June 2023 - Page 1150 of 1402

assigment

subject: Enterprises systems and archietecture

Assessment Individual case study assignment (1,500 words) on implementing change with an enterprise system

516-LAB 5

Part 1: Research Security Awareness Policies (0/1 completed)

Note: In this part of the lab, you will review an example of a security awareness training policy in order to form a basis for their purpose and usage. Understanding the reason behind a security awareness training policy is key to understanding the component policies and procedures. Please take time to review the research thoroughly and think through the concepts of the policy itself.

1. Review the security awareness training policy at the following website:

Health care: State of North Carolina Department of Health and Human Services (https://policies.ncdhhs.gov/departmental/policies-manuals/section-viii-privacy-and-security/manuals/security-manual/@@display-file/policy_file/DHHS%20Security%20Manual.pdf)

2. For the sample security awareness training policy that you reviewed in the step above, discuss the policy’s main components. You should focus on the need for a security awareness program and its key elements.

Part 2: Create a Security Awareness Policy (0/6 completed)

Note: A strong security awareness policy is a key component of a strong organizational security posture. The effectiveness of a security awareness training policy and program will directly influence how well employees will value and protect the organization’s security position. When writing a security awareness training policy, consider the following questions:

Is the policy statement as concise and readable as possible? For example, no more than one to three sentences.
Is the entire policy as concise and readable as possible? For example, no more than two to three pages.
Does the policy align well with other governing documents?
Does the policy speak directly to the target audience?
Does the policy state the “why” with only the minimal detail, and rely on standards or guidelines for the “how”? Policies should be written in such a way that they will not need frequent updates.
Does the policy adequately describe scope and responsibilities?
Are the policy’s revision, approval, and distribution documented?

After the policy has been approved, its success relies on proper delivery and understanding. To simply give a new employee 5 minutes to read and sign a policy during orientation is not enough. Focused and interactive “policy understanding” sessions should guarantee every employee understands the policy’s reasoning and necessity. Customizing these sessions according to department or function can drastically increase how much employees retain of and apply the training during their work. Repeat sessions reinforce the policies and keep material fresh in their minds.

1. Review the following scenario for the fictional Bankwise Credit Union:

The organization is a local credit union that has several branches and locations throughout the region.
Online banking and use of the internet are the bank’s strengths, given its limited human resources.
The customer service department is the organization’s most critical business function.
The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees.
The organization wants to monitor and control use of the Internet by implementing content filtering.
The organization wants to eliminate personal use of organization-owned IT assets and systems.
The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls.
The organization wants to implement security awareness training policy mandates for all new hires and existing employees. Policy definitions are to include GLBA and customer privacy data requirements, in addition to a mandate for annual security awareness training for all employees.

2. Create a security management policy with defined separation of duties for the Bankwise Credit Union.

Bankwise Credit Union

Security Awareness Training Policy

Policy Statement
Define your policy verbiage.

Purpose/Objectives
Define the policy’s purpose as well as its objectives.

Scope
Define whom this policy covers and its scope. What elements, IT assets, or organization-owned assets are within this policy’s scope?

Standards
Does the policy statement point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards.

Procedures
Explain how you intend to implement this policy for the entire organization.

Guidelines
Explain any roadblocks or implementation issues that you must overcome in this section and how you will surmount them per defined guidelines. Any disputes or gaps in the definition and separation of duties responsibility may need to be addressed in this section.

Challenge Exercise (0/2 completed)Note: The following challenge exercise is provided to allow independent, unguided work – similar to what you will encounter in a real situation.

There are many vendors that provide security awareness training software to organizations that do not have the time nor the resources to create their own. When selecting a software vendor, many organizations will issue a Request for Information (RFI) to potential vendors, outlining the details of what the organization would like to learn about the vendor’s solution. You can read more about RFIs here: https://www.smartsheet.com/free-request-for-information-templates.

As a security manager at eChef, an online marketplace for high-end kitchenware, you have been tasked with selecting a security awareness training software provider.

Use the internet to research real security awareness training software providers.

1.Identify three security awareness training software providers.

2.Identify 10 questions that you would include in your RFI.

Monitoring Project- Dap

Please see attached file

Computer

What kind of information do you think a small business or organization would organize into a database?

Wk 4 Discussion – Indicators of Compromise

Respond to the following in a minimum of 175 words:

An important part of managing security in connections and communications between a secured network and the Internet at-large is to have a benchmark for what normal traffic looks like. Many applications exist for the purpose of monitoring, probing, or scanning traffic-related events to catch irregularities that can inform a deeper investigation.

What types of irregularities could signal a potential security event or incident? Describe at least 2 types of indicators.
Which tools would you recommend to track these indicators, and how would you respond to these occurrences on your network? How would you determine if these indicators signaled a real threat?

Cloud Computing

Chapter 16 topics:

Define and describe total cost of ownership. List at least 10 items to consider when determining a data center’s total cost of ownership.
Define and describe a capital expense. How are capital expenses different from operational expenses?
Define and describe economies of scale and provide a cloud-based example.
Define and describe “right sizing” as it pertains to cloud computing.

Chapter 17 topics:

Compare and contrast functional and nonfunctional requirements and provide an example of each.
Discuss why a designer should avoid selecting an implementation platform for as long as possible during the design process.
Discuss various trade-offs a designer may need to make with respect to nonfunctional requirements.
Discuss why the system maintenance phase is often the most expensive phase of the software development life cycle.

Chapter 18 topics:

Using Yahoo! Pipes, create a pipe that displays the names of pizza restaurants within a given zip code.
Using Google App Engine, create a page that displays the following Python script:
- print “Content-type: text/htmlnn”
- print “Cloud Computing, Chapter 18“

Chapter 19 topics:

Define scalability.
List five to ten potential relationships that align with the Pareto principle, such as how 80 percent of sales come from 20 percent of customers.
Compare and contrast vertical and horizontal scaling.
Explain the importance of the database read/write ratio.

Chapter 20 topics:

List and describe five ways you think the cloud will change the future of TV.
List and describe five potential uses for intelligent fabric.
List and describe five ways the cloud will influence the mobile application market, or vice versa.
Discuss the importance of HTML 5.

GLBA Safeguarding Requirements

Scenario

You have been in your role as the CIO for Premier University for almost six months. In that time, you have managed to create a small information security team, and incident response is one of the team’s strengths. Unfortunately, the repercussions for the data breach that occurred almost a year ago continue to plague you.Premier University recently received a letter from the Department of Education, asking the university to explain the circumstances of the data breach and how the institution handled the breach. The letter also referenced the Gramm-Leach-Bliley Act (GLBA). You know that the institution must follow GLBA provisions to ensure the security and confidentiality of student financial aid information. That requirement is part of the contract for administering federal student financial aid that Premier University has signed. You also know that the Department of Education Office of Federal Student Aid issued an informational memo about these requirements in February 2020.

Tasks

The Premier University president has asked you to outline GLBA data safeguarding requirements and why they are important to implement to protect student financial aid data. The president has also asked for your opinion on the ease with which Premier University can implement the safeguarding requirements.For this part of the project:

Review the “Enforcement of Cybersecurity Requirements under the Gramm-Leach-Bliley Act” memo and the links within the memo: https://ifap.ed.gov/electronic-announcements/022820EnforcCyberReqGrammLeachBlileyAct
Create a professional report that addresses the following:
- The university’s GLBA data safeguarding requirements
- Why the data safeguards are important to implement to protect student financial aid data
- Your opinion on the ease with which Premier University can implement the safeguarding requirements to reduce risk; rate the ease of implementing each safeguard on a scale of easy, medium, or hard
In the report, include any sources you consulted.

Required Resources

Internet access
Course textbook

Submission Requirements

Format: Microsoft Word (or compatible)
Font: Arial, size 12, double-space
Citation Style: Follow your school’s preferred style guide
Length: Minimum 6 to 8 pages

Computing technology

Why is computing technology important?

assignment

Res Wknd – Practical Connection: Career Plotting

Background: Read the article at the link below by Nicole Fallon “Destination Dream Job”. Pay close attention to the roadmap outlined in the article about career progression. Fallon outlines 4 steps that one needs to take to reach their career goal (see link below). Career experts have also shared their advice for mapping out a path to one’s ultimate dream job. Those steps include: (1) Know where you want to go, (2) Focus on the tools you need, (3) Find a guide, and (4) Be open to changing your route.www.businessnewsdaily.com/6432-create-career-roadmap.htmlYour assignment : Plot your career direction based on each step in this roadmap. For step #1 you should look at where you are now (what industry, job, position, etc.). Also answer where you want to go (industry, job, position, salary, etc.) from here. For step #2, I would like you to go online and explore various job announcements and position descriptions to see what you need (what experience, degree, certification, interest, passion, etc.). In this context, I also would like you to state how pursuing this degree, and this course specifically, is a tool for the career direction in which you are going. Then for step #3, do you know anyone who might be a mentor; are you pursuing opportunities to network with like-mined professionals, etc. Finally, for step #4, is there some short-term deviation from your goal that you would accept – what is it?It should take just a short paragraph that address each of the four steps mentioned above. The background and online research for this assignment can be done collectively in your group. However, the findings must be specific for you individually and so your post must be individual. As I have always mentioned, do not cut and paste information from other sources – I want your view and in your words. As your reader, I want to be able to follow whatever sources you use, so support your views (and findings) with at least two in-text citations . This means you will also need a reference list. For this assignment (only), a url reference is acceptable (not usually acceptable for APA). This is an individual assignment which must be accomplished by you alone. Please post your paper to iLearn NLT 6/11 – 8pm EST.When you are ready to post, click the Res Wknd Practical Connection assignment link, then Either click the “Write Submission” link and directly paste your document into this assignment box OR Browse your Computer and add the entire Microsoft Word document as an attachment (Mac users, please remember to append the “.docx” extension to the filename).

Week 10 Assignment – Designing a Secure Network

Introduction

In this three-part assignment, you will apply the various concepts you have learned throughout this course to the design of the single most secure network possible, capable of supporting three IT services: e-mail, file transfer (centralized), and VPN. After you have fully designed your network, you will need to provide three data flow diagrams explaining how your designed network handles three different transactions:

The first datapath diagram should show an internal user sending an e-mail with their corporate e-mail address to a user on the Yahoo domain with an arbitrary address of [email protected].
The second datapath diagram should show a user initiating an FTP session from inside your network to the arbitrary site of ftp.netneering.com.
The third datapath diagram should show an externally located employee initiating a VPN session to corporate, in order to access files on the Windows desktop computer DT-Corp534-HellenS at work.

The specific course learning outcome associated with this assignment is:

Recommend solutions, products, and technologies to meet business objectives.

Instructions

Part 1

Use Microsoft Visio or an open-source alternative to:

Create a diagram showing the overall network you have designed, from the user or endpoint device to the Internet cloud; following the access, core, and distribution layer model; depicting at least four-fifths of the necessary network components; and citing specific, credible sources that support the design. Include the following, at a minimum:
- An authentication server (Microsoft Active Directory).
- Routers.
- Switches and/or hubs.
- Local users.
- Remote users.
- Workstations.
- File share (CIFS).
- Mail server.
- Web servers (both internal and external).
- Firewalls.
- Internet cloud.
- Web proxy.
- E-mail proxy.
- FTP server (for internal-to-external transport).

Part 2