All posts by : chebby

For the final project, you will be conducting a forensics investigation using one of the following items:

1. A smartphone
2. A network (ideally, a wireless network)

 You may use either for your investigation. However, be aware of legal issues surrounding your data gathering. If you are using any system you do not personally control and have authority to investigate/discover, please get written permission from the owner/operator of the system or refrain from your forensics analysis of that systems and use a personal system. For a network, you can use your own personal home network. For a smartphone, consider using an image from the Internet or a personal device. There could be issues related to using a live, active, personal device (example: corruption of the device). If using a personal device, consider using an old, outdated phone, if available.

 You will review various forensics tools used with your selected system. Select a tool and use that tool to gather forensics data for analysis. You are simulating the process of gathering this data, so you do not need to investigate a compromised device or system. The project deliverables are as follows:

 Week 3 – Prepare a two-page paper (double-spaced) that describes the device or system you will investigate and the intended tool you plan to use to conduct your forensics investigation. The interim paper should be in the form of an Executive Summary. Be sure to provide references in APA format. 

There are 5 different discussions here and Can you send them separately 

Each two sources 

APA Style

Please add some opinion or maybe example,

Briefly respond to all the following questions. Make sure to explain and backup your responses with facts and examples. This assignment should be in APA format and have to include at least two references. 

• When should the architect begin the analysis?
• What are the activities the architect must execute?
• What is the set of knowledge domains applied to the analysis?
• What are the tips and tricks that make security architecture risk assessment easier?

 Course Project Assignment – Crisis Management Plan and Emergency Operation Plan 

  Introduction

Ask any IT manager about the challenges in conveying IT risks in terms of business risks, or about translating business goals into IT goals. It’s a common difficulty, as the worlds of business and IT do not inherently align. This lack of alignment was unresolved until ISACA developed a framework called COBIT, first released in 1996. ISACA is an IT professionals’ association centered on auditing and IT governance. This lab will focus on the COBIT framework. The lab covers two released versions: COBIT 4.1, which is currently the most implemented version, and COBIT 5, which was released in June 2012. A newer version, COBIT 2019, was released in 2019.

Because COBIT 4.1 is freely available, with registration, at the time of this writing, the lab uses this version to present the handling of risk management. COBIT presents this topic using a set of COBIT control objectives called P09. COBIT P09’s purpose is to guide the scope of risk management for an IT infrastructure. The COBIT P09 risk management controls help organize the identified risks, threats, and vulnerabilities, enabling you to manage and remediate them. This lab will also present how COBIT shifts from the term “control objectives” to a set of principles and enablers in later versions.

In this lab, you will define COBIT P09, you will describe COBIT P09’s six control objectives, you will explain how the threats and vulnerabilities align to the definition for the assessment and management of risks, and you will use COBIT P09 to determine the scope of risk management for an IT infrastructure.

1. Define what COBIT (Control Objectives for Information and related Technology) P09 risk management is for an IT infrastructure.
2. Describe COBIT P09’s six control objectives that are used as benchmarks for IT risk assessment and risk management.
3. Explain how threats and vulnerabilities align to the COBIT P09 risk management definition for the assessment and management of IT risks.
4. Use the COBIT P09 controls as a guide to define the scope of risk management for an IT infrastructure.
5. Apply the COBIT P09 controls to help organize the identified IT risks, threats, and vulnerabilities.

 Deliverables

Upon completion of this lab, you are required to provide the following deliverables to your instructor:

1. Lab Report file;
2. Lab Assessment (worksheet or quiz – see instructor for guidance).

• Distinguish between due care and due diligence.
• Based on your experience, provide examples of due care and due diligence.

Background: Kamehameha Institute is an organization that provides educational offerings to non-traditional students. The organization has tailored its unique educational offerings into the groups shown in Table 1 below:

Table 1. Kamehameha Educational Offerings.

GroupOfferingKamehameha BrandedFocused on the general public/provides services directly to its studentsCo-BrandedProvides the same services as Kamehameha Branded but resold by a third party and labeled as “…. Kamehameha Strong”White Label BrandedWhile the service offering is the same, these services are labeled solely with the third parties’ information

The State of Hawai’i regulates the educational sector, driving the need to ensure Kamehameha follows the State’s strict security and regulatory requirements. Kamehameha’s leadership is also very concerned with the threat posed by the online theft of their unique intellectual property. Additionally, the number of Hawai’ian entities breached by threat actors is on the rise. Thus, security, privacy, and compliance are all important considerations for the Kamehameha network architecture.

Your boss, the Kamehameha Institute’s Chief Operating Officer (COO) has tasked you to design a network infrastructure for three facilities located in the Hawaiian Islands of Honolulu, Hilo, and Lihue. The COO stipulated that you must separate the three group offerings in Table 1 and provide for strengthened defenses to protect Kamehameha’s cultural heritage. After meeting with the COO, the two of you drafted the following set of requirements for your network design:

· Each of the facilities has three floors:

· The first and second floor of each building requires 150 network connections each

· The third floor of each building houses a data center and requires 75 network connections

· The Honolulu location requires additional network connections for failover purposes

· The Hilo location will be the primary data center and house redundant database servers

· The Lihue location will serve as a failover data center and house the primary web servers (including the primary application and primary database servers)

· A constant connection between the three locations, carrying at least 75 Mbps of data

· All servers at all locations must have redundancy

· Protection from intrusions is required and should be documented

· A plan to verify security and failover measures is required

· Submission: Using the free tool, daw.io available at https://draw.io (no sign-in or registration required), create a network diagram (drawing) specific to the organization that encompasses the three facilities and also depicts ant necessary interconnections. Figure 1 shows the draw.io ‘new network diagram’ dialog window:

Figure 1. Draw.io New File Dialog Showing the Network Diagramming Templates

Your diagram should include enough detail to show the topology interconnections. The viewer should be able to understand the Kamehameha Institute’s network environment and be able to implement the architecture you develop. Ensure that you properly cite any external sources.

One of the keys to producing a viable network diagram is labeling the objects consistently and descriptively. Think about what you would want to know about a network device if you logged into it with little prior information. Consider location, floor number, or other pertinent information. At a minimum, include the following elements:

· IMPORTANT: Your network diagram must include an identifying label (e.g., callout box) that includes your class and section, assignment title, your name, and the date. Edit the items in italics. Your assignment will not be accepted if this element is missing:

Table 2. Example Network Diagram Callout Box.

CMIT 350 6980 Project #1 Network Diagram Student Name: Name Date: 6/22/2010

· Any necessary hardware

· Site-to-Site (WAN) connections (e.g., leased line connectivity, satellite, etc.)

· Annotate the following values for each of the Sites:

· Network ID

· Useable Range

· Subnet Mask

· CIDR Value

· Broadcast Address

· All devices require hostnames complying with the following naming conventions:

· Routers: Rx; where x is the site number incremented by a value of 1 for each router

· Switches: Sx; where x is the site number incremented by a value of 1 for each switch

· Servers: SRVx where x is the server number incremented by a value of 1 for each server

· For each site router, implement a private ip addressing scheme using a range suitable for corporate infrastructure and include the following:

· management vlan

· production vlan

High availability

When finished, export the diagram as a PDF document (Note: You will need to use this diagram again in Project 3, so ensure you save the xml source file!) and submit it to the Assignment folder. Figure 2 demonstrates how to export your draw.io diagram as a PDF document:

Figure 2. Draw.io ‘Export’ as Function to PDF

How Will My Work Be Evaluated?

1.1.3: Present ideas in a clear, logical order appropriate to the task.

2.2.2: Evaluate sources of information on a topic for relevance and credibility.

10.1.1: Identify the problem to be solved.

10.1.2: Gather project requirements to meet stakeholder needs.

10.1.3: Define the specifications of the required technologies.

13.1.1: Create documentation appropriate to the stakeholder.

13.2.1: Evaluate vendor recommendations in the context of organization requirements.

You are preparing to meet with your end users to discuss possible strategies for converting their old ERP system to a new one. Propose two or three alternative strategies, and explore related examples of situations for which each approach would be preferred and required.
1000 words 

Discuss an organization’s need for physical security. What methods, approaches, and models can be used by organizations when designing physical security needs? Lastly, explain how these security measures will safeguard the organization.

A substantive post will do at least two of the following:

• Ask an interesting, thoughtful question pertaining to the topic
• Answer a question (in detail) posted by another student or the instructor
• Provide extensive additional information on the topic
• Explain, define, or analyze the topic in detail
• Share an applicable personal experience
• Provide an outside source  that applies to the topic, along with additional information about the topic or the source (please cite properly in APA)
• Make an argument concerning the topic.

 Question:

If you have you been involved with a company doing a redesign of business processes, discuss what went right during the redesign and what went wrong from your perspective. Additionally, provide a discussion on what could have been done better to minimize the risk of failure. If you have not yet been involved with a business process redesign, research a company that has recently completed one and discuss what went wrong, what went right, and how the company could have done a better job minimizing the risk of failure.

Your paper should meet the following requirements:

• Be approximately 2-3 pages in length, not including the required cover page and reference page.
• Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. 
• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.