Category: Information Systems

Emerging threats and Risk Processing

For some additional reading, take a look at the latest Presidential Order that relates to strengthening cybersecurity that relates to critical infrastructure:

https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/

After reading chapter 1 and looking at the link above, you’re ready to participate in the first discussion.

Lets look at a real-world scenario and how the Department of Homeland Security (DHS) plays into it. In the scenario, the United States will be hit by a large-scale, coordinated cyber attack organized by China. These attacks debilitate the functioning of government agencies, parts of the critical infrastructure, and commercial ventures. The IT infrastructure of several agencies are paralyzed, the electric grid in most of the country is shut down, telephone traffic is seriously limited and satellite communications are down (limiting the Department of Defenses [DODs] ability to communicate with commands overseas). International commerce and financial institutions are also severely hit. Please explain how DHS should handle this situation.

You must do the following:

1) Create a new thread. As indicated above, please explain how DHS should handle the situation described in the preceding paragraph.

Mobile Device & Network Analysis Response

Provide (3) 150 words response with a minimum of 2 APA references at the discussions below. Response provided should further discuss the subject or provide more insight.

Question 1:

If you were talking to a group of seniors about mobile security, what would you tell them? 

Discussion 1:

Discuss what type of evidence can be collected from and mobile device and the processes used to collect that evidence.

-There is a lot of information that can be gathered from a mobile device. This information includes call history, emails, text and other messages such as Facebook messenger and Skype, photos, videos, phone information, global positioning system, and network information. Things such as photos and videos generally have hidden information such as where the media was captured and what software or hardware was used to capture it. When seizing a device, there are certain considerations to take into account. Before disconnecting or transporting the device, it may be necessary to turn of auto-sync, updates and even turning on airplane mode to prevent any corruption of the data. 

Discussion 2:

There are many brands of mobile devices. Is there any difference in the way that evidence is collected from them? If so, please discus these difference.

-Because there are so many brands of mobile devices and because they can have different operating systems there is a difference in the way evidence is collected. The differences are in the way the evidence is accessed. However, what is common is if the device is plugged in to the computer files can be accessed that way. The difference is pretty much the tools that are used to collect the evidence. Again, based on the operating system will determine which tools are used to access the data and collect the evidence.

CMGT/433: Cyber Security – Security Overview Presentation

 Assignment Content

  1. In your first meeting, you will have to present a security overview presentation.
    Create a 10- to 12-slide, multimedia-rich presentation in which you provide:
    • A definition of cybersecurity; further explain how cybersecurity differs from enterprise security
    • A timeline of cyber milestones; including graphics and a brief explanation of the milestone
    • An explanation of why knowing cyber milestones is important for improving security for the organization’s current and future environment
    • A chart presenting 4 strategies that could be used to determine the organization’s current security environment, the impact of the strategy, and resources (personnel, finances, etc.)
    • Your presentation should also include:
    • Speaker notes
    • At least 2 references to support the presented facts/etc. Format your citations according to APA guidelines.
    • Note: “Multimedia-rich” presentation typically means including several of the following: appropriate charts, graphics, video or audio samples, or images
  •  Note: The page assignment length requirement applies to the content of the assignment. Start the assignment with an APA formatted title page and add a reference section with at least two professional references. Use the references in the text of the assignment. Make sure to check the SafeAssign originality score.  

Need to read and know what is required with non plagiarism. Who can commit?

 Assignment Essay 

Choose your sources carefully. Cite your sources, use APA style as required, check your spelling.

Do not just answer the questions. You should be able to explain the logic behind your answer You are expected to spend at least 3 hours studying the questions, finding and studying good sources, and understanding the nature of the answers and at least an additional 3 hours answering these questions and polishing your writing, so the answers are compelling. Invest your time wisely, giving more time to the complex answers in order to ensure that you demonstrate that you truly understand the answer. Typical assignment submissions should be roughly 3,000 word in length. Shorter compelling answers are fine. Answers with needless filler will be marked down.

Essay Questions

1. Discuss in scholarly detail concepts behind web analytics and describe the web analytics process. Also provide an example of the information that can be learned from web analytics.  

2. Discuss in scholarly detail some issues that should be examined prior to undertaking an ERP implementation project to ensure that the company receives business value from the ERP.

3. Discuss in scholarly detail some prominent types of interorganizational systems (IOSs). 

4. Discuss in scholarly concepts behind PRM including how and why it is used.  

CIS 500

Good day,

I need a one to three page memo completed by 5pm on January 20, 2020 for course CIS 500 Information Systems for Decision Making . Plagiarism free. I have attached the instructions that provides the information needed to be included in the memo. 

Need response

 

Students will be required to create 1 new thread, and provide substantive comments on at least 3 threads created by other students. Make sure to explain and backup your responses with facts and examples. This assignment should be in APA format and have to include at least two references.

What happens when we place the authentication system in our demilitarized zone (DMZ)that is, in the layer closest to the Internet? What do we have to do to protect the authentication system? Does this placement facilitate authentication in some way? How about if we move the authentication system to a tier behind the DMZ, thus, a more trusted zone? What are the implications of doing so for authentication performance? For security?

Reply to discussions

reply to the below discussions with 250 words

1)  

  • Information Technology (IT) infrastructure is identified as a composition of software, hardware, network services and resources, and data centers (Vacca, 2013). IT infrastructure are important when it comes to the operation, existance, and management of enterprise information technology environment. It is understood that the weakest link in the security of an IT infrastruture plays a very important role in its success. When it comes to the secutiry of an IT infrastructure, the human element is considered as the weakest link. Even if the security of an IT infrastruture has a strong anti-virus software, firewall, cryptography, and intrusion detection system, it is only as strong as its weakest link. Human is to err is a common philosophical statement, and intrudors that want to take advanatge of an IT infrastructure are always waiting for this opportunity.   There are various strategies though that an organization may employ to reduce the risks possed, for exampe, organizations may engage in employee training to raise awareness of the various vectors of attack (Vacca, 2013). In addition, management of organizations may implement incentives which will encourage employees to take an active role and attention when it comes to matters security. Organizations may also engage in penetration testing and vulnerability assessment periodically in order to reduce the threat posture. In terms of costs, the whole process of mitigation of a data breach costs less than training and testing processes, and therefore it would be wise for any organization to carry-out the necessary steps in strengthening the weakest link.
    01:25
  • What is the weakest link in the security of an IT infrastructure?  The weakest link in security is the Humans. The chain is the security of the organization and its cyber defense is majorly independent and we already know the link of the weakest part in an organization’s security. As per the report, 78% of the security professional thinks the biggest threat to the endpoints in the security where peoples neglect among the employees’ security practices. Here the percentage also shows us 9.3% of the organization’s threats per month.  We are all humans and we do make mistakes and among these people there are a plethora of people who are always trying to take advantage of any mistakes made by other people which costs the business in financial loss. Any technology and security practices no matter how much sophisticated there will always be the errors made by humans.  How to reduce the vulnerabilities:  In-depth training should be provided to all the employees such that there will be total awareness on all the different attacks.  Any regular people risk assessments of the employees can reduce cyber risk in many ways can help the organization.  To use Hitech mechanism to the employees to keep the attention towards securities.  The periodic vulnerability assessments and penetration testing reduces the threat to the organization.  Many small businesses simply do not have the strict guidelines for creating the passwords in uniquely to all the online accounts. Employees are left to their own devices which always relying on the humans nature that simple develop a single and easy passwords that they use for the accounts that they have in the organization.  Enforcing the passwords management to combat the human errors, where many large companies IT departments force their users to create a complex passwords and builds their passwords not to be stolen easily and its easy to get a new password to create it.  Benefits: Improved Security, Reduced Information Theft, Enhanced Productivity, Compliance.

2) 

Attackers dont span a single way which helps them make their targets compromise. Their biggest weapon lies within the organization but not in the newest technology available in the market. This makes the weakest link in the information security. One such weakest is the emails and the system that manages email. Email is the source for most of threats like phishing, scams, ransomware and any such related malicious code. Even a single email which contains the confidential data goes out of the organization, may lead to the biggest threat and lowers the reputation of the organization. For this, employees should be given a training on what type of emails can be shared with their co-employees and what type of emails can be sent out of the scope of the company. Management should have access to the emails of their employees and should regularly monitor them. 

Some of the strategies that can be applied to reduce the effects of the emails are stated here. Users should be aware of the types of risks caused by the emails. Even if the user clicks the unsafe link unknowingly, that may lead to malware infection or that might give the attacker the access to the system. Humans are the primary cause that leads to email related breaches.  The phishing awareness and training program must replicate the various categories of methods and risks that spread over to other roles in the group so that individuals recognize accurately what to look in for. Just offering the training wont serve the purpose, management should ensure that employees understand their security aspects and are willing to apply in their real time projects.

Research

 

Pick a topic relevant to Risk Management Strategies and write a 10 page paper.  The format of your paper will need to follow the following outline in APA format (include title page, abstract page, content pages, and reference page):

INTRODUCTION

  1. State the topic you are attempting to cover
  2. State the issues involved
  3. State why we should be concerned with resolving whatever issues are involved
  4. State how answering the issues will help us
  5. State the implications and consequences of dealing with or resolving the issues involved

REVIEW OF THE LITERATURE (5 sources minimal, at least 3 needs to be peer-reviewed)
Identify who has tried to answer the question before by doing the following:

  1. Summarize how each of the sources presents and deals with the subject
  2. Explain how each source presents and deals with its findings or results
  3. Explain the relevancy of each source to your topic
  4. State what you learned from each of your sources
  5. State in what way(s) each source contributes to answering your issues

DISCUSSION

  1. State your answer to your issue
  2. State how and elaborate on how, explain how, illustrate how each of the sources you previously reviewed help you answer your issue
  3. State what questions about your topic you still have that your sources may not have answered

CONCLUSIONS

  1. Indicate how each of the sources have contributed to your conclusions (and clearly, accurately, correctly document those sources within your text)
  2. State the implications of your conclusions
  3. State what might be the possible consequences of your conclusions
  4. State the significance these implications and consequences might have in the information technology / information security realm 

DOCUMENTATION

  1. On a separate page, include a section labeled References which provides the full publication information for all the sources you used in your paper
  2. You should have a MINIMUM of five (5) sources for your paper, at least 3 source needs to be peer-reviewed
  3. Not meeting this minimum requirement of five (5) sources will lead to a lower evaluation of your paper for each missing source
  4. Use APA format for documenting your sources

Blockchain (discussion and research paper)

A discussion board (initial post of 200-250 words) and a research paper (upto 4 pages) on Blockchain. 

Course name: Infotech importance in strategic planning. Please find the attached file and respond back to me.

Thanks

Right to Privacy and Compliance Regulations

 

he United States has a number of privacy laws that affect the governments use of information as well as the use of information by specific industries, such as financial services companies and healthcare organizations that handle sensitive information.   Select one of the following acts and summarize the laws provisions. What complications do you think may arise with implementation or managing the compliance of the act? 

  • Privacy Act of 1974 
  • Electronic Communications Privacy Act of 1986 
  • Communications Assistance Law Enforcement Act of 1994 
  • Economic Espionage Act of 1996 
  • Health Insurance Portability and Accountability Act of 1996 
  • Health Information Technology for Economic and Clinical Heath Act of 2009