********** Design an app on swift language. ***********

Please develop an app to show the list of all branches of an organization. The branches should be located at different places. You can choose whatever organization you like, and it can be either realistic or fictional. For example, Walmart stores, KFC restaurants, Global Defense Initiative (fictional) bases, etc.

Need Response 2 to below discussion cloud myths

Please read the below discussion post and provide response in 75 to 100 words

Post#1

 

Cloud security plays an important role in every field like business and personal world. With a large number of benefits it has some myths also. Cloud security is solely the cloud provider’s responsibility: a standard misconception is that the cloud provider automatically takes care of all the safety needs of the customer’s data and process while in the cloud. Password policies, release management for software patches, management of user roles, security training of staff, and data management policies are all responsibilities of the purchasers and a minimum of as critical because the security is done by the general public cloud provider. While users are hardening internal security, don’t assume that cloud provider backs up data and will be able to restore it just in case of a security breach. It is instrumental and important that users simply implement a backup solution that backs up data that’s hosted on the cloud to an onsite backup or to a different cloud provider. In addition, in case of a security breach, user will get to restore data from backups. “There is indeed a good case to make for fair taxation and that uneven effective tax rates can distort competition and lead to smaller tax revenues” (Bauer, 2018).

Don’t get to manage the cloud: many people believe that since the cloud infrastructure is usually basically just a managed service, that the safety of the services is additionally managed. Many cloud based systems are left inadvertently unsecured because the customer doesn’t know that they have to try to something to secure them, as they assume that the provider has done what an in-house staff would traditionally have done by default. Cloud security requires an equivalent discipline for security of any data center. Cloud data centers are as resilient as any, but the weakness comes if the policies, processes and tools aren’t regularly monitored by the IT operations staff responsible (Determann, 2016).

Ignore BYOD and be more secure: not supporting and implementing a BYOD policy does not mean an enterprise will be less at risk of a data breach, SVP of cloud and hosting sales. The BYOD movement is here to stay. Some experts recommend deploying a mobile content management (MCM) solution, as protecting the data will be what ultimately defines business’ security and compliance requirements. “Despite the Australian Federal Government’s ‘cloud-first’ strategy and policies, and the Queensland State Government’s ‘digital-first’ strategy, cloud services adoption at local government level has been limited—largely due to data security concerns” (Ali, Shrestha, Chatfield, & Murray, 2020). Cloud data isn’t saved on mobile devices: I still hear people speaking about cloud deployment as if using this service means users are not saving any enterprise data on mobile devices, which this might make device data protection a moot point. Apps that are connecting to devices are always caching data, which cached data is stored on your employees’ mobile devices. This data can be breached and hacked and therefore must be protected.

Single tenant systems are more secured than multi-tenant: Multitenant systems ensure that software updates, including security patches, are applied to all customers simultaneously. With single-tenant systems, software vendors are required to update individual customers’ virtual machines. Cloud security provides an additional level of security to the network and protects data of personal and professional network (Martinez, Cano, & Vilajosana, 2020). Multi-tenant systems are safer than single tenant: there are not any absolutes in cloud security. The complete opposite statement regarding cloud tenancy also can be viewed as a myth. “Blockchain is an eccentric technology, at the same time, the most vaunted, least understood and most disrupting technology of the current era” (Chitranshi, & Chawla, 2020).

Post#2

 

Cloud computing is one of the most innovative development in the field of computer science. Cloud computing although covers variety of services but software as a service, platform as a service and infrastructure as a service are the three most widely used and known. However the list contains many other such as function as a service, backend as a service and container as a service and the designer, developer and related professionals use the service as per need. “While moving towards the concept of on-demand service, resource pooling, shifting everything on the distributive environment, security is the major obstacle for this new dreamed vision of computing capability” (Singh, 2016).

The outside view of the cloud IT infrastructure looks simple and easily understandable but the background of it is very complex and requires efficient knowledge about the cloud to deal with the complex infrastructure. With the advances in technology the demand for serverless function and facility increases. Organizations move from on-site to the cloud and while doing so the security is compromised and not given enough attention which results in a decline in the security of the cloud service. Cloud security tools use various steps like access control, permission control, audit, authorities, etc.

“Cloud computing enables cost-effective and scalable growth of IT services that can enhance government services” (Ali, 2020). Those who are well aware of cloud service and have proper knowledge about the same don’t indulge in any myths but those who lack information make false statements about the cloud which it gets known as the cloud security myths. The major myth is that the cloud is not secure and the reason why people believe in this myth is because of the cases of cloud compromise and attack. After taking appropriate measures and implementation security tools along with the security management from the provider side it can be stated that the cloud is secure. Some people on the other hand believe that the cloud is perfectly secure, which is again a false myth. No security tool or precaution can guarantee perfect security in any case.

Another myth states that on-site organization is more secure than the cloud, however depends upon the security steps taken on-premise and on cloud both. When moving to the cloud, special care needs to be taken to ensure the information is secure from any attack. Cloud service providers are the organizations that indulge in providing the concerned cloud service to those who sign for it. Cloud service providers are many in number and have their headquarters based in different locations thus the statement that all cloud service providers are the same is a false myth. Lack of knowledge about cloud computing and fake statements being made by people has resulted in cloud security myths. “Trust is another security issue in the cloud, the establishment of trust might become a  key establishment of the better relationship among the users and service provider in the cloud computing” (Seemakurti, n.d.).

Response Required Discussion

please prepare the 2 responses for below discussion post in 50 to 75 words

Post#1

 

The response to incidents is a phase, not an isolated event. Teams should take a cohesive and structured approach to any incident in order for incident reaction to be successful. In order to effectively resolve the broad range of security incidents that an organization might encounter, there are five essential steps that any response program should cover – that includes preparation, detection and reporting, analysis, containment and neutralization and the post incident activity (Bandos, 2019).

Preparation:

The secret to efficient incident response is planning. Without predetermined protocols, even the best incident management team cannot handle an incident effectively. To help the staff, a strong strategy must be in place. These features should be included in an incident response plan in order to resolve security incidents successfully – Create and document IR policies, establish communicate protocols, incorporate threat intelligence feeds, conduct cyber hunting exercises and access the threat detection capabilities.

Create and Document IR policies: Define incident response management policies, procedures and agreements.

Establish Communication Protocols: Develop criteria and guidelines for communication to allow for smooth communication during and after an incident.

Incorporate Threat Intelligence Feeds: Execute the threat intelligence feeds constantly capture, evaluate, and synchronize.

Conduct cyber hunting exercises: To identify incidents occurring within your environment, execute operational threat hunting exercises. This encourages more constructive reaction to accidents.

Assess the threat Detection Capabilities: Assess your existing capability for threat detection and upgrade systems for risk evaluation and enhancement.

Detection and reporting:

In order to identify, warn and report possible security incidents, the aim of this process is to track security events.

Controlled monitoring: Use firewalls, intrusion prevention systems, and data loss prevention to monitor security incidents in your network.

Detect: Detect by correlating warnings inside a SIEM solution to possible security incidents.

Alert: Analysts build a ticket for an incident, record initial observations and allocate an initial classification for an incident.

Report: The reporting process should provide room for escalations in regulatory reporting.

Analysis:

During this point, the bulk of the effort is made to correctly scope and interpret the security incident. To collect data from instruments and systems for further study and to recognise signs of compromise, resources should be used. In-depth expertise and a comprehensive understanding of live device responses, digital forensics, memory analysis, and malware analysis should be accessible to individuals.

Containment and neutralization:

This is one of the most important incident response levels. The containment and neutralization strategy are based on the intelligence gathered during the review process and the compromise indicators. Normal operations will resume after the system is restored and security is checked.

Post Incident Activity:

After the incident is settled, there is more work to be done. Make sure that any details that can be used to avoid similar events from occurring again in the future is properly recorded.

A proper IR plan design is important for any organization to respond to the incidents. To make a rapid and thorough determination of who, what, how, where, and why the IR plan should be straightforward, easy and direct the incident response team (Kashalkar, 2016). The strategy should also provide detailed instructions so that the company can identify the under-attack structure and data and take steps to protect vital assets. The functions and duties of all the stakeholders are clearly set out. Businesses, and each individual employee in particular, must have a clear understanding of their tasks to be performed in the event of an incident, and adequate steps must be taken to minimize the effect and protect the loss of confidential data. The IR plan should not be limited only to the department of IT or defense. The IR plan is only successful if both the technical and non-technical teams are dedicated and engage in the implementation of the IR plan, such as Legal, Compliance, Human Resources, Public Relations, etc. Take the time to establish relationships with internal and external stakeholders that might be able to respond to a critical incident by supporting the organization. Establish a system for incident classification so that you can prioritize the tasks of incident response properly. For future remediation purposes, classification will also assist you to extract meaningful metrics such as form, intensity, attack vector, effects, and root cause. Finally, the IR approach should fit with the corporate objectives. Identify what matters most to your company and weave those goals into your IR operations.

Post#2

 

An incident is an unplanned interruption or reduction of quality in any network. Incident response management is the hero of software development and IT operations. A good incident response process works behind the scenes to ensure issues are resolved quickly so that communication, performance, and development can continue to operate the network. In a world where security and business risks are at a high point, companies must invest in an incident response management process. “The modern cloud architecture dictates the requirements for the forensic investigation and incident response model such as being scalable, elastic, easy to integrate – integration with data plane, and easy to manage – integration with control plane” (Adamov, & Carlsson, 2016). 

Incident response in the cloud brings its challenges and unique requirements as well. By using some cloud incident response best practices to make sure incidents don’t become crises. Some best practices of cloud computing are discussed below.

Put a process in place before an incident happens: We can’t be able to predict every type of incident or situation that needs to address. So, it’s important to be prepared. 

Incident response in the cloud helps in many factors like resolve incidents faster, improve internal and external communication, reduce revenue losses, and promote continuous learning and improvement. “Cloud is able to combine numerous heterogeneous resources (hardware platforms, storage back ends, file systems) that may be geographically distributed” (Urias, et. al., 2016).

Where the data and event occurs, we will have to implement a response immediately. When we work with stakeholders, legal counsel, and organizational leadership to determine only the goal of incident response. Some common goals include containing the issue, recovering the affected resources, preserving data for forensics, resolve the issue rapidly, and attribution.

In incident response, we can assess the impact and prioritize risks using key monitoring systems and escalation and diagnosis processes. But before that, make sure to clear channels of communication between team members, as well as outlined expectations for responsibility. Explain all the priority and severity levels before an incident occurs so incident managers can quickly assess and determine priorities in the heat of the moment. Address all future incidents response in order of the priority list of any organization. “A large number of research efforts have focused on intrusion detection in industrial networks, however, few of them discuss what to do after an intrusion has been detected” (Piedrahita, et. al., 2018). 

Cloud computing is large and complex as well, with many moving parts to track and monitor to any network. It’s important to invest in the right incident management tools to support cloud incident response processes. Visualize all the processes and map cloud architecture to keep everyone on the same page and prevent incidents from falling through the cracks or prevent networks from cyber attacks (Adamov, & Carlsson, 2016). 

When we come to incident response, there’s no such thing as too much communication. We take advantage of incident response playbooks, messaging scripts, and process flows to ensure every one of our team is on the same page.

Security Risk Assessment

 Briefly respond to all the following questions. Make sure to explain and backup your responses with facts and examples. This assignment should be in APA format double space and have to include at least two references and 400 words. 

  • When should the architect begin the analysis?
  • What are the activities the architect must execute?
  • What is the set of knowledge domains applied to the analysis?
  • What are the tips and tricks that make security architecture risk assessment easier?

discussion

Discussion: Why are the original/raw data not readily usable by analytics tasks? What are the main data preprocessing steps? List and explain their importance in analytics.

Computer Science Project

Please message me if you can do the following below

Assignment Instructions

Instructions for Your Final Project:

Build a comprehensive website with information about the job or profession you intend pursue when you graduate (Computer science related).  Your webpage content should include a Job Description, Knowledge/Skills required for the job, Training/Education required for the job, and Salary/Benefits expected from the job. Use the following sources to conduct your research: Occupational Outlook Handbook: https://www.bls.gov/ooh/ or similar references.  Make sure that you explain the content (the paragraphs of information about your topic) yourself.  Do not simply copy content from other web pages.  Include citations to give credit to the source where you found the information you include on your website.  Your website should contain at least 4-6 paragraphs of information, arranged in a logical manner (using headings and sub-headings appropriately), and it should consist of at least 3 HTML pages.  The home page of your website must be named “LastFirstHomePage.html” where “Last” is your last name and “First” is your first name.  For example, if your name is John Smith, you would name your file SmithJohnHomePage.html.  You may name your other two HTML pages anything you like.  Name your CSS file “LastFirstStyleSheet.css” where “Last” is your last name and “First” is your first name.

Important Note: All files created for this assignment must be new files that you have not submitted for grading in previous weeks.  No credit will be given if your HTML file(s) and/or CSS file(s) are identical to any files that you have previously submitted!

The HTML pages of your website must include all of the following:

  1. Contains the HTML 5 DOCTYPE declaration on each page
  2. Correctly uses html, head, body, and link tags on each page
  3. Includes charset, author, keywords, and description meta tags on each page
  4. Use title tags to give each page an appropriate title
  5. Link all pages to an external style sheet (.css file)
  6. Appropriate navigation between pages of your website, using local hyperlinks (coded with relative paths)
  7. Your webpage content should include a Job Description, Knowledge/Skills required for the job, Training/Education required for the job, and Salary/Benefits expected from the job.
  8. Include at least 3 images representing your job/profession of interest.
  9. Include a JavaScript function of your choice
  10. Include a hyperlink to a webpage with information about a certification to support your job/profession of interest.
  11. Include an HTML table summarizing information about your job/profession of interest.
  12. Include an HTML form with at least 6 different types of form inputs and appropriate content for the theme of your website
  13. Be sure to create relevant and informative content and to design your website attractively.

Your external style sheet (.css file) must include all of the following:

  1. Appropriate CSS for main elements in your page (body, headings, horizontal rules, images, etc.), such as page background color, text color, font types, font sizes, font colors, width, height, float, margin, etc.)
  2. Include a background color (other than white) or a background image representative of your job/profession of interest.
  3. Any additional CSS you wish to add to your website (optional).

Before submitting your web site:

  1. Validate all HTML files at https://validator.w3.org/#validate_by_upload, using the “Validate by File Upload” option, and fix any errors that the validator identifies before submitting your web site for grading.
  2. Validate your CSS file at https://jigsaw.w3.org/css-validator/#validate_by_upload, using the “Validate by File Upload” option, and fix any errors that the validator identifies before submitting your web site for grading.

mad research paper

  

Montasari, R., & Hill, R. (2019). Next-Generation Digital Forensics: Challenges and Future Paradigms. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3), Global Security, Safety and Sustainability (ICGS3), 205. https://doi.org/10.1109/ICGS3.2019.8688020

Sahinoglu, M., Stockton, S., Barclay, R. M., & Morton, S. (2016). Metrics Based Risk Assessment and Management of Digital Forensics. Defense Acquisition Research Journal: A Publication of the Defense Acquisition University, 23(2), 152–177. https://doi.org/10.22594/dau.16-748.23.02

Nnoli, H. Lindskog, D, Zavarsky, P., Aghili, S., & Ruhl, R. (2012). The Governance of Corporate Forensics Using COBIT, NIST and Increased Automated Forensic Approaches, 2012 International Conference on Privacy, Security, Risk and Trust and 2012 International Conference on Social Computing, Amsterdam, 734-741.

After reading the required articles this week, please write a research paper that answers the following questions: 

  • What are mobile forensics and do you believe that they are different from computer forensics?
  • What is the percentage of attacks on networks that come from mobile devices?
  • What are challenges to mobile forensics?
  • What are some mobile forensic tools?
  • Should the analysis be different on iOS vs Android?

Your paper should meet the following requirements:

  • Be approximately 4-6 pages in length, not including the required cover page and reference page.
  • Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
  • Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
  • Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.