Discussion 1

 The topic I have selected is a  DoS occurred in 2020 to Amazon Web Services

Introduction to Risk

Individuals, businesses and governments face risk daily. Risk is manifested in different forms and may be described as business, non-business, or financial. Irrespective of the type of risk, it’s important to remember the basic goals of security – to maintain confidentiality and integrity, while also ensuring the availability of data and systems. Organizations and governments usually employ different approaches to mitigating risks, but with a good understanding and consideration for risk elements including (i) vulnerabilities, (ii) threats & threat agents, (iii) impact, and (iv) likelihood. Other considerations include an organization or government’s appetite for risk, business goals, as well as internal and external drivers (laws, regulations, and standards). Proven strategies to deal with risk employ an enterprise risk management approach, and also rely on risk management frameworks including but not limited to: NIST’s risk management framework, ISACA’s risk IT framework, and COBIT 2019.

Overview

Follow these directions to complete the assignment:Identify a cybersecurity-related attack:Using scholarly sources and/or the web, research, identify, and share an example of a cybersecurity-related attack. Examples may include cyber warfare such as “Stuxnet” or the “Equifax” data breach. Feel free to use any of these. Once you’ve decided on the example you will share, “claim” it by posting it to the discussion. Do not post about the same type of attack as your classmates.Create your post:In a discussion post of approximately 600 to 800 words, explain risk and risk elements related to this attack, including a synopsis, attack type, characteristics, vulnerabilities, threats & threat agents, impact, and likelihood of this attack. You may need to make some assumptions as you write about the risk elements. Clearly state any assumptions that you make. Do not offer a potential solution to the attack; 

Action Items

  1. Complete all of the reading for this module.
  2. Claim the cybersecurity-related attack you intend to discuss by posting it to the discussion.
  3. Create your discussion post according to the directions in the overview.

Question

Please answer below questions(plagiarism applies)

  1. Discuss each of the following terms:
    1. data
    2. field
    3. record
    4. file
  2. What is data redundancy?
  3. Discuss the disadvantages of file-based systems.
  4. Explain the difference between data and information.
  5. Use Figure 1.2 (below attachment) to answer the following questions.
    1. In the table, how many records does the file contain?
    2. How many fields are there per record?
    3. What problem would you encounter if you wanted to produce a listing by city?
    4. How would you solve this problem by altering the file structure?

Misrepresentation in the media

 Provide an example of some form of misrepresentation in media over the years (includes: staging news, re-creations, selective editing and fictional methods). Give some background for context and answer; why, in your opinion is this an example of misrepresentation and why is it egregious? Provide the link to the example. Additionally for the Week 8 discussion, consider media bias. Both conservative and liberal sides claim that there is media bias (to the other side of their beliefs) yet, it is evident that there is bias on both sides. It is no secret that the traditional views of the following 3 media outlets are as follows: Fox News–Conservative/Right, MSNBC–Liberal/Left, CNN–Moderate. 

4/1 Devotional

The scriptures suggest that you “train up a child in the way they should go, and even when he is old he will not depart from it” (Proverbs 22:6, ESV). Training is considered important in maintaining a healthy perspective in life. So too can training of employees provide many benefits. A security awareness program provided to employees is designed to teach the user community to recognize someone attempting to compromise their system. Training is suggested as a good method of being prepared. 1 Timothy 4:7 says, “Have nothing to do with irreverent, silly myths. Rather train your yourself for godliness” (ESV). We do not wish to be uninformed, and therefore we train ourselves. Deuteronomy 4:9 goes on to encourage us to “only take care, and keep your soul diligently, lest you forget the things that your eyes have seen, and lest they depart from your heart all the days of your life” (ESV). The Bible recommends preparing oneself for knowing what is right, through training.

  1. Review the material in the Getting Started section, including the specific Bible passages.
  2. Be sure to address to the following prompts in your paper:
    1. How does keeping your soul diligently and training for godliness compare to training used in the workplace?
    2. How might you apply the principles presented in these verses to prepare a security awareness program?
  3. Your paper should be at least 250 words in length.

10-15 page apa no plagiarism own words

 Drive-thru Fast-Food Systems

Do research on at least 5 drive-thru fast-food restaurants whose mission is similar but whose processes differ in some way (i.e., one restaurant may specialize in drive-thru and have limited inside dining while another restaurant may specialize in large inside dining and limited drive-thru; one may specialize in self-service kiosks while another has limited or no self-service kiosks). Examples might include: Chic-fil-a, Dairy Queen, McDonalds, Taco Bell, Wendy’s, Burger King, Long John’s Silvers, Captain D’s, Popeyes, etc. Again, these are to be fast-food restaurants with a drive-thru option.

Identify the systems and processes that are used by the restaurants you researched, with special emphasis on where automated systems are used as well as when they are not used (i.e., the process typically starts when the customer enters the drive-thru lane or enters the restaurant lobby; what happens before the clerk takes the order; what happens while the clerk takes the order; is an automated system used; how is the order confirmed; what happens just after the clerk confirms the order; etc.). There should be a limited number of systems, each of which may have multiple processes.

Some examples of systems might include:

➢ Communication Management

➢ Customer Feedback & Satisfaction Management ➢ Customer Service Management

➢ Delivery Management

➢ Employee Management

➢ Inventory Management

➢ Kitchen/Menu Management

➢ Order Management

➢ Marketing Management

➢ Operations and Site Maintenance Management ➢ Payment Management

➢ Quality Management

➢ Rewards & Loyalty Management

➢ Reporting/Analytics

➢ Safety and Sanitation Management

Some examples of processes for two of these systems might include:

➢ Order Management System

➢ At counter ➢ Kiosk

➢ Mobile

➢ Delivery Management System ➢ Over-counter

➢ At-window

➢ Curbside

➢ Home delivery

This project has three parts.

1.0 Using the 5 restaurants researched, document at least 40 unique requirements (total) for the Systems and Processes. A draft list of requirements must be submitted at the end of the first day of class and must be updated and included in the written paper due on the last day of class.

➢ A Requirement is a short, focused, statement that states what the system “must”,

“should” or “can”.

➢ A Requirement is NOT a specification that identifies the exact hardware, software or

service provided (PMI, 2021). Part of this paper is about the Requirement (pre-design)

and not about the exact products that are available.

➢ Sort your requirement list by the system so that requirements are grouped together.

2.0 Propose a hybrid restaurant based on the 5 restaurants you researched and the Requirements that it should possess. This hybrid restaurant and the updated requirements for this hybrid restaurant will be included in the written paper due on the last day of class.

3.0 Write a 10-page Word document, double-spaced, detailing the 5 restaurants and their Systems and Processes as well as the Hybrid restaurant and its Systems and Processes. The cover page and reference page are not included in the 10-page requirement. Do not include an abstract.

Research must include professional sources but can also include YouTube videos on the Processes and Systems chosen. The URL of the source must be included in the Reference.

Your paper must include multiple topic sections/paragraphs, each with a specific focus as defined below. Make sure your paper flows logically. In your paper, provide the following:

1. An Introduction paragraph that summarizes the project details, identifies the 5 Restaurants, the Systems chosen, and any other important information the reader will need to know before reading the rest of the paper.

2. Six major sections that summarize and analyze your research of each of the 5 restaurants and their systems and processes, as well as the Hybrid restaurant and its systems and processes. Each major section must include an appropriate section Heading, with the name of the restaurant in the heading. Cite all sources and if you copy source material, enclose it in double-quotes. Questions your research might answer include (do not copy and paste these questions – just use them as a

guide in developing your content):

a. What is the process / systems / sub-systems purpose?

b. What operations does it performs?

c. What are its inputs (resources, interfaces, when used)?

d. What are its outputs (interfaces, data)?

e. How does the technology integrate within the system?

f. How important is the technology to the system?

g. The system’s complexity, cost, and feasibility.

h. Any constraints or risks found during the research.

i. How the various technologies integrate to accomplish the system goals.

2. Conclude your paper with a Findings section that summarizes the important areas of your

research. The Findings sections serves as the conclusion.

You must include at least 7 references with citations. Not all references need to be scholarly and can include videos, websites, blogs, etc.

Example of Requirements

Requirements (for this example, “must” implies highest priority; “should” implies medium priority; and “can” implies lowest priority)

➢ The Order Management System must provide at-counter, Kiosk and mobile processes. ➢ The Delivery Management System must provide over-counter and at-window processes. ➢ The Delivery Management System should provide a curbside process.

➢ The Delivery Management System can have a home delivery process.

IT gorvenance

 

Write an IT Governance and Risk Control Plan for a company and create the business continuity contract and service level agreements (SLA) for your company’s plan.

Your assignment should meet the following requirements:

  • 6-8 pages, not including the cover page and reference page.
  • Conform to APA Style.
  • Support your answers with at least two current scholarly journal articles (not more than five years old). The Rasmussen Library is a great place to find resources.
  • Clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing. If you need assistance with your writing style and APA format, start with the Writing and APA guides at the Rasmussen Library.

Risk and compliances New

 

As an IT analyst for BallotOnline, a company providing voting solutions to a global client base, you are working to convince the organization to move the current infrastructure to the cloud.

Your supervisor and the director of IT, Sophia, has asked you to summarize for the company executives the potential risks and compliance issues that BallotOnline will have to contend with in the transition to the cloud.

The final report will be seven to 10 pages that convey your understanding and management of risks associated with cloud computing, as well as ensuring compliance with legal requirements involved in moving BallotOnline systems to the cloud.

Step 1: Research Risks Associated With Cloud Adoption

The first step in assessing risk in cloud computing will be to identify and describe risk concepts and cloud computing risk factors associated with cloud adoption. As a software as a service (SaaS) company considering an infrastructure as a service (IaaS) cloud service provider for your hosting needs, consider third party outsourcing issues and the generally accepted best practices for cloud adoption and review relevant cloud risk case studies. You should also consider best practices for cloud adoption.

As part of the risk management process, identify and describe other types of risk, such as risks associated with having a service-level agreement (SLA). An example of a potential risk could be if your company is obligated to protect personal information, and then the cloud provider that you use suffers a security breach exposing that personal information.

Here, identify and describe other types of risks or potential liability issues that apply to BallotOnline.

Step 2: Identify the Most Appropriate Guidelines for Managing Risks

In order to identify guidelines applicable to your company’s industry, you must have an understanding of the different types of risk management guidelines that exist and are frequently applicable in cloud environments.

There are several cybersecurity standards applicable to cloud computing environments such as the NIST Cybersecurity Framework, ISO standards, and US federal government standards (DoD/FIPS), as well as several major sets of risk guidelines for dealing with the risks involved. Also, there are organizations such as the Cloud Security Alliance (CSA) that recommend best practices for managing risks.

Review the different guidelines and determine which are most appropriate for BallotOnline. For example, NIST has responsibility for developing a number of elections industry guidelines within the United States.

Identify why those guidelines are most appropriate and compile these items into a brief (one page or less) recommendation and justification of your choice. Your recommendation will also be incorporated into your final report in the final step.

Submit your recommendation to Sophia to review before you present your final work.

Step 3: Identify Potential Privacy Issues and Mitigation Measures

Now that you have identified the guidelines most applicable to your organization, it is time to discuss privacy protections that may apply.

BallotOnline is now a global organization and may need to contend with several sets of privacy laws since these laws vary from country to country.

Sophia has recommended that you focus on European Union (EU) privacy requirements for now, including the General Data Protection Regulation (GDPR), since those are considered to be the most challenging for compliance. Many companies opt to host data for their European customers entirely within facilities in the European Union, and the companies implement restrictions to prevent data for EU citizens from crossing borders into non-EU zones. This is the approach that you have been asked to take and where you should focus your efforts. Note that some cloud providers, such as Amazon, have received special approval from EU authorities to permit data transfer outside of the EU.

Research EU privacy requirements, identify the requirements that apply to your project, and why they apply and compile your recommendations for complying with these requirements. These will be incorporated into your final report.

Before moving on to the next step, discuss privacy issues in one page or less, and submit it separately before you submit your final work.

Step 4: Create Risk Management Matrix

Now that you have identified and described the types of risks that may apply to your organization, create a risk management matrix to assess/analyze that risk, and make recommendations for risk mitigation measures.

This Sample Risk Assessment for Cloud Computing will give you an example of a completed risk matrix.

Use the risk management matrix template to identify risks and write a brief summary explaining how to understand the data. Submit it to Sophia for feedback before you present your final work.

Step 5: Describe Cloud Security Issues

Now that you have completed the risk analysis, you can start to identify cloud and network security issues that may apply in BallotOnline’s operating environment, including data in transit vulnerabilities and multifactor authentication.

Consider cloud computing risks, network security design, information security, data classifications, and identity management issues. Your findings will be incorporated into your final report.

Discuss these security issues in one page or less, and submit it separately before you submit your final work.

Step 6: Examine the US Legal System and Intellectual Property Laws

Now that you are familiar with security issues, examine and review the US legal and justice systems. Since BallotOnline is a software as a service (SaaS) company based in the United States and serving a customer base in the United States, you need to understand how the legal and justice systems work in the United States. Your basic understanding of these systems is crucial for understanding the complexities of the legal system in cyberspace, where cloud-based systems reside.

As a practitioner working in the cloud computing field, you should also have an understanding of the complexities of intellectual property law and cyberspace law, including how to identify different venues and methods for resolving disputes (such as the court system, arbitration, mediation), how to define and negotiate cloud hosting agreements to avoid potential cyberspace law issues, how to discuss the regulation of cyberspace, and how to handle electronic agreements and digital signatures.

To gain a better understanding of how cyberspace laws are applied to real issues, participate in the analysis of a relevant legal case with your colleagues in a forum titled Discussion: US Legal System and Cyberspace Law.

In addition to the discussion board, your findings will also be incorporated into your Final Risk and Compliance Report for the BallotOnline executives.

Step 7: Use Frameworks to Analyze Complex Legal and Compliance Issues

In the previous step, you examined the US legal and justice systems as a building block for understanding the complexities of the legal system in cyberspace, where cloud-based systems reside.

There are several frameworks for analyzing compliance issues used to analyze these complex issues. To provide a manageable set of recommendations to the executives, review the frameworks and select the one that is most helpful to use for analyzing these complex issues.

Step 8: Analyze General, Industry, Geographic, Data, and Cloud-Specific Compliance Issues

In the previous step, you examined the complexities of law in cyberspace. In this step, you will expand your understanding of legal and compliance issues related to the cloud by investigating industry-specific compliance issues, geographic-specific compliance issues such as privacy, and cloud-specific compliance issues to determine which are applicable to BallotOnline.

You will also need to analyze data compliance issues applicable to companies operating in the European Union, including the recent GDPR regulations, and determine how BallotOnline can be compliant. The organization is concerned about EU compliance issues because the laws there are the most restrictive that BallotOnline will encounter.

Prepare a two- to three-page summary of the data compliance issues that are applicable to BallotOnline and determine how BallotOnline can be compliant. This will be part of your final risk and compliance assessment report.

Step 9: Create a Proposal for a Compliance Program

In previous steps, you have identified potential legal and compliance requirements that BallotOnline may face in migrating to a cloud computing model. Now, you need to determine how BallotOnline can comply with those requirements.

Create a high-level proposal for a compliance program for BallotOnline that enables the organization and its employees to conduct itself in a manner that is in compliance with legal and regulatory requirements. Management has asked you to model the proposal on existing compliance programs for other companies that have migrated to the cloud.

Use the Proposal for Compliance Program template to record your work and upload it to the class folder for feedback before you submit your final work.

Step 10: Write the Final Risk Assessment and Compliance Report

As you have learned, there are a number of legal and compliance requirements associated with shifting to a cloud computing model.

It’s time to put everything together in a seven- to 10-page report for BallotOnline executives: summarizing the risk assessment and mitigation as well as legal and compliance requirements associated with moving to the cloud, outlining your recommended action plans for meeting those requirements, and developing a high-level proposal for a compliance program to avoid breaches of the requirements.

Use the final risk and compliance report template to complete your report.

Use the following criteria to respond to the questions.

1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment.

1.2: Develop coherent paragraphs or points so that each is internally unified and so that each functions as part of the whole document or presentation.

2.1: Identify and clearly explain the issue, question, or problem under critical consideration.

7.1: Examine legal and regulatory requirements.

7.2: Examine industry best-practices and standards.

8.1: Assess liability issues associated with cloud adoption.

8.2: Assess network security and privacy risks associated with cloud infrastructure.

8.3: Assess management and operational risks associated with cloud.

Please add references. l also need plagiarism report

Your programs will be graded by an auto-grader

  

Programming Homework 9

Important: Your programs will be graded by an auto-grader (a program that we’ve written to grade your programs). What that means for you is that your output must exactly match the output we are expecting in order to receive credit. 

Also, coding style will be included as a portion of your grade. Code readability is very important in programming. Some coding style guidelines have been posted to Canvas here:  https://utexas.instructure.com/courses/1229504/pages/coding-style-guidelines

Put a comment at the top of your file that includes your name and UTEID. If you want to include additional things in the header comments, like “Assignment 8”, a date, CS 303E, etc, that is fine.

Save your file as Assignment9_uteid.py where you replace “uteid” with your UTEID. For example, mine would be Assignment9_asc1492.py

Turn in one program file that does all of the following things:

1. use recursion to reverse a string. Your function must be named reverse_string, it should take in 1 string as an argument, and it should return the reversed string. Your solution MUST use recursion, or you will not receive any credit for this part.

2. use recursion to draw the “H-Tree” fractal. 

The H-Tree fractal is defined as follows: 

1. Begin with the letter H. The Three lines of the H are all of the same length, as shown in the first image. This is an H-Tree of order 0.

2. The letter H has four endpoints. Draw an H centered at each of the four endpoints, as shown in the second image. These H’s are half the size of the previous H. This is an 

H-Tree of order 1.

3. Repeat step 2 to create an H-Tree fractal of higher orders, as shown in images 3 and 4. 

Your function definition MUST have this format:

def h_tree(order, center, size):

Where:

order is is the order of the fractal, as described above

center is the center point of the H-Tree, in the format [x, y]

size is the length of each of the lines in the H

  

3. Make a star spin. Write a function called animate that draws a star (you can draw any type of star you want: 5-pointed, 6-pointed, 10-pointed, etc, any size, any color, etc.) and then spin the star in an infinite animation loop. The star does not necessarily need to rotate around its center – any pivot point is fine. You may create additional functions to help you with this task (maybe a draw_star() function?), but your solution to this problem must be displayed by calling animate(). 

You only need to spin one star to earn full credit for this problem. But, if you are feeling creative, feel free to add additional elements to your animation! J (There must be at least 1 spinning star somewhere in your result.)

I have posted some examples to canvas: https://utexas.instructure.com/courses/1229504/pages/hw-9-spinning-stars

4. You have been provided with a main function in HW9_starter_file.py. When you submit your file, it must use this exact main function. If you submit your file with an altered main function, you will lose points!

The way this main is set up, it will call your reverse_string three times on three different strings. It will then call your h_tree function to draw the H-Tree fractal. Then, the turtle window will pause until you click the mouse inside of the turtle window. Once you click the mouse inside of the turtle window, the window will clear and call your animate function to display the spinning star. Since animate runs an infinite loop, you can just close the turtle window to stop the program (this will throw an error, but that is ok).

You will notice that the animate function needs to take in two arguments (x, y) since it is triggered by a mouse click. 

Individual Project only PPT Required 15 slides (without title and reference)

  1. For this assignment, you are the lead forensics specialist for a company known as the “Knet.” Usually, your assistant would be in charge of training the new hires on the significance of report writing. Unfortunately, your assistance had a family emergency and had to leave the country for a couple of weeks. You are now responsible for conducting this training with 15 people your company just hired. Please prepare at least 10-15 slides PPT presentation on the following:
    1. The history of the forensic wheel
    2. Explain the significance of a final report
    3. Initial contact and what should be included
    4. The technical aspect of a report as it relates to ‘state.’
    5. The importance of answering a general list of question
    6. How important is documenting initial issues such as DNA
    7. Why does the explanation of strategies, tools, and versions necessary?
    8. What is validation and its significance?
    9. List and explain the formats in which final reports are saved 
    10. You will then conduct a recording via zoom of you doing the presentation. The recording should be 10-15 minutes. You do not need to be in the video. Please be concise. Upload both the PPT and MP4 to the thread. Please address your audience and not your professor. The required slides do not include your title or reference slides. You must cite accordingly to support your claim. Please use credible sources outside of the textbook. Here is a hint: Use the school library.