All posts by : chebby

Learning Objectives and Outcomes

• Examine IT infrastructure policies.
• Describe IT infrastructure policies based on the scenario given.

Scenario

You work for a large, private health care organization that has server, mainframe, and RSA user access. Your organization requires identification of the types of user access policies provided to its employees.

Sean, your manager, was impressed with the work you did on User Domain policies. This time, Sean is asking you to write descriptions for policies that affect server, mainframe, and RSA user access. 

Assignment Requirements

Research policies for each affected IT infrastructure domain, and place them into a table with an introduction explaining the following questions: Who? What? When? Why? Be sure to add a conclusion with a rationale for your selections. Reference your research so your manager may add or refine this report before submission to senior management.

Required Resources

• None

Submission Requirements

• Format: Microsoft Word
• Font: Times New Roman, 12-Point, Double-Space
• Length: 1–2 pages

Discuss in 400 words or more the top 5 details that should be included in your cloud SLA.

Use at least three sources.  Include at least 3 quotes from your sources enclosed in quotation marks and cited in-line by reference to your reference list.  Example: “words you copied” (citation) These quotes should be one full sentence not altered or paraphrased. Cite your sources using APA format. Use the quotes in your paragaphs.  Stand alone quotes will not count toward the 3 required quotes.

Write in essay format not in bulleted, numbered or other list format. 

write a hillclimbing algorithm to find maximum value of function f=|13.value(v)-170| where v is the input binary variable of 40bits and one counts the number of 1’s in v. set Max at 100 and thus reset algorithm 100 times for the global maximum and print the found maximum value for each reset separated by a comma in the output.txt file.

Note:For this the output should be local maxima,global maxima and so on… example:350,170,350,170,350,170

write a Simulated Anealing algorithm to find maximum value of function f=|14.value(v)-190| where v is the input binary variable of 50bits and one counts the number of 1’s in v. set Max at 200 and thus reset algorithm 100 times for the global maximum and print the found maximum value for each reset separated by a comma in the output.txt file.

Describe how to run the code. Write the code in Python.

Challenge

Explain in 500 words or more what NIST Is and how it should be used by a dba.  

  Include at least 3 quotes from your sources enclosed in quotation marks and cited in-line by reference to your reference list.  Example: “words you copied” (citation) These quotes should be one full sentence not altered or paraphrased. Cite your sources using APA format. Use the quotes in your paragaphs. 

Write in essay format not in bulleted, numbered or other list format.  

Acme Enterprise Scenario Residency Week

Acme Enterprise is a private company that is gearing up for an initial public offering (IPO). Prior to going public Acme must be in compliance with: GDPR, PCI DSS, and SOX. Acme is in the water purification business with new technologies that purify water in any form whether it is sewage, ocean, lake etc. 

Part of its IPO process is to show due diligence and due care. Acme has identified your team to conduct a risk assessment and analysis of its information technology infrastructure to uncover any threats and exposures and provide mitigations and controls to reduce those uncovered threat/exposures, so it can have a successful IPO. 

Using the Network Infrastructure design of the Acme Enterprise you are to assess risk of Acme’s:

1. Perimeter Security

2. Network Security

3. Endpoint Security

4. Application Security

5. Data Security

6. Operations

7. Policy Management

Acme Perimeter Security

Acme is currently protected by two dual Dynamic Stateful Inspection Firewalls that are configured in active and stand by mode. Acme is also configured to use PAT (port address translation) where 200.200.200.1 represents Acme on the public Internet. Acme translates this public IP through its clustered firewall to the internal IP space of 10.100.0.0/16 giving Acme 65334 useable IP addresses. 

As part of Acme’s infrastructure, it also accesses cloud services for its business office tools through Office 365 and uses Dropbox for end user’s storage. Acme uses a web hosting service for its web front end and ecommerce which is connected to a back-end Oracle Database using enterprise MySQL. The database administrators have full access to all database information, but they lack oversight from anyone else. 

There are two DMZ’s, but they are not utilized. 

Network Security

Acme has a collapsed core design which means all internal LAN routing and Internet access occurs on its distribution level devices. This means, wireless access, web proxy access, access control lists and entries are located at this layer of the infrastructure. Currently Acme is using WPA 2 (wireless protected access 2) for is wireless security. The web proxy is configured with the following: General, Limited, and Exclusive Internet access. Each of these categories dictates what type of Internet access an end user will experience if belongs to one of these groups. 

The Local area network uses the IP block in the following way: 10.100.1.0/24 User VLAN, 10.100.2.0/24 Research and Development VLAN.

Current access control lists are permit 10.100.2.0 0.0.0.255, permit 10.100.1.0 0.0.0.255. All other devices use the rest of the unallocated IP block of 10.100.0.0/16. 

Also, all IP space is statically assigned. There is one default route to Internet but users of complain about access to internal services. 

Endpoint Security

There is a mixture of MAC and Windows systems, XP, 7, and 10. JAMF is used to control and monitor MAC systems, the Windows devices rely on its end users to patch and update systems. The current endpoint security is signature-based MacAfee with no centralized control. 

Application Security

DevOps is responsible for secure coding and development of applications, but it has no formal oversight. Policy for application monitoring tracking is adhoc there are no formalized procedures. The server farm houses all applications, the operating systems range from Server 2003 to 2016. Mobile device management, media server, content management, file server, directory services, database, are all the services being offered from the server farm. This server architecture is all hardware based there are no hypervisor systems in place. 

Data Security

Data has not been classified, identity access management relies on one factor authentication; encryption, digital signatures, PKI rely on self-signed certificates, protection in the cloud is also missing and there is a lack of DLP (data loss prevention). Acme does store financial information in its data center as well as personal identifiable information. 

Operations

Information technology is responsible for security however there is a security team under the IT department. The Chief Information Security Officer reports to the Chief Information Officer. 

Policy Management

Acme has one Information Security Policy that addresses its information security architecture and program. It is not based on any of the existing information security management frameworks such as: IS0 27002, NIST CSF, or COBIT 5. 

You are going to conduct a risk assessment on Acme Enterprise using the risk assessment concepts we have learned about thus far. Each of the areas of the infrastructure mentioned above is where you will concentrate your assessments. After you have completed your risk assessment, you will then provide recommendations for each area that you assessed to reduce risk, exposure, and threat. Also, as part of your final submission demonstrate through a redesign where your mitigations will take place within the architecture. You can use the image below as guide for your risk analysis of each area.

PPT:

 Develop an 8 to 10 slide PowerPoint presentation with notes to summarize your written assignment. Be careful not to copy and paste excerpts exclusively from your written assignment 

• What are mobile forensics and do you believe that they are different from computer forensics?
• What is the percentage of attacks on networks that come from mobile devices?
• What are challenges to mobile forensics?
• What are some mobile forensic tools?
• Should the analysis be different on iOS vs Android?

Your paper should meet the following requirements:

• Be approximately four to six pages in length, not including the required cover page and reference page.
• Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

The final portfolio project is a three- part activity. You will respond to three separate prompts but prepare your paper as one research paper. Be sure to include at least one UC library source per prompt, in addition to your textbook (which means you’ll have at least 4 sources cited). 

Start your paper with an introductory paragraph.

Prompt 1 “Blockchain” (2-3 pages): Explain the major components of blockchain. Be sure to include how blockchain is affecting a global economy and how you see it growing in the future. 

Prompt 2 “Big Data” (1-2 pages): Describe your understanding of big data and give an example of how you’ve seen big data used either personally or professionally. In your view, what demands is big data placing on organizations and data management technology?  How does big data affect a global economy.

Prompt 3 “Government and Policies” (1-2 pages):  Discuss the role government plays in a global economy.  Also, look at what policies are currently in place and then discussion what policies should be put in place..

Conclude your paper with a detailed conclusion section. 

The paper needs to be approximately 5-8 pages long, including both a title page and a references page (for a total of 7-10 pages). Be sure to use proper APA formatting and citations to avoid plagiarism.

Your paper should meet the following requirements:

• Be approximately 5-8 pages in length, not including the required cover page and reference page.

• Follow APA6 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.

• Support your answers with the readings from the course, the course textbook, and at least three scholarly journal articles from the UC library to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.

• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

 MAKE SURE NO PLAGARISM.

Go online and research some tools that would be valuable in collecting both live memory images and images of various forms off media. Put together a shopping list for your manager that includes tools needed  to be purchased. Include a price if applicable.

Write your answer using a WORD document. Do your own work. Submit here. Note your Safe Assign score. Score must be less than 25 for full credit.

You have three attempts.

Peer-Reviewed Summary Assignment – APA 6E Guide. To complete this assignment, the following instructions must be followed:

The Rubric:

• read the attached peer-reviewed research paper in its entirety
• in your own words, using the APA 6E guide, prepare 150 words to 250 words summary about this research by John Anthony
• paper will be prepared in MS Word format ONLY — (typically double spaced, 12-font in Times New Roman) – No PDF format will be allowed
• write-up MUST be original student thoughts following your read and comprehension of this research work in APA 6E format
•  DO NOT COPY and PASTE parts/sections of the research paper to complete this assignment
• DO NOT COPY and paste your assignment on the SafeAssign platform when you submit, 
• ALL Assignments with SafeAssign similarity reports of 25% or more will NOT be accepted. No Exceptions.  Make sure to address such issues before submission.
• Don’t forget your cover page and title, and reference page formatted correctly. These are part of your assignment