synthetic Fiber Construction in lab .pptx
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
The French Revolution Class 9 Study Material pdf free download
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
The geography of Taylor Swift - some ideas
Geographical themes connected with Taylor Swift's ERAS tour - coming to the UK in June 2024
Unit 2- Research Aptitude (UGC NET Paper I).pdf
This slide describes the research aptitude of unit 2 in the UGC NET paper I.
Overview on Edible Vaccine: Pros & Cons with Mechanism
This ppt include the description of the edible vaccine i.e. a new concept over the traditional vaccine administered by injection.
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI funded books
Wednesday 22 May 2024, 14:00-15:00.
Digital Tools and AI for Teaching Learning and Research
This Presentation in details discusses on Digital Tools and AI for Teaching Learning and Research
Recently uploaded (20)
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Final Project Incident Response Exercise & ReportYour Task
- 1. Final Project: Incident Response Exercise & Report Your Task You have been assigned to work incident clean-up as part of the Sifers-Grayson Blue Team. Your task is to assist in analyzing and documenting the incident described below. The Blue Team has already created a set of enterprise architecture diagrams (see figures 1-4) to help with your analysis of the incident and preparation of the incident report as required by the company’s contracts with the federal government. After completing their penetration tests, the Red Team provided Sifers-Grayson executives with a diagram showing their analysis of the threat environment and potential weaknesses in the company’s security posture for the R&D DevOps Lab (see figure 5). Your Deliverable Complete and submit the Incident Report form found at the end of this file. Consult the “Notes to Students” for additional directions regarding completion of the form. Overview of the Incident Sifers-Grayson hired a cybersecurity consulting firm to help it meet the security requirements of a contract with a federal agency. The consulting firm’s Red Team conducted a penetration test and was able to gain access to the engineering center’s R&D servers by hacking into the enterprise network through an unprotected network connection (see figure 2). The Red Team proceeded to exfiltrate files from those servers and managed to steal 100% of the design documents and source code for the AX10 Drone System. The Red Team also reported that it
- 2. had stolen passwords for 20% of the employee logins using keylogging software installed on USB keys that were left on the lunch table in the headquarters building employee lounge (see Figure 3). The Red Team also noted that the Sifers-Grayson employees were quite friendly and talkative as they opened the RFID controlled doors for the “new folks” on the engineering staff (who were actually Red Teamers). The Red Team continued its efforts to penetrate the enterprise and used a stolen login to install malware over the network onto a workstation connected to a PROM burner in the R&D DevOps lab (See Figure 3). This malware made its way onto a PROM that was then installed in an AX10-a test vehicle undergoing flight trials at the Sifers-Grayson test range (See Figures 1 and 4). The malware “phoned home” to the Red Team over a cellular connection to the R&D center. The Red Team took control of the test vehicle and flew it from the test range to a safe landing in the parking lot at Sifers-Grayson headquarters. Background Sifers-Grayson is a family owned business headquartered in Grayson County, Kentucky, USA. The company’s physical address is 1555 Pine Knob Trail, Pine Knob, KY 42721. The president of the company is Ira John Sifers, III. He is the great- grandson of one of the company’s founders and is also the head of the engineering department. The chief operating officer is Michael Coles, Jr. who is Ira John’s great nephew. Mary Beth Sifers is the chief financial officer and also serves as the head of personnel for the company. Recent contracts with the Departments of Defense and Homeland Security have imposed additional security requirements upon the company and its R&D DevOps and SCADA labs operations. The company is now required to comply with NIST Special Publication 800-171
- 3. Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. The company must also comply with provisions of the Defense Federal Acquisition Regulations (DFARS) including section 252-204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting. These requirements are designed to ensure that sensitive technical information, provided by the federal government and stored on computer systems in the Sifers-Grayson R&D DevOps and SCADA labs, is protected from unauthorized disclosure. This information includes software designs and source code. The contract requirements also mandate that Sifers-Grayson report cyber incidents to the federal government in a timely manner. SCADA Lab The SCADA lab was originally setup in 1974. It has been upgraded and rehabbed several times since then. The most recent hardware and software upgrades were completed three years ago after the lab was hit with a ransomware attack that exploited several Windows XP vulnerabilities. At that time, the engineering and design workstations were upgraded to Windows 8.1 professional. A second successful ransomware attack occurred three months ago. The company paid the ransom in both cases because the lab did not have file backups that it could use to recover the damaged files (in the first case) and did not have system backups that it could use to rebuild the system hard drives (in the second case). The SCADA Lab is locked into using Windows 8.1. The planned transition to Windows 10 is on indefinite hold due to technical problems encountered during previous attempts to modify required software applications to work under the new version of the operating system. This means that an incident response and
- 4. recovery capability for the lab must support the Windows 8.1 operating system and its utilities. R&D DevOps Lab The R&D DevOps Lab was built in 2010 and is used to develop, integrate, test, support, and maintain software and firmware (software embedded in chips) for the company’s robots, drones, and non-SCADA industrial control systems product lines. The workstations in this lab are running Windows 10 and are configured to receive security updates per Microsoft’s monthly schedule. Enterprise IT Operations The company uses a combination of Windows 10 workstations and laptops as the foundation of its enterprise IT capabilities. The servers in the data center and the engineering R&D center are built upon Windows Server 2012. Issues Summary: Newly won government contracts now require compliance with DFARS §252.204-7008, 7009, and 7012 – http :// www.acq.osd.mil/dpap/dars/dfars/html/current/252204.htm – http ://
- 5. www.acq.osd.mil/se/docs/DFARS-guide.pdf Derivative requirements include: – Implementation of and compliance with NIST SP 800-171 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.8 00-171r1.pdf – Compliance with DFARS 252.239-7009 Representation of Use of Cloud Computing and 7010 Cloud Computing Services (see https://www.acq.osd.mil/dpap/dars/dfars/html/current/252239.ht m#252.239-7009 Additional Contractual Requirements for Lab Operations include: – Incident Response per NIST SP-800-61 ( Computer Security Incident Handling Guide ) – SCADA Security per NIST SP 800-82 ( Guide to Industrial Control Systems Security ) – Software / Systems Development Lifecycle (SDLC) Security
- 6. per NIST SP 800-64 ( Security Considerations in the System Development Life Cycle ) – Configuration Management per NIST SP 800-128 ( Guide for Security-Focused Configuration Management of Information Systems ) Notes to Students: 1. Your final deliverable should be professionally formatted and should not exceed 10 pages. The goal is to be clear and concise in your reporting of your analysis of this incident. This report should reflect your learning and analysis. For that reason, the citation rules are relaxed and you may write from your own knowledge as an “expert.” BUT, if you paste exact phrases, sentences, or paragraphs from another document or resource, you must cite that source using an appropriate citation style (e.g. footnotes, end notes, in-text citations). 2. You may include annotated diagrams if necessary to illustrate your analysis and/or make your point(s). You may use the figures in this assignment as the foundation for diagrams in your final report (no citations required). 3. Use the NIST Incident Handling Process (see Table 1) to guide your incident analysis. You do not need to cite a source for this table. 4. You may assume that the company has implemented one or more of the IT products that you recommended in your Case Studies for this course. You may also assume that the company is using the incident response guidance documents that you wrote for your labs and that the associated operating systems utilities are in use (e.g. you can assume that system backups are
- 7. being made, etc.). 5. DOCUMENT YOUR ASSUMPTIONS about people, processes, and technologies as if they were fact. But, don’ t change any of the factual information provided in the incident report from the Red Team. 6. Use the incident report form that appears at the end of this file. Copy it to a new MS Word document. Insert a title page at the beginning of your file and include the title of the report, your name, and the due date. 7. After you perform your incident analysis, fill in the required information in the provided form (see the end of this file). Attach the file to your assignment folder entry, and submit it for grading as your final project. 8. For section 1 of the form, use your own name but provide reasonable but fictitious information for the remaining fields. 9. For section 2 of the form, assign IP addresses in the following ranges to any servers, workstations, or network connections that you need to discuss. a. R&D Center 10.10.120.0/24 b. Test Range 10.10.128.0/24 c. Corporate Headquarters 10.10.135.0/24 10. For sections 2, 3, and 5, you should use and interpret information provided in this file (Overview, Background, Issues Summary). You may use a judicious amount of creativity, if necessary, to fill in any missing information. 11. For section 4 of the form you may provide a fictitious cost
- 8. estimate based upon $100 per hour for IT staff to perform “clean-up” activities. Reasonable estimates are probably in the range of 150 to 300 person hours. What’s important is that you document how you arrived at your cost estimate. 12. Discuss the contract requirements and derivative requirements for cybersecurity at Sifers-Grayson in 3 to 5 paragraphs under “Section 6 General Comments.” Words for the Wise … Do not let “perfection” be a barrier to completing this assignment. It’s more importation to be on-time and provide SOME analysis in a professional format than to find and document every single possible vulnerability. Figure 1. Overview of Sifers-Grayson Enterprise IT Architecture Figure 2. Combined Network and Systems Views: Sifers-Grayson Headquarters, R&D Center, and Data Center Figure 3. Combined Network and Systems View for Sifers- Grayson R&D DevOps Lab
- 9. Figure 4. Combined Communications and Systems Views for Sifers-Grayson Test Range Figure 5. Threat Landscape for Sifers-Grayson R&D DevOps Lab NIST Incident Handling Checklist by Phase Detection and Analysis 1. Determine whether an incident has occurred 1.1 Analyze the precursors and indicators
- 10. 1.2 Look for correlating information 1.3 Perform research (e.g., search engines, knowledge base) 1.4 As soon as the handler believes an incident has occurred, begin documenting the investigation and gathering evidence 2. Prioritize handling the incident based on the relevant factors (functional impact, information impact, recoverability effort, etc.) 3. Report the incident to the appropriate internal personnel and external organizations
- 11. Containment, Eradication, and Recovery 4. Acquire, preserve, secure, and document evidence 5. Contain the incident 6. Eradicate the incident 6.1 Identify and mitigate all vulnerabilities that were exploited 6.2
- 12. Remove malware, inappropriate materials, and other components 6.3 If more affected hosts are discovered (e.g., new malware infections), repeat the Detection and Analysis steps (1.1, 1.2) to identify all other affected hosts, then contain (5) and eradicate (6) the incident for them 7. Recover from the incident 7.1 Return affected systems to an operationally ready state 7.2 Confirm that the affected systems are functioning normally
- 13. 7.3 If necessary, implement additional monitoring to look for future related activity Post-Incident Activity 8. Create a follow-up report 9. Hold a lessons learned meeting (mandatory for major incidents, optional otherwise) Source: NIST SP 800-61r2 Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide (NIST SP 800-62 rev. 2). http://dx.doi.org/10.6028/NIST.SP.800-61r2
- 14. SIFERS-GRAYSON CYBERSECURITY INCIDENT REPORT FORM 1. Contact Information for the Incident Reporter and Handler – Name – Role – Organizational unit (e.g., agency, department, division, team) and affiliation – Email address – Phone number – Location (e.g., mailing address, office room number) 2. Incident Details – Status change date/timestamps (including time zone): when the incident started, when the incident was discovered/detected, when the incident was reported, when the incident was resolved/ended, etc. – Physical location of the incident (e.g., city, state) – Current status of the incident (e.g., ongoing attack) – Source/cause of the incident (if known), including hostnames and IP addresses – Description of the incident (e.g., how it was detected, what occurred) – Description of affected resources (e.g., networks, hosts,
- 15. applications, data), including systems’ hostnames, IP addresses, and function – If known, incident category, vectors of attack associated with the incident, and indicators related to the incident (traffic patterns, registry keys, etc.) – Prioritization factors (functional impact, information impact, recoverability, etc.) – Mitigating factors (e.g., stolen laptop containing sensitive data was using full disk encryption) – Response actions performed (e.g., shut off host, disconnected host from network) – Other organizations contacted (e.g., software vendor) 3. Cause of the Incident (e.g., misconfigured application, unpatched host) 4. Cost of the Incident 5. Business Impact of the Incident 6. General Comments