Discussion Cyberlaw….B

/0 Comments/in /by

Question Description

Discussion

On the discussion forum, please post a 500-word summary of the results of your research paper (cyber intelligence sharing and protection act)

Reply 1:-

Abstract

Cybercrimes are in charge of the interference of typical PC works and has been known to cause the ruin of numerous organizations and individual elements. This exploration paper expects to talk about after parts of Cybercrimes: the definition, why they happen, laws administering them, strategies for carrying out cybercrimes, who they influence, and cybercrime avoidance methods. All the more explicitly, this paper will dive into one fundamental case of cybercrime “hacking”. The report will demonstrate the utilization and movement of innovation has enhanced distinctive sorts of wrongdoings, for example, robbery violations and fear based oppression. Additionally, this report will show measurable information which will give a thought of how far cyber crimes has increment over the time of ten years or more.

Introduction

A commonly accepted definition of this term is that a cybercrime is a “crime committed using a computer and the internet to steal a person’s identity or sell contraband or stalk victims or disrupt operations with malevolent programs” (Definition of Cybercrimes).

Web users might be uninformed of cybercrimes, not to mention what to do on the off chance that they fall casualty of digital assaults. Numerous honest people succumb to cybercrimes around the globe, particularly since innovation is developing at a fast pace. Cybercrimes are any wrongdoings that reason damage to another individual utilizing a PC and a system. Cybercrimes can happen by issues encompassing entrance of protection and secrecy. Whenever protection and private data is lost or hindered by unlawfully people, it offers approach to prominent wrongdoings, for example, hacking, digital fear mongering, reconnaissance, budgetary burglary, copyright encroachment, spamming, digital fighting and a lot more violations which happen crosswise over fringes. Cybercrimes can transpire once their data is rupture by an unlawful client.

The aim behind this paper is to instruct people who don’t have the foggiest idea what are cybercrimes and its significance in becoming innovative development all through society. Understanding the danger of cybercrimes is an appropriate issue since innovation holds an extraordinary effect on our general public in general. Cybercrime is developing each day in light of the fact that since mechanical progressing in PCs makes it exceptionally simple for anybody to take without physically hurting anybody as a result of the absence of information to the overall population of how cybercrimes are perpetrated and how they can ensure themselves against such dangers that cybercrimes presents. This paper will talk about a few parts of Cybercrimes including: characterizing the term, why cybercrimes happen, laws administering them, strategies for perpetrating cybercrimes, who is influenced, and aversion methods and some more.

Reasons for Cybercrimes and strategies for perpetrating

There are numerous ways or means where cybercrimes can happen. Here are a couple of causes and strategies for how cybercrimes can be perpetrated consistently: Hacking, Theft of data contained in electronic structure, Email shelling, Data diddling, Salami assaults, Denial of Service assault, Virus/worm assaults, Logic bombs, Trojan assaults, and Web jacking.

Prevention

It appears to be practically difficult to abstain from being a casualty of cybercrime, with every one of the headways in innovation which make it simple for somebody to perform cybercrimes. In light of this, there are some ways anyway to abstain from turning into a casualty of cybercrime. Most web programs email administration, and Internet suppliers give a spam-blocking highlight to counteract undesirable messages, for example, deceitful messages and phishing messages, from getting to your inbox. Notwithstanding, every client must guarantee to turn them on and don’t turn them off at all. Likewise, clients must introduce and stay up with the latest antivirus projects, firewalls and spyware checkers.

Conclusion

Cybercrimes will dependably be a progressing challenge regardless of the headways being made by various nations. Most nations have their very own laws to battle cybercrimes, yet some doesn’t have any new laws yet exclusively depends on standard earthbound law to indict these wrongdoings. Alongside obsolete laws to battle cybercrime, there are as yet weak punishments set up to rebuff lawbreakers, therefore doing no significant counteractive action of cybercrimes’ which influence the economy and individuals’ public activities on a vast scale by those culprits. Subsequently, there is an urgent requirement for nations on a worldwide scale to meet up and settle on what comprise a cybercrime, and create manners by which to mistreat crooks crosswise over various nations.

Reply 2:-

Costs of crime estimates can play an important role in helping the Government to achieve the greatest impact on crime for the money spent. The estimates can be used in both appraisal and evaluation of crime reduction policies. They can help the Government to priorities, focusing scarce resources on policies that have the biggest impact on harm caused by crime, rather than simply the number of crimes. The Home Office has previously published research examining the costs of traditional crimes such as burglary and violent crimes. The Home Office also published a report estimating the social and economic costs of organized crime. However, due to the challenges associated with robustly calculating costs, cyber crime has not been included in any such estimates to date. In light of the emergence of new threats from cyber-enabled crimes and cyber-dependent crimes there is now a need to look at the impacts of new modern crime types and attempt to quantify the costs they pose to the UK economy. The costs of crime work have taken an iterative research approach, and has published updates as methods and cost estimates have improved. This has enabled the cost of crime research to drive improvements in future research, as well as summarizing the best-known cost estimates for the research community in an easy-to-access manner.

In calculating estimates, the costs of crime research has focused on the economic cost to the UK per incident, and has separately used estimates of the prevalence of crime in order to form an overall understanding of the cost of crime. Costs considered by this research have been broken down into three categories:

  • costs in anticipation;
  • costs as a consequence; and
  • costs in response.

The methodological approach taken by the previous costs of crime research study has formed the basis of the approach taken in the costs of cyber crime research presented in this report.

In light of the lessons learned from the literature review exercise and a desire to promote consistency in future research, the Costs of Cyber Crime Working Group commissioned a project to devise a costs of cyber crime framework to summarise and understand better the different estimates of the costs of cyber crime. This project was undertaken by Dr Adam Bossler, in conjunction with Home Office Analysis and Insight. The framework approach was based closely on the Home Office’s previous research investigating the costs of crime.

The costs of cyber crime framework is an attempt to combine all that is known about the costs into one table that would enable greater understanding of current (as at 2016) research gaps and encourage further research. This intention was to enable researchers to identify what the various different component costs of cyber crime are, and how these combine to form the overall cost of cyber crime – a resource that did not previously exist in the extant literature. Considering costs in this way should help researchers to identify gaps for future research, facilitating the design of consistent research, which could be used together in future to get closer to understanding the overall cost of cyber crime. The framework, summarizing a range of component costs.

Note:-

Hi

Its a Discussion and two replies each of 150 words for above question

i need everything in separate documents as 1st document should be discussion of 250words. , 2nd document should be reply 1 and 3rd document should be reply 2.make sure no turnitin and no plagiarism please dont copy it from any source write in your own words.

make sure you write everything in own words

Please dont copy from any source we have a turnitin.

need references

And send me three documents in different folder.

no specific question, please respond to the 4 classmate posts as directed (minimum 75 words each)

/0 Comments/in /by

Question Description

INSTRUCTIONS:

Be clear about which message you are responding to. Refer to specific passages or ideas in the course or text that have sparked your interest. Make sure your contribution adds something new to the discussion. A simple “I agree” may be your initial response, but think about how you can take the conversation to the next level. Use a minimum of 75 words each in response to the 4 classmate post.



IT117: Website Development

CLASSMATE POST #1

While Tim notices the websites he uses to find photos may not have the copyright symbol on them. The right thing to do is to contact the owner of the website and get the proper permissions to use the photos. Copyright infringement can destroy any credibility you have as a web developer and destroy your career before it even gets started. The ethical thing Tim should have done was trace the source of the photo and make sure it wasn’t owned by someone else. Tim could have done a simple google image search to trace the origins of the photo or us an app like Tineye to find out if it has a copyright or a creative commons licence. If it happens to have a CC license then there is a good possibility you can use it, but I would still contact the original owner and ask permission just to be on the safe side.

MICHAEL

CLASSMATE POST #2

Tim would be allowed to edit and use the images provided by other websites through the Fair Use Doctrine if the site is solely intended for the benefit of the public. Fair use allows the use of copyright materials to be used without permission for the benefit of the public. Since this webpage is created on behalf of another small business for advertisement and information, he would not be protected under the Fair Use Doctrine. It would be implied that the use of this website would be to benefit the likelihood for increased sales of this small business; even if the website itself seems relatively harmless. Although there is not a specific copyright logo on the webpage, the contents originator still has a ‘limited” copyright to that content. The copyright owner has the exclusive rights to reproduce, display, prepare derivative materials, and distribute copies of the work to the public by sale, rental, lending to display the image. This fact applies whether the creator formally had the images registered, or not. The copyright law protects the contents originator from the moment the material is created; ranging from the start, to the complete and finished material. Simply citing image sources would not clear him from being subject to the copyright law, nor would citing image sources be required through the Fair Use Doctrine. If Tim were to get these images from a public domain, stock photo services, or through a creative commons license; the work would not be protected by copyright, and there would be no concern if the Fair Use Doctrine would apply for the images obtained through those sources, as these distribution types would be ethical. Tim could obtain and use the image sources ethically by contacting the website’s creator and/or owner and asking formally, in writing, for the expressed consent to use those images and abide by the agreed upon terms of each image used. That includes if he pays a one-time fee for the use of the content, he would not be the exclusive owner of the material, and subject to abide by the copyright laws.

ANTHONY




IT261: Desktop Administration

CLASSMATE POST #3

To maintain a reliable and well-maintained storage space, you will need to understand the structure of most modern hard drives. Today we supply our employees with solid state drives (SSD) in their pcs. These no longer contain a mechanical motor driving platter that held the information of the older drives. Although with SSD there are still some basic file structures that was available on the older hard drive types, namely the Master Boot Record. This along with the GUID Partition Table (GPT) will be choices you will have to decide on when installing a new physical hard. Both file structures inform the pc of what the partitions look like and bootable.

MBR has been around since DOS 2.0 in 1983 and can run older versions of windows, but has some limitations (Hoffman, 2018). MBR can only work on disks up to 2 terabytes and will only allow 4 partitions per drive. Though there is a hack, make one of your partitions an extended one, and you can create more logical partitions within it. MBR also stored partition and boot data in one place, so if the data was overwritten or corrupted, you had better have a backup somewhere because that drive will not boot.

GPT on the other hand will allow you to have an almost limited amount of partitions, though that is dependent on the OS, and since we use Windows 10 you can have up to 128. Much more than you would ever reasonably need. Also, with GPT each drive is assigned a unique GUID which can help make it easier to manage for modern OS’s. For instance, it stores the partition and boot data in several places and can notice an issue, say a corrupt boot record, which it can recover data from one of the other boot sectors to repair.

Next, I would like to go over Virtual Hard Disks (VHD). They are used throughout our 3rd party application servers and on storage appliances within our network infrastructure. We prefer to run our application servers on 2 VHD appliances. The reason for this is we can take one set of them offline from the load balancer, update an application, and test it for a correct installation of the update. Then once we are satisfied, bring it back online, but after taking the other VHD offline first. VHD is also used in database storage much the same way we use it for application servers. But with these servers we usually employ dynamically expanding VHD. For the application servers we use fixed-size VHD. We also deploy VHD on some pcs for users that have a need to run different OS’s such as with our application development teams.

ROBERT

CLASSMATE POST #4

Both the globally unique identifier (GUID) and the master boot record (MBR) are known as partition types, or in Apples terms “partition schemes”. The MBR is what holds the data for the initial boot process and is typically found in the first sector of the hard disk drive. It’s also made up of the master partition table, disk signatures, and the master boot code. On Mac computers, the GUID is used for the startup and non-startup disks with Intel processors of OS x 10.4 or newer.

On the storage ends of things, every computer holds a virtual hard disk (VHD), which host the operating system and most other files on the system. The VHD is always going to be the largest amount of storage on a computer system. Now when it comes to protecting your information, Windows created a feature called Storage Spaces which helps to secure said data from drive failure. Essentially what it does is groups a few drives together and stores the information into a storage pool for safety precautions.

ANTONN



Discussion Cyberlaw….MM

/0 Comments/in /by

Question Description

Discussion

On the discussion forum, please post a 500-word summary of the results of your research paper (cyber intelligence sharing and protection act)

Reply 1:-

Web security city is an idea of digital law that identifies with PC security. The term web security legitimately to identifies with program security which covers to arrange assurance. Expert digital law security group have refered to the approaching ascent in web security given the expanded digitization and utilization of the web. Web security should deal with the wellbeing worries of both the overseers and the clients. One of the most significant destinations of web security is to set up measures, standards, and rules against the conceivable web assault. Digital law everywhere centers around advancing web security by neutralizing the rising instances of digital psychological warfare and digital wrongdoing we see today. One significant way to deal with check the rising web security risk is empowering interest in protected and secure innovation (Crawford, 2013). The paper looks to give a top to bottom investigation of the idea of web security as a touchy theme in digital law.

Digital wrongdoing and digital fear based oppression keep on being on the ascent with the present and rising innovation. As time passes by the web and digital aggressors are quickly creating mechanical ability that advances the majority of their violations. Web was made with the main motivation behind advancing data trade between the suppliers and clients. Be that as it may, the stage has transformed into an uncertain channel where individuals execute risky data ruptures everywhere throughout the world. Individuals take part in deceitful exercises, for example, phishing, Trojans, online infections and worms among different dangers. Singular clients, sellers and program directors should work in a shared way in sentencing the rising danger to data security. The nearby and national government ought to put resources into digital security since the outcomes of the issue will influence everybody. In the United States, China and Canada among different nations more awful digital wrongdoing situations have been seen with administrative substances the most influenced (Jing, et al., 2014).

The Current Face of Internet Security

Web security is shockingly on the ascent regardless of the guidelines set up by web security control offices and different government. The rising danger requires a strong methodology that is forceful enough to obstruct the approaching security challenges. Today, digital wrongdoing is one of the inclining issues in data security. Consistently numerous occasions of information ruptures, information burglaries, and hacking are accounted for with the measurements apparently deteriorating bearing. As indicated by ebb and flow inquire about, Melon Security announced that web security is to a great extent temperamental. About 42% of top 100,000 sites associated with the security study are accounted for to be undermined in this manner dangerous for clients. The exploration went further to investigate the measures set up to battle the instances of program security. Shockingly, it was clear that these measures have had little effect in recovering the negative pattern in web security (Tao et al., 2014).

As of now, the emphasis on class guideline and website notoriety have been utilized to improve the web security. It appears that additional endeavors should be set up to meet the forceful degrees of the majority of these security challenges. Digital hoodlums have turned out to be progressively tricky. They have started utilizing confided in locales to dispatch and present malware undetected. This strategy empowers them to access the locales like some other client intense their evil aims try to degenerate the information making the frameworks helpless against shut down. The present pattern in web security break is the mistake crouching. In grammatical error hunching down, fraudsters come up looking like space names that are practically indistinguishable from the real one. They present some negligible grammatical errors that can’t be distinguished effectively by the clients. The strategy empowers them to pick up enlistment which fabricates the ground for executing the criminal follows up on locales (Bertino and Islam, 2017).

Reply 2:-

CYBERLAW:

Cyberlaw is important subject to understand the laws or principles which will mainly relate the information to the internet. So cyberlaw is considered as the mandatory subject for the IT graduation studies. It mainly deals with important rules involve in the legal regulatory or activities involved with the regular modalities.

It deals with the people issues regarding the internet impacting the human behavior and how the people can react by considering the rules and regulations to complain against the Software companies. By gaining the information one can know the importance of the existence of Cyberlaw. These skills can make the ability for the development of the field in suitable direction.

Internet is a global communication system which mainly deals with the huge information which mainly tells about the online conduct. There is no specific interaction between the people, so it is a type of dealing the intangible property. Internet is information repository which can get from the series of Internet service providers which will allow the access the information across the search engines and group of websites. Cyberlaw deals the issues with the bad information which spread across the social media. The cyberlaw mainly deals with how its effecting the people globally whether it is a country based or state based etc. We can explain it in a simple way the information of any website can not impact any of the people badly because of the religion or caste etc.

If any of the harms happened because of the accessing the information from the internet cyberlaw deals them legally by taking suitable remedies by reducing the harms. Cyberlaw mainly deals the information related to the copyrights, privacy or trademarks.

Internet contain the different kinds of information like the images, text etc which can be easily readable and also there is a information which is not readable. Cyberlaw deals with the regulatory information which allows to provide the sensible information only and not all kinds of information to the people. Otherwise it will affect the people badly in all ways.

There are specific rules imposed in the cyberlaw field to deal with the social norms and privacy levels. The regulation of the internet can be more determined and conceptualized which can be possible only with rules or regulations provided in the cyber law. If the cyber law was not properly maintained there would be chance of more thefts online and illegal activities over the internet. So, I consider cyberlaw can be studied by all the Software professionals.

So according to my research cyberlaw is an important subject to be considered for understanding the laws and regulations and also lot of crimes happening because of cyber-attacks. Government should take care of allowing the students as mandatory subject so that all the students can get basic knowledge about cyber related a laws and regulations. So that if they face any cyber attacks they can easily complain or follow up the law authorities

Note:-

Hi

Its a Discussion and two replies each of 150 words for above question

i need everything in separate documents as 1st document should be discussion of 250words. , 2nd document should be reply 1 and 3rd document should be reply 2.make sure no turnitin and no plagiarism please dont copy it from any source write in your own words.

make sure you write everything in own words

Please dont copy from any source we have a turnitin.

need references

And send me three documents in different folder.

no specific question, please respond to the four discussion posts as directed (75 words minimum each)

/0 Comments/in /by

Question Description

INSTRUCTIONS:

Be clear about which message you are responding to. Refer to specific passages or ideas in the course or text that have sparked your interest. Make sure your contribution adds something new to the discussion. A simple “I agree” may be your initial response, but think about how you can take the conversation to the next level. Use a minimum of 75 words each in response to the 4 classmate post.

IT117: Website Development

CLASSMATE POST #1

Templates are a great way to reduce repetition and standardize a task. In website design, many websites can have the same base style, and in that case a template offers a solid foundation. This can be particularly valuable if you have achieved success with a certain style in the past. Another great application for a template in web design is to focus a group of people on a common vision. Consider a customer having specific requirements for their design and you would like to collaborate amongst multiple people. Using a template in this case keeps the group focused on the customers wants. However, in that same regard, using a template limits creativity by reducing the artistic freedom of the designer. Templates also have the ability to breed complacency in my opinion. If the same template is continually used, the designers may forget the tasks they are not doing frequently because of the automation the template provides.

Jason


CLASSMATE POST #2

Class,

In logging into the web file server for the first time was straightforward for me. I didn’t notice any issues both days that I accessed it. Since my first login I saved my login information on my personal device to speed up the process. I did not delete my email though. I will keep that in a safe place in case of emergencies.

To me although it’s controlled through the web browser, it’s the same as using your file explorer on Windows operating system (OS). The web server seemed very upfront and intuitive. I did not have an issue uploading in either manner of drag and drop, or the browse by folder selection.

Now, given that it is controlled through the web browser and not your local machine you do need to remember to refresh. If you want an updated look at the information that is there this is required. The page will automatically do so when you add items or jump to another folder. If you happen to sit on the site long enough it won’t do it on its own. This isn’t really an issue, but I noticed it when I changed out my file from the seminar the other night. I hovered over the blue icon next the yellow one and the file which gives the time that is was last changed. This hadn’t changed from when I did it which showed “has been changed 0 min ago.”

Did anyone else notice this like I did?

V/R,

Micah



IT261: Desktop Administration

CLASSMATE POST #3

The three most popular features I found for Windows 10 are:

Start menu

This feature allows you to access all of your programs from the click of a button. there is also a search bar from the menu that you can use to search through your programs in real-time. You also have access to your power options. It also allows you to customize widgets on the menu so you can see news feeds whenever you click on it.

Cortana integration

Cortana has been integrated into windows 10 which allows you to search for programs, media, or pretty much anything that’s on your hard drive just by speaking. You can also use it to send email while you are working on something else. Of course this requires that your CPU has a microphone connected.

Virtual Desktops

This feature allows you to view all of your screens at once allowing you to quickly switch between your various programs. It also allows you to see how many programs you have running at a glance.

Travis

CLASSMATE POST #4

The first popular feature in Windows 10 that improves my daily routine is the start menu. Presently, when you tap on the Start catch at the base left of the screen, you get two boards next to each other, with the left section indicating stuck, as of late and most-utilized applications. You additionally get a power catch at the best for alternatives, for example, Hibernate, Standby and Shutdown, and an all applications choice a la Windows 8. The correct section includes a choice of live tiles that you can redo, resize and rearrange. That, as well as the inquiry field at the base will investigate related Internet results notwithstanding projects and documents. I can now have the Start Menu extend to full screen at whatever point I need, taking out the requirement for a Modern UI Start Screen. This makes my start menu and my desk top much more organized to suit my basic needs.

The second popular feature that improves my daily routine is Cortana. Windows 10 brought Microsoft’s voice-controlled advanced right-hand Cortana to my personal computer, to make it simpler for me to interface with my gadget without lifting a finger. I now have the capacity to scan my hard drive for records, pull up photographs from dates, or dispatch PowerPoint introductions just by advising my PC to do as such. I can even get Cortana to send an email while I’m chipping away at a spreadsheet, making performing various tasks substantially simpler.

Lastly, the third popular feature that could improve my daily routine is You Can Now Add Multiple Desktops. Another Multiple Desktops highlight gives you a chance to run another arrangement of windows as though on another screen, however without the physical screen. This will allow you to deal with your large number of open windows and applications. Rather than having various windows open over one another on one work area, you can set up an entire other virtual work area for those projects to dwell in. Set up one particularly for home and leave your applications, for example, Netflix and Amazon open, and make another work area for work on which you keep Word, Excel and Internet Explorer open.

With the new work areas comes another approach to monitor your open applications on Windows 10. On the new working framework, you can either hit the new Task View catch on the errand banish or swipe in from the left edge of the screen to pull up a one-site hit of all your open applications and documents. It’s very little unique in relation to utilizing the Alt-Tab blend alternate route on your console, yet this displays an advantageous path for you to get a review of what’s running.

Jeremie

provide replies to below 2 posts each in 150 words 6-network security

/0 Comments/in /by

Question Description

Main que:

What is authentication, authorization, and Accounting? Please provide an example

sruthi-

Authentication: It is the process of providing a user with access to the network. The users like employees want to access the network resources by asking the credentials like username and password. Common methods of authentication are put authentication on console port, AUX ports, etc. A network administrator has the full control on how a user can be authenticated if wanted any access to the networks. Some of the methods of acquiring the authentication include using the local database of that device, sending the authentication request to the external server, etc. In the process of performing the authentication is broken into three parts: Principal (Entity that requests the authorization), Credential (the user provides as the proof of identity like shared key or password, one-time password (OTP), etc.) and Contextual (includes network and physical location of the request made).

Authorization: It is providing the ability to implement the policies of the network resources after the user has access to network through authentication. Authorization is used to determine what resources can be accessed by the user who has the successful authentication to access the networks. Like network administrator determines what operations to be performed by the user. For junior employees, the administrator can create access to the user which allow the user only to perform few operations. There is also a concept called null authorization (no authorization at all) where this is the most common authorization in AAA. After the authentication occurs, the user is granted full access to the network.

Accounting: This provides a way to monitor and track the events performed by the user after having the success authentication granted to the network resources, how long the user has the access. The administration is able to create an accounting activity and also has the authority to specify what should be accounted and to whom the records can be sent. Accounting holds the track history of the users who has the successful authentication like, which clients have the access to the network, what all access they were granted and when the client has been disconnected etc. Accounting is widely used in the Internet Service Provider space.

Example:

To use the local database and local running configuration, we need to implement AAA in case of new employees. The first step is to create the users and have the authentication requested to the administrator for access to access the local database. Then the administrator who has the authorization grants the access to the new employee by providing a username or email id and the password to log in and have the successful authentication to access the local database. This user’s events will be tracked by the accounting activity created for this specific user. When there is an issue with accessing the networks or the database, the administrator will access the accounting activity and provide an immediate solution for the issue with the authentication.

swathika-

hat is authentication, authorization, and Accounting? Please provide an example

In the past decade the cloud services have enabled many organizations and individuals to perform variety types of tasks such as online storage, email services and on demand TV and online shows. With the help of cloud services, the deployment of applications with very cheap cost with elastic and scalable due to fault tolerance system. Authentication and authorization and accounting (AAA) are three mains that helps track the system tracker of the user activities via IP-based network and controlling the access to network resources. A term AAA protocol is often implemented as a dedicated server.

Authentication refers to identifying unique information in each user system in a form of username and password. With the help of system administrators, we are able to monitor, add or delete authorized user in the system.

Example: When a network administrator controls the user authentication when an individual wants to access the network. These methods include local database that could be a router that sends authentication request to an external server. Sometime customized authentication methods are used for default authentication customization.

Authorization refers to the an individual adding or denying any user access in the computer network and its resources. Depending on the limit and their access towards the networks, users are given different authorization level depending on that. This determinization can be based on variety of entities on geographical location, date or time restriction, multiple logins by single individuals frequency associated types of authorization in the services include routing assignments, IP address filtering, bandwidth encryption traffic management.

Example: when a junior engineer who has not given any privilege to access all the resources and would want to access the devices, this were the administration would come into the picture to allow particular commands wherein the view will be created which will allow particular commands to be executed. This is to specify the user in a way is authorized to network resources through local database or ACS server.

Accounting refers to tracking or record keeping of individual activities in an computer network. Some of the examples of accounting would be time period but not limited to accounting time spent towards accessing the network, capacity and trend analysis, network cost allocations, billing data and user authentication and authorization.

Examples of AAA protocols include:

  • Diameter, a successor to Remote Authentication Dial-In User Service (RADIUS)
  • Terminal Access Controller Access-Control System (TACACS)
  • Terminal Access Controller Access-Control System Plus (TACACS+) a proprietary Cisco Systems protocol that provides access for network servers, routers and other network computing devices.

provide replies to below two Discussions each in 150 words

/0 Comments/in /by

Question Description

main que:What are three network security management best practices

dev-

As most of the companies and organizations use internet, Information systems security. Computer and network security, it has become complex system and changes occur every day. It is important to develop a strong security strategy involves keeping one eye on the reality of Internet-speed changes in threats and technology, and the other on the reality of the corporate environment. It is necessary that the companies should know how and what to protect and what controls to put in place. This includes planning, policy development and the design of procedures. According to the January 2000 Internet Software Consortium’s Internet Domain Survey (www.isc.org/ds), there are more than 72 million hosts on the Internet. Given that many organizations do not advertise their internal name spaces, we know that many more computers are connected in some fashion to the Internet. Changes in network and security architectures, network security management is far more challenging and complex than just a few years ago (Bodhe, Masuti & Umesh, 2016).

Three network security management best practices

  1. Companies need to have an overview of their network. There are various services such as routing rules, access rules, NAT, VPN, hosts, including all products (and versions), services, vulnerabilities, and patches; and assets, including asset groupings and classifications. Security teams should view hosts in the network, as well as configurations, classifications and other pertinent information. A network map or model is both a useful visualization tool and a diagnostic tool, providing analysis that is only possible when considering an overall view. Sophisticated analytics can be conducted quickly and accurately in a model-based environment, without disrupting the live network. Access path analysis helps to validate changes and can troubleshoot outages or connectivity issues (Park, Lim, Kwon & Choi, 2017).
  2. Micro view is needed for device management. Information must be considered within the framework of the broader network, such as segments or zones, routing, routers, switches, intrusion prevention systems (IPS), and firewalls. Daily or weekly reviews of all devices on the network is unattainable with a manual process and reviewing device configurations less frequently puts network security and compliance at risk. Automating policy compliance helps ensure compliance and consistency and preserves IT resources.
  3. Attacks should be simulated for preparation. Attack simulation technology looks at network context, asset criticality, business metrics, and existing security controls when determining the impact of a potential attack. Attack simulation technology looks at network context, asset criticality, business metrics, and existing security controls when determining the impact of attack simulation can also evaluate potential options to block an attack, providing intelligence for decision support (Park, Lim, Kwon & Choi, 2017).

sow-

Securing Hardening, preparing are three best practices in network

Network attacks are developing, and former resolutions might not be adequate to prevent future risks and attacks. This is the reason for one of the vital parts where network security best practices came into picture and having antivirus up to date in the system. Software updates should be installed, having effective anti-virus in the system will almost protect over 90 percent of instances. Installing patches is also an important aspect to be considered. System should be always secure and up-to-date. Logging should be enabled to track how is doing what, who logged into the system. Giving access on need base and eliminating privileges and access rights should be implemented as top network security standard. System administrators and network administrators should be able to identify the weaknesses.

Hardening helps in solving known as well as predictable while preparing provides solution for unknown and unpredictable solutions. Always update the procedures and policies according to the trend. Implementing and exploring new tools to update configurations, policies and procedures as required.

Best security management practices should me focused on four fields. They are when planning and executing the deployment on systems. Integrity maintenance. Providing awareness to the employees on security issues.

Security teams support compliance mandates internally and externally, permit new facilities, improve routine, confirm obtainability, and provision the capability to troubleshoot professionally on mandate with no scope for mistake. That is a portion for steadiness when handling network security.

Prevention is top network security practice.

By the period to determine that the association has suffered a data breach, the damage will have already been done. Therefore, it’s so important to prepare ahead of time. After all, in terms of network security, an ounce of prevention is worth far more than a pound of cure. Computers should be configured in a way that they should be less vulnerable to any kind of malicious attacks. Integrity is an important aspect to be considered for deployments. Employees should be aware of all the security issues that’s are taking place in recent times. They should be trained to follow compliance and regulations. Disaster recovery and incident report are the best practices for a company to keep them in a place.

Securing networks according to the requirements and categories of data must be handled with proper care on computers. Building servers on a tight security system and they should be dedicated for solitary purpose. Multifactor Authentication is the best practice for login system to attain a token-based authentication. Encryption should be implemented to protect certain assets. Recognize the security apprehensions associated to daily administration. Traffic monitoring should be done on an isolated network and network traffic should be captured on internal hosts.

Please provide reply to Discussion 3

/0 Comments/in /by

Question Description

Note:Please provide reply to below discussion in 150 words.

Professor Note:”You need to demonstrate to me that you read his or her post and that your response relates to their post and not yours.”Please take care of this note.

sruthi—VPN: Virtual Private Networks are the private networks used by the employees or the users to connect remotely to the network or the sites of an organization. VPNs are usually based on Internet connectivity. VPN uses virtual connections through the internet from the private network to assist and allow to connect from remote locations. A VPN maintains the privacy of the data and follow the protocols.

Benefits: We have two types of VPN available. Site-to-site VPN allows internal multiple offices or teams to connect to each other at the fixed location. Remote access VPN allows users to connect to the network of the business of a company from anywhere or remote location securely. The main benefit of deploying the VPN is it secures the sensitive data. It keeps all the malicious websites at bay and prevents from exposing the important data of the company. An employee can access from anywhere in the world by having a secure connection which is provided by VPNs. The VPNs are affordable, and the cost is considerably low. Every company should have VPNs.

Limitations: If at all the internet connectivity is lost, the VPN is lost too. VPN is solely based on internet connectivity. Installation and management of VPN on the client-side is a big expenditure. Sometimes, the VPN can be hacked too and might end up revealing the important information. The connection might become slow sometimes. The data transfer or connecting to someone else’s system might get things slower than usual. Some devices don’t have VPN supporting operating systems and have to manually configure the VPN connection. Free VPNs are always risky. They have security issues.

For example, I work from home every once in a while. I connect to my company’s applications or software only after I connect to the VPN. That helps me to easily access all the applications of the company without any disturbance. VPN might get slow due to my internet connectivity issues since the VPN is primarily based on internet connectivity. The offshore-team in the IT companies connect and access the applications through VPN. It has been an important factor every company should take care of.

Soumya–

A Virtual Private Network (VPN) has become a requirement for companies to protect their data from Internet. VPN doesn’t make a private network, it just hides your identity and make your communications more secure. VPN keeps your identity secure through encryption. With help of Virtual Private Network one can avoid content restrictions and government monitoring. A Virtual Private Network is mostly used to create a private network over public connections.

There are some other options for securing identity and sensitive information like proxy servers and TOR. Proxy servers are not totally secure, but they are available for free. Another popular option is TOR, a browser that encrypts and bounces the communication over other TOR users. A Virtual Private Network is like a middle man between you and internet. For Instance, if there is an emergency issue over a network and employee who must fix the issue is out of station, then he can connect to network remotely through VPN. There are some organizations which give limited access.

Virtual Private Network is available in different types. Each type of VPN offers differ in their scope and level of security. VPN’s can also use different protocols. Let’s look at different types of VPN that are available for internet users.

PPTP is Point to point tunnel protocol is the most commonly used and have been around long time since Windows 95. PPTP is easy to setup but is vulnerable to third parties and hackers. SSTP is Secure Socket Tunnel Protocol, it uses SSL is more advanced and safer than PPTP. SSTP can also be configured to use AES encryption. IPSec/L2TP is Layer 2 Tunnel Protocol doesn’t encrypt but create a tunnel and IPSec handles encryption. This encryption is most effective but impacts the network performance as traffic has to be converted to L2TP with encryption. Open VPN is the safest option and easily configurable on web. Open VPN uses open-source technology and protocols like SSLv3/TLSv1.IKEv2 is Internet Key Exchange is a request/response protocol. IKEv2 uses X509 certificates and a shared key.

Let us discuss some of the advantages of VPN’s

High end encryption keeps the data secure when browsing over a VPN connection.

Geographical freedom, disguising the actual location of user and use can access secure information sitting at home or anywhere in the world.

Sharing critical file over VPN makes them more secure and keep the integrity of the files.

Securing browsing over a public network to secure personal and business information.

There are some limitations to VPN’s listed below

Efficient encryption also comes with network lag.

Encryption requires a lot processing power, to achieve optimal network speed one must pay for a decent VPN service.

To ensure adequate protection of the network, one need to understand network security issues and understand configuration.

Slow VPN is always a problem to determine which server provides optimal speeds required one must try multiple servers.

VPN technology standards and products from different vendors use different equipment, this can lead to technological incompatibilities.

Ethics, Law and Cybersecurity

/0 Comments/in /by

Question Description

Instructions: There are four (4) topic areas listed below that are designed to measure your knowledge level specific to learning outcome (LO 7) shown in your course syllabus. You must respond to #3 and select any other two of these topic areas providing appropriate responses in essay form. In most cases the topic area has several components. Each must be addressed to properly satisfy requirements.

State-wide and in most professional industries, there has been a mandate that college students be more proficient in their writing. While this is not a writing class, all writing assignments will be graded for grammar, syntax and typographical correctness to help address this mandate.

Pay attention to what you are being asked to do (see Grading Rubric below). For example, to describe does not mean to list, but to tell about or illustrate in more than two or three sentences, providing appropriate arguments for your responses using theories discussed in our text. Be sure to address all parts of the topic question as most have multiple parts. A verifiable current event (less than 4 years old) relevant to at least one of the topics you respond to is a fundamental component of your quiz as well. You cannot use information from the text book or any book/article by the author of the text book as a current event. Make sure that your reference has a date of publication. For each chapter quiz and final quiz you are required to find and include at least one reference and reference citation to a current event less than 4 years old (a reference with no date (n.d.) is not acceptable) in answer to at least one question. This requires a reference citation in the text of your answer and a reference at the end of the question to which the reference applies. You must include some information obtained from the reference in your answer. The references must be found on the internet and you must include a URL in your reference so that the reference can be verified.

You may type your responses directly under the appropriate question. Be sure to include the question you are responding to and your name on the quiz. Only the first three (3) questions with answers will be graded. Include your name in the document filename. Your completed quiz must be placed in the appropriate Dropbox, no later than 11:59pm on the due date. Do well.

  1. Using argument components discussed in Chapter 3, assess arguments for and against the use of biometric technologies for security, especially in airports and large stadiums. (a) Should biometric technologies such as face-recognition programs and iris scanners be used in public places to catch criminals? Since 9/11 there is much more support for these technologies than there was when biometrics were used at Super Bowl XXXV in January 2001. (b) Granted that such technologies can help the government to catch criminals and suspected terrorists, what kinds of issues do they raise from a civil liberties perspective? (c) Compare the arguments for and against the use of biometric technologies in tracking down criminals to arguments discussed in Chapter 5. (d) Do you support the use of biometrics in large, public gathering places in the United States? Defend your answer. Please elaborate (beyond a yes or no answer) and provide your “theoretical” rationale in support of your responses. (comprehension)
  2. In looking at the case of Internet entrapment involving a pedophile that was discussed in this chapter (a) which arguments can be made in favor of entrapment or “sting operations” on the internet? (b) From a utilitarian perspective, entrapment might seem like a good thing because it may achieve desirable consequences, but can it be defended on constitutional grounds in the United States? (c) Justify your position by appealing to one or more of the ethical theories described back in Chapter 2. Please elaborate (beyond a yes or no answer) and provide your “theoretical” rationale in support of your responses. (comprehension)
  3. (a) Are the distinctions that were drawn between cyberspecific and cyberrelated crimes useful? (b) Why would cyberstalking be classified as a cyberrelated crime, according to this distinction? (c) Among cyberrelated crimes, is it useful to distinguish further between cyberexacerbated and cyberassisted crimes? (d) Why would cyberstalking be categorized as a “cyberexacerbated” rather than a cyberassisted crime? (e) Why not simply call every crime in which cybertechnology is either used or present a cybercrime? (f) Would doing so pose any problems for drafting coherent cybercrime legislation? Please elaborate (beyond a yes or no answer) and provide your “theoretical” rationale in support of your responses. (comprehension)
  4. (a) What implications does the conviction of the four cofounders of The Pirate Bay Web site (in 2009) have for international attempts to prosecute intellectual property crimes globally? (b) Should the four men also have been required to stand trial in all of the countries in which copyrighted material had been downloaded from their Web site? (c) Will the outcome of The Pirate Bay trail likely deter individuals and organizations, worldwide, from setting up future P2P sites that allow the illicit file sharing of copyrighted material? Please elaborate (beyond a yes or no answer) and provide your “theoretical” rationale in support of your responses. (comprehension)

Watch YouTube video Deming at Pontiac. Research W. Edward Deming and the total Quality movement (TQM) Read below Case study 5-2 Boeing 787 Dreamliner. Respond to the questions. Also consider how Deming and TQM would have dealt with (or avoided) problems a

/0 Comments/in /by

Question Description

Watch YouTube video Deming at Pontiac. Research W. Edward Deming and the total Quality movement (TQM) Read below Case study 5-2 Boeing 787 Dreamliner. Respond to the questions. Also consider how Deming and TQM would have dealt with (or avoided) problems at Boeing. What does a TQM initiative look like in an IT department? How would IT support Total Quality at Boeing?

CASE STUDY 5-2 Boeing 787 Dreamliner

The first Boeing 787 Dreamliner was delivered to Japan’s ANA in the third quarter of 2011, more than three years after the

initial planned delivery date. Its complicated, unique design (including a one-piece fuselage that eliminated the need for

1,500 aluminum sheets and 50,000 fasteners and reduced the resulting weight of the plane proportionally) promised both

a reduction in out-of-service maintenance time and a 20% increase in fuel economy, but problems with early testing of

the new design contributed to the giant project’s troubles. Even after those delays, the 787 was grounded in January 2013

because the main battery had problems of overheating and subsequently burning. The problems were finally reported solved

in December 2014.

Delivery of Boeing’s 787 Dreamliner project was delayed, in part, because of the company’s global supply chain network,

which was touted to reduce cost and development time. In reality, the network turned out to be a major cause for

problems. Boeing decided to change the rules of the way large passenger aircraft were developed through its Dreamliner

program; rather than simply relying on technological know-how, it decided to use collaboration as a competitive tool embedded

in a new global supply chain process.

With the Dreamliner project, Boeing not only attempted to create a new aircraft through the innovative design and

new material but also radically changed the production process. It built an incredibly complex supply chain involving

over 50 partners scattered in 103 locations all over the world. The goal was to reduce both the financial risks involved in a

$10 billion-plus project for designing and developing a new aircraft and the new product development cycle time. Boeing

tapped the expertise of various firms in different areas such as composite materials, aerodynamics, and IT infrastructure to

create a network in which partners’ skills complement each other. This changed the basis of competition to skill set rather

than the traditional basis of low cost. In addition, this was the first time Boeing had outsourced the production on the two

most critical parts of the plane-the wings and the fuselage.

The first sign of problems showed up just six months into the trial production. Engineers discovered unexpected bubbles

in the skin of the fuselage during baking of the composite material. This delayed the project a month. Boeing officials insisted

that they could make up the time and all things were under control. But next to fail was the test version of the nose

section. This time, a problem was found in the software programs, which were designed by various manufacturers. They

failed to communicate with each other, leading to a breakdown in the integrated supply chain. Then problems popped up in

the integration of electronics. The Dreamliner program entered the danger zone when Boeing declared that it was having

– trouble getting enough permanent titanium fasteners to hold together various parts of the aircraft. The global supply network

did not integrate well for Boeing and left it highly dependent on a few suppliers.

The battery problems involved lithium-ion batteries that could not recover from a situation involving a rare but serious

internal short circuit that would cause flames to spread from one cell to another. Lithium-ion batteries had not previously

been used in an airplane and had not been tested under an assumption of a short circuit.

This case clearly underscores the hazards in relying on an extensive supply chain, failing to expect the worst case with

critical new parts, and encountering information exchange problems that caused long delays and seriously compromised a

company’s ability to carry out business as planned. Creating a radically different process can mean encountering unexpected

problems. In some cases, it would put a company so far behind its competition that it was doomed to fail. However, in this

case, the major competitor to the Dreamliner, the Airbus 380 program, was also using a global supply chain model, and its

program was delayed by a couple of years. The result for Boeing was a much-anticipated plane with fuel economy and outstanding

design that made the wait worth it. However, because of compromises in design, the Dreamliner holds only up to

250 passengers, compared to the A380, which has a seating capacity

Systems Analysis Case Study

/0 Comments/in /by

Question Description

Assignment Instructions

Purpose

The purpose of this assignment is to explore the SDLC (System Development Life Cycle) through a Case Study.

Assignment Directions

1. Choose any model of the SDLC and analyze the tasks at each stage as described below. Write at least one full paragraph for each stage of the SDLC including what it consists of and how you would apply that stage to the Case Study as described below.

Apply the Systems Development Life Cycle to the case described below. Choose any model of the Systems Development Life Cycle and analyze the tasks you would need to accomplish at each stage of the Systems Development Life Cycle for that model. You may use any of the SDLC models I gave you in the Lessons area in the Week 1 or Week 2 Lessons, or any other model of your own choice. However, be sure to state which model you are using and provide a URL to the resource(s) you consulted on that model so that I can compare your analysis of the case study against the specific Systems Development Life Cycle model that you chose for your analysis.

For example, if the model you follow has a Systems Initiation phase, you should explain to me how you would conduct the initial investigation. Who are the stakeholders that you would need to talk to? What information would you need to gather to establish the requirements of the project and how would you gather that information? What kind of feasibility study would you conduct and how would you do it? How would you conduct your cost-benefit analysis in this stage? What should be the end result of this stage?

You will have to identify the appropriate questions to ask yourself and to answer for each stage of your Systems Development Life Cycle, similar to what I have done for the Systems Initiation phase above. Part of this assignment is for you to understand and explain to me what needs to be accomplished in each phase and how that would specifically look for the Case Study below.

You must use your own general knowledge about organizations to make reasonable assumptions appropriate to the case study, since you will not be given every possible detail of the case. For example, who do you think the stakeholders would be? Think about the students, the faculty, the staff and administration of a typical university, etc., and identify all of the possible groups of stakeholders. You will have to think beyond the short description below and use your own general knowledge to complete the scenario and provide a full analysis of the Case Study.

2. Include details like specific questions and examples as indicated below.

Be as detailed as possible in your analysis. For example, if you are discussing how you would conduct a feasibility study, give a couple examples of specific questions you would ask. For another example, if you are describing how the Systems Design phase applies to the case study, include a couple examples of design items relevant to this case, such as an Entity Relationship Model for part of this system, or an example of a use case for your system, or the details of one or more classes you would create in this system. In this assignment, you are not required to create full design specifications, but you are encouraged to provide enough examples of design items to demonstrate your understanding of how you would approach the case study. For example, instead of delineating ALL classes you would need to create, choose one class and develop it as fully as you can, to illustrate that you understand the basics of creating an object class (with a class name, some class attributes, and some appropriate class methods).

3. Your paper should contain at least 2-3 pages and up to 1-2 pages of diagrams as indicated below.

Your paper should contain at least 2-3 pages of writing and you are encouraged to also provide up to another 1-2 pages of diagrams (which can be embedded throughout your paper, as appropriate).

Case Study

You are leading a team of software developers at a university. The university’s President has approached you about developing a new information system for tracking student course registrations. The system will need to contain information about students, faculty, and courses. Students should be able to use the system to browse course descriptions and the schedule of classes for each semester, add classes to their schedule, and drop classes from their schedule.