Discuss in 500 words or more the differences between and advantages of MAC, DAC, and RBAC.
threat-dis
Web server auditing can go a long way in enforcing tighter security and ensuring business continuity. The power of log data is tremendous. Web server logs record valuable information pertaining to usage, errors, and other important security events. Using a specialized auditing tool can be extremely helpful during the audit of web servers. In your discussion this week, please discuss the methods of identifying weak web server configurations and how to mitigate them for a secure web server. Possible concepts to include are SSL certificates, HTTPS usage, attack surface, SQL injection, vulnerability migration, and least privilege. In at least one of your peer responses, provide an overview of how to audit the web server’s security and implement best practices.
Please make your initial post and two response posts substantive. A substantive post will do at least TWO of the following:
- Ask an interesting, thoughtful question pertaining to the topic
- Answer a question (in detail) posted by another student or the instructor
- Provide extensive additional information on the topic
- Explain, define, or analyze the topic in detail
- Share an applicable personal experience
- Provide an outside source (for example, an article from the UC Library) that applies to the topic, along with additional information about the topic or the source (please cite properly in APA 7)
- Make an argument concerning the topic.
At least one scholarly source should be used in the initial discussion thread. Be sure to use information from your readings and other sources from the UC Library. Use proper citations and references in your post.
research paper
Pick a topic relevant to Disaster Recovery and Business Continuity Planning and write a 10 page paper. The format of your paper will need to follow the following outline in APA format (include title page, abstract page, content pages, and reference page):
INTRODUCTION
- State the topic you are attempting to cover
- State the issues involved
- State why we should be concerned with resolving whatever issues are involved
- State how answering the issues will help us
- State the implications and consequences of dealing with or resolving the issues involved
REVIEW OF THE LITERATURE (5 sources minimal, at least 3 needs to be peer-reviewed)
Identify who has tried to answer the question before by doing the following:
- Summarize how each of the sources presents and deals with the subject
- Explain how each source presents and deals with its findings or results
- Explain the relevancy of each source to your topic
- State what you learned from each of your sources
- State in what way(s) each source contributes to answering your issues
DISCUSSION
- State your answer to your issue
- State how and elaborate on how, explain how, illustrate how each of the sources you previously reviewed help you answer your issue
- State what questions about your topic you still have that your sources may not have answered
CONCLUSIONS
- Indicate how each of the sources have contributed to your conclusions (and clearly, accurately, correctly document those sources within your text)
- State the implications of your conclusions
- State what might be the possible consequences of your conclusions
- State the significance these implications and consequences might have in the information technology / information security realm
DOCUMENTATION
- On a separate page, include a section labeled References which provides the full publication information for all the sources you used in your paper
- You should have a MINIMUM of five (5) sources for your paper, at least 3 source needs to be peer-reviewed
- Not meeting this minimum requirement of five (5) sources will lead to a lower evaluation of your paper for each missing source
- Use APA format for documenting your sources
Modules
practice
Word document Assignment
- Open the EmergencyProcedures-02.docx start file. If the document opens in Protected View, click the Enable Editing button so you can modify it.
- The file will be renamed automatically to include your name. Change the project file name if directed to do so by your instructor, and save it.
- Change the theme to Integral and the theme color to Red.
- Change the top, bottom, left, and right margins to 0.75″.
- Select the entire document and change the font size to 12 pt.
- Format the title of the document.
- Select the title of the document and apply Heading 1 style.
- Open the Font dialog box, apply All caps effect, and change the font size to 16 pt.
- Change the Before paragraph spacing to 0 pt.
- Add a bottom border to the title using the Borders drop-down list.
- Apply and modify the Heading 2 style and delete blank lines.
- Apply the Heading 2 style to each of the bold section headings.
- Select the first section heading (“Emergency Telephones [Blue Phones]”).
- Change Before paragraph spacing to 12 pt. and After paragraph spacing to 3 pt.
- Apply small caps effect.
- Update Heading 2 style to match selection. All the section headings are updated.
- Turn on Show/Hide and delete all the blank lines in the document.
- Select the bulleted list in the first section and change it to a numbered list.
- Apply numbering format and formatting changes, and use the Format Painter.
- Apply numbering to the text below the section headings in the following sections: “Assaults, Fights, or Emotional Disturbances”; “Power Failure”; “Fire”; “Earthquake”; and “Bomb Threat.”
- Select the numbered list in the “Bomb Threat” section.
- Open the Paragraph dialog box, set Before and After paragraph spacing to 2 pt., deselect the Don’t add space between paragraphs of the same style check box, and click OK to close the dialog box.
- Use the Format Painter to copy this numbering format to each of the other numbered lists.
- Reset each numbered list so it begins with 1 (right-click the first item in each numbered list and select Restart at 1 from the context menu).
- Customize a bulleted list and use the Format Painter.
- Select the text in the “Accident or Medical Emergency” section.
- Create a custom bulleted list and use a double right-pointing triangle symbol (Webdings, Character code 56).
- Open the Paragraph dialog box and confirm the left indent is 0.25″ and hanging indent is 0.25″. If not, change the settings.
- Set Before and After paragraph spacing to 2 pt. and deselect the Don’t add space between paragraphs of the same style check box.
- Use the Format Painter to apply this bulleted list format to the following text in the following sections: “Tips to Professors and Staff” and “Response to Students.”
- Change indent and paragraph spacing and apply a style.
- Select the text below the “Emergency Telephone Locations” heading.
- Set a 0.25″ left indent.
- Set Before and After paragraph spacing to 2 pt.
- Confirm the Don’t add space between paragraphs of the same style box is unchecked (Paragraph dialog box).
- Apply Book Title style to each of the telephone locations in the “Emergency Telephone Locations” section. Select only the location, not the text in parentheses or following text.
- Change left indent and paragraph spacing and set a tab stop with a dot leader.
- Select the text below the “Emergency Phone Numbers” heading.
- Open the Paragraph dialog box and set a 0.25″ left indent for this text.
- Set Before and After paragraph spacing to 2 pt. and confirm the Don’t add space between paragraphs of the same style box is unchecked.
- Open the Tabs dialog box, set a right tab stop at 7″, and use a dot leader (2).
- Press Tab before the phone number (after the space) on each of these lines. The phone numbers align at the right margin with a dot leader between the text and phone number.
- Apply the Intense Reference style to the paragraph headings in the “Accident or Medical Emergency” section (“Life-Threating Emergencies” and “Minor Emergencies”). Include the colon when selecting the paragraph headings.
- Use the Replace feature to replace all instances of “Phone 911” with “CALL 911” with bold font style. Note: If previous Find or Replace criteria displays in the Replace dialog box, remove this content before performing this instruction.
- Insert a footer with document property fields and the current date that appears on every page.
- Edit the footer on the first page and use the ruler to move the center tab stop to 3.5″ and the right tab stop to 7″.
- Insert the Title document property field on the left. Use the right arrow key to deselect the document property field.
- Tab to the center tab stop and insert the Company document property field at center. Use the right arrow key to deselect the document property field.
- Tab to the right tab stop, insert (not type) the date (use January 1, 2020 format), and set it to update automatically.
- Change the font size of all the text in the footer to 10 pt.
- Add a top border to the text in the footer using the Borders drop-down list and close the footer.
- Use the Borders and Shading dialog box to insert a page border on the entire document.
- Use Shadow setting and solid line style.
- Select the fifth color in the first row of the Theme Colors (Dark Red, Accent 1) and 1 pt. line width.
- Center the entire document vertically (Hint: use the Page Setup dialog box).
- View the document in Side to Side page movement view [View tab, Page Movement group] and then return to Vertical page movement view.
Organ Leader & Decision Making
After completing the reading this week, we reflect on a few key concepts this week:
1.Organizational performance is the fifth aspect of the model, reflect on the question, do certain leadership behaviors improve and sustain performance at the individual, group, and organizational level? Please explain your response.
2.There were two types of innovation addressed this week (product and process innovation), please note your own personal definition of these concepts and offer an example of both.
Please be sure to answer all of the questions above in the initial post.
At least one scholarly (peer-reviewed) resource should be used in the initial discussion thread.
Text Book :
discussion-1
- 3.1 List three approaches to message authentication.
- 3.2 What is a message authentication code?
- 3.4 What properties must a hash function have to be useful for message authentication?
- 3.5 In the context of a hash function, what is a compression function?
- 3.6 What are the principal ingredients of a public-key cryptosystem?
- 3.7 List and briefly define three uses of a public-key cryptosystem.
- 3.8 What is the difference between a private key and a secret key?
- 3.9 What is a digital signature?
CASE STUDY (CASE TO ANALYZE) (PLAGARISM)
Professor: Joseph O. Esin, FSMA, FWCCRD.
What is a Case Study?
· The purpose of a case study is to walk the reader through a situation where a problem is presented, background information provided and a description of the solution given, along with how it was derived.
· A case study can be written to encourage the reader to come up with his or her own solution or to review the solution that was already implemented.
· The goal of the writer is to give the reader experiences similar to those the writer had as he or she researched the situation presented.
· How to Write a Case Study
· Several steps must be taken before actually writing anything:
· Describe Situation/Problem: Choose the situation on which to write
· Background: Gather as much information as possible about the situation
· Background: Analyze all of the elements surrounding the situation
· Describe the Solution: Determine the final solution implemented
· Analyze the Results of the Solution: Gather information about why the solution worked or did not work
· For maximum points, a thorough case analysis thus has several phases; define the problem; list assumptions made; explore alternative solutions including consideration of costs and benefits; develop three alternative action plans; choose one of the plans to implement that can best resolve the issue most appropriately; and design accountability structures and processes to assess the outcomes and ensure the resolution is effective and sustained.
Source: http://education.cu-portland.edu/blog/curriculum-instruction/how-to-write-a-case-study-the-basics/
Citation Style
APA style with a cover page is required see https://owl.purdue.edu/owl/research_and_citation/apa_style/apa_formatting_and_style_guide/general_format.html
File Formats (Creativity Counts)
A standard research paper format may be used for this; however, for max points, use the latest technological presentation tools or video to present your ideas (PowerPoint, Prezi, iMovie, Adobe Portfolio, Google Drive – Presentation, YouTube, etc.). You are not limited to this list of tools; however, study your desired tool carefully. Make sure that the resulting file is both creative and designed for presentation to a professional audience.
Filename Format:
Case_Study1_YourFirstName_YourLastName (pptx/docx/…extensions vary by chosen tool) see File Formats section below.
Submission
Upload the resulting file via the Browse My Computer button for this Assignment.
Case to Analyze
Week 4: Lab. Assignment.
Dwayne and Debbie Tamai Family of Emeryville, Ontario.
Mr. Dwayne Tamai and Mrs. Debbie Tamai case of electronic harassment involved 15-year-old son, Billy, who took control of all of the electronic devices in the family’s home, including the phone, and manipulated them to the distress of other family members for his own amusement. The incidents began in December 1996, when friends of the family complained that phone calls to the Tamai home were repeatedly being waylaid, cut off missed messages, strange clicking and appears like a minor with a disembodied voice, unnervingly distorted by computer, who interrupted calls to make himself known.
After burping repeatedly, the caller frightened Mr. and Mrs. Tamai, and stated that I know who you are, and I stole your voice mail. Mocking, sometimes menacing, the high-tech stalker became a constant presence, eavesdropping on family conversations, switching TV channels, and shutting off the electricity.
The police department confirmed that the sabotage was an inside activity but refrain from releasing the name the culprit. The police further stated that nothing would be gained by filing charges against the suspect. Mr. Dwayne and Mrs. Debbie Tamai asserted that their son, Billy, had admitted engaging in the mysterious calls. The interruptions included burps, blathering and claims having control over the inner workings of the Tamai’s custom-built home, and the power to turn individual appliances on and off via remote control.
It started off as a witticism with friends and got out of control to an extent that he didn’t know how to end the entire operation, become afraid to come forward and tell the parents for the fear of us disowning him.
On Saturday, Mr., and Mrs. Tamai get organized and planned to take their son to the police department to defend him against persistent rumors on him. Instead, Mr., and Mrs. Tamai’s son confessed and labelled an intruder code-named, Sommy. Mr., and Mrs. Tamai eliminated all external sources and had confidence in interior sources. After 2-days, a team of investigators, intelligence and security experts loaded with high-tech equipment failed to locate Sommy. The next day, the team brought in two television networks to assist in the process.
In conclusion, the son, Billy not (Sommy) contacted the victims; (his biological parents), launched verbal threats in combination with the electronic harassment, in an effort to demonstrate his power and authority over them. The best option was, Mr., and Mrs. Tamai victims were not physically harmed, but terrified and greatly inconvenienced by the fact that the unknown force appeared to have control over a great many aspects of their lives, and the unknown force turned out to be their biological son, Billy.
Scenario: 1
Criminal motive is connected to emotional, psychological, and material need are often impel by means of behavior and independent of technology operation. These criminal tendencies are believed to champion the restoration of the criminal’s self-confidence, and self-worth which lead criminals to the path of temporary gratification, inadequacy, and incompetence.
Question 1
1:1 Provide a comprehensive narrative of Billy’s competency and creating emotional distress on his parents.
1:2 Identify the role of Sommy in this operation
Scenario 2
The police department confirmed that the sabotage was an inside activity but refrain from releasing the name the culprit. The police further stated that nothing would be gained by filing charges against the suspect.
2:1 What level of criminal behavior was exhibited by Billy in this operation?
2:2 The entire operation is classified as a serious domestic problem, why didn’t the police officer file charges against the suspect?
Scenario 3
3:1 Modern approach use computer and internet technologies identify offender modus operandi, criminal intent, and motive.
3:2 Describe the impact of computer and internet technologies of Billy MO and criminal motive in this situation.
Casey, Eoghan (2011). Digital Evidence and Computer Crime. Elsevier
Science. Kindle Edition; San Diego: CA
Academic Integrity/Plagiarism
At a Christian liberal arts university committed to the pursuit of truth and understanding, any act of academic dishonesty is especially distressing and cannot be tolerated. In general, academic dishonesty involves the abuse and misuse of information or people to gain an undeserved academic advantage or evaluation. The common forms of academic dishonesty include:
· Cheating – using deception in the taking of tests or the preparation of written work, using unauthorized materials, copying another person’s work with or without consent, or assisting another in such activities.
· Lying – falsifying, fabricating, or forging information in either written, spoken, or video presentations.
· Plagiarism—using the published writings, data, interpretations, or ideas of another without proper documentation
Plagiarism includes copying and pasting material from the internet into assignments without properly citing the source of the material.
Task
1. Use Case Study format to analyze the case. Read carefully, the For maximum points section. Look at cases from the text of this class for inspiration.
2. Be sure to address all of the case study elements described herein.
3. Be sure to state your full name, Teacher Name, Course, and semester on the cover/intro pages/slides.
4. Show your creativity. How would you solve this particular case?
reputation service
Length: Minimum of 600 words
Briefly respond to all the following questions. Make sure to explain and backup your responses with facts and examples. This assignment should be in APA format and have to include at least two references.
As you consider the reputation service and the needs of customers or individual consumers, as well as, perhaps, large organizations that are security conscious like our fictitious enterprise, Digital Diskus, what will be the expectations and requirements of the customers? Will consumers’ needs be different from those of enterprises? Who owns the data that is being served from the reputation service? In addition, what kinds of protections might a customer expect from other customers when accessing reputations?
Easy Cyber questions
1. Distinguish between vulnerability, threat, and control.
2. Theft usually results in some kind of harm. For example, if someone steals your car, you may suffer financial loss, inconvenience (by losing your mode of transportation), and emotional upset (because of invasion of your personal property and space). List three kinds of harm a company might experience from theft of computer equipment.
3. List at least three kinds of harm a company could experience from electronic espionage or unauthorized viewing of confidential company materials.
4. List at least three kinds of damage a company could suffer when the integrity of a program or company data is compromised.
5. List at least three kinds of harm a company could encounter from loss of service, that is, failure of availability. List the product or capability to which access is lost, and explain how this loss hurts the company.
6. Describe a situation in which you have experienced harm as a consequence of a failure of computer security. Was the failure malicious or not? Did the attack target you specifically or was it general and you were the unfortunate victim?
7. Describe two examples of vulnerabilities in automobiles for which auto manufacturers have instituted controls. Tell why you think these controls are effective, somewhat effective, or ineffective.
8. One control against accidental software deletion is to save all old versions of a program. Of course, this control is prohibitively expensive in terms of cost of storage. Suggest a less costly control against accidental software deletion. Is your control effective against all possible causes of software deletion? If not, what threats does it not cover?
9. On your personal computer, who can install programs? Who can change operating system data? Who can replace portions of the operating system? Can any of these actions be performed remotely?
10. Suppose a program to print paychecks secretly leaks a list of names of employees earning more than a certain amount each month. What controls could be instituted to limit the vulnerability of this leakage?