All posts by : chebby

Threat Modeling

A new medium-sized health care facility just opened and you are hired as the CIO. The CEO is somewhat technical and has tasked you with creating a threat model. The CEO needs to decide from 3 selected models but needs your recommendation. Review this week’s readings, conduct your own research, then choose a model to recommend with proper justifications. Items to include (at a minimum) are:

• User authentication and credentials with third-party applications
• 3 common security risks with ratings: low, medium or high
• Justification of your threat model (why it was chosen over the other two: compare and contrast)

You will research several threat models as it applies to the health care industry, summarize three models and choose one as a recommendation to the CEO in a summary with a model using UML Diagrams (Do not copy and paste images from the Internet). In your research paper, be sure to discuss the security risks and assign a label of low, medium or high risks and the CEO will make the determination to accept the risks or mitigate them.

Your paper should meet the following requirements:

• Be approximately three in length, not including the required cover page and reference page.
• Follow APA 7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

 A. Explain why there are two types of legal systems in the United States: State and Federal systems. How are they similar and how are they different?

Post should be 500 words and add references in APA format.

Discussion 3.1

Define Cyber Kill Chain and describe its steps 

Discussion 3.2

What type of social engineering attacks do APTs use?

Case Study 3.1

Describe the tradecrafts of APT: zero-day attacks, advanced malware, social engineering and phishing, and strategic Web compromises

(References Should be no later than 2015)

Weekly Summary 3.1

Each week you will write and submit a brief summary of the important concepts learned during the week. The summary will include a summary of the instructor’s weekly lecture including any videos included in the lecture.

Please find the attachment for more details

1. What advantages are offered by commercial forensic packages? Are there any disadvantages to using them? If so, what are they?

2. Define the following terms and describe how they relate to information security: integrity, authenticity, confidentiality, and availability.

 Using the Internet, each member of your team should read at least 3 academically reviewed articles on team designing. Summarize the articles in 300 words or more. Provide appropriate references.   

Using the below image represent this family using a graph structure. The graph needs to be a weighted graph. The weights will constitute the types of relationships, I recommend using some kind mapping between numbers and strings to represent the relationships. When adding family members to the graph, this can be done programmatically for the provided family members within the description file.

Additionally,

• I also want there to be an interface in which a user can create a new family member and add them to the tree.
• This can be a simple CLI where the user provides a name, gender, and age to create a person.
• Then another simple CLI where they select which member of the family, they want the original relationship to be with and what kind of relationship it should be.
• Finally, they can edit the family member using another CLI and selecting the family member they wish to edit, the operation they wish to perform (edit name, edit age, edit relationship), and then add new relationship between family members which can call a function that you create in order to add the original relationship.

Finally, make data assertions within the FamilyTree class that enforce certain “rules” that exist in a typical human family. An example would be a person should not have any kind of relationship to itself (a person cannot marry themselves, a person cannot be their own brother, sister, father, mother, etc.). There should be at least 3 data assertions. These should exist as part of the family tree, not as part of the graph.

As a hint, for a successful design:

I would recommend using layers of abstraction. Your graph class is the backing structure to the family tree class. Your family tree should implement methods that interface with the graph class, i.e. add_family_member() should call the constructor to create a node and then call a function within the graph class to add a node to the graph. Then using the relationships function parameter, you can add edges to the graph between the new nodes and the existing nodes. The family tree should be what enforces what relationships can exist through the data assertions, the graph does not care about what relationships are made between family members. Your functions that the user would interface with would be greatly reduced compared to the total number of methods within the classes themselves. The user should be able to add, remove, and modify family members and that’s about it. Therefore, those should be your function calls.

Attachments area
 

This project gives you the opportunity to review what you’ve learned throughout the semester and present a range of topics in the form of a policy that describes how participants can join your business network, and the benefits of doing so. The overall purpose of your policy should be to create interest in your business network and its applications, along with a description of the onboarding process and ongoing benefits to members. 

Create a membership policy that describes the benefits and requirements of membership in your Letter of Credit business network. Your policy should be no less than 1000 words and no more than 1500 words. The document you submit should in Microsoft Word format (.doc or .docx) and be named using the following criteria: 

BLCN532_SECTION_STUDENTID_LASTNAME_FIRSTNAME_Project.docx 

• SECTION is the section number of your current course (2 digits)
   
• STUDENTID is your student ID number (with leading zeros)
   
• LASTNAME is your last name
   
• FIRSTNAME is your first name
  Your policy should include the following:
   

1. 1)  Purpose statement of the Letter of Credit business network
    
2. 2)  Description of the current (base) network (participants and functionality)
    
3. 3)  Brief description of upcoming features in the next quarterly release. (Be creative, but
   realistic here. Think about what the existing Letter of Credit application does, and what features you’d like to add that would increase the application’s usefulness and value. Analyzing current functionality and determining which features would best meet business needs will be a big part of assessing this assignment.)
    
4. 4)  Description of application upgrade process that may impact application availability and member business processes. (i.e. How does the business network organization plan to deploy new software features without causing substantial service interrruptions?)
    
5. 5)  List of rights and benefits for participants (how does each member benefit and what data/services are available for each member)
    
6. 6)  Membership requirements for new members (minimum security requirements, approval process, decision making rules and authorities, minimum required agreements that new members must accept and agree to)
    
7. 7)  Description of fees for participation and service access
    

1. 8)  Minimum member resource contributions to the business network
    
2. 9)  Process for ending participation in the business network
    

10) Process for resolving disputes, including appealing the outcome of a resolved dispute. 11) Course of action to initiate an application for membership 

Background content for items 1 and 2 will come from your text. Other items will be a combination of content from your text and extrapolation based on what you’ve learned this semester. Pay careful attention to #3. That one requires that you carefully consider how enhancing the application can help it better align with member (and prospective member) business goals. The purpose of this project is to digest the material you’ve learned throughout this semester into a white paper that could be used to recruit potential business network members, as well as provide details of the rights and responsibilities of business network members. 

Your policy document should present a clear and concise description of the benefits of being a business network member, why blockchain technology provides superior benefits to solutions based on other technologies, and the onboarding process and expectations once membership is approved. The overall goal is to give you an opportunity to demonstrate that you understand how this example blockchain technology use case implementation aligns with existing, and prospective, member business goals. 

Your paper must be in APA format, including citations and references, but I’m not particularly concerned with the specific format you select for the paper’s body. 

 Discuss the role Sarbanes/Oxley has played with respect to corporate governance. 

 Week 8 Assignment 2 Create an ERD

Create an ERD

Preparation

In this assignment, you will be drawing an Entity Relationship Diagram (ERD) or Database Design Diagram. The following videos and documents will assist you:

Entity Relationship Diagram (ERD) Tutorial – Part 1.

Entity Relationship Diagram (ERD) Tutorial – Part 2.

Ultimate ER Diagram Tutorial (Entity Relationships Diagrams).

Scenario

Suppose a local college has tasked you to develop a database that will keep track of students and the courses that they have taken. In addition to tracking the students and courses, the client wants the database to keep track of the instructors teaching each of the courses.

Instructions for the Database Design Diagram

Use any drawing package or any other application you know such as Visio, Word, PowerPoint, or another tool to create the Database Design Diagram. Otherwise, you may draw the diagram by hand with a pen and paper. If you draw the diagram by hand, then take one or more pictures of the diagram with your cell phone or laptop camera, place the images into a Word document, and submit the document. Otherwise, if you use software to create the Database Design Diagram, then take one or more screen captures of the diagram, place the screen captures into a Word document, and submit the document. Submissions that are not in .doc or .docx format will not be graded.

Include the following in the document:

Draw the entities of the database and the attributes of each entity, based on your research and/or common knowledge of a college and the information tracked by a college.

Create the appropriate relationships between each entity within the diagram.

This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions.

The specific course learning outcome associated with this assignment is:

Draw a database design diagram that depicts the attributes and relationships of the entities.

Note: All Assignments must be submitted into Blackboard. The whole Assignment (e.g. Assignment 1, 2, and 3) which includes both required images and written portion must be submitted into “one” MS Word document. All images pasted/copied into the MS Word document must contain an image label as to what the image represents. Assignments not submitted into “one” MS Word document will not be graded. Students must apply labels to their Database individual screen shots for Assignment 3.

This Video will help you understand “Assignment Two’s” challenge:

Watch Media

By submitting this paper, you agree: (1) that you are submitting your paper to be used and stored as part of the SafeAssign™ services in accordance with the Blackboard Privacy Policy; (2) that your institution may use your paper in accordance with your institution’s policies; and (3) that your use of SafeAssign will be without recourse against Blackboard Inc. and its affiliates.

Institution Release Statement