Project description

• The aim of the project is to show a mastery/integration of the security concepts and technologies learnt in ISOM340.

• Each person will look for an organization that will allow them to assess their security preparedness, evaluate/audit their enterprise security system, identify outstanding issues and recommend a defense in depth security system that address these issues.

Suggested presentation template system

a) Describe the organization/its environment

b) Describe the major data/systems that they have to protect

c) Describe the top threats that the company is facing?

d) What are the legal issues and regulations that the company must comply with?

e) Describe the current enterprise security systems giving details on how they are using security controls to minimize the risks

f) What are the top major security issues that need to be addressed?

g) With the aid of diagrams, Recommend and describe a defense in depth state of the art system that protects the above assets and addresses the security issues

h) Do a cost-benefit analysis to demonstrate that your recommendation is viable

i) Suggest a phased implementation plan for the new system considering availability issues and identify new personnel required if any.

In this project, you will create a portion of a threat model for an imaginary system. Real threat models are large and generally involve multiple contributors. For this reason, you will not be writing an entire threat model, but instead will be creating some specific components. While a real threat model would not be done individually, this is an individual effort project. No groups are allowed.

You may choose either of the following two systems to create a threat model for:

–A smart home system, with an Internet connected hub allowing control and automation of lights and other devices in the home.

— An e-commerce web site, allowing online purchasing of products.

— You may also suggest your own scenario, but in this case, you must get permission from the professor before proceeding. Your scenario should be approximately equal in complexity to the two suggestions given.

These scenarios do not have many details specified. Please make reasonable assumptions about how you expect the systems to realistically function. At a minimum, each of the suggested systems has a front end system that has interactions with users, some type of authentication, and interactions with at least one back end server. If you are unsure if assumptions you are making are reasonable, please ask on the project 1 discussion forum.

1) You must create a level 0 data flow diagram that shows the interactions of external entities with a multiprocess. You must create a level 1 data flow diagram, that shows the main flows of data between processes in the system and data stores. You must choose two specific function of the system and create level-2 data flow diagrams for those functions (you will have two different level-2 data flow diagrams). All four data flow diagrams should show trust boundaries.

2)Use CAPEC to find potential threats in your system. For at least two attack patterns listed in CAPEC, find corresponding threats to your system. Each attack pattern may correspond to multiple threats (which you may or may not have already identified using STRIDE). For each threat, indicate the data flow diagram element or elements it affects, the CAPEC attack pattern, and a brief description of the actual threat.

3) Identify threats using the STRIDE method in conjunction with your data flow diagrams. Create a list of additional threats. For each threat, indicate which STRIDE category it fits into, and which element of your data flow diagrams it is associated with. Please include only realistic threats. Do not include several threats that are near duplicates of each other (“infects system with virus X” and “infects system with virus Y” should not be separate items). Threats with differing likelihood or impact should not be grouped. You must identify at least 20 threats, which must include at least one in each stride category.

4) Choose two threats in the system (identified in step 2 or 3) and create threat trees. These trees should each have at least three levels and ten nodes, including “or” and “and” nodes. At least one of your trees must be annotated in some way to help analyze the threat (up to you what annotatoin to use)

5)For at least 5 of the threats you identified, determine the risk associated with the threat. You may use any of the methods which will be discussed in week 6 videos, but your answers should be justified.

Each student will prepare a final project on a web application security topic. The primary deliverables for the project will be a paper and and also a presentation that will be presented by the student during the residency period.

Additional details on project deliverables will be presented next week.

Each student will be asked to pick a unique topic of their own choosing. Topics might include processes related to secure web technologies or a review of a specific web related cyber attack.

 Submit your final project topic here. Include a short paragraph describing your project and how you intend to research it.Here is a list of your upcoming project deliverables:

• Week 11. Submit final project.
• Week 12. Submit a brief abstract describing your final project.

Week 13. Submit final project materials.

• 500-700 word, double spaced, written in APA format, showing sources and a bibliography

The attached file is the project which need to follow to complete the project

To successfully complete this week’s discussion, you will need to refer to Chapter 14, “Portfolio Project Management,” in your Project Management Best Practices: Achieving Global Excellence textbook.

• Pay particular attention to Section 14.6, “Preliminary Evaluation.”

Please respond substantively to the following (3–4 paragraphs):

• Distinguish between a feasibility study and a cost-benefit analysis.
• Explain why both of these preliminary evaluations must tie to the organizational strategic plan.
• Summarize the cost-benefit analysis for your hypothetical e-commerce company.

For this assignment, review the article:Abomhara, M., & Koien, G.M. (2015). Cyber security and the internet of things: Vulnerabilities, threats, intruders, and attacks. Journal of Cyber Security, 4, 65-88. Doi: 10.13052/jcsm2245-1439.414and evaluate it in 3 pages (800 words), using your own words, by addressing the following:

• What did the authors investigate, and in general how did they do so?
• Identify the hypothesis or question being tested
• Summarize the overall article.
• Identify the conclusions of the authors
• Indicate whether or not you think the data support their conclusions/hypothesis
• Consider alternative explanations for the results
• Provide any additional comments pertaining to other approaches to testing their hypothesis (logical follow-up studies to build on, confirm or refute the conclusions)
• The relevance or importance of the study
• The appropriateness of the experimental design

It is an objective evaluation.

Link – https://www.riverpublishers.com/journal_read_html_article.php?j=JCSM/4/1/4

   create an original post addressing the topic(s) below, 

 What are Python functions? Why use them 

• Explain the definition, types  and the use of Functions.
• Provide at least one example.

Exp19_Access_App_CapAssessment – Transfer Student Advising 1.2

Project Description:

You were recently hired by your local college to help with registering all transfer students. The college?s Transfer Advising Department is a one-stop location for transfer students to come with questions. They have been working with Excel spreadsheets generated by the Information Technology department, but they are hoping to do more with an Access database. They have had a number of problems, including employees putting information in the wrong fields, putting information in the wrong format, and creating incorrect formulas. They are also hoping for more consistent ways of finding information, as well as being able to generate reports. Your tasks include importing an existing Excel worksheet as a table into your Access database; modifying the table; creating a relationship between two tables; creating queries with calculated fields, functions, and totals; creating a form for input; creating a report; and backing up the database .

1

To   start, you have been provided with a database the Information Technology   department created. The database has one table and one form. You will be   importing an Excel spreadsheet into a table and creating a primary key.
 

  Start Access. Download and open the file named aApp_Cap1_Advising.accdb. Grader has automatically added your   last name to the beginning of the filename.

2

Import   the aApp_Cap1_Transfer.xlsx Excel   workbook into a new table named Transfer Schools.   While importing the data, ensure that StudentID has a data type of Short   Text, and select StudentID as the primary key.

3

Now   that you have imported the data from the spreadsheet, you will modify the   field properties in the Transfer Schools table and demonstrate sorting.
 

  Open the Transfer Schools table in Design view. Set the StudentID field size   to 10. Remove the @ symbol from the   StudentID format property. Change the AdmittingSchool field size to 75. Change the RegistrationFee and   TuitionDue fields to have 0   decimal places.
 

  Switch to Datasheet view, saving the changes that you’ve made. Resize the   AdmittingSchool column by double-clicking on the border between   AdmittingSchool and AdmissionDate. Sort the Transfer Schools table on the   CreditsTransferred field in ascending order. Save and close the table.

4

Now   that the table is imported and modified, you will create a relationship   between the Transfer Schools and Transfer Students tables.
 

  Add the Transfer Schools and Transfer Students tables to the Relationships   window. Create a one-to-one relationship between the StudentID field in the   Transfer Students table and the StudentID field in the Transfer Schools   table. Enforce referential integrity between the two tables and cascade   updates and deletes. Save the changes and close the Relationships window.

5

   You will demonstrate changing information in a form.
 

  Open the Transfer Students Data Entry form. Locate the record for Ellen Sullivan and change her major to   History. Close the form.

6

Adam   McChesney, an adviser in the center, would like your assistance in helping   him find certain information. You will create a query for him and demonstrate   how he can change information.
 

  Create a new query using Design view. This query will access fields from both   the Transfer Schools and Transfer Students tables. From the Transfer Students   table, add the FirstName, LastName, Major, Class, and GPA fields. From the   Transfer Schools table, add the AdmissionDate, TuitionDue, CreditsEarned, and   CreditsTransferred fields.
 

  Save the query as Transfer Credits.   Set the criteria in the AdmissionDate field to 1/1/2021.   Run the query (19 records will display). Enter the TuitionDue for Bianca Bain as $2200 and the GPA for Edgar Conway as 3.65.   Save and close the query.

7

Now   that you have created the query, you will create a second query for Adam that   will calculate the number of credits students lost upon transfer, the tuition   payments for which they will be responsible (assuming four payments per   semester), and the due date of the first payment.
 

  Create a copy of the Transfer Credits query. Name the copy Transfer Calculations. Open the new query in Design view.   Remove the criteria from the AdmissionDate field. Create a calculated field   in the first empty field cell of the query named LostCredits   that subtracts CreditsTransferred from CreditsEarned. Create another   calculated field named TuitionPayments   that uses the payment function and determines tuition paid in four   installments. The student’s tuition payment and a 2.5% interest   rate should be used in the function. Use 0   for the future_value and type arguments. Ensure that the payment appears as a   positive number.
 

  Format the TuitionPayments calculated field as Currency. Create another   calculated field named FirstPayment   after the TuitionPayments field. To calculate the due date, add 30 to their AdmissionDate. Run the query   and verify that the three calculated fields have valid data. Add a total row   to the datasheet. Sum the TuitionDue column and average the TuitionPayment column.   Save and close the query.

8

   Cala Hajjar, the director of the center, needs to summarize information about   the transfer students for the 2020–2021 academic year to present to the   College’s Board of Trustees. You will create a   totals query for her to summarize the number of transfer students, average   number of credits earned and transferred, and total tuition earned by   transfer institution.
 

  Create a new query in Design view. Add the Transfer Schools table. Add the   AdmittingSchool, StudentID, CreditsEarned, CreditsTransferred, and TuitionDue   fields. Sort the query by AdmittingSchool in ascending order.
 

  Show the Total row. Group by AdmittingSchool and show the count of StudentID,   the average of CreditsEarned, the average of CreditsTransferred, and the sum   of TuitionDue. Format both average fields as Standard. Change the caption for   the StudentID field to NumStudents,   the caption for the CreditsEarned average to AvgCreditsEarned,   the caption for the CreditsTransferred average to AvgCreditsTransferred,   and the caption for the sum of TuitionDue to TotalTuition.
 

  Run the query. Save the query as Transfer Summary.   Close the query.

9

Hideo   Sasaki, the department’s administrative assistant, will handle   data entry. He has asked you to simplify the way he inputs information into   the new table. You will create a form based on the new Transfer Schools   table.
 

  Create a Split Form using the Transfer Schools table as the source. Change   the height of the AdmittingSchool field to be approximately half the current   height.Switch to design view and then remove the layout from all the labels   and fields. Shrink each field so it is approximately as large as it needs to   be.
 

  Switch to layout view and then click record 123455 in the bottom half of the split form. Make sure all fields   are still visible in the top half of the form. If not, adjust the controls so   all values are visible. Move the CreditsTransferred field so it is to the   right of the CreditsEarned field on the same row.
  Change the title of the form to Transfer Schools   Overview.   Save the form as Transfer Schools Form.   Save and close the form.

10

Cala   is hoping you can create a more print-friendly version of the query you   created earlier for her to distribute to the Board of Trustees. You will   create a report based on the Transfer Calculations query.
 

  Create a report using the Report Wizard. Add the Major, FirstName, LastName,   Class, GPA, and LostCredits fields from the Transfer Calculations query. Do   not add any grouping or sorting. Ensure that the report is in Landscape   orientation. Save the report as Transfer Students   Report   and view the report in Layout view.

11

Now   that you have included the fields Cala has asked for, you will work to format   the report to make the information more obvious.
 

  Apply the attached Wisp theme. Group the report by the Major field. Sort the   records within each group by LastName then by FirstName, both in ascending   order. Adjust the text boxes so the values for the Major field are completely   visible. Switch to Print Preview mode and verify that the report is only one   page wide (Note: it may be a number of pages long).

12

Close   all database objects. Close the database and then exit Access. Submit the   database as directed.  

Project implementation is arguably the most exciting stage of the project management process. It is during project implementation that project plans begin to come to life and assumptions are able to be tested and measured in real-life scenarios.

One of the outcomes of project implementation is a set of deliverables that typically includes a system diagram; a network diagram; a database design document, including an entity-relationship diagram, a data dictionary, and table definitions; a clearly articulated cybersecurity plan; and source code.

To complete this assignment, you will create:

• A system diagram that shows, in graphic form, the components of your project.
• Your system diagram should follow the system description you submitted in your Week 2 project plan (but may differ based on the research you have conducted since Week 2).
• You may create your system diagram in Microsoft PowerPoint or a graphics program of your choice.
• A network diagram that shows, in graphic form, the flow of data within your project.
• Your network diagram should follow the network description you defined in the Week 2 project plan (but may differ based on the research you have conducted since Week 2).
• You may create your network diagram in Microsoft PowerPoint or a graphics program of your choice.
• A database design document, including an entity-relationship diagram, a data dictionary, and table definitions, representing all of the data that must be stored and maintained within the context of your project and how that data is organized.
• A clearly articulated cybersecurity plan that explains how you plan to secure project data and processes.
• Source code (may be partial) for at least one software application.
• Your source code may be implemented in HTML/JavaScript, Java, C++, or another programming language.
• Download and unzip the HTML/JavaScript/CSS sample code files for an example of a partial software application implementation.
• A quality assurance and software test plan.
• Download the Software Test Plan for an example of what information is typically included and how it is typically organized in a software test plan.

You will write a program that will calculate the order tax (tax) , the net cost (netCost) , and the total cost (totalCost)
of an online order.
• Assume the following tax rates (taxRate) based on the ID of the location (locationID)
o 0 <= locationID <= 50– TAX rate is 4% (.04)
o 51 <= locationID <=80 – TAX rate is 5.25% (.0525)
o 81 <= locationID <= 100– TAX rate is 6% (.06)
o locationID > 100 – TAX rate is 7.25% (.0725)
o < 0 – is not a valid entry for the locationID
• Use a string for the users first name only as you interact with the user
• Use a string for the cell phone number
• Use a string for the item number
• Use a string for the user letter input (“y” or “n”)
• Use int and double, not float
• The tax on the order is calculated by multiplying the quantity * price * taxRate /100
o Note: drop the 100 if you converted the rate from percentage
• The net cost is calculated by multiplying the quantity times the price
• The total cost will be calculated by adding the netCost and the tax
• All double output should be presented with 2 decimal places
• Use four functions to break up the program (functions may not be modified)
//BE SURE TO ADD COMMENTS TO THE FUNCTION PROTOTYPES AND THE FUNCITON DEFINITIONS
//fill out the pre and post conditions
void GetOrderInfo(string&, string&, int&, double&, int&);
//Precondition: State what is true before the function is called.
//Postcondition: State what is true after the function has executed.
//Description: Describe what the function does.
void GetTaxRate(double&, int);
//Precondition: State what is true before the function is called.
//Postcondition: State what is true after the function has executed.
//Description: Describe what the function does.
void CalculateResults(int, double, double, double&, double&, double&);
//Precondition: State what is true before the function is called.
//Postcondition: State what is true after the function has executed.
//Description: Describe what the function does.
void DisplayResults(string, string, int, double, int, double, double, double, double);
//Precondition: State what is true before the function is called.
//Postcondition: State what is true after the function has executed.
//Description: Describe what the function does.

The user will enter phone number (as a string) , the item number (as a string), the quantity (as an integer), the price (as a
double), and the location ID (as an integer) For program 2 you must use the following functions exactly as described above
(same name and same formal parameter data types in the same order)
These 4 functions MUST be called from the main function.
The purpose of the assignment is to practice pass by value and pass by reference.
You may add additional functions, but you MAY NOT modify the name or the formal parameters of the above
4 functions.
Additional instructions:
• Be sure to comment your code
• Include a program header with the following information:
o Name, due date, course, assignment number, professor name, and a brief description of the
assignment – see the sample skeleton provided with the assignment.
• Read all comments in the sample code before getting started
• Read the problem and determine what to do
• Write the algorithm (you DO NOT need to submit the algorithm)
• Implement one component at a time in your code and do not move onto the next component until you
are sure it is correct.
• Test your program before submitting
• One source code file (unformatted text) will be submitted
• The file name must match the assignment
• The code should be tested and run on a Microsoft compiler before it is uploaded onto Canvas
• The code must be submitted on time in order to receive credit (11:59 PM on the due date)

SAMPLE OUTPUT:
Enter your first name: Tami
Enter the cell phone number: 5612312233
Enter the item number? qwAs-rqwst123
Enter the quantity? 14
Enter the price? 17.12
Enter the location ID number? 52
Cell number: 5612312233
Item number: qwAs-rqwst123
Quantity: 14
Price: 17.12
Tax rate: 5.25%
tax: $12.58
Net cost: $239.68
total cost: $252.26
Tami, would you like to do another calculation (Y or N):
y
Enter the cell phone number: 5612129876
Enter the item number? trWq21vcx-hrJ
Enter the quantity? 200
Enter the price? 15.50
Enter the location ID number? -34
A negative number for the location ID is not a valid entry.
Cell number: 5612129876

Item number: trWq21vcx-hrJ
Quantity: 200
Price: 0.00
Tax rate: 0.00%
tax: $0.00
Net cost: $0.00
total cost: $0.00
Tami, would you like to do another calculation (Y or N):
n
Tami, Have a nice day!

for c++