ISSC481 discussion response

Question Description

Hello,

I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold below are the questions the students at answering.

1. Why is it necessary to define policy elements?

2. Discuss the terms confidentiality, integrity, and availability as they relate to information systems. Why are they important?

Student one:

Greetings class,

Information systems are not simply a place in which information or data is stored. Information systems are complex structures that do store information, but that information needs to be protected, send and received capabilities exist and those need to be regulated, the software, users, and abusers all need to be considered when it comes time to drafting a comprehensive plan to ensure proper employment of the whole thing. Because it is so complex and there are so many parts within the whole, every organization that has information systems needs to have an information system security policy in place. To accomplish this, every element within the system needs to be reviewed so its role in the system is understood, as well as how any potential challenges it may encounter so that those challenges can be prevented or mitigated as best as possible.

Confidentiality, integrity, and availability, also known as the CIA Triad, play a large role when considering the way an organization should go about protecting its information systems. Some questions to ask might be:

Confidentiality: Who should have access to different types of information? What access policies and procedures are in place? What information needs to be protected by law? What information needs to be protected based on the policies of the organization? How does that information stay protected against unauthorized use? How will we know if unauthorized users attempt or successful access data that should be protected? What equipment or software do we need? How often should the system be assessed to find any weaknesses in that area?

Integrity: What type of information needs to be protected from unauthorized modifications? How do bad actors accomplish this and what needs to be done to prevent it?

Availability: How can our organization’s systems be disrupted? What incident response plans will be enacted should this happen?

In my opinion, it’s a great idea to start asking questions to make the best plan forward because knowing what is at stake will help drive the next steps of effort.

Have a great week,

Ashley

Student two:

Hello Class,

1. Why is it necessary to define policy elements?

Policies provides instructions on dictate the parameters on how businesses operate and their transactions with other organizations. Information Security Systems policies are written to define parameters to minimize threats and ultimately to keep the organization functioning and productive. So it’s important to define policy elements so that everything is known, clear, and understood by everyone. Defining policy elements thoroughly minimizes confusion and helps with ensuring that the policy elements are adhered to. It also helps people who fall under these policies, recognize certain actions or when someone else isn’t meeting the policy element specifications. This will provide those employees or members with the knowledge of what to do and who to contact if the policies aren’t being followed.

2. Discuss the terms confidentiality, integrity, and availability as they relate to information systems. Why are they important?

Information systems access, process, contain all sorts of data. Some information is more sensitive or confidential than other information. There is often private and proprietary data contained on information systems. Organizations most assuredly used information systems to process transactions and conduct business overall. So whether it’s a personal information system or if it belongs to an organization, both people and organizations alike want their information to be kept confidential. They don’t want their data to be modified unless they are the one who is change it and they want to be able to use their system. Putting these parameters in place forms the CIA triad, confidentiality, integrity, and availability. The CIA triad is the goal for securing data on information systems. Confidentiality, integrity, and availability are essential for information systems because owners of the systems want to be able to access their information whenever they want and ensure that it isn’t being accesses or altered by outsiders.

Reference:

Johnson, R. (2015). Security Policies and Implementation Issues, 2nd Ed. VS Burlington: Jones & Bartlett Learning ISBN: 9781284055993. Retrieved from https://online.vitalsource.com/#/books /9781284070637/cfi/42!/4/4

Metivier, B. (2017). Fundamental Objectives of Information Security: The CIA Triad. Retrieved from https://www.sagedatasecurity.com/blog/fundamental-…

-Kimberly

Provide replies to Discussion 4

Question Description

Main Que:Provide an example based on your professional experience of what motivate hackers to attack computer networks?

Provide replies to below discussions in 150 words .There are 2 discussions to reply.

Sachin:

Human mind works in mysterious ways and when we dig up more reasons behind hacking, it becomes more evidential. Obviously, Greed and Power are the two main reasons behind hacking. But other times, it is also driven by Fun, Disruption and even Espionage. Greed is when the hackers try to access the system for their own gain. Such gains could have monetary value, or it could be done to steal someone else’s proprietary things. Power is when the hacker tries to make a statement that they have the absolute control over some other system. It will help them to demonstrate their ability to intrude in some other system. Hackers often hack into systems for fun. Typically, these kinds of hacks does not leave much damage and the hacker has no reasonable logic behind the hack besides their own amusement.

Disruption is done when the hacker simply wants to impede another person’s or organization’s progress and cause chaos. It could be backed with strong intention to take revenge and bring down the reputation. Espionage is generally motivated by the political powers and it is done by one country to another. One of the examples of the espionage is when North Korea hacked into Sony’s system to bring down the movie they did not want to be released. It was due to political reasons and cause international dispute.

Example

There is an incident from Florida where a hacker installed a ransomware in computers for his financial gain: “Florida city is paying $600,000 in Bitcoins to a hacker who took over local government computers after an employee clicked on a malicious email link three weeks ago.” (CNN, 2019). This incident compelled the officials to pay 65 bitcoins in return to unlocking the files locked by the ransomware. The cost of the ransom is going to be covered by the insurance, but it definitely puts the information leak risk. Several thousands of the employees are affected by this.

City officials told that the hacker will be investigated despite they are being given the ransom amount. The incident has been reported to the FBI which has begun the investigation. The incident has also raised concern over other government official website which are being hacked in increasing numbers these days. This incident is a major wake-up call for the government to add extra cyber security apparatus and introduce tough rules regarding the hacking.

Sruthi:

Hackers, I believe are intelligent who use their talent for all the wrong reasons. They try to invade into the networks of the companies in unauthorized ways. There might be many different motivations behind the hacking. In order to deal with these hackers, it is always encouraged to have a better understanding and insight into the motivations of the attackers. Cyberterrorists, Hacktivists, cybercriminals etc. have a different kind of motives behind them hacking the computer systems or the network connections. Cyberterrorism is based on two concerns – attacks through technology in cyberspace and traditional terrorism.

From my professional experience, I get some emails which are called a phishing attack. The motive behind the false emails is scaring the normal people with different reasons. They scare the people saying they are due to pay a lot of money or lost their money. They mainly use emails to send out emails to scare and worry about normal people. The other personal experience I had was social media account being attacked. They have sent personal messages to the friends’ list and also shared bad posts on social media. This is something hackers enjoy by sharing bad posts and this helps them to gain financially. Many hackers care about money. Hackers always care about accessing our personal, financial or health data.

Few hackers get motivated by taking the technical challenge. The hacker maneuvered this colossal botnet to launch denial of service attack against a music web site for three months before the police detected it (Xingan, 2017). Hackers also try to practice and show up programming skills. They try to identify flaws in computer systems and make sure there is no code defect in the software. Some hackings are motivated by harassment and murder. Hackers have been motivated for several reasons like for the hacking community, employment-related motivations, recreation, motivated by self-defense and executing trap marketing.

Ethics, Law and Cyber security

Question Description

Instructions: There are three (3) topic areas listed below that are designed to measure your knowledge level specific to learning outcome (LO 4) shown in your course syllabus. You must respond to #2 and select any other one topic area providing appropriate responses in essay form. In most cases the topic area has several components. Each must be addressed to properly satisfy requirements.

State-wide and in most professional industries, there has been a mandate that college students be more proficient in their writing. While this is not a writing class, all writing assignments will be graded for grammar, syntax and typographical correctness to help address this mandate.

Pay attention to what you are being asked to do (see Grading Rubric below). For example, to describe does not mean to list, but to tell about or illustrate in more than two or three sentences, providing appropriate arguments for your responses using theories discussed in our text. Be sure to address all parts of the topic question as most have multiple parts. A verifiable current event (less than 4 years old) relevant to at least one of the topics you respond to is a fundamental component of your quiz as well. You cannot use information from the text book or any book/article by the author of the text book as a current event. Make sure that your reference has a date of publication. For each chapter quiz and final quiz you are required to find and include at least one reference and reference citation to a current event less than 4 years old (a reference with no date (n.d.) is not acceptable) in answer to at least one question. This requires a reference citation in the text of your answer and a reference at the end of the question to which the reference applies. You must include some information obtained from the reference in your answer. The references must be found on the internet and you must include a URL in your reference so that the reference can be verified.

You should type your responses directly under the appropriate question. Be sure to include your name on your quiz. Only the first two (2) questions with an answer will be graded.

  1. Do you believe that a coherent and comprehensive code of conduct for computer professionals is possible? (b) If so, which of the codes mentioned in this chapter roughly resembles such a code? Explain your choice. Please elaborate (beyond a yes or no answer) and provide your “theoretical” rationale in support of your responses (knowledge)
  2. You have been working for the XYZ Computer Corporation as an entry-level software engineer since you graduated from college last May. You have done very well so far; you are respected by management, well-liked by your fellow employees, and have been assigned to a team of engineers that has consistently worked on the most critical and valued projects and contracts that XYZ Computer Corporation has secured. Their most recent contract is for a United States defense project involving the Missile Defense System, and again, you have been assigned to the team that will develop software for this project. However, you are staunchly opposed to the project objectives, so you ask to be reassigned. Your supervisor and coworkers, as well as upper management, are disappointed to learn of your strong feelings about this project. You are asked to reconsider your views, and you are promised a bonus and a substantial pay increase if you agree to work on this project during the next year. You also discover from a colleague that refusing to work on this project would greatly diminish your career advancement at XYZ and may even make you vulnerable to future layoffs. To compound matters, you and your spouse are expecting your first child in about three months and you recently purchased a home. (a) What would you do (elaborate)? (b) Describe the process of ethical deliberation that you would undertake in trying to resolve this dilemma. Please elaborate (beyond a yes or no answer) and provide your “theoretical” rationale in support of your responses (knowledge, comprehension)
  3. According to Gotterbarn some of the criticism leveled against professional codes might be eliminated if we think of them as serving three important, but distinct, functions. Name and discuss them. Please elaborate (beyond a yes or no answer) and provide your “theoretical” rationale in support of your responses knowledge)

Discussion 4 —- provide replies to Discussion 7

Question Description

provide replies to below students posts:

Discussion 7:In terms of network security, what should organizational management allow and what should they block?

ven:

Network security management allows the administrator to manage a network consisting of physical and virtual firewalls in a central location. Administrators need network security management solutions to gain high visibility into network behaviors, automate device configuration, enforce global policies, view firewall traffic, create a unique interface for managing and reporting, and manage them.

Organizations now face threats against their information assets. At the same time, they are increasingly dependent on these assets. The rapid increase in the size and complexity of organizational networks will soon be the way forward for manual management. Most information systems are not inherently secure and technical solutions are only part of the holistic approach to information security. In recent years, a number of tools have been developed to automate this process. Establishing information security requirements is essential. However, organizations need to understand their unique threat environment. There are tools that allow to scan networks with multiple vulnerabilities and scan for attacks. In that network security after network security management. (Utz, L. (2018))

In network security organizational management allow :

1. First of all they have to setup a local firewall to prevent some trojans and backdoors.

2. They must install a descent antivirus to prevent from sort of viruses.

3. They must apply authentication and authorization for their services on the basis of layers, that who can access certain stuff, in which some authentication method will be there, like password protection to each user, so particular user if has rights to access then only he or she can.

4. They also has to block some sites which provoke viruses, on the basis of their content.

Saving only the work related data in the network.Complex passwords has to be encouraged. Use network and virus protection tools Provide two step authentication Block. saving employees personal information. Simple passwords has to be blocked intimate the employee the consequences of it. Don’t allow to disclose the company’s sensitive information. (Liu, J. (2018, August)

sin:

Organizational management plays a very integral role in the promotion of better delivery and achievement of optimal network security levels. The rationale for the above ideology can be explained from the fact that in as much as best policies guarantee better performance, users of computers and network systems must be closely monitored to ensure that their approach in work does not jeopardize the efforts of the organization in improving network security (Stewart, 2014). In light of the above, there are a number of things that organizational management may allow or block to ensure that network security levels are efficiently optimized.

For instance, management could allow access to the server room. This is because it is important to have an expert, or a team or expert with ready access to the server room in case of the occurrence of any emergency concerning the security of information. However, leaving the server room open should be blocked. That is, it is fundamental that the server room stays locked up and is only accessible by the authorized personnel – all other employees in the organization, without clearance to enter the server room, should be blocked. Notably, the server room stands out as the literal heart of the network security in a given organization and unauthorized access to switches, cables, routers, and the servers, among others, may result to destructive tampering (Kartch, 2017).

The management may allow the employees to bring their own devices to work. More so, they might be allowed the freedom to access any online resoruces using the corporate internet network. However, the above two workplace conveniences are countered with the disallowance of a few related practices. For instance, the management should block the use of home network for work purposes. The reason for the above is because the firewall robustness for the home network cannot be matched with that of the workplace, it is easier for hackers to take that advantage and use it as a loophole to enter into the corporate network system. Additionally, management should ensure that unused computers in the workstation are always disconnected or removed from the systems since they pose as easy entry points for intruders.

Discussion 4:Provide an example based on your professional experience of what motivate hackers to attack computer networks?

16 mins ago

ISSC 498 discussion response

Question Description

Hello,

I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold below are the questions the students at answering.

Questions (both questions must be answered):

1. Find an online article regarding Disaster Recovery OR Business Continuity.

2. Summarize the article.

Student one:

DRAAS-Disaster Recovery As A Service

Sandra Gittlen

Network World

31 Jan 2019

A disaster recovery plan is part of the business continuity plan that describes how business operations will recover quickly in the event of a disaster (Techopedia, n.d.), but focuses on the IT functions. The plan is developed to assist the IT department to get up and back running critical systems in order to support operations at a minimal resource level. Disaster recovery plans are critical to business sustaining after an unforeseen tragedy to its IT infrastructure, especially to the amount of reliance businesses place on their information systems. Sandra Gittlen writes on AutoNation hybrid approach to their disaster recovery plan.

AutoNation operates over 300 locations and had experienced failed attempts trying to implement an on-premises only solution and a cloud-only recovery solution however both were too expensive to sustain as a long term plan. So AutoNation settled for a DRaaS, Disaster Recovery as a Service, approach that backs up and replicates virtual servers, applications, and data to their Colorado location which operates as the colocation facility and responsible for replacing the sites AWS information during recovery. “The new disaster-recovery plan that features a blend of colocation-based and as-a-service-based disaster recovery, with 75 percent of applications targeted to recover from a Denver colocation facility and 25 percent from Amazon Web Services” (Glitten, 2019), creating a hybrid recovery plan.

DRaaS has grown in providers since cloud services have taken off. DRaaS has the ability to focus on backup virtual servers, physical servers, or on-site backup appliances. Many organizations are transferring the whole responsibility to the growing third party industry to provide fail-over services in the event of a service disruption or disaster. “Market research firm Technavio predicts the global DRaaS market will expand at a compound annual growth rate of nearly 36 percent between 2018 and 2022” (Gittlen, 2019). DRaaS provides the comfort of quick recovery at the flip of a switch.

Reference

Gittlen, S. (2019, January 31). Disaster recovery as a service: Options grow to fit needs. Retrieved from https://www.networkworld.com/article/3337463/draas-options-grow-but-no-one-size-fits-all.html.

Techopedia. (n.d.). What is a Disaster Recovery Plan (DRP)? – Definition from Techopedia. Retrieved from https://www.techopedia.com/definition/1074/disaster-recovery-plan-drp.

-Shayla

Student two:

Hello Class,

The article I reviewed centers around IBM and the city of Los Angeles. IBM and LA cyber labs have teamed up to help local businesses fight cybercrimes. Cyber Crimes are an issue for bigger companies with huge infrastructures that are designed to combat cybercrimes, so they are an even bigger problem from a smaller local business with fewer resources. LA Cyber Lab will offer two new cybersecurity tools to the city of LA’s commercial movers and shakers. The first tool is a mobile app that will allow for suspicious emails to be analyzed. The second tool which is the centerpiece of the exchanges is the cloud-based threat intelligence sharing platform developed by Trustar. This platform will allow users to circulate their spear-phishing and educate themselves on the lasts business email compromise or ransomware campaigns.

This is a great approach by IBM for several reasons. The first is that IBM and the developers of cybersecurity will be able to gather information on new spyware, ransomware, and social phishing. All of the information gathered can be used by companies with more resources to develop ways of securing their assets against these threats. The second advantage of this is the detection of newer threats. By giving this technology out to smaller businesses more threat information is being collected compared to if this technology was only available to bigger companies or it had to be purchased. The second piece of software that is going to be given away is the TISP with is a platforming. A platform is built to share information, information that could help a smaller business continue to operate if they run into a threat because information on this threat could have been shared weeks ago when it was first identified by another business that was using the TISP.

Announcements. (n.d.). Retrieved October 2, 2019, from https://newsroom.ibm.com/2019-09-17-IBM-Works-With-City-of-Los-Angeles-to-Combat-Cybercrime.

-Tahime

lab 7 quiz

Question Description

QUESTION 1

  1. To help protect intellectual property, the United States used established treaties from __________ to extend its own copyright law in the online realm.
    the European Union (EU)
    the National Conference of State Legislatures (NCSL)
    Napster
    the World Intellectual Property Organization (WIPO)

10 points

QUESTION 2

  1. RIAA claimed that Napster made a(n):
    “indirect” infringement on its patent.
    “direct” infringement on its trademark.
    “direct” infringement on its copyright.
    “indirect” infringement on its copyright.

10 points

QUESTION 3

  1. For more than 200 years prior to March 2013, a patent was awarded to the:
    company that produces the invention.
    person with the best idea for a product or process.
    person who first came up with the invention.
    person who files first for the patent.

10 points

QUESTION 4

  1. The Digital Millennium Copyright Act makes it a crime to:
    crack copyright protection devices to assess product interoperability.
    crack copyright protection devices for the purpose of testing security systems.
    crack copyright protection devices for the purpose of encryption research.
    circumvent antipiracy measures in commercial software.

10 points

QUESTION 5

  1. In December 1999, the Recording Industry Association of America (RIAA) took legal action against Napster for:
    copyright infringements.
    patent infringements.
    trademark infringements.
    identity theft.

10 points

QUESTION 6

  1. RIAA, the plaintiff, represented __________ in its legal action against Napster.
    Bruce Springsteen and Billy Joel
    the Black Keys
    the Smashing Pumpkins
    all major record labels

10 points

QUESTION 7

  1. The primary difference between a copyright, a trademark, and a patent is the:
    profession of the individual applying for intellectual property protection.
    industry in which the intellectual property is used.
    type of intellectual property being protected.
    length of protection the intellectual property owner desires.

10 points

QUESTION 8

  1. The result of the United States copyright extension is now known as the:
    Napster Act (NA).
    Digital Millennium Copyright Act (DMCA).
    Intellectual Property Act (IPA).
    Gramm-Leach-Bliley Act (GLBA).

10 points

QUESTION 9

  1. Since March 2013, a patent is awarded to the:
    company that produces the invention.
    person with the best idea for a product or process.
    person who first came up with the invention.
    person who files first for the patent.

10 points

QUESTION 10

  1. The law that stopped Napster from continuing its operations is the __________ that was enacted in 1998.
    Napster Act (NA)
    Digital Millennium Copyright Act (DMCA)
    Intellectual Property Act (IPA)
    Gramm-Leach-Bliley Act (GLBA)

10 points

QUESTION 11

  1. Which of the following legal terms means assisting in or inducing people to engage in infringement activity?
    Material contribution
    Principal use
    Substantial use
    Probable cause

10 points

QUESTION 12

  1. Which of the following was a company (in existence only from June 1999 to July 2001) that used peer-to-peer networking to provide a file-sharing service that gave its users the ability to share music?
    iTunes
    Napster
    Soundz
    Pandora

10 points

QUESTION 13

  1. The Digital Millennium Copyright Act addresses treaties signed in 1996 at the:

10 points

QUESTION 14

  1. Under the Digital Millennium Copyright Act, which of the following are protected from copyright infringement liability for the act of transmitting information over the Internet?
    Libraries
    Higher education institutions
    Internet service providers
    Individuals

10 points

QUESTION 15

  1. If you design a graphic, slogan, or symbol for your company and its product, then you would file for a(n):
    trademark.
    copyright.
    patent.
    exception.

10 points

QUESTION 16

  1. If you invent a machine or design a special process, you may wish to file for a(n):
    trademark.
    copyright.
    patent.
    exception.

10 points

QUESTION 17

  1. Which of the following supported the Digital Millennium Copyright Act?
    Librarians
    Academics
    Scientists
    Software and entertainment industries

10 points

QUESTION 18

  1. If you write a song, produce a film, sculpt a piece of art, or write a mobile phone application and wish to protect it, then you will claim a(n):
    trademark.
    copyright.
    patent.
    exception.

10 points

QUESTION 19

  1. Under the Digital Millennium Copyright Act, which of the following must pay licensing fees to record companies?
    Libraries
    “Webcasters”
    Higher education institutions
    Nonprofit “public” radio stations

10 points

QUESTION 20

  1. Which of the following is an example of intellectual property?
    Artwork that an individual created.
    A house that one individual purchased from a previous owner who did not design the house.
    Land that one individual purchased from a previous owner.
    A car that one individual purchased from a previous owner who did not design the car.

every details is in below, have two answer two questions in short essay format with reference.

Question Description

Instructions

CSCI 415 Ethics, Law and Cybersecurity

Chapter 3 Quiz

NAME: _______________________________DATE: _________________

Chapter 3 – Quiz 3

Instructions: There are two (2) topic areas listed below that are designed to measure your knowledge level specific to learning outcome (LO 3) shown in your course syllabus. Please provide appropriate responses in essay form for both. In most cases the topic area has several components. Each must be addressed to properly satisfy requirements.

State-wide and in most professional industries, there has been a mandate that college students be more proficient in their writing. While this is not a writing class, all writing assignments will be graded for grammar, syntax and typographical correctness to help address this mandate.

Pay attention to what you are being asked to do (see Grading Rubric below). For example, to describe does not mean to list, but to tell about or illustrate in more than two or three sentences, providing appropriate arguments for your responses using theories discussed in our text. Be sure to address all parts of the topic question as most have multiple parts. A verifiable current event (less than 4 years old) relevant to at least one of the topics you respond to is a fundamental component of your quiz as well. You cannot use information from the text book or any book/article by the author of the text book as a current event. Make sure that your reference has a date of publication. For each chapter quiz and final quiz you are required to find and include at least one reference and reference citation to a current event less than 4 years old (a reference with no date (n.d.) is not acceptable) in answer to at least one question. This requires a reference citation in the text of your answer and a reference at the end of the question to which the reference applies. You must include some information obtained from the reference in your answer. The references must be found on the internet and you must include a URL in your reference so that the reference can be verified.

You should type your responses directly under the appropriate question. Be sure to include your name on your quiz. Only the first two (2) questions with answers will be graded. Include your name in the document filename. Your completed quiz must be uploaded into the appropriate eCollege Dropbox, no later than 11:59pm on the due date. Do well.

  1. Based on what you have learned in this chapter and using appropriate components, properly construct an argument to: (1) support or refute the view that all undergraduate students should be required to take a course in cyberethics; and (2) apply the seven steps (in Section 3.8) to your argument. Please elaborate (beyond a yes or no answer) and provide your rationale in support of your responses (comprehension)
  1. Using appropriate components construct an argument for or against the view that privacy protection should be improved in e-commerce transactions. Next evaluate your arguments against the rules for valid, inductive, and fallacious arguments. Does your argument contain any of the common or “informal” fallacies discussed in Section 3.9? If so, elaborate. Please elaborate (beyond a yes or no answer) and provide your rationale in support of your responses (knowledge)

Grading Rubric for Quizzes

Grading criterion Unit Points Total Points

Uploaded to correct Dropbox 2 2

Submitted on time 15 15

Document Filename:

Your Last Name,first and middle initial with correct quiz number 5 5

(Example only: Creider_RD_q1)

Rationally expressed opinions, experiences (personal or observed), 8

arguments and premises (where appropriate) to support responses

(did not simply restate/summarize author/textbook

Clearly presented classical ethics theories relative to topic 8

Included ‘URL’ for appropriate verifiable current event 12 28

(i.e., example of topic being discussed WITH EXPLANATION)

NOTE: Must be less than 4 years old

Grammatically correct and appropriate tone 10

(professional, non offensive language)

Typographically correct 10 20

Included full citations as needed 3

Used correct APA format 7 10

Addressed each item within selected topic area 20 20

Maximum grade 100 100

NOTE: POINTS WILL BE DEDUCTED FROM TOTAL ASSIGNMENT GRADE IF EACH QUESTION YOU SELECTED IS NOT INCLUDED IMMEDIATELY BEFORE EACH ANSWER.

I want a reply post to the below essay in 200 words using apa format and journal articles

Question Description

PART A

It is vital for organizations to have organization gatherings. These gatherings help in the development and expansion of the organization. For appropriate coordination and management of these gatherings, the team leaders, as well as the managers, are given this job. The team leaders have the obligation of guaranteeing the organization goals are achieved. The leaders should set the team principles and boundaries adequately (Eubanks, 2016). The set guidelines ought to be viably communicated to all the team individuals to guarantee they are appropriately pursued. Various gatherings in the organization are mandated to carry out various jobs. In this dialog, various gatherings were examined; they incorporate, marketing team, looking over team, broadcasting team, insulating team, and the X-teams.

Studying teams

Studying team is in charge of guaranteeing customer satisfaction. The customer’s needs, as well as their inclinations, are usually the boundaries where the looking over team is based. The customer’s needs and inclination are usually put ahead of all the undertakings and the hour of the reviewing team.

Marketing teams

The marketing team is usually given the duty of advancing the organization items and administrations (Eubanks, 2016). They set the phase wherein the organization advancements are usually done. The marketing team usually set their boundaries through legitimate evaluation of any apparent need that may lead to an increase in organization advancement. The marketing team need to act is usually controlled by the requirement for advancement.

Insulating team.

The insulating team individuals are usually insulated from the remainder of the organization individuals and the external powers that may affect the running of the organization. The insulation guarantees the team individuals can not be affected by the other team of the organization as well as the external powers of the organization.

Broadcasting team.

The job of the broadcasting team is similar to those of the insulating team.but in this team requires high trustfulness among the team members.it is important for the team part to carry out specialization as they are required to offer back to the team through their specialization aspect.

X-Teams.

The team has no defined limits. Notwithstanding, they are tasked with the duty of conveying the items to the buyers to meet the customer’s necessities of the organization. Their main aim incorporates building up the organization items and later unleashing them after creation.

Trade-offs between external ties and internal attachment

The trade-off that is there between internal attachment, as well as external ties, are usually controlled by the present teams that are usually operational in the organization. Both the insulating and broadcasting are an example of internal gatherings that exist in the organization. This team helps in structure internal attachment in the earth (Tamm, 2016). The remainder of the gathering teams makes the organization external ties, however they usually rely upon internal attachment.

PART B.

Team individuals usually have nine normal obligations. This job incorporates asset investigation, monitoring, completing, plant, shaping, actualizing, specialists, and organizers. The job of implementors entails executing the actual plans that the organization presents. This incorporates having reasonable data, behaving economically, and have superb organization behaviors (Shemla, 2016). The finishers job incorporates seeing mistakes in the work.

The job of the organizers incorporates having superb listening aptitudes and can offer guidance abilities to the remainder of the team individuals to help them in finishing the activities of the venture. The team individuals have the duty to distinguish and offer answers for the issues of the team. The job of investigators expects one to have astounding negotiation aptitudes and appropriate negotiation abilities.

Monitors are critical in the team as they usually entail a gathering of scholars. These team individuals ought to be great motivators to guarantee the gathering individuals remain motivated. The specialist’s team has the job of offering the required ability in the team. Finally, the job I play in the team is that of the plant this is because I offer innovative ideas to the team; this guarantees new innovative ideas are offered to aid in the running of the organization.

Normalization 3nf

Question Description

Please show all of your work/steps

Provide a complete integrated set of normalized (3NF required) relations for The Data Structuring/Normalization Scenario in this link. Use the format displayed in An Example of Normalization below.

Note that entities are in all caps, attribute names with multiple words

are connected by an underline character joining each word, primary keys

are underlined and

listed first within the attributes in Third Normal Form (see textbook

Chapter 9 for explanatory information on the normalization process).

An Example of Normalization:

Here is a relatively simplistic example of a normalization process:

An “un-normalized” relation:

STUDENT(Last_Name, First_Name, Course_Name, Instructor_Name, Semester, Year)

The “normalized” version in Third Normal Form:

STUDENT(Student_ID, Last_Name, First_Name)

INSTRUCTOR(Instructor_ID, Last_Name, First_Name)

COURSE(Course_ID, Course_Name)

SEMESTER(Semester_ID, Term, Year)

COURSES_TAKEN(Student_ID,Course_ID,Instructor_ID,Semester_ID)

The Data Structuring/Normalization Scenario:
Your Team has been hired by a manufacturing company with multiple manufacturing facilities to perform the logical design of a relational database to manage their roster of available temporary workers and their subsequent assignments to fill workforce needs. The temporary workers are needed on a seasonal basis to fill a number of job roles such as materials management, van driver, loading/shipping dock worker, assembly line worker, packaging/shipping support, etc. Each manufacturing facility is configured with three different work areas, which are raw materials management, assembly line productions, and packaging/shipping. Here are the requirements that you have identified after interviewing company management:
1. The company would like to record and maintain complete information on each temporary worker, including full name, home address, mailing address (which may or may not differ from the home address), preferred and secondary telephone numbers, email address, date of birth, gender, initial date of employment.

2. The manufacturing facilities all operate on a 24-hour daily basis, three 8-hour shifts a day, six days a week, Monday through Saturday. They would also like to maintain information on each temporary worker’s work shift availability in terms of days of the week and work shift, which is first shift, second shift, third shift, or “bridge” shift. A bridge shift is composed of the last 4 hours of first shift and first 4 hours of second shift on the specified days. Workers may specify availability for one or more shifts during specified days of the week.

3. In addition, they will need to maintain complete information on each temporary worker’s job certifications and information on certification instructors. The information for certification instructors is the same information as for temporary workers identified in item 1 above, information on which courses they are qualified to teach, and their teaching histories for the company. A temporary worker must be certified for a job role by completing a required training program for that role and can be certified to perform one or more job roles. For job certifications, the company would like to maintain the identification of the certification, identification of the temporary worker participating in the certification training, the dates of certification training (certification training ranges from 4 to 16 hours depending on the type of certification), the certification trainer’s identification, and a pass/fail designation for the temporary worker completing the certification training. The company would also like to maintain complete information on available job role certification training program courses. 4. Temporary workers are also required to specify prioritized work area location preferences for one or more manufacturing locations. 5. Finally, they have stated the requirement for maintaining a complete record of each temporary worker’s assignments, including manufacturing facility location and work area assignment, date worked, shift(s) worked, and job role(s) filled by shift.
The company intends to use the completed database design to support the identification of temporary workers to fill needed assignments and to produce comprehensive reports on the use of temporary workers.

ISSC498 discussion response

Question Description

Hello,

I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold below are the questions the students at answering.

Questions:

1. Why is an Enterprise Security an important piece to the success of a business?


Student one:

According to Xu, (2014) enterprise security encompasses the technical and process-driven solutions that support the overall security needs of an organization, from requirement to design to implementation. Enterprise security can create important linkages between the goals and objectives of a business, and it provides appropriate measures to protect the most critical assets within an organization while accepting risk where appropriate thus, leading to the success of the business to the organization.

Implementing the enterprise security is importance to the success of the business because it helps accomplish the following

• Demonstrate due care

• Helps provide assurance of policy compliance

• Lower risks to acceptable levels

• Helps optimize allocation of scarce security resources

• Improves trust in the governance scheme

• Helps establish accountability

Moreover, one area that can have a huge impact on enterprise security is cloud computing that uses remote data center to manage access to applications. Cloud computing offers users the ability to increase capacity or add services as needed without investing in new data centers, training personnel, or even licensing new software that are useful to the success of the business.

Enterprise security is important to the success of the business, for example, businesses, including your organization competitors, are becoming acutely aware of the trend to address privacy and use privacy assurances as a differentiator for keeping and obtaining new customers in order to maintain the success of the business (Fischer, 1999).

In addition, at a time when the enterprise security function is at its eminent position, then its important to many organizations as it allows security managers to bridge the communication of the business language gap to senior management and to entirely converse their department’s paramount’s organizational importance as away of keeping the success of the business effectively.

References:

Fischer, R. J. (1999). Loss prevention and security procedures: Practical applications for contemporary problems. Oxford: Butterworth-Heinemann.

Xu, J. (2014). Managing digital enterprise: Ten essential topics.

Student two:

Society in a whole has begun to lean heavily on technology on a day to day basis. We have broadened our everyday lifestyles from operating solely in work, school, and home environment and have extended it to the internet. The internet is used for multiple functions from schoolwork, entertainment, communication, and more importantly many businesses rely on this domain for maintaining operations. These businesses can be a variety of industries from healthcare, entertainment, financial, educational, technology, etc. With so many operations and individuals relying on the web to provide a resource, it is not hard to see why enterprise security it an important factor in the success of a business.

Businesses must have an enterprise security system in place in order to protect data and this is accomplished by identifying vulnerabilities and working to reduce the risk it presents. Though unintentional mishaps can be a risk to security, the more malicious threat of unauthorized access is the main intention to reduce risk. Breaches due to security failures can cause a decrease in productivity, from lack of risk management, could have negative effects on an organization. If in the event a business is breached and not able to present evidence that they actively tried to prevent, deter, or protect against potential risks they can be subject to hefty fines. In addition lack of proving due care and due diligence, a business will experience public embarrassment and damage to reputation.

Reference

FourCornerStone. (2016, May 9). A Better Understanding of the Importance of Enterprise Security. Retrieved from https://fourcornerstone.com/online-security/better…

Tarcomnicu, F. (2017, January 6). 5 Fundamental Best Practices for Enterprise Security. Retrieved from https://www.entrepreneur.com/article/281042

-Shayla