All posts by : chebby

1. Read Chapters 9–13 in your textbook.
2. Using the discussion link below, respond to the following prompts and questions:
   1. Identify the security components necessary to protect the information systems infrastructure. What key hardware components should be implemented?
   2. Why are authentication methods important in assuring that only authorized users are accessing the system? Classify the levels of access controls.
   3. Explain the use of an intrusion detection system (IDSs). How does such a system identify an intrusion? Differentiate between network level and host-based IDSs.
3. Your initial post should be at least 300 words and supported with at least three references.

DISCUSSION

CASE: PepsiCo
“Take PepsiCo, for example. As one of the leading soft drink makers and bottlers, PepsiCo turned to IoT for the most basic of reasons and found an efficient solution. Like many enterprises, the company had inefficient and ineffective IT and OT infrastructure, as well as limited IT and OT resources available inside its plants. It also suffered from server sprawl, where each server supported a very small portion of the production load. PepsiCo essentially incurred high costs to purchase and support an ever-expanding infrastructure of underutilized servers, operating systems, and networking assets. The result: highly inefficient use of capital—at a minimum. Even worse, its inefficient network hindered the collection of data that would ordinarily drive plant productivity.”

What were the paybacks to PepsiCo after implementing IoT? Elaborate.

 Describe some ways that an organization can recover it’s IT resources from a natural disaster (fire, flood, hurricane, tornado etc.). What controls should have been in place in order to be able to retrieve this data? 

I need a report entitled (The impact of network technology on limiting the spread of Covid-19 in the Kingdom. The report must include the following axes, and the references must be mentioned. “

1. The applications in force in the Kingdom of Saudi Arabia during the pandemic period and their tasks.

2. The network technologies used to examine Corona in the Kingdom of Saudi Arabia (example: the network technologies used in the Sehaty application and the Tatman application)

3. Network technologies used for distance education in the Kingdom of Saudi Arabia (for example, manasty and LMS)

4. Network technologies used to work remotely in the Kingdom of Saudi Arabia (eg Zoom and Google Meeting)

5. Retinal techniques used to reduce clusters. In the Kingdom of Saudi Arabia (example, Tawakolna app, Tabaud  ‘and eatmarna app)

6. Obstacles and problems facing network technology in the Kingdom of Saudi Arabia

7. The main challenges to privacy, security and misinformation (for example, the 5G network transmits the virus)

8. How these technologies helped prevent an economic collapse in the Kingdom of Saudi Arabia

Hide Assignment InformationTurnitin®This assignment will be submitted to Turnitin®.Instructions

This week, you will submit your first project, the System Scan Report. Your report should include the following:

• Introduction
• Target System
• Zenmap Scan
• OpenVAS Scan
• Open Socket Connection
• Recommendations
• References

If you haven’t already done so last week:

• Follow the instructions to setup your Virtual Machine Hacking Lab.
• Download the System Scan Report Template and follow the instructions in the document. 
  • Delete the instructional text from the template before you submit.

How Will My Work Be Evaluated?

1.2.1: Identify the target audience, the context, and the goal of the communication.

• Provide a brief introduction explaining the services performed and a summary at the end with the important findings of the scan. Validate your recommendations using industry standard techniques. Include at least two to three references in IEEE format.

1.4.2: Use vocabulary appropriate for the discipline, genre, and intended audience.

• Make sure the report to the client contains grammatically correct language without any spelling or typographical errors. Explain industry acronyms when they are introduced since they may be unfamiliar to the client.

10.1.2: Gather project requirements to meet stakeholder needs.

• The client has asked for a Zenmap scan, an OpenVAS vulnerability scan, and to use other accepted industry practices for the systems scan. You will need to include screenshots and note the application versions that are listed and displayed in the scan results.

12.2.1: Identify systems for the risk assessment.

• During any scan report, it is critical that you list the IP address of the system you are using to connect to the client’s corporate network (for auditing purposes) as well as the IP address of the system(s) that you are scanning. Discuss the scope of engagement and the limitations of your actions to stay within the parameters of the test.

12.2.2: Perform a risk analysis.

• Explain to the client the security issues that are present on the Linux system. Discuss critical vulnerabilities that need to be addressed and the measures that may need to be taken to deal with the underlying security issues (additional staff, equipment, billable hours, etc.).

13.1.1: Create documentation appropriate to the stakeholder.

• In this section, recommend that you and your contractors perform a full penetration test on the target system. Mention the implications (ransomware, exfiltration, credential harvesting, etc.) that might occur if the security issues are not addressed.

When you are finished, click “add a file” to upload your work, and then click the Submit button.

Hide Rubrics

Rubric Name: Project 1 – System Scan Report

This table lists criteria and criteria group name in the first column. The first row lists level names and includes scores if the rubric uses a numeric scoring method.CriteriaExceeds Performance RequirementsMeets Performance RequirementsApproaches Performance RequirementsDoes Not Meet Performance RequirementsCriterion Score1.2.1: Identify the target audience, the context, and the goal of the communication.10 points

Identifies the target audience, context, and goal of the communication in a clear and appropriate manner.

8.5 points

Identifies the target audience, the context, and the goal of the communication.

7.5 points

Attempts to Identify the target audience, the context, and the goal of the communication, but there are issues with accuracy or appropriateness.

0 points

Does not identify the target audience, the context, and the goal of the communication.

/ 101.4.2: Use vocabulary appropriate for the discipline, genre, and intended audience.10 points

Uses enhanced vocabulary highly appropriate for the discipline, genre, and intended audience.

8.5 points

Uses vocabulary appropriate for the discipline, genre, and intended audience.

7.5 points

Attempts to use vocabulary for the discipline, genre, and intended audience, but there are lapses and gaps.

0 points

Uses inappropriate vocabulary for the discipline, genre, and intended audience.

/ 1010.1.2: Gather project requirements to meet stakeholder needs.20 points

Identifies IT project requirements in a thorough and clear manner to meet all stated stakeholder needs.

17 points

Identifies IT project requirements to meet stated stakeholder needs.

15 points

Attempts to identify project requirements to meet stakeholder needs, but there are gaps and/or lack of clarity.

0 points

Does not identify IT project requirements to meet stated stakeholder needs.

/ 2012.2.1: Identify systems for the risk assessment20 points

Clearly identifies the most critical vulnerabilities with the system and accurately describes the security issues that need to be addressed.

17 points

Identifies most of the vulnerabilities with the system and describes most of the security issues that need to be addressed.

15 points

Identifies some of the vulnerabilities with the system and describes some of the security issues that need to be addressed.

0 points

Does not address the vulnerabilities with the system and does not describe the security issues that need to be addressed.

/ 2012.2.2: Perform a risk analysis.20 points

Performs a thorough risk analysis and clearly identifies the impact and threat of the vulnerability.

17 points

Performs a risk analysis anidentifies the impact and threat of the vulnerability.

15 points

Performs a risk analysis but does not discuss the impact and / or threat.

0 points

Does not perform a risk analysis.

/ 2013.1.1: Create documentation appropriate to the stakeholder.20 points

Creates thorough and accurate IT documentation that exceeds requirements.

17 points

Creates IT documentation that meets requirements.

15 points

Creates IT documentation that lacks detail and/or does not fully meet requirements.

0 points

Does not create appropriate IT documentation.

/ 20Rubric Total ScoreTotal/ 100

Overall Score

Overall Score

Exceeds Performance Requirements90 points minimum

Meets Performance Requirements80 points minimum

Approaches Performance Requirements70 points minimum

Does Not Meet Performance Requirements0 points minimum

Associated Learning Objectives1.2.1: Identify the target audience, the context, and the goal of the communication.Assessment Method:  Score on Criteria – 1.2.1: Identify the target audience, the context, and the goal of the communication.Required Performance:  Meets Performance Requirements1.4.2: Use vocabulary appropriate for the discipline, genre, and intended audience.Assessment Method:  Score on Criteria – 1.4.2: Use vocabulary appropriate for the discipline, genre, and intended audience.Required Performance:  Meets Performance Requirements10.1.2: Gather project requirements to meet stakeholder needs.Assessment Method:  Score on Criteria – 10.1.2: Gather project requirements to meet stakeholder needs.Required Performance:  Meets Performance Requirements12.2.1: Identify systems for the risk assessment.Assessment Method:  Score on Criteria – 12.2.1: Identify systems for the risk assessmentRequired Performance:  Meets Performance Requirements12.2.2: Perform a risk analysis.Assessment Method:  Score on Criteria – 12.2.2: Perform a risk analysis.Required Performance:  Meets Performance Requirements13.1.1: Create documentation appropriate to the stakeholder.Assessment Method:  Score on Criteria – 13.1.1: Create documentation appropriate to the stakeholder.Required Performance:  Meets Performance Requiremen

Assume you are a network professional. Employees at your organization use a web-enabled application to do the bulk of their work. Going forward, most employees will be working remotely. You need to choose a VPN technology to support them whether they work from home or while traveling.

Answer the following question(s):

Should you implement an Internet Protocol Security (IPSec) VPN or a Secure Sockets Layer/Transport Layer Security (SSL/TLS) VPN? Why?

If you were part of a government entity, what would you say about the potential benefits and drawbacks of encryption? What is the difference between symmetric and asymmetric encryption? 

Q. Please read the below paragraph and write your opinion, also by discuss any differences you may see.

Note: 250 words with intext citations and references needed.

Business architecture defines an organization’s capabilities in a structured way. It identifies all kinds of resources a business possesses, such as personnel, infrastructure, and business, them comes up with a strategy to make the most value out of them. The purpose of business architecture is to transform high-level vision into actionable items, so that the company survives and becomes successful in today’s market. In a hierarchical structure, a company’s major concerns might be separated into operation, finance, marketing, information, HR, compliance, and security, which represent the critical components in the architecture. The seamless coordination among those components is critical for the execution of a transformation of vision.

Many of the tech giants have chosen to lay off employees this year due to the slow down of growth. This is part of a bigger move that those companies are making based on their predictions of the situations and strategies to counter them. The layoffs, reorganizations, and other moves mean that companies are adjusting their business architecture to suit the transformation of their visions. Sometimes, the layoff itself is rather a symbolic action to convey the high-level vision to employees and the public, with the hope of showing their responsiveness to stakeholders. The purpose of such organizational transformation is to improve the company’s current stand in the ever changing market.

Python lists are commonly used to store data types. Lists are a collection of information typically called a container. Think of a physical container that can hold all kinds of objects, not just one object of the same type. Python includes a built-in list type called a list. They can be managed by many built-in functions that help fill, iterate over, add to, and delete them.

Respond to the following in a minimum of 175 words:

• Why is it useful to store information with different data types? When do you choose to use a list over a dictionary? Provide a code example that supports your comments.

ER Model and Normalization

Q1: Garage Database [40 points]

We want to design a database for a local garage. For each customer, we want to record the (unique) name, the customer address, and the contact phone number. For each vehicle, we want to record the unique vehicle’s identification number (VIN), and the vehicle’s make, model and year. For each repair job we want to record the description of the job done (maximum 200 chars), the date, and the total dollar cost. A repair job may involve zero or more parts (like, e.g., “windshield wipers”, “battery”, etc.) For each part we want to record its (unique) part number, the part name and its cost. In addition, note that:

• Each vehicle may have 1 or more repair jobs.

• Each customer may be the primary owner of 1 or more vehicles.

• Every vehicle has only one primary owner (we ignore co-owners).

• No vehicle can have more than one repair job in any given day.

Please answer the following questions:

Q1.1. (10 points) Draw an ER diagram for this database. Make sure to indicate primary keys, cardinality constraints, weak entities (if any), and participation constraints. List any assumptions you make in the process.

Q1.2. (10 points) Translate the ER diagram in Q1.1 into relational database tables (i.e. give the SQL DDL statements). Make sure that the translation captures key constraints (primary keys and foreign keys if applicable) and participation constraints in the ER diagram. Identify constraints, if any, that you are not able to capture.

Q1.3. (20 points) Identify the functional dependencies that you expect should hold for the Garage Database domain. Use the dependencies to find keys and BCNF normal forms.

Q2: Restaurant Database [ 40 points]

The student administrator of the Mini University wants to design a database for profiling students’ preferences for the nearby restaurants and the dishes. For example, the student Jack Smith likes the “rib eye steak” at the “TGI Fridays”, not the “rib eye steak” at the “Olive Garden”, while the student Nancy Graham likes the Italian spaghetti at “Zeppoli’s”.

• Each student has his/her SSN, the name, and the department.

• Each restaurant has its name, and the mailing address.

• The name of a restaurant may not be unique, but the mailing address is unique.

• Each dish has the name and the price.

• The price of a dish might differ on different restaurants. For example, “rib eye steak” is $15 at “TGI Fridays”, but $20 at the “Olive Garden”.

• The name of a dish is unique within a restaurant. Two restaurants may have the same dish name.

• A dish is offered by at least one restaurant, and a restaurant offers at least a dish.

Please answer the following questions:

Q2.1. (10 points) Draw an ER diagram for this database. Make sure to indicate primary keys, cardinality constraints, weak entities (if any), and participation constraints. List any assumptions you make in the process.

Q2.2. (10 points) Translate the ER diagram in Q2.1 into relational database tables (i.e. give the SQL DDL statements). Make sure that the translation captures key constraints (primary keys and foreign keys if applicable) and participation constraints in the ER diagram. Identify constraints, if any, that you are not able to capture.

Q2.3. (20 points) Identify the functional dependencies that you expect should hold for the Restaurant Database domain. Use the dependencies to find keys and BCNF normal forms.

Q3: Reverse Engineering [20 points]

This question tests how well you understand the algorithm for converting E/R diagrams to relational schemas. An E/R diagram when converted to relations (using the mechanical construction that we know and love) gives rise to the following relations:

• R(a, b, c)
• S(a, d)
• T(a, d, f, g)

You may assume that the same symbols refer to the same attribute and different symbols refer to different attributes (e.g., the attributes a in the relations R, S and T are the same) i.e. it ultimately comes from a single entity set or relationship in the E/R diagram.

Your task is to reverse-engineer the E/R diagram from these relations; in other words, what E/R diagram could have produced these relations. For full credit, give two different E/R diagrams that could have produced these (and only these) relations (i.e. 10 points for each correct E/R diagram).

Submission Guidelines and Requirements

• Include your name and UCM ID in the assignment

1. Add the following statement in your solution “I certify that the codes/answers/outputs of this assignment are entirely my own work.”

// Your Name

// Your UCM ID

//Certificate of Authenticity: “I certify that the assignment is entirely my own work.”

1. Add comments to your submission as much as possible
2. Submit your ER diagrams, relation schemas, functional dependencies and normalized forms
3. Zip your files and upload the zipped file onto Blackboard
4. There could be more than one correct answer. We shall accept them all
5. Whenever you are making an assumption, please state it clearly
6. Grading standards:

• There will be automatic 10 points penalty if your submission is missing certificate of authenticity
• Late submission: Late submission is allowed with a 10% deduction per day (delay in submission). Submission after 3 days of the deadline won’t be accepted