Cyber Security wk 8 paper
Assignment 2: Implementing Network and Personnel Security Measures
The security consulting firm that you work for has been awarded a contract to implement a new IT Security Infrastructure to secure the Information Technology data assets of a local government agency. This agency has many remote workers that are in the field and need to connect back to the agency’s system servers. The remote workers use a wireless network infrastructure to connect their electronic pads to servers located within the local government’s facility. The remote workers have needs to access property records, cite zoning violations electronically, and validate building permits. The public demand to expand IT services has grown faster than its ability to provide an adequately secured infrastructure. In fact, this government entity was previously featured on the news for having minimal security controls and methods for accessing property tax information of citizens. The inadequate security allowed many construction trade businesses to illegally access property records and zoning violations. Your role in this project is to enhance and optimize the security mechanisms for accessing these systems.
Write a four to five (4-5) page paper in which you:
1. Create an information flow diagram, using Visio or Dia, which:
a. Illustrates how remote users will securely connect to the government agency’s network.
b. Illustrates the patch of network devices that data packets must travel to get from server to remote user’s device and back to
server.
Note: The graphically depicted solution is not included in the required page length.
2. Provide an equipment list of network security devices that would be needed to ensure the integrity and sensitivity of private
information. In this list:
a. Propose at least two (2) vendor brands per each device and the associate costs required to procure these items.
b. Identify the functionality each device serves and the expected benefits the government agency should experience upon the
successful installation of this equipment.
3. Develop a maintenance plan that should be recommended to the government agency to ensure having the latest security measures
available within the network in which you:
a. Describe the risks associated with not fulfilling the activities outlined within your maintenance plan.
b. Indicate specific activities, personnel / resources required, and frequency of execution.
4. Recommend at least four (4) physical security measures that could be developed to ensure the electronic perimeter of electronic
assets.
5. Recommend at least two (2) physical security vendors that could achieve the four (4) security measures you identified. Justify your
recommendations with your response.
6. Evaluate and consider activities that the Human Resources Department could perform in order to complement and instill security
from within the .
1. Cyber Security wk 8 paper
Assignment 2: Implementing Network and Personnel Security
Measures
The security consulting firm that you work for has been
awarded a contract to implement a new IT Security
Infrastructure to secure the Information Technology data assets
of a local government agency. This agency has many remote
workers that are in the field and need to connect back to the
agency’s system servers. The remote workers use a wireless
network infrastructure to connect their electronic pads to
servers located within the local government’s facility. The
remote workers have needs to access property records, cite
zoning violations electronically, and validate building permits.
The public demand to expand IT services has grown faster than
its ability to provide an adequately secured infrastructure. In
fact, this government entity was previously featured on the
news for having minimal security controls and methods for
accessing property tax information of citizens. The inadequate
security allowed many construction trade businesses to illegally
access property records and zoning violations. Your role in this
project is to enhance and optimize the security mechanisms for
accessing these systems.
Write a four to five (4-5) page paper in which you:
1. Create an information flow diagram, using Visio or Dia,
which:
a. Illustrates how remote users will securely connect to the
government agency’s network.
b. Illustrates the patch of network devices that data packets
must travel to get from server to remote user’s device and back
to
2. server.
Note: The graphically depicted solution is not included in
the required page length.
2. Provide an equipment list of network security devices that
would be needed to ensure the integrity and sensitivity of
private
information. In this list:
a. Propose at least two (2) vendor brands per each device and
the associate costs required to procure these items.
b. Identify the functionality each device serves and the
expected benefits the government agency should experience
upon the
successful installation of this equipment.
3. Develop a maintenance plan that should be recommended to
the government agency to ensure having the latest security
measures
available within the network in which you:
a. Describe the risks associated with not fulfilling the
activities outlined within your maintenance plan.
b. Indicate specific activities, personnel / resources required,
and frequency of execution.
4. Recommend at least four (4) physical security measures that
could be developed to ensure the electronic perimeter of
electronic
assets.
5. Recommend at least two (2) physical security vendors that
could achieve the four (4) security measures you identified.
Justify your
recommendations with your response.
6. Evaluate and consider activities that the Human Resources
Department could perform in order to complement and instill
3. security
from within the organization. Provide a rationale with your
response.
7. Use at least three (3) quality resources in this assignment.
Note: Wikipedia and similar Websites do not qualify as quality
resources.
Your assignment must follow these formatting requirements:
· Be typed, double spaced, using Times New Roman font (size
12), with one-inch margins on all sides; citations and references
must follow APA or school-specific format. Check with your
professor for any additional instructions.
· Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the
date. The cover page and the reference page are not included in
the required assignment page length.
· Include charts or diagrams created in Visio or one of its
equivalents such as Dia. The completed diagrams / charts must
be imported into the Word document before the paper is
submitted.
The specific course learning outcomes associated with this
assignment are:
· Describe and apply the 14 areas of common practice in the
Department of Homeland Security (DHS) Essential Body of
Knowledge.
· Describe best practices in cybersecurity.
· Describe system, application, network, and
telecommunications security policies and response.
· Evaluate the ethical concerns inherent in cybersecurity and
how these concerns affect organizational policies.
· Use technology and information resources to research issues in
cybersecurity.
· Write clearly and concisely about topics associated with
cybersecurity using proper writing mechanics and technical
4. style conventions.
Program 4: Employee Savings Database
CSCI 6617 Spring 2016
1 Goals.
1. To use a text file for output and later for input.
2. To use exceptions and write an exception handler that does
more than abort execution.
3. To Use a static class variable.
4. To use a boolean variable and a Date variable.
5. To use an ArrayList.
6. To implement Phase 1 of a four phase well-structured project
with multiple classes using the
Model-View-Controller design pattern (MVC).
2 Overview
This section discusses a finished application that you will
construct in several phases. When all phases
are finished, it will simulate a human resources system to keep
track of savings through the company.
There is a Human Resources Manager (Boss), and employees
(eventually more than one type of
employee will be used). Eventually, this system will be created
as an application with a windows
interface. The Employee’s login name will eventually be
encrypted and the data will be stored in an
object file. Program 4 implements only part of the menu, uses a
text file and does not encrypt the
employee data. At first this will be a menu-driven application
5. allowing for these actions:
1. The first time the program is used, the user will enter his or
her own data in to the
program and will become the Boss (Human Resources Manager)
with access to
everyone’s data.
2. After that, when the program starts up, it will read in a
database of employee data and
store it in the employee collection.
3. After that, the Boss will be able to log in and create new
employees by entering the
person’s name (first, middle initial-optional, and last), login
name, base salary, and
savings percent. This data will be used to initialize a new
employee object. The object
will also record the current date and a unique ID number for
this employee. The new
employee will be added to the Employee collection.
4. The Boss can log in and display a list of all Employees in the
collection and can change
the base salary or percent savings for any employee. In the list,
display the full name
(first, middle initial and last), login name, Employee ID, base
salary, percent savings and
date of hire for each Employee.
5. Any Employee in the collection can log in and see his or her
own data and change their
name and percent savings (due to marriage, etc).
6. An Employee whose login name is in the collection may log
in and out. Logging in will
6. automatically log out the prior Employee.
7. The menu has an option to quit and quitting will cause the
final contents of the
collection to be written back to the database file (replacing it).
8. Since you have more than one class in this project, you will
need to create a package
(call it “savings” – note the first letter is lower case) and put all
of the classes in the
package. To tell your program to look for the other classes, you
need to put the
following in each class file near your import statements.
package savings;
3 The Employee Class: Superclass of the Model (from MVC) for
this application.
a) An object of type Employee will have the following data
members:
Program 4: Employee Savings Database
CSCI 6617 Spring 2016
2
i) A static int variable called nextId. See the detailed
instructions below. This is to make sure
that the Employee ID is not re-used. There is one of these for
the class and we use it to set
the employee ID.
7. ii) The Employee ID is a final int variable. It cannot be updated.
In your output, it should be
printed as a five digit number with leading zeros (use printf
with the format “%05d” so it
looks like this 00001).
iii) The Employee’s name. When entered, it can include spaces
and punctuation, and will be
terminated by the end of line character. Store it as a single
String. The name should be
entered as Last name, first name and middle initial (optional).
iv) Login name has no spaces and it can contain letters or
numbers. It must be at least 6
characters long. For Program 5 you will have to make this
unique in the database (no
duplicates). When an employee logs-in they use this data
member (we have not
implemented password yet).
v) The base salary (a double).
vi) The percent savings (a double).
vii) Date variable, set to the date that the employee was entered
in to the system.
viii) A boolean variable that is set to true, isEmployee. False
means this employee is no longer an
employee and should not be paid or be allowed to add to their
company savings.
b) Provide a constructor with four parameters (login, name,
salary and percent savings) that
initializes all Employee data members.
c) Provide a constructor with all data members as parameters
that reads the data from the file and
8. adds an instance of the Employee class to the ArrayList or other
collection and initializes all
Employee data members.
d) Do not implement get functions (accessors) for variables
unless they are needed. You will need
them at some point, but you may not need any accessors for P4.
e) Implement a set function for the salary, percent savings and
name. These are known as
mutators.
f) Implement a toString() function that will format the data
members of Employee. Put each
Employee on a single line of the output. Include the ID, login
name, name, salary, percent
savings, and date of hire separated by tab characters.
2) The Employee ID
The employee ID number will be generated by the system, using
the static class member
Employee.nextId. The Boss will become employee ID 0. Each
time an employee is created, the
nextID must be copied in to that employee’s ID number, then
nextId must be incremented. In this
way no two employees can have the same ID. In your output and
file, make this a system generated
variable that is five digits long and starts with 00001 (00000 for
the Boss) and goes up from there.
An Employee ID number cannot be reused.
4 The main() function for P4:
9. The main() function When the file is saved, the nextID number
must be saved on the file first before
the ArrayList data is saved. When the file is read, the value of
the nextID number must be initialized
(via the mutator function setId) to the saved value from the file.
Main can be in a separate class called Main or it can be inside
the Savings class.
console showing the program
name and your name.
Program 4: Employee Savings Database
CSCI 6617 Spring 2016
3
Savings object’s doMenu() function.
When caught, print a comment,
a stack trace, and abort.
execution terminates for any reason,
the data in the collection must be written back out to the file.
This means you need a finally
block following the main’s try block. Do the following:
1. First, reopen the input file for output. This will destroy the
10. original contents of the
file.
2. Then execute a “serialize” operation: write each object in the
collection to the file
using a loop.
3. Lastly, close the new database file.
5 The Savings Class for P4: the controller class (from MVC) of
this application.
a. The Savings class should contain an ArrayList of Employee,
and variables to store the
current Employee (a reference to an Employee in the ArrayList),
a menu, a Scanner for
the keyboard, a Scanner for the Employee-file, and a
PrintWriter for the Employee file.
b. You may use this to define the menu:
private static String menu = “Savings System Menunt1. Log In
n”
+ “t2. Enter employees nt3. List employees”
+ “nt4. Change employee data nt5. Terminate an employee”
+ nt6. Report employee savings nt0. Exit system”
c. Use a switch statement to process the menu choices. Write a
separate function for each
option! They will be necessary when we convert the application
to a GUI.
d. In program 4, we will implement menu options 1, 2, and 0.
5.1 The Savings constructor.
11. e. The first time this program is run, the file of Employee data
(employee file) will not exist.
On second and further runs, it will exist. The Exception system
allows us to implement
the right functionality using a try..catch. Enclose the file
handling in a try block and write
a catch block for FileNotFoundException. Note: an IOException
should not happen
because of the way you have set up your program to prevent it
by checking the input
data. If it does, let the exception pass up to main. You do not
need to handle it here.
The try block should do the following:
i. Open the Employee file and a Scanner to read it.
ii. Read all of the data one line at a time using a normal loop
and hasNext(). Create
a series of Employee objects and store them in the Employee
collection
(ArrayList).
iii. Close the Scanner (which closes the input file).
The catch block should do the following:
iv. This is the handler for a FileNotFoundException, which will
occur the first time
this program is run and anytime you delete the data file. If the
file exists (second
and later execution), this error will not occur.
v. Print a clear comment about the missing file.
vi. Prompt the user for the logon name, salary, percent savings
and name of the
12. boss, create an Employee object with ID Number 0 and add it to
the empty
Program 4: Employee Savings Database
CSCI 6617 Spring 2016
4
Employee collection (ArrayList). Then continue with normal
execution of this
application, DO NOT ABORT.
f. At this point, the data from the file has been read, if it
existed. The next step is to open
an output file with the same name as the now-closed input file
(replace it).
i. Put this code in second a try block that immediately follows
the catch block
from the earlier try.
ii. Control will come here after the first try-block or its catcher
finishes its work.
Notice that we are reentering execution after an exception.
iii. At the end of the constructor, the program, its Employee
ArrayList, and its
output file are ready for use.
4.2 The doMenu() function
Write a main loop that displays the menu forever (an infinite
loop), until the user selects ”0. Exit
13. System”.
iv. Put the entire menu loop in a try block with a finally clause.
1. In the finally clause, write all of the Employees in the
Employee
ArrayList to the output file using a loop, close the file, and
print a
message on the console screen saying this was completed.
2. After the finally block, control should return to main, where
it hits the
end of another try block and ends the program.
v. Prompt the user for a menu choice and process that choice
with a switch. Do
not use an if. . . else structure.
1. In the switch, do NOTHING except call one of the functions
below.
When the program is converted to Java FX, this switch will be
replaced
by a bunch of Buttons and other objects.
2. Break out of both the switch and the infinite loop if the user
selects ”0.
Exit System”. Leaving the loop will end the try block, which
will send
control directly to the finally block.
3. Create an empty method (stub) to process each of the
following “3. List
employees”, “4. Change employee data”, “5. Terminate
employees” and “6.
Pay employees” because these menu choices are not
implemented in P4.
14. Savings needs public functions for the menu options.
i. The Savings class needs a private utility function, login() to
implement ”1. Log
In”.
4. login() prompts the user to enter their login name and checks
the
Employee ArrayList to see if they are an Employee (if that
Login Name is
in the collection).
5. If the user is not in the Employee collection, they cannot
proceed. Print
a message saying so and allow them to return to the menu.
ii. newEmployee(): to create a new Employee member (about
20-30 lines of
code, including whitespace and comments). This is run when
there are no
employees in the ArrayList or when “2 Enter Employees” is
chosen by the Boss
(when logged in Employee ID is 0).
6. Prompt for and read the Employee person's full name (assume
that
there is a first and last name, but make the middle initial
optional. Allow
for a hyphen in the last name), and the other data members
(fields).
7. Create a new Employee with this data and put it into the
ArrayList of
Employees.
15. Program 4: Employee Savings Database
CSCI 6617 Spring 2016
5
iii. No function is needed for the ”0 Exit the System” menu
item. Just break out of
the loop.
8. Break out of both the switch and the infinite loop if the user
selects ”0
Exit the System”.
9. Leaving the loop will end the try block, which will send
control directly
to the finally block.
6 Testing and Submission.
Due by 11:59 PM on the due date.
When you are sure your program works, delete the input and
output files. Then follow the
testing procedure below.
1. Start the program and enter your own name. Make up the data
(name,
logon name, salary and percent savings). Enter this user as the
Boss.
2. Add a second user you made up.
3. Exit the system.
16. 4. Make a copy of the database file and make its name run1.txt
and copy and
paste your console output to a file called console1.txt (you can
use notepad
to save this).
5. Start the program again. Enter two more users – make them
up. This makes
four users in total.
6. Exit the system.
Use the two runs to test errors in entering the data. Finally,
hand in a zipped folder containing:
The .java files for all of your classes (the Savings and
Employee classes and Main if
you created one).
and paste them in to the
same file, but clearly mark them as run 1 and run 2 console
output.
The console output that you hand in must correspond to the file
output – make sure they are
concurrent. Use a simple text editor (such as Notepad) for the
output; DO NOT USE WORD.
(Word destroys both code and output by adding things and
changing things.)
It is part of developing your professionalism to be organized.
17. Please send me only the things I
have asked for. It is your job to organize your work, if you do
not have it organized, you will be
asked to fix it before it is accepted for grading.
I cannot use your projects and I cannot run your compiled code
because of incompatible
major/minor version problems. (DO NOT believe that Java is a
highly portable language!).
Please include in your Javadoc comments where main is located
what IDE and hardware you are
using to aid version issues. I have access to PC and Mac with
Eclipse and NetBeans. These are
your only choices.
Pitfall to avoid: If you change your Model class’s data
members, you will have to delete your
data file and start over because your program will not be able to
read it.