All posts by : chebby

Discussion: This week we focus on some additional terms for IT users.  This week lets discuss what a community of practice is.   Why are they important and how can they impact the culture within an organization?

In chapter 6, the author describes basic components of a business network. Create a new thread, choose one of the types of participants discussed in chapter 6, and explain how you think the chosen participant type could effectively use assets in an enterprise blockchain environment to impact the organization’s outcomes.

Then think of three questions you’d like to ask other students and add these to the end of your thread. The questions should be taken from material you read in Chapter 5 or 6. You’re not trying to test each other, but you are trying to start a discussion. 

You must do the following:

1) Create a new thread. As indicated above, choose one of the types of participants discussed in chapter 6, and explain how you think the chosen participant type could effectively use assets in an enterprise blockchain environment to impact the organization’s outcomes. Then think of three questions you’d like to ask other students and add these to the end of your thread. The questions should be taken from material you read in Chapter 5 or 6. You’re not trying to test each other, but you are trying to start a discussion.

2) Select AT LEAST 3 other students’ threads and post substantive comments on those threads. Your comments should answer AT LEAST one of the questions posed in the thread and extend the conversation started with that thread. Make sure that you include the question in your comment so I can see what question you’re answering.

ALL original posts and comments must be substantive AND ORIGINAL. (I’m looking for about a paragraph – not just a short answer.) Do not plagiarize!! Use your own words.

The discussions in this class exist to simulate face-to-face discussions. To reach that goal, we will adhere to the 3CQ model. After posting each thread, you will post at least 3 comments on other students’ threads, and each comment must conform to the 3CQ model (Compliment, Comment, Connect, Question). This model encourages discussions that extend class learning and participation.

Here is a description of the 3CQ model:

1.            Compliment – Start off positive. Compliment the person on something specific you have read or observed in the person’s blog post.  For example:

• Thanks for sharing your thoughts! I really liked …

2.            Comment – Comment on something relevant and meaningful about what the person wrote. Be specific! Remember your comment might not always be agreement. You can “politely” disagree.  For example:   

• I agree with you about …
• I respect your opinion, but I think …

3.            Connect – Connect with something the person wrote (Text-to-Self, Text-to-Text, Text-to-World). Explain your connection with details giving your audience a clear idea of what you’re talking about by using sensory details.   For example:

• I can connect with you about …
• I once read a story about …
• I had the same thing happen to me…

4.            Question – Ask a specific question about something written or the writer. Keep the conversation going!

Remember that ALL discussions must use the 3CQ approach to interaction.

Please read the below discussion post and provide response in 75 to 100 words

Post#1

Cloud security plays an important role in every field like business and personal world. With a large number of benefits it has some myths also. Cloud security is solely the cloud provider’s responsibility: a standard misconception is that the cloud provider automatically takes care of all the safety needs of the customer’s data and process while in the cloud. Password policies, release management for software patches, management of user roles, security training of staff, and data management policies are all responsibilities of the purchasers and a minimum of as critical because the security is done by the general public cloud provider. While users are hardening internal security, don’t assume that cloud provider backs up data and will be able to restore it just in case of a security breach. It is instrumental and important that users simply implement a backup solution that backs up data that’s hosted on the cloud to an onsite backup or to a different cloud provider. In addition, in case of a security breach, user will get to restore data from backups. “There is indeed a good case to make for fair taxation and that uneven effective tax rates can distort competition and lead to smaller tax revenues” (Bauer, 2018).

Don’t get to manage the cloud: many people believe that since the cloud infrastructure is usually basically just a managed service, that the safety of the services is additionally managed. Many cloud based systems are left inadvertently unsecured because the customer doesn’t know that they have to try to something to secure them, as they assume that the provider has done what an in-house staff would traditionally have done by default. Cloud security requires an equivalent discipline for security of any data center. Cloud data centers are as resilient as any, but the weakness comes if the policies, processes and tools aren’t regularly monitored by the IT operations staff responsible (Determann, 2016).

Ignore BYOD and be more secure: not supporting and implementing a BYOD policy does not mean an enterprise will be less at risk of a data breach, SVP of cloud and hosting sales. The BYOD movement is here to stay. Some experts recommend deploying a mobile content management (MCM) solution, as protecting the data will be what ultimately defines business’ security and compliance requirements. “Despite the Australian Federal Government’s ‘cloud-first’ strategy and policies, and the Queensland State Government’s ‘digital-first’ strategy, cloud services adoption at local government level has been limited—largely due to data security concerns” (Ali, Shrestha, Chatfield, & Murray, 2020). Cloud data isn’t saved on mobile devices: I still hear people speaking about cloud deployment as if using this service means users are not saving any enterprise data on mobile devices, which this might make device data protection a moot point. Apps that are connecting to devices are always caching data, which cached data is stored on your employees’ mobile devices. This data can be breached and hacked and therefore must be protected.

Single tenant systems are more secured than multi-tenant: Multitenant systems ensure that software updates, including security patches, are applied to all customers simultaneously. With single-tenant systems, software vendors are required to update individual customers’ virtual machines. Cloud security provides an additional level of security to the network and protects data of personal and professional network (Martinez, Cano, & Vilajosana, 2020). Multi-tenant systems are safer than single tenant: there are not any absolutes in cloud security. The complete opposite statement regarding cloud tenancy also can be viewed as a myth. “Blockchain is an eccentric technology, at the same time, the most vaunted, least understood and most disrupting technology of the current era” (Chitranshi, & Chawla, 2020).

Post#2

Cloud computing is one of the most innovative development in the field of computer science. Cloud computing although covers variety of services but software as a service, platform as a service and infrastructure as a service are the three most widely used and known. However the list contains many other such as function as a service, backend as a service and container as a service and the designer, developer and related professionals use the service as per need. “While moving towards the concept of on-demand service, resource pooling, shifting everything on the distributive environment, security is the major obstacle for this new dreamed vision of computing capability” (Singh, 2016).

The outside view of the cloud IT infrastructure looks simple and easily understandable but the background of it is very complex and requires efficient knowledge about the cloud to deal with the complex infrastructure. With the advances in technology the demand for serverless function and facility increases. Organizations move from on-site to the cloud and while doing so the security is compromised and not given enough attention which results in a decline in the security of the cloud service. Cloud security tools use various steps like access control, permission control, audit, authorities, etc.

“Cloud computing enables cost-effective and scalable growth of IT services that can enhance government services” (Ali, 2020). Those who are well aware of cloud service and have proper knowledge about the same don’t indulge in any myths but those who lack information make false statements about the cloud which it gets known as the cloud security myths. The major myth is that the cloud is not secure and the reason why people believe in this myth is because of the cases of cloud compromise and attack. After taking appropriate measures and implementation security tools along with the security management from the provider side it can be stated that the cloud is secure. Some people on the other hand believe that the cloud is perfectly secure, which is again a false myth. No security tool or precaution can guarantee perfect security in any case.

Another myth states that on-site organization is more secure than the cloud, however depends upon the security steps taken on-premise and on cloud both. When moving to the cloud, special care needs to be taken to ensure the information is secure from any attack. Cloud service providers are the organizations that indulge in providing the concerned cloud service to those who sign for it. Cloud service providers are many in number and have their headquarters based in different locations thus the statement that all cloud service providers are the same is a false myth. Lack of knowledge about cloud computing and fake statements being made by people has resulted in cloud security myths. “Trust is another security issue in the cloud, the establishment of trust might become a  key establishment of the better relationship among the users and service provider in the cloud computing” (Seemakurti, n.d.).

 security and functionality  

Individual Assignment.

Prepare a paper on how disaster recovery works in the Cloud.  Cloud Computing delivers fast recovery times and multi-site availability at a fraction of the cost of conventional disaster recovery. Because Cloud computing is based on virtualization, it takes a very different approach to disaster recovery.

In your paper discuss:

• Your definition of Cloud Computing
• Pros and Cons of Disaster Recovery in the Cloud
• The Trade-offs between Recovery Time vs Costs
• Three (3) vendors that Provide Disaster Recovery Cloud Services (DRaaS), prepare a grid and compare and contrast them. Which one do you like best and why?
• The use of Virtual Machines and the concept of Elasticity
• Cyber Threats: what are they and how would you protect the Cloud infrastructure?
• What are the vulnerabilities of a disaster recovery solution using the cloud?
• Benefits of Disaster Recovery in the Cloud: cost / features / functionality / deployment
• Summary / Conclusion

In addition, as part of your paper, prepare a diagram (your original work) of a cloud-based disaster recovery capability for Samsung, including your RTO. For your reference attached is a diagram illustrating the Samsung computer systems / infrastructure / departments that need to be recovered. Samsung does not use virtual machines and all systems in the attached diagram are in a centralized data center.

Paper requirements: single space, 12 point font, 6 page minimum, 8 page maximum, include cover page not part of 6 page minimum. Include diagram, not part of 6 page minimum, as last page in paper with a caption that describes what it is a representation of.

In 300 words
 

OWASP( Open Web Application Security Project ) Vulnerabilities.

Please describe the below in 300 words.

• Broken Authentication – OWASP Vulnerabilities.

 network analysis/tech using the NS3 network simulator and , report-1000 words and , 10 ppt slides w/o notes 

Abstract for the project

Your Research Project on the surveillance state consists of two parts:

1 a Powerpoint presentation consisting of at least 12 slides not including title and references.

2. 750 word research  paper with at least 3 sources. There should be no lists. Write in essay format not outline format. Include a meaningful title.

Do not double space.

You must include at least 3 quotes from your sources enclosing the copied words in quotation marks and cited in-line. 

There should be no lists – bulleted, numbered or otherwise. 

Write in essay format with coherent paragraphs not in outline format. Distribute your quotes among the paragraphs.

Do your own work. Zero points will be awarded if you copy other’s work and do not cite your source or you use word replacement software. 

The topic must be appropriate for graduate level. Find a topic that we covered in the course and dig deeper or find something that will help you in your work or in a subject area of interest related to the course topic. Use academically appropriate resources which you can find in the Danforth Library Research Databases.

Submit all documents at on time. Do not zip or otherwise compress them. Do not use .rar. Use .doc and .ppt extensions

• Distinguish between due care and due diligence.
• Based on your experience, provide examples of due care and due diligence.

Explain 10 negative effects of information technology in the society of today