All posts by : chebby

You are only submitting a topic for Approval at this stage. YOU ARE NOT SUBMITTING THE PAPER. A few details about your research paper:(select the topic for research paper based on the chapters below and  write few details about it(500 words).

CHAPTERS- 

Chapter 3 – Influence of Physical Design

Chapter 4 – Approaches to Physical Security

Chapter 5 – Security Lighting

Chapter 6 – Focus on Electronic Devices for Entry into locations.

Chapter 7 – Use of Locks – Focus on Key Operated Mechanisms

Chapter 8 – Explain why do employees steal?

Chapter 9 – External Threats and Countermeasures

Chapter 10 – Biometrics in Criminal Justice System and Society Today

Chapter 11 – Access Control Systems and Identification Badges

Course Objectives/Learner Outcomes:

Upon completion of this course, the student will:

· Recognize basic threats to an organization& physical security and identify the security mechanisms used

· in securing an enterprise environment.

·  Identify the security mechanisms and strategies used to protect the perimeter of a facility.

·  Identify the appropriate physical security mechanisms to implement in a given scenario.

·  Identify the appropriate mechanisms and controls for securing the inside of a building or facility.

 Select the most appropriate intrusion detection technology for a scenario.

Subject resources:

Fennelly, Lawrence. Effective Physical Security. ELSEVIER, 2017. 

Print ISBN: 978-0-12-804462-9

Other articles and readings may be assigned by course professor.

Recommended Materials/Resources 

Harris, Shon. All in One CISSP Exam Guide, Sixth Edition. McGraw-Hill, 2013.

• International Information Systems Security Certification Consortium, Inc., (ISC)²® – This Web site provides access to current industry information. It also provides opportunities in networking and contains valuable career tools. http://www.isc2.org/ 

• ISACA – This Web site provides access to original research, practical education, career-enhancing certification, industry-leading standards, and best practices. It also provides a network of likeminded colleagues and contains professional resources and technical/managerial publications. https://www.isaca.org/Pages/default.aspx

Analyze the structure of advanced encryption standards and why it makes it so strong.  

2 pages

• Assignment Topic: MS Office Integration.
  • To make this assignment as simple as possible, all you must do is to write about the use of the computer applications we are studying this month in real world settings. (excel, powerpoint, word) For instance, you can write about how you use or plan to use them at home or work place, or about somebody that you know or a business that use these applications. (Please be sure you write around this topic, if you write about something not related to this topic and class you will receive a ‘0’; I am required to enforce this).
  • You can read Chapter 22 in your textbook (Integrating Word, Excel, Access and PowerPoint) to learn more about this subject and have a better idea about what to look for in your research and write.
• General Guidelines:
  • You must use APA writing style guidelines to write your paper.
  • After conducting your research, write to present your findings and in a very simple way or tell how these applications affect your work, position, and/or field of expertise to make you more productive in the office activities you are or will be performing soon or even here at Everglades University while attending your classes.
  • In this class ONLY, I want you to keep your research very simple/basic.
  • I need you to focus on the APA writing style format of your assignment and learning the correct use of MS Word controls and features to write a paper that conforms with APA writing style guidelines format, this way you will be ready for the rest of your classes and will be using MS Word the correct way for that.
• Requirements:
  • Assignment MUST be submitted as a Word document. (.docx or .doc)
  • Contains at least four pages:
    • Page one: Title (AKA for many students as Cover Page).
    • Page two: Abstract (Remember NOT to indent the abstract section).
    • Page three: Body (At least two short paragraphs of any length that will allow you to insert the required in-text citations).
    • Last Page: References (At least 3 different that must come from the source list you created in the Insert Citation Source list).
  • Font type: Times New Roman.
  • Font size:
    • 14 points for running headers only.
    • 12 points for headings and everything else in your document.
  • Font color: Black.
  • Alignment: Left align.
  • Line Spacing: Double space.
  • Paragraph Spacing: None after each paragraph.
  • Quote from the article(s) when appropriate and use at least three proper Word generated in-text citations in the paper’s Body conforming to APA writing style guidelines.
  • References must be MS Word generated from using the source list created to insert the required citations.
  • Must include “Running head and a colon” text before the actual header on Title Page ONLY, the rest of pages must use the header alone, left aligned.
  • Must include page numbers in all pages, right aligned and MUST be in the same line as the running header.
  • No spelling and grammar mistakes.
  • Paper Body must use a header (Notice that this may already have been covered by the Running Header since this exercise is a single topic paper).
  • Please, DO NOT convert citations or references to static text, the placeholders need to be active to be reviewed, thank you!

This assignment is due on Sunday of the third week of class, September 20th.

 In this lab, students need to conduct attacks on the TCP/IP protocols. They can use the Netwox tools and/or other tools in the attacks. All the attacks are performed on Linux operating systems. However, instructors can require students to also conduct the same attacks on other operating systems and compare the observations. To simplify the “guess” of TCP sequence numbers and source port numbers, we assume that attackers are on the same physical network as the victims. Therefore, you can use sniffer tools to get that information. The following is the list of attacks that need to be implemented. 3.1 Task 1 : SYN Flooding Attack ` ` User Server SYN SYN+ACK ACK Active TCP Connection ` ` Attacker Server SYN Spoofed Addresses SYN+ACK ` Legitimate User SYN No Reply Normal TCP 3-way handshake between user and server SYN Flood: attacker sends many SYN to server without ACK. The server is not able to process request from legitimate user 1 2 3 4 1 2 3 Figure 2: SYN Flooding Attack SEED Labs – TCP/IP Attack Lab 4 SYN flood is a form of DoS attack in which attackers send many SYN requests to a victim’s TCP port, but the attackers have no intention to finish the 3-way handshake procedure. Attackers either use spoofed IP address or do not continue the procedure. Through this attack, attackers can flood the victim’s queue that is used for half-opened connections, i.e. the connections that has finished SYN, SYN-ACK, but has not yet gotten a final ACK back. When this queue is full, the victim cannot take any more connection. Figure 2 illustrates the attack. The size of the queue has a system-wide setting. In Linux, we can check the setting using the following command: # sysctl -q net.ipv4.tcp_max_syn_backlog We can use command “netstat -na” to check the usage of the queue, i.e., the number of halfopened connection associated with a listening port. The state for such connections is SYN-RECV. If the 3-way handshake is finished, the state of the connections will be ESTABLISHED. In this task, you need to demonstrate the SYN flooding attack. You can use the Netwox tool to conduct the attack, and then use a sniffer tool to capture the attacking packets. While the attack is going on, run the “netstat -na” command on the victim machine, and compare the result with that before the attack. Please also describe how you know whether the attack is successful or not. The corresponding Netwox tool for this task is numbered 76. Here is a simple help screen for this tool. You can also type “netwox 76 –help” to get the help information. Listing 1: The usage of the Netwox Tool 76 Title: Synflood Usage: netwox 76 -i ip -p port [-s spoofip] Parameters: -i|–dst-ip ip destination IP address -p|–dst-port port destination port number -s|–spoofip spoofip IP spoof initialzation type SYN Cookie Countermeasure: If your attack seems unsuccessful, one thing that you can investigate is whether the SYN cookie mechanism is turned on. SYN cookie is a defense mechanism to counter the SYN flooding attack. The mechanism will kick in if the machine detects that it is under the SYN flooding attack. You can use the sysctl command to turn on/off the SYN cookie mechanism: # sysctl -a | grep cookie (Display the SYN cookie flag) # sysctl -w net.ipv4.tcp_syncookies=0 (turn off SYN cookie) # sysctl -w net.ipv4.tcp_syncookies=1 (turn on SYN cookie) Please run your attacks with the SYN cookie mechanism on and off, and compare the results. In your report, please describe why the SYN cookie can effectively protect the machine against the SYN flooding attack. If your instructor does not cover the mechanism in the lecture, you can find out how the SYN cookie mechanism works from the Internet. 3.2 Task 2 : TCP RST Attacks on telnet and ssh Connections The TCP RST Attack can terminate an established TCP connection between two victims. For example, if there is an established telnet connection (TCP) between two users A and B, attackers can spoof a RST packet from A to B, breaking this existing connection. To succeed in this attack, attackers need to correctly construct the TCP RST packet. SEED Labs – TCP/IP Attack Lab 5 In this task, you need to launch an TCP RST attack to break an existing telnet connection between A and B. After that, try the same attack on an ssh connection. Please describe your observations. To simplify the lab, we assume that the attacker and the victim are on the same LAN, i.e., the attacker can observe the TCP traffic between A and B. The corresponding Netwox tool for this task is numbered 78. Here is a simple help screen for this tool. You can also type “netwox 78 –help” to get the help information. Listing 2: The usage of the Netwox Tool 78 Title: Reset every TCP packet Usage: netwox 78 [-d device] [-f filter] [-s spoofip] Parameters: -d|–device device device name {Eth0} -f|–filter filter pcap filter -s|–spoofip spoofip IP spoof initialization type {linkbraw} 3.3 Task 3 : TCP RST Attacks on Video Streaming Applications Let us make the TCP RST attack more interesting by experimenting it on the applications that are widely used in nowadays. We choose the video streaming application in this task. For this task, you can choose a video streaming web site that you are familiar with (we will not name any specific web site here). Most of video sharing websites establish a TCP connection with the client for streaming the video content. The attacker’s goal is to disrupt the TCP session established between the victim and video streaming machine. To simplify the lab, we assume that the attacker and the victim are on the same LAN. In the following, we describe the common interaction between a user (the victim) and some video-streaming web site: • The victim browses for a video content in the video-streaming web site, and selects one of the videos for streaming. • Normally video contents are hosted by a different machine, where all the video contents are located. After the victim selects a video, a TCP session will be established between the victim machine and the content server for the video streaming. The victim can then view the video he/she has selected. Your task is to disrupt the video streaming by breaking the TCP connection between the victim and the content server. You can let the victim user browse the video-streaming site from another (virtual) machine or from the same (virtual) machine as the attacker. Please be noted that, to avoid liability issues, any attacking packets should be targeted at the victim machine (which is the machine run by yourself), not at the content server machine (which does not belong to you). 3.4 Task 4 : TCP Session Hijacking The objective of the TCP Session Hijacking attack is to hijack an existing TCP connection (session) between two victims by injecting malicious contents into this session. If this connection is a telnet session, attackers can inject malicious commands (e.g. deleting an important file) into this session, causing the victims to execute the malicious commands. Figure 3 depicts how the attack works. In this task, you need to demonstrate how you can hijack a telnet session between two computers. Your goal is to get the the telnet server to run a malicious command from you. For the simplicity of the task, we assume that the attacker and the victim are on the same LAN. SEED Labs – TCP/IP Attack Lab 6 Note: If you use Wireshark to observe the network traffic, you should be aware that when Wireshark displays the TCP sequence number, by default, it displays the relative sequence number, which equals to the actual sequence number minus the initial sequence number. If you want to see the actual sequence number in a packet, you need to right click the TCP section of the Wireshark output, and select “Protocol Preference”. In the popup window, uncheck the “Relative Sequence Number and Window Scaling” option. The corresponding Netwox tool for this task is numbered 40. Here is part of the help screen for this tool. You can also type “netwox 40 –help” to get the full help information. You may also need to use Wireshark to find out the correct parameters for building the spoofed TCP packet. Listing 3: Part usage of netwox tool 40 Title: Spoof Ip4Tcp packet Usage: netwox 40 [-l ip] [-m ip] [-o port] [-p port] [-q uint32] [-B] Parameters: -l|–ip4-src ip IP4 src {10.0.2.6} -m|–ip4-dst ip IP4 dst {5.6.7.8} -o|–tcp-src port TCP src {1234} -p|–tcp-dst port TCP dst {80} -q|–tcp-seqnum uint32 TCP seqnum (rand if unset) {0} -H|–tcp-data mixed_data mixed data ` ` User Server ` Attacker Attacker hijacks the TCP session and sends “Z” to server on behalf of client Data: “A” Data: “Z” Seq No.: ? ACK 3-way Handshake Data: “B” ACK Sniffing Figure 3: TCP Session Hijacking Attack SEED Labs – TCP/IP Attack Lab 7 3.5 Task 5 : Creating Reverse Shell using TCP Session Hijacking When attackers are able to inject a command to the victim’s machine using TCP session hijacking, they are not interested in running one simple command on the victim machine; they are interested in running many commands. Obviously, running these commands all through TCP session hijacking is inconvenient. What attackers want to achieve is to use the attack to set up a back door, so they can use this back door to conveniently conduct further damages. A typical way to set up back doors is to run a reverse shell from the victim machine to give the attack the shell access to the victim machine. Reverse shell is a shell process running on a remote machine, connecting back to the attacker’s machine. This gives an attacker a convenient way to access a remote machine once it has been compromised. In the following, we will show how we can set up a reverse shell if we can directly run a command on the victim machine (i.e. the server machine). In the TCP session hijacking attack, attackers cannot directly run a command on the victim machine, so their jobs is to run a reverse-shell command through the session hijacking attack. In this task, students need to demonstrate that they can achieve this goal. 

Discuss in 500 words your opinion on what lessons should be learned from the 737 Max 8 crashes. 

Use at least three sources. Use the Research Databases available from the Danforth Library, not Google.  Include at least 3 quotes from your sources enclosed in quotation marks and cited in-line by reference to your reference list.  Example: “words you copied” (citation) These quotes should be one full sentence not altered or paraphrased. Cite your sources using APA format. Use the quotes in your paragaphs.

Copying without attribution or the use of spinbot or other word substitution software will result in a grade of 0. 

Write in essay format not in bulleted, numbered or other list format. 

Do not use attachments as a submission. 

Reply to two classmates’ posting in a paragraph of at least five sentences by asking questions, reflecting on your own experience, challenging assumptions, pointing out something new you learned, offering suggestions. These peer responses are not ‘attaboys’.   You should make your initial post by Thursday evening so your classmates have an opportunity to respond before Sunday.at midnight when all three posts are due. 

It is important that you use your own words, that you cite your sources, that you comply with the instructions regarding length of your post and that you reply to two classmates in a substantive way (not ‘nice post’ or the like).  Your goal is to help your colleagues write better. Do not use spinbot or other word replacement software. It usually results in nonsense and is not a good way to learn anything. . I will not spend a lot of my time trying to decipher nonsense. Proof read your work or have it edited. Find something interesting and/or relevant to your work to write about.  Please do not submit attachments unless requested.

Industry experts believe blockchain is a technology that has the potential to affect the business of most IT professionals in the next five years. Pick an industry you feel will be most affected by blockchain and how blockchain may be used in that industry. As an IT manager, how would you embrace blockchain? For instance, how would training occur for your team, what strategies might you use, what security methods may you recommend be used?

Your paper should meet the following requirements:

• Be approximately four to six pages in length, not including the required cover page and reference page.
• Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Consider the mean of a cluster of objects from a binary transaction data set. What are the minimum and maximum values of the components of the mean? What is the interpretation of components of the cluster mean? Which components most accurately characterize the objects in the cluster?

 Please ensure to cite the Author, YYYY with any content brought into the discussion.   All discussions should contain at least one reference (and matching in-text citation in APA format).

  Minimum 600 words

This assignment should be in APA format and have to include at least two references.

Since it is so dangerous, why would designers install software into the kernel at all (or make use of kernel software)? If you were an antivirus designer or maker, what other methods do you utilize to prevent virus? 

report select two of the topics below to create an actionable report with a common theme below the topics selected. Your analysis should demonstrate you understand the material.  In general, each topic should be covered in 400-600 words.

1. On your personal computer, download, install, and run Wireshark (found at http://www.wireshark.org/). Wireshark is a network protocol analyzer that let’s you capture and view network traffic. You may want to watch the videos found on that site first. With wireshark running, go to a standard website (e.g., Google, Yahoo, Amazon, etc.) and report what it shows you.  Do you see the standard TCP/IP handshake? Do you see your http traffic? How could a network administrator use wireshark?  Include screen captures of the wireshark showing your results. 
2. On your personal computer, download, install, and run Nmap (found at http://nmap.org/). Nmap or “Network Mapper” is a free, open-source tool for network discovery, system security testing, port availability, and system monitoring. Before using nmap, you should study the Reference Guide (http://nmap.org/book/man.html). If you are using a Windows operating system, you’ll need to download ZenMap (http://nmap.org/zenmap/). For this exercise, run three different types of scans on another computer in your local network.  MAKE SURE YOU HAVE THE SYSTEM OWNER’S PERMISSION FIRST! Provide screenshots of the command used and the results.  What do the results tell you?  How can a network security administrator use a tool like nmap?
3. Using your book and other resources from the Internet, define and discuss the following network protocols: TCP, UDP, IP, and ICMP. Include the differences between TCP & UDP and IP & ICMP. Why is this important for network security? Make sure you list any outside references in APA format.
4. Discuss the four different types of suspicious traffic signatures:
   1. Informational
   2. Reconnaissance
   3. Unauthorized access
   4. Denial of service .
5. Provide a detailed description of how each of the following TCP flags are utilized:
   1. SYN (Synchronize)
   2. ACK (Acknowledgement)
   3. PSH (Push)
   4. URG (Urgent)
   5. RST (Reset)
   6. FIN (Finished)

 Design a Java application that will read a file containing data related to the US. Crime statistics from 1994-2013. The description of the file is at the end of this file. The application should provide statistical results on the data including: