All posts by : chebby

Check Attachment

please write a research paper on “Privacy issues in HealthCare” which should be 7-9 pages long with citations. Need to include HIPPA and other related laws.

  

HTML programming

Create a Design Document, outlining a website with at least 5 pages demonstrating the content from this course, relating to an interest or hobby the student has. 

Include:

· Brief Description of the following pages, including a layout mockup and a color palette 

o 1 text/terms 

o 1 images 

o 1 multimedia page 

o 1 links page 

o 1 user designed 

 

The prevalence of database use and data mining raises numerous issues related to ethics and privacy.

Discuss the following:

• Is your privacy infringed if data mining reveals certain characteristics about the overall population of your community?
• Does the use of data promote good business practice or bigotry?
• To what extent is it proper to force citizens to participate in a census, knowing that more information will be extracted from the data than is explicitly requested by the individual questionnaires?
• Does data mining give marketing firms an unfair advantage over unsuspecting audiences?

LO5: Develop a cyber  

1. Instructions and guidelines (Read carefully)

Instructions

1. Insert your name and surname in the space provided above, as well as in the file name. Save the file as: First name Surname M8 U2 Ongoing project – e.g. Zadie Smith M8 U2 Ongoing project. NB: Please ensure that you use the name that appears in your student profile on the Online Campus.

2. Write all your answers in this document. There is an instruction that says, “Start writing here” under each question. Please type your answer there. 

3. Submit your assignment in Microsoft Word only. No other file types will be accepted. 

4. Do not delete the plagiarism declaration or the assignment instructions and guidelines. They must remain in your assignment when you submit. 

PLEASE NOTE: Plagiarism cases will be investigated in line with the Terms and Conditions for Students. 

IMPORTANT NOTICE: Please ensure that you have checked your course calendar for the due date for this assignment. 

Guidelines

1. Make sure that you have carefully read and fully understood the questions before answering them. Answer the questions fully but concisely and as directly as possible. Follow all specific instructions for individual questions (e. g. “list”, “in point form”). 

2. Answer all questions in your own words. Do not copy any text from the notes, readings or other sources. The assignment must be your own work only.

Plagiarism declaration:

1. I know that plagiarism is wrong. Plagiarism is to use another’s work and pretend that it is one’s own.

2. This assignment is my own work.

3. I have not allowed, and will not allow, anyone to copy my work with the intention of passing it off as his or her own work.

4. I acknowledge that copying someone else’s assignment (or part of it) is wrong, and declare that my assignments are my own work.

2. Brief 

This module focused on the importance of risk mitigation and the value companies can derive from implementing a risk mitigation strategy to improve organizational resilience and manage risks effectively. This assignment requires you to complete a cyber risk mitigation strategy for your organization. 

As the notes made clear, a risk mitigation strategy helps an organization prioritize its risks so it can allocate resources efficiently. This final submission is an opportunity for you to reflect and condense all the knowledge you have gained over the duration of the course by incorporating feedback from your previous ongoing project submissions into a consolidated cyber risk mitigation strategy.  

If you are completing your ongoing project on Sony, you are required to create a risk mitigation strategy that the organization should have followed in light of the 2014 hack. 

Note: 

All ongoing project submissions throughout the course need to focus on the same organization. Or, if you choose to focus on the case study of Sony, you will need to complete all your submissions on Sony.

It is highly recommended that you avoid disclosing any confidential information in your assignments. Although you are encouraged to draw on real-world experience during the course, you are urged to use pseudonyms (false names) and alter any sensitive details or data where necessary. You are responsible for ensuring that you do not disclose any information that is protected by confidentiality undertakings; all information is treated in accordance with our privacy policy.

Please read Section 4 of the Honor Code in the Orientation Module course handbook for more guidance.  

3. Risk mitigation strategy 

Introduction 

Write a brief paragraph in which you provide a high-level overview of your organization’s need for a risk mitigation strategy.  

(150 words) 

Start writing here: 

Vision 

Outline your organization’s vision of what implementing a risk mitigation strategy will ideally achieve. 

(150 words)  

Start writing here: 

Strategic goals and objectives

List at least four strategic goals your organization must achieve to reduce its risks to an acceptable level. List at least two objectives under each strategic goal that explain what must be done to achieve the strategic goal. 

Note: A thorough risk mitigation strategy should include associated action plans and milestones, but you are not required to detail these for the purposes of this submission. 

(450 words) 

Start writing here: 

Metrics 

List at least three metrics your organization will use to analyze the achievement of its goals/objectives. These metrics should be specific to the goals/objectives listed in the previous question.  

(150 words) 

Start writing here: 

Note: 

Include refined versions of your previous submissions in the sections below. Where relevant, incorporate any feedback from your Tutor, as well as additional knowledge gained during the course to improve on your previous submissions.

Threat actors and methods of attack

Integrate your submission from Module 2, in which you identified at least two threat actors to your organization, and described methods of attack these actors could use. 

If you are using the Sony case, integrate the submission in which you identified the threat actor Sony faced in the 2014 hack and their method of attack, as well as at least one other threat actor Sony could face in the future and what method of attack they might use. 

(550 words) 

Start writing here: 

Business critical assets 

Integrate your submission from Module 3, in which you identified the assets that are most essential to your organization or Sony’s ability to accomplish its mission. Describe what vulnerabilities there may be in the organization’s systems, networks, and data that may put these assets at risk. 

(550 words) 

Start writing here: 

Cybersecurity governance   

Integrate the three questions from your submission in Module 4, in which you recommended a cybersecurity leadership plan, improvements to management processes, and a cybersecurity awareness training program. 

(1,200 words) 

Start writing here: 

Protective technologies 

In Module 5, you compiled a list of questions you would ask to understand the technologies implemented to protect your organization’s critical systems, networks, and data. In this section, based on the questions you asked and by conducting any other additional research, identify technologies your organization can employ to protect its critical systems, networks, and data. 

If you are using the Sony case, recommend protective technologies that could have addressed Sony’s shortcomings in protecting their critical networks, systems, and data.  

Note: 

This question requires you to submit a paragraph consolidating the information you learned, and is not a resubmission of the questions you submitted in Module 5. 

(650 words)  

Start writing here: 

Legal considerations 

In Module 6, you compiled a list of questions you would direct towards an organization’s senior management and general counsel in order to gauge the organization’s legal risk mitigation strategy and the adequacy of their preparations. In this section, based on the questions you asked, and by conducting any other additional research, discuss the legal considerations your organization should take into account when compiling its risk mitigation strategy.  

If you are using the Sony case, recommend steps that could have addressed Sony’s shortcomings in protecting themselves from legal action.   

Note: 

This question requires you to submit a paragraph consolidating the information you learned, and is not a resubmission of the questions you submitted in Module 6. 

(550 words) 

Start writing here: 

Incident response plan (not required)

Note: 

The incident response plan is a central part of an organization’s cyber risk mitigation strategy. However, as you will not have an opportunity to revise your plan based on your Tutor’s feedback in time for Module 8, you are not required to integrate it into your final risk mitigation strategy. Please consult the grading breakdown in the Orientation Module course handbook for more information.  

Your ongoing project submission will be graded according to the following rubric:

Very poor

Poor

Satisfactory

Very good

Exceptional

Adherence to the brief 

All sections in the template are completed. 

No submission, or student fails to address any element of the brief. (0)

Some key elements are not addressed. Most information provided is irrelevant. (5.5)

Student has adhered to most of the brief. Sufficient information is provided and is mostly relevant. (7)

Student has adhered to almost all elements of the brief. Almost all information is provided and is relevant. (8.5)

Student has fully adhered to the brief. All information provided is comprehensive and relevant. (10)

Introduction and vision 

Student has clearly outlined the need for their risk mitigation strategy, and what it aims to achieve by implementing the strategy.  

Student has thought critically and incorporated learnings from the content.

No submission.

OR 

Student fails to clearly outline the need for the strategy or its long-term vision.    

There is no evidence that the student has used the content covered in the course to inform their response. (0)

Student shows an incomplete understanding of the need for their strategy, or its long-term vision. 

There is some evidence that the student has engaged with the content covered in the course but this is not always accurately applied. (5.5)

Student demonstrates satisfactory understanding of the need for their strategy, and its long-term vision. 

The student has clearly engaged with the content covered in the course, but a more nuanced answer is required.   (7)

Student demonstrates a strong understanding of the need for their strategy, and its long-term vision. The answer shows a strong grasp of the content. (8.5)  

Student demonstrates a thorough and incisive understanding of the need for their strategy, and its long-term vision.  The student has been able to critically apply their learning from the course. (10)

Strategic goals and objectives 

Student has outlined at least four strategic goals that will reduce their organization’s risks to an acceptable level. They have included at least two objectives that clearly explain what must be done to achieve each goal. 

Student has thought critically and incorporated learnings from the content.

No submission.

OR 

Student fails to clearly outline their strategy’s goals and objectives.  

There is no evidence that the student has used the content covered in the course to inform their response. (0)

Student shows an incomplete understanding of their strategy’s goals and objectives. 

There is some evidence that the student has engaged with the content covered in the course but this is not always accurately applied. (5.5)

Student demonstrates satisfactory understanding of their strategy’s goals and objectives. 

The student has clearly engaged with the content covered in the course, but a more nuanced answer is required.   (7)

Student demonstrates a strong understanding of their strategy’s goals and objectives. 

The answer shows a strong grasp of the content. (8.5)  

Student demonstrates a thorough and incisive understanding of their strategy’s goals and objectives. 

The student has been able to critically apply their learning from the course. (10)

Metrics 

The student has listed at least three metrics their organization could use to measure the achievement of their goals, and the metrics are specific to the goals/objectives identified. 

Student has thought critically and incorporated learnings from the content. 

No submission.

OR 

Student fails to list three metrics their organization could use to measure cybersecurity. The metrics are not specific to the identified goals/objectives. 

There is no evidence that the student has used the content covered in the course to inform their response. (0)

Student shows an incomplete understanding of metrics their organization could use to measure its cybersecurity. 

The metrics lack relevance to the identified goals/objectives. 

There is some evidence that the student has engaged with the course content, but this is not always accurately applied. (5.5)

Student demonstrates satisfactory understanding of the metrics their organization could use to measure its cybersecurity and they are relevant to the goals and objectives identified. 

The student has clearly engaged with the course content but a more nuanced answer is required.   (7)

Student demonstrates a strong understanding of the metrics their organization should use, and they are specific to the goals/objectives identified.

The answer shows a strong grasp of the content.  (8.5)

Student demonstrates a thorough and incisive understanding of the metrics their organization can use, and they are specific to the goals/objectives identified.

The student has been able to critically apply their learning from the course. (10)

Cybersecurity threat actors 

Student has identified at least two threat actors and described a scenario of an attack. 

In the case of Sony, student has accurately identified the threat actor and method of attack in the 2014 hack, as well as one other potential threat actor.

Student has thought critically and incorporated learnings from the content and has applied this to their chosen organization.

No submission.

OR 

Student fails to list two threat actors that could attack their organization. They have not provided a possible method of an attack. 

There is no evidence that the student has used the course content to inform their response. (0)

Student shows an incomplete understanding of the threat actors who could attack their organization and the possible method of attack.  

There is some evidence that the student has engaged with the course content, but this is not always accurately applied.  (5.5

Student demonstrates satisfactory understanding of the threat actors who could attack their organization and the possible method of attack. 

The student has clearly engaged with the course content but a more nuanced answer is required. (7)

Student demonstrates a strong understanding of the threat actors who could attack their organization and the possible method of attack. 

The answer shows a strong grasp of the content.   (8.5)

Student demonstrates a thorough and incisive understanding of the threat actors who could attack their organization and the possible method of attack.  

The student has been able to critically apply their learning from the course. (10)

Business critical assets 

Student has identified the assets that are most essential to their organization, and described vulnerabilities these assets may be exposed to. 

Student has thought critically and incorporated learnings from the content.

No submission.

OR 

Student fails to identify the assets that are critical to their organization and accurately describe how these assets are vulnerable. 

There is no evidence that the student has used the course content to inform their response. (0)

Student shows an incomplete understanding of their organization’s critical assets, and how they are vulnerable. 

There is some evidence that the student has engaged with the course content but this is not always accurately applied. (5.5)

Student demonstrates satisfactory understanding of their organization’s critical assets, and how they are vulnerable. 

The student has clearly engaged with the course content but a more nuanced answer is required.   (7)

Student demonstrates a strong understanding of their organization’s critical assets, and how they are vulnerable.  The answer shows a strong grasp of the content. (8.5)

Student demonstrates a thorough and incisive understanding of their organization’s critical assets, and how they are vulnerable. The student has been able to critically apply their learning from the course. (10)

Cybersecurity governance 

Student has recommended cybersecurity leadership plan, improvements to management processes, and a cybersecurity awareness training program. 

Student has thought critically and incorporated learnings from the content.

No submission.

OR 

Student fails to recommend a cybersecurity leadership plan, improvements to management processes, and a cybersecurity awareness training program.  There is no evidence that the student has used the course content to inform their response. (0)

Student shows an incomplete understanding of cybersecurity leadership plans, management processes, and cybersecurity awareness training programs. There is some evidence that the student has engaged with the course content but this is not always accurately applied. (5.5)

Student demonstrates satisfactory understanding of cybersecurity leadership plans, management processes, and cybersecurity awareness training programs. The student has clearly engaged with the course content but a more nuanced answer is required.   (7)

Student demonstrates a strong understanding of cybersecurity leadership plans, management processes, and cybersecurity awareness training programs. The answer shows a strong grasp of the content. (8.5)

Student demonstrates a thorough and incisive understanding of cybersecurity leadership plans, management processes, and cybersecurity awareness training programs. The student has been able to critically apply their learning from the course. (10)

Protective technologies 

Student has accurately identified protective technologies that are, or should be, implemented to enhance their organization’s cybersecurity. 

Student has thought critically and incorporated learnings from the content.

No submission.

OR 

Student fails to identify protective technologies that are, or should be, implemented to enhance their organization’s cybersecurity. 

There is no evidence that the student has used the course content to inform their response. (0)

Student shows an incomplete understanding of the necessary protective technologies that are, or should be, implemented to enhance their cybersecurity.

There is some evidence that the student has engaged with the content covered in the course but this is not always accurately applied. (5.5)

Student demonstrates satisfactory understanding of the technologies that are, or should be, implemented to enhance their cybersecurity.  

The student has clearly engaged with the course content but a more nuanced answer is required.   (7)

Student demonstrates a strong understanding of the technologies that are, or should be, implemented to enhance their cybersecurity. 

The answer shows a strong grasp of the content. (8.5)

Student demonstrates a thorough and incisive understanding of the technologies that are, or should be, implemented to enhance their cybersecurity.  

The student has been able to critically apply their learning from the course. (10)

Legal considerations

Student has critically analyzed the legal considerations their organization should take into account. 

Student has thought critically and incorporated learnings from the content.

No submission.

OR 

Student fails to critically analyze the legal considerations their organization should take into account. 

There is no evidence that the student has used the course content to inform their response. (0)

Student shows an incomplete understanding of legal considerations that their organization should take into account. 

There is some evidence that the student has engaged with the course content but this is not always accurately applied. (5.5)

Student demonstrates satisfactory understanding of legal considerations that their organization should take into account. 

The student has clearly engaged with the course content but a more nuanced answer is required.   (7)

Student demonstrates a strong understanding of the legal considerations their organization should take into account. 

The answer shows a strong grasp of the content. (8.5)

Student demonstrates a thorough and incisive understanding of the legal considerations their organization should take into account. 

The student has been able to critically apply their learning from the course. (10)

Application of course content to organizational context

The student has accurately applied the learnings from the course content to their own organization or Sony’s unique context. 

No submission

OR

The student has not made use of their organization’s unique organizational context and constraints to inform their response (0) 

Student has demonstrated a limited understanding of their organization’s unique context and constraints and context (5.5) 

Student has demonstrated a satisfactory understanding of their organization’s context and constraints, however a there is room for deeper engagement with its nuances. (7) 

There is clear evidence that the student has thought about their organization’s unique context and constraints, and catered for this in their strategy accordingly. (8.5)

There is strong evidence that the student has understood and thought carefully about their organization’s unique context and constraints, and has provided considered recommendations in their strategy accordingly. (10) 

Organization of writing

Answer should be structured clearly and logically.

No submission or complete lack of logical structure. (0)

Answer has some logical structure, but not enough to justify a passing grade. (5.5) 

Answer is structured fairly well in terms of logic and clarity. (7)

Answer is structured very well in terms of logic and clarity. (8.5) 

Answer is structured exceptionally well in terms of logic and clarity. (10)

Total: 110 points

K-dimensional trees or k-d trees organize and represent spatial data. These data structures have several applications, particularly in multi-dimensional key searches like nearest neighbor and range searches. Here is how k-d trees operate:

• Every leaf node of the binary tree is a k-dimensional point
• Every non-leaf node splits the hyperplane (which is perpendicular to that dimension) into two half-spaces
• The left subtree of a particular node represents the points to the left of the hyperplane. Similarly, the right subtree of that node denotes the points in the right half.

You can probe one step further and construct a self-balanced k-d tree where each leaf node would have the same distance from the root. Also, you can test it to find whether such balanced trees would prove optimal for a particular kind of application. 

  

Discuss the two (2) topics you learned the most about during this course.  Discuss how these topics can help you in your current job, or a job that you hope to have in the future.  Do not simply copy topics from the book or from previous work.  I want your personal reflection of what you have learned and how this course has benefited you!   

I am adding my classmate’s response for the above question. You will have to write response for each post in 100 words. No references needed.  

Discussion 1:

I currently work as a System Administrator at American Electric Power (AEP). As part of my role, I manage all the security role groups, user access, system configuration settings, and overall maintenance of the system from a System Administrator view-point. I have learned several things from this course, which directly relates to my current work responsibilities.

Firstly, after analyzing the Citibank backup tape lost incident, I learned about the various contingency planning processes. There are three contingency planning processes – Business Continuity Planning (BCP), Incident Response Planning (IR), and Disaster Recovery Planning (DRP). We do follow Incident Response planning for all security related incidents. It helps in preparing an effective response to a security (or cybersecurity) incident. This incident response plan also feeds into the risk management plan depending upon the severity and priority of the issue/incident. An Incident response plan also tracks the activities which were performed in that incident, and hence it is a useful tool/process for an organization to have an incident response plan. The next key process is the Business Continuity planning (which was lacking by Citibank in their backup tape lost incident). Our company (AEP) has a documented Business Continuity plan, which we test it annually, and ensure that the company’s operation can run smoothly in-case of a disaster. BCP is the most important component of Disaster Recovery planning.

Secondly, I learned the importance and value of Incident Reporting. As part of my job, I work on resolving several incidents, and I truly understand the significance of the incident details provided by the user. Also, it is very crucial to report an incident timely and the user should not share their personal and emotional feelings while describing an incident. A screenshot of the error message/issue can be very beneficial in tracking and analyzing an incident. In our organization (AEP), there are monthly training sessions for all users in order to educate them regarding incident reporting best practices. Also, our company uses Service-Now tool, which has been customized in order to make it more user friendly, so the incident reporting can be easier, timely, and efficient (Norman, 2020).

Discussion 2:

 Final Reflection – Disaster Recovery

The primary aim of this course is understand the best practices for the industry to minimise the impacts of uncertain incidents on the business and protect the vital asserts by taking the right recovery plans. Since business continuity is most important to face the disasters, it is most important to work on all the key practices to quickly resume the business operations followed by the disasters and minimise the severity of the incidents. In the current course, several topics covered so far which help to improve the recovery plans and limit the challenges regarding the disasters in the organizations.

All the topics covered in the given course helps to manage the overall outcomes for the business and two most important topics I believe is:

1.      Role of end users in the incident reporting

2.      Network intrusion attacks

In the recent days, security professionals are taking the assistance from the end users so that they can thoroughly work on the recovery strategies and look for the better ways to manage the overall outcomes of the business. In order to handle the potential services and look for the netter ways, companies are working on the best security programs and minimising the challenges.

After taking this course, able to understand the importance of recovery strategies for the business and how to protect the major assets from the uncertain impacts. Since risk and uncertain situations in the workplaces are unavoidable, it is most important to work on the business recovery policies and minimise the challenges in the possible ways. In order to handle the challenges and look for the new ways, it is important to understand the role of DR in the business and minimise the major challenges which may affect the overall strategic business outcomes. I glad to be a part of disaster recovery course.

my setting up question here

Description: 

In the news we are constantly hearing about security breaches, invasion of personal privacy, and the increasing prevalence of our digital footprint. The increased availability of digital information presents concerns and challenges of privacy, accuracy, intellectual property rights, security, and censorship. As a global citizen, you need to be aware of these issues and how they impact your life.

Discussion Point:

• Privacy, as it relates to social media, video surveillance, drones, digital footprint or other topics as they relate to digital privacy.
• How does the electronic environment impact one’s right to privacy?
• What is the issue? Tell us about it as if we know nothing on the topic.
• What are the pros and cons of the issue?
• Why is the issue important?
• How might the issue impact your life?

Minimum 300 words

 

There is still much confusion regarding what Blockchain is and what it is not.  Please discuss your explanation of Blockchain to include why it has been gaining so much popularity.

Ask an interesting, thoughtful question pertaining to the topic and  discuss about it in apa format with 2 references