All posts by : chebby

Social engineering is the art of manipulating people so they give up confidential information. The types of information these criminals are seeking can vary, but when individuals are targeted the criminals are usually trying to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software – that will give them access to your passwords and bank information as well as giving them control over your computer.

Explain a scenario where you or someone you know may have unknowingly given too much personal information to a stranger. How could this situation  been avoided?

Read NIST SP 800-30 revision 1 (http://csrc.nist.gov/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf (Links to an external site.)), NIST SP 800-53 revision 4, Chapters 1 thru 3 (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf (Links to an external site.)), and NIST SP 800-18 revision 1 (http://csrc.nist.gov/publications/nistpubs/800-18-Rev1/sp800-18-Rev1-final.pdf (Links to an external site.)), all of which are located in your Module 3 Resources folder. 

Develop a System Security Plan (SSP) based on the information system selected in Project 1 using the sample provided in NIST SP 800-18 revision 1, Appendix A, as a guide; Note for #13, Minimum Security Controls in the SSP template: you only need to specify the appropriate control baseline from NIST SP 800-53 revision 4 and any additional controls or control enhancements (MINIMUM OF 2) added as part of the tailoring process, including your rationale for the addition.  Do NOT list all the controls and enhancements in the selected baseline.

 using the database and tables from Week Two, write SQL statements and enter five additional records into the employee table. Check the results by selecting all of the columns from both of your tables
 

Using the database and tables in Week Two, write SQL queries using various commands:
Using the COUNT command, how many employees are over age 47?
Write a SQL query that joins two tables in your database and uses BETWEEN to restrict record selection. (Use salary to restrict the data.)
Using the HAVING command, how many positions have more than 3 employees? (e.g. Cashiers, 4)
 

Using the updated database, write the following queries:
Use the COMPUTE command to generate a grand total for all of the exempt employees salaries.
Select employees’ last names and group them by salary in job titles, grouped into exempt and non-exempt.
Write a SQL query that joins two tables in the example database and uses LIKE to restrict record selection. (Use zip codes to restrict data.)
Create a query that shows all employees whose name has the second letter of either an ‘a’,’e’,’o’ or ‘u’.
Human Resources has requested a listing of employees. They want the listing to show the first initial of the employee’s last name. In addition, they want the report in the following sort order: exempt/non-exempt status, the first letter of their last name, last name, first name and salary. For example: Exempt, S, Smith, Bob, $50,000
 

Due to a corporate mandate, all employees who are “Asst. Manager”, must have their job title changed to “Sr. Supervisor’.

According to the authors, privacy and security go hand in hand; and hence, privacy cannot be protected without implementing proper security controls and technologies. Today, organizations must make not only reasonable efforts to offer protection of privacy of data, but also must go much further as privacy breaches are damaging to its customers, reputation, and potentially could put the company out of business.  As we continue learning from our various professional areas of practice, its no doubt that breaches have become an increasing concern to many businesses and their future operations.   

For this discussion, find an example of a security breach which compromised data records at a company in the same industry as you will be using in your final paper of your choice. Summarize the breach, discuss the data that was lost and identify security controls that you would recommend be in place (be certain to remember to cite sources) that could have prevented this breach from occurring. Remember to critical respond appropriately to two other leaners for full points.

2 Discussions

1 Project

PFA….

Please follow marking guidance

Step 1: Read and understand the Scenario and Business needs presented below. Define and document the ENTITIES, and RELATIONSHIPS, required to address the business needs. The nouns in the scenario below will give the ENTITIES that you will need. Finally, the verbs will describe the RELATIONSHIPS.Scenario and Business Need The Pythagoras Math Academy is in need to develop a database to keep track and control of his students, teachers, and classes offered. Teachers are able to teach multiple courses. But they are required to be certified on the course they are teaching. For example, only a group of teachers are certified to teach Algebra, and other Geometry. Students can take multiple courses. Courses are taught by teachers with the proper certification and have multiple certs as needed.  Courses are taught in one of the classrooms at one of the School’s several sites.Each classroom is optimized to serve the needs for a course (for example some courses might require computer labs and whiteboards). The school needs to keep track of the math courses delivered in each of the sites.Step 2: For this project, you are required to use MS Visio or ERD PLUS to produce the deliverables.If you are using MS Visio follow the steps below:

• Reference the Course Project Ph2 VIDEO.mp4, for a short demonstration and tutorial of this tool, and project overview/ expectations.
• Open MS Visio
• Click on the Software Database Template in the main window
• Select the Database Model Diagram Template to open a new file.
• Save the File and ensure to have in your file name PROJECT2_LastName_FistInitial.

If you are using ERD PLUS.

• Watch the recorded short tutorial for this tool. Reference the attached video as follows: Course Project Ph2 VIDEO.mp4.
• From the ERP PLUS main interface, select DOCUMENTS –> NEW DIAGRAM (NAME YOUR DIAGRAM) –>ER DIAGRAM –> CREATE
• Reference demonstration video for how to navigate tool, how to create entities, add attributes, relationships, and Cordiality. Demonstration video attached as follows: Course Project Ph2 VIDEO.mp4

Step 3: Define and Database ENTITIES

• Add an entity for each Table you identified in the Scenario and Business Need.
• You will use the MS Visio tool, or the ERD PLUS open source offering to complete this step.

Step 4: ADD the required ENTITY ATTRIBUTES  

• Add the required Attributes for each Entity that you feel would help to define each Entity as needed.
• Select one of the attributes to be PRIMARY KEY (PK)

Step 5: Define RELATIONSHIPS

• Use the Crow’s Feet Notation.
• Reference recorded demonstrations on how to use these notations, for MS Visio and ERD PLUS. Reference attached video as follows: Course Project Ph2 VIDEO.mp4
• Drag and drop (draw) relationships between the entities you defined.
• Connect the ends to the two entities for each relation.
• Defined the Primary Key for the parent entity.

Step 6: Define CARDINALITY RELATIONSHIPSet the cardinality for each of your relationships defined in Step 5.  For MS Visio: select a relationship line in the drawing area that is connecting two entities. In the Database Properties window, select the miscellaneous category. Select the cardinality for the selected relationship.Step 7: Upload your Work 

• Save the File and ensure to have in your file name PROJECT2_LastName_FistInitial. 

***The submission is a Word document with the ER Model diagram copied.  Do not send any type of image.  The submission must be the image copied into a Word document.  Please include a cover sheet with your full name, the class and  the university spelled correctly.  Please include any details necessary to describe the results. Rubric:

• 10 points: ER Model (MS Visio OR ERD PLUS)
• 10 points: Entities: Minimum of Three entities are represented
• 10 points: Attributes: Minimum of Two attributes for each Entity. Most would require more than two attributes, and I am only requiring two per entity.
• 10 points: Relationships: Minimum Three relationships are presented.
• 10 points: Cardinality is defined and specific for each relationship with Crow’s foot notation.

The CTO informed you that the board of executives showed great interest in building a new network based on the work you did throughout the weeks. They need a proposal to proceed. Provide seven to ten page essay proposing the Systems Architecture for a new network of 500 users where the headquarters are located in Denver, CO with 4 branches located across the 4 US coasts. The type of business is not important and you may feel free to make up one.
1-What type of OS to use along with the file system and why is this architecture is better than others? Will you use the same OS for servers and Desktops? Will your file system of choice provide security?
2-What type of processor types will you choose for the desktops, the servers, and why?
3-Will the system be based cluster architecture for the servers and databases?
4-What type of data backup should the company use, will RAID be used, or is local backups enough?
5-Is there a need for a network to be built for connecting the servers and users, will data go across the WAN or will it stay local to the LAN? What protocols should be used if any?

Subject: Foundations of Information Assurance and Security

Research Paper: 5-6 pages WITHOUT title page and with 4 external reference

Topic:  

The development of a security program and risk management in a mid-size organization. 

5-6 pages WITHOUT title page and with 4 external reference

Discuss successful information security program, such as risk assessment, systems testing, policy, and planning

Discuss how it is used in your organization? how it works or doesn’t work in your environment?

computer science. it has the instructions, you just need to follow them