Look at the attachment for directions and No Plagiarism
Reflection: Information and Security
Reflection on the lessons and labs completed in Weeks 3 and 4, respond to the following prompts in 3-4 pages:
- Explain how IT professionals protect or safeguard a business’s information.
- Explain how different policies reinforce security and comply with industry best practices.
Problem 5- Initiating Project
Check attached documents for question.
Text-
Title: Contemporary Project Management
ISBN: 9781337406451
Authors: Timothy Kloppenborg, Vittal S. Anantatmula, Kathryn Wells
Publisher: Cengage Learning
Publication Date: 2018-02-08
Edition: 4th
Chapter 10
IT217 week 7 Assignment
Modify the Guessing game from chapters 6-7 to play with 2 players instead of 1 player by showing input and stats for player 1 and player 2.
– To end the game: You can ask for number of games to be played at the beginning of the game or you can ask the user whether to continue after each game.
– Display number of guesses for each player in addition to average number of guesses for each play.
– Show which player wins the whole match based on who has the least average number of guesses after the total number of games selected is over.
– When each game is played, change the output to display that the last guess is correct. Example: Congratulations! XXX is correct!
– When the players reach the total number of games chosen, or when the player chooses not to continue, display either: “Match over! Player 1 wins!” , OR “Match over! Player 2 wins!” , OR “Match over! It’s a tie!”
MODIFY THE PROGRAM BELOW WITH THE PROVIDED INSTRUSTION UP IN just BASICSOFTWARE
‘ *************************************************************************
‘
‘ Script Name: GuessMyNumber.bas (The Guess My Number Game)
‘ Version: 1.0
‘ Author: Jerry Lee Ford, Jr.
‘ Date: March 1, 2007
‘
‘ Description: This game is a Just BASIC number guessing game that
‘ challenges players to guess a number between 1 and 100 in
‘ as few guesses as possible.
‘
‘ *************************************************************************
nomainwin ‘Suppress the display of the default text window
‘Declare global variables used to keep track of game statistics
global secretNumber, avgNoGuesses, noOfGamesPlayed, guessCount, helpOpen$
‘Assign default values to global variables
secretNumber = 0 ‘Keeps track of the game’s randomly generated number
guessCount = 0 ‘Keeps track of the total number of guesses made
avgNoGuesses= 0 ‘Stores the calculated average number of moves per game
noOfGamesPlayed = 0 ‘Keeps track of the total number of games played
helpOpen$ = “False” ‘Keeps track of when the #help window is open
WindowWidth = 510 ‘Set the width of the window to 500 pixels
WindowHeight = 500 ‘Set the height of the window to 500 pixels
ForegroundColor$ = “Darkblue” ‘Set the window font color to dark blue
‘Define the format of statictext controls displayed on the window
statictext #play.statictext1, “G U E S S M Y N U M B E R”, _
30, 50, 440, 40
statictext #play.statictext2, “Copyright 2007”, 395, 90, 80, 20
statictext #play.statictext3, “Games Played:”, 40, 400, 80, 20
statictext #play.statictext4, “Avg. No. Guesses:”, 265, 400, 90, 20
statictext #play.statictext5, “Enter Your Guess:”, 200, 140, 100, 20
statictext #play.statictext6, “Hint:”, 42, 300, 30, 20
‘Add button controls to the window
button #play.button1 “Guess”, AnalyzeGuess, UL, 210, 225, 80, 30
button #play.button2 “Help”, DisplayHelp, UL, 400, 318, 70, 25
button #play.button3 “Start Game”, StartGame, UL, 400, 288, 70, 25
‘Add three textbox controls and place them inside the groupbox control
textbox #play.textbox1, 200, 160, 100, 50
textbox #play.textbox2, 130, 395, 90, 22
textbox #play.textbox3, 370, 395, 90, 22
textbox #play.textbox4, 40, 320, 340, 22
‘Open the window with no frame and a handle of #play
open “Guess My Number” for window_nf as #play
‘Set up the trapclose event for the window
print #play, “trapclose ClosePlay”
‘Display the appropriate variable values in the following textbox controls
print #play.textbox3, avgNoGuesses
print #play.textbox2, noOfGamesPlayed
‘Set the font type, size, and properties for each of the static controls
print #play.statictext1, “!font Arial 24 bold”
print #play.statictext2, “!font Arial 8”
print #play.statictext5, “!font Arial 8 bold”
print #play.statictext6, “!font Arial 8 bold”
print #play.textbox1, “!font Arial 24”;
print #play.button3, “!setfocus”; ‘Set focus to the Start Game button
print #play.button1, “!disable” ‘Disable the Guess button
print #play.textbox1, “!disable” ‘Disable the input textbox
‘Pause the application to wait for the player’s instruction
wait
‘This subroutine analyzes player guesses and determines when the game
‘has been won
sub AnalyzeGuess handle$
‘Retrieve the player’s guess and assign it to a variable
print #play.textbox1, “!contents? playerGuess”
‘Validate that an acceptable value has been entered
if playerGuess < 1 or playerGuess > 100 then
‘Inform the user that an invalid guess has been made
print #play.textbox4, “Your guess must be between 1 and 100. Try again.”
print #play.textbox1, “” ‘Clear out the input textbox
print #play.textbox1, “!setfocus”; ‘set focus to the input textbox
exit sub ‘Exit the subroutine without processing any remaining
‘subroutine statements
end if
‘Determine if the player’s guess is too low
if playerGuess < secretNumber then
‘Increment the variable that tracks the total number of guesses made
guessCount = guessCount + 1
‘Inform the user that the guess was too low
print #play.textbox4, “Your guess was too low. Try again.”
print #play.textbox1, “” ‘Clear out the input textbox
print #play.textbox1, “!setfocus”; ‘set focus to the input textbox
exit sub ‘Exit the subroutine without processing any remaining
‘subroutine statements
end if
‘Determine if the player’s guess is too high
if playerGuess > secretNumber then
‘Increment the variable that tracks the total number of guesses made
guessCount = guessCount + 1
‘Inform the user that the guess was too high
print #play.textbox4, “Your guess was too high. Try again.”
print #play.textbox1, “” ‘Clear out the input textbox
print #play.textbox1, “!setfocus”; ‘set focus to the input textbox
exit sub ‘Exit the subroutine without processing any remaining
‘subroutine statements
end if
‘Determine if the player’s guess was correct
if playerGuess = secretNumber then
‘Let the player know he has won the game
notice “Guess My Number” + chr$(13) + “Game over! You win!”
‘Increment the variable that tracks the total number of guesses made
guessCount = guessCount + 1
‘Increment the variable that tracks the total number of games played
noOfGamesPlayed = noOfGamesPlayed + 1
‘Calculate the average number of guesses per game
avgNoGuesses = guessCount / noOfGamesPlayed
‘Display the appropriate variable values in the following textbox
‘controls
print #play.textbox3, avgNoGuesses
print #play.textbox2, noOfGamesPlayed
print #play.textbox1, “” ‘Clear out the input textbox
print #play.button3, “!enable” ‘Enable the Start Game button
print #play.button3, “!setfocus”; ‘Set focus to the Start Game button
print #play.textbox1, “!disable” ‘Disable the input textbox
print #play.button1, “!disable” ‘Disable the Guess button
print #play.textbox4, “” ‘Clear out the Hint textbox control
exit sub ‘Exit the subroutine without processing any remaining
‘subroutine statements
end if
end sub
‘This subroutine is called when the player clicks on the Start Game button
sub StartGame handle$
‘Generate a new random number for the game
secretNumber = int(rnd(1)*100) + 1
print #play.button1, “!enable” ‘Enable the Guess button
print #play.textbox1, “!enable” ‘Enable the input textbox
print #play.button3, “!disable” ‘Disable the Start Game button
print #play.textbox1, “!setfocus”; ‘Set focus to the input textbox
end sub
‘This subroutine is called when the player clicks on the Help button
sub DisplayHelp handle$
helpOpen$ = “True” ‘Identify the #help window as being open
WindowWidth = 400 ‘Set the width of the window to 500 pixels
WindowHeight = 400 ‘Set the height of the window to 500 pixels
‘Use variables to store text strings displayed in the window
HelpHeader$ = “Game Instructions”
helpText1$ = “The object of this game is to guess a randomly generated” _
+ ” number in the range of 1 to 100 in as few guesses as possible. ” _
+ “To make a guess, type in a number and click on the Guess button. ” _
+ “A hint will be provided after each move to assist you in making ” _
+ “your next guess. Once you have correctly guessed the game’s secret” _
+ ” number, a popup message will be displayed.”
helpText2$ = “At the end of each round of play, game statistics are ” _
+ “displayed at the bottom of the game window as an indication of ” _
+ “your progress.”
‘Define the format of statictext controls displayed on the window
statictext #help.helptext1, HelpHeader$, 30, 40, 140, 20
statictext #help.helptext2, helpText1$, 30, 70, 330, 80
statictext #help.helptext3, helpText2$, 30, 160, 330, 50
‘Add button controls to the window
button #help.button “Close”, CloseHelpWindow, UL, 280, 310, 80, 30
‘Open the window with no frame and a handle of #play
open “Guess My Number Help” for window_nf as #help
‘Set the font type, size, and properties for specified statictext control
print #help.helptext1, “!font Arial 12 bold”
end sub
‘This subroutine is called when the player closes the #help window
sub CloseHelpWindow handle$
helpOpen$ = “False” ‘Identify the #hlp window as being closed
close #help ‘Close the #help window
end sub
‘This subroutine is called when the player closes the #play window
‘and is responsible for ending the game
sub ClosePlay handle$
‘Get confirmation before terminating program execution
confirm “Are you sure you want to quit?”; answer$
if answer$ = “yes” then ‘The player clicked on Yes
close #play ‘Close the #play window
‘See if the #help window is open and close it if it is
if helpOpen$ = “True” then
call CloseHelpWindow “X” ‘Close the #help window
end if
end ‘Terminate the game
end if
end sub
Enterprise Key Management
Enterprise Key Management
As a security architect and cryptography specialist for Superior Health Care, you’re familiar with the information systems throughout the company and the ranges of sensitivity in the information that is used, stored, and transmitted.
You’re also expected to understand health care regulations and guidelines because you’re responsible for advising the chief information security officer, or CISO, on a range of patient services, including the confidentiality and integrity of billing, payments, and insurance claims processing, as well as the security of patient information covered under the Health Insurance Portability and Accountability Act, or HIPAA.
You also have a team of security engineers, SEs, that help implement new cryptographic plans and policies and collaborate with the IT deployment and operations department during migrations to new technology initiatives.
This week, the CISO calls you into his office to let you know about the company’s latest initiative.
“We’re implementing eFi, web-based electronic health care, and that means we need to modernize our enterprise key management system during the migration,” he says.
The CISO asks for an enterprise key management plan that identifies the top components, possible solutions, comparisons of each solution, risks and benefits, and proposed risk mitigations.
The plan will help create an enterprise key management system.
The SEs would be responsible for the implementation, operation, and maintenance of the plan and system.
The CISO also wants you to come up with an enterprise key management policy that provides processes, procedures, rules of behavior, and training.
The new web-based system needs to be running in a month. So, you’ll have a week to put together your enterprise key management plan and the accompanying policy.
Close
Project 1: Enterprise Key Management
Start Here
Transcript
In the previous course, you learned how security professionals employ cryptography, a system of algorithms that hide data. You learned systems can be unlocked with a key provided to those who have a need to know that data. An important part of cryptography is how to manage these keys to the kingdom. This involves learning and understanding enterprise key management systems and concepts.
Cryptography is the application of algorithms to ensure the confidentiality, integrity, and availability of data, while it is at rest, in motion, or in use. Cryptography systems can include local encryptions at the file or disk level or databases. Cryptography systems can also extend to an enterprise-wide public key infrastructure for whole agencies or corporations.
The following are the deliverables for this project:
Deliverables
- Enterprise Key Management Plan: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
- Enterprise Key Management Policy: A two- to three-page double-spaced Word document.
- Lab Report: A Word document sharing your lab experience along with screenshots.
There are seven steps to complete the project. Most steps of this project should take no more than two hours to complete. The entire project should take no more than one week to complete. Begin with the workplace scenario, and then continue to Step 1, “Identify Components of Key Management.”
Project 1: Enterprise Key Management
Step 1: Identify Components of Key Management
Key management will be an important aspect of the new electronic protected health information (e-PHI). Key management is often considered the most difficult part of designing a cryptosystem.
Choose a fictitious or an actual organization. The idea is to provide an overview of the current state of enterprise key management for Superior Health Care.
Review these authentication resources to learn about authentication and the characteristics of key management.
Provide a high-level, top-layer network view (diagram) of the systems in Superior Health Care. The diagram can be a bubble chart or Visio drawing of a simple network diagram with servers. Conduct independent research to identify a suitable network diagram.
Read these resources on data at rest, data in use, and data in motion.
Identify data at rest, data in use, and data in motion as it could apply to your organization. Start by focusing on where data are stored and how data are accessed.
Review these resources on insecure handlingand identify areas where insecure handling may be a concern for your organization.
Incorporate this information in your key management plan.
In the next step, you will consider key management capabilities.
Step 2: Learn Key Management Capabilities
You have successfully examined the major components of an enterprise key management system for Superior Health Care. Enter Workspace and complete the “Enterprise Key Management” exercise. Conduct independent research on public key infrastructure as it applies to your organization.
Complete This Lab
Resources
- Accessing the Virtual Lab Environment: Navigating UMGC Virtual Labs and Lab Setup
- Self-Help Guide (Workspace): Getting Started and Troubleshooting
- Link to the Virtual Lab Environment: https://vdi.umgc.edu/
Lab Instructions
Getting Help
To obtain lab assistance, fill out the support request form.
Make sure you fill out the fields on the form as shown below:
- Case Type: UMGC Virtual Labs Support
- Customer Type: Student (Note: faculty should choose Staff/Faculty)
- SubType: ELM-Cyber (CST/DFC/CBR/CYB)
- SubType Detail: Pick the category that best fits the issue you are experiencing
- Email: The email that you currently use for classroom communications
In the form’s description box, provide information about the issue. Include details such as steps taken, system responses, and add screenshots or supporting documents.
In the next step, you will identify the key management gaps, risks, solutions, and challenges found in corporations.
Professionals in the Field
Being able to interact with a variety of stakeholders is a skill set on which you will want to evaluate yourself and improve where necessary so that you can present that skill on paper and in person.
As an example, consider the range of stakeholders in a health care setting: medical techs, doctors, data entry clerks, office and hospital administrators. Now consider the three technical domains that are interlinked in this setting: cybersecurity needs, the practice of medicine, and the legal requirements of HIPAA.
Hypothetically, which of these audiences might you need to talk to before, during, and after your team of SEs implements your p
Step 3: Identify Key Management Gaps, Risks, Solutions, and Challenges
In a previous step, you identified the key components of an enterprise key management system. In this step, you will conduct independent research on key management issues in existing organizations. You will use this research to help identify gaps in key management, in each of the key management areas within Superior Health Care.
Conduct independent research to identify typical gaps in key management within organizations. Incorporate and cite actual findings within your key management plan. If unable to find data on real organizations, use authoritative material discussing typical gaps.
Identify crypto attacks and other risks to the cryptographic systems posed by these gaps. Read these resources to brush up on your understanding of crypto attacks.
Propose solutions organizations may use to address these gaps and identify necessary components of these solutions.
Finally, identify challenges, including remedies, other organizations have faced in implementing a key management system.
Include this information in your enterprise key management plan.
Provide a summary table of the information within your key management plan.
Incorporate this information in your implementation plan.
In the next step, you will provide additional ideas for the chief information security officer (CISO) to consider.
Step 4: Provide Additional Considerations for the CISO
You have satisfactorily identified key management gaps. Incorporate these additional objectives of an enterprise key management system as you compile information for the CISO.
1. Explain the uses of encryption and the benefits of securing communications by hash functions and other types of encryption. When discussing encryption, be sure to evaluate and assess whether or not to incorporate file encryption, full disc encryption, and partition encryption. Discuss the benefits of using triple DES or other encryption technologies. To complete this task, review the following resources:
2. Describe the use and purpose of hashes and digital signatures in providing message authentication and integrity. Review these resources on authentication to further your understanding. Focus on resources pertaining to message authentication.
3. Review the resources related to cryptanalysis. Explain the use of cryptography and cryptanalysis in data confidentiality. Cryptanalysts are a very technical and specialized workforce. Your organization already has a workforce of security engineers (SEs). Cryptanalysts could be added to support part of the operation and maintenance functions of the enterprise key management system. Conduct research on the need, cost, and benefits of adding cryptanalysts to the organization’s workforce. Determine if it will be more effective to develop the SEs to perform these tasks. Discuss alternative ways for obtaining cryptanalysis if the organization chooses not to maintain this new skilled community in-house.
4. Research and explain the concepts and practices commonly used for data confidentiality: the private and public key protocol for authentication, public key infrastructure (PKI), the X.509 cryptography standard, and PKI security. Read about the following cryptography and identity management concepts: public key infrastructure and the X.509 cryptography standard.
Keep in mind that sometimes it takes considerable evidence and research for organizational leaders to buy in and provide resources.
Incorporate this information in your implementation plan.
In the next step, you will provide information on different cryptographic systems for the CISO.
Step 5: Analyze Cryptographic Systems
In the previous step, you covered aspects of cryptographic methods. In this step, you will recommend cryptographic systems that your organization should consider procuring.
Independently research commercially available enterprise key management system products, discuss at least two systems, and recommend a system for Superior Health Care.
Describe the cryptographic system, its effectiveness, and its efficiencies.
Provide an analysis of the trade-offs of different cryptographic systems.
Review and include information learned from conducting independent research on the following topics:
- security index rating
- level of complexity
- availability or utilization of system resources
Include information on the possible complexity and expense of implementing and operating various cryptographic ciphers. Check out these resources on ciphers to familiarize yourself with the topic.
Incorporate this information in your implementation plan.
In the next step, you will begin final work on the enterprise key management plan.
The following exercise, Introduction to Cryptographic Tools, is to introduce you to or help you better understand some basic cryptographic concepts and tools for both encryption and decryption processes.
Complete This Lab
Resources
- Accessing the Virtual Lab Environment: Navigating UMGC Virtual Labs and Lab Setup
- Self-Help Guide (Workspace): Getting Started and Troubleshooting
- Link to the Virtual Lab Environment: https://vdi.umgc.edu/
Lab Instructions
Getting Help
To obtain lab assistance, fill out the support request form.
Make sure you fill out the fields on the form as shown below:
- Case Type: UMGC Virtual Labs Support
- Customer Type: Student (Note: faculty should choose Staff/Faculty)
- SubType: ELM-Cyber (CST/DFC/CBR/CYB)
- SubType Detail: Pick the category that best fits the issue you are experiencing
- Email: The email that you currently use for classroom communications
In the form’s description box, provide information about the issue. Include details such as steps taken, system responses, and add screenshots or supporting documents.
Step 6: Develop the Enterprise Key Management Plan
In the previous steps, you gathered information about systems used elsewhere. Using the materials produced in those steps, develop your Enterprise Key Management Plan for implementation, operation, and maintenance of the new system. Address these as separate sections in the plan.
In this plan, you will identify the key components, the possible solutions, the risks, and benefits comparisons of each solution, and proposed mitigations to the risks. These, too, should be considered as a separate section or could be integrated within the implementation, operation, and maintenance sections.
A possible outline could be:
- Introduction
- Purpose
- Key Components
- Implementation
- Operation
- Maintenance
- Benefits and Risks
- Summary/Conclusion
The following are the deliverables for this segment of the project:
Deliverables
· Enterprise Key Management Plan: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
· Lab Report: A Word document sharing your lab experience along with screenshots.
Submit your deliverables to the Assignments folder in the final step of the project.
Step 7: Develop the Enterprise Key Management Policy
The final step in this project requires you to use the information from the previous steps to develop the Enterprise Key Management Policy. The policy governs the processes, procedures, rules of behavior, and training for users and administrators of the enterprise key management system.
Research similar policy documents used by other organizations and adapt an appropriate example to create your policy.
Review and discuss the following within the policy:
- digital certificates
- certificate authority
- certificate revocation lists
Discuss different scenarios and hypothetical situations. For example, the policy could require that when employees leave the company, their digital certificates must be revoked within 24 hours. Another could require that employees must receive initial and annual security training.
Include at least three scenarios and provide policy standards, guidance, and procedures that would be invoked by the enterprise key management policy. Each statement should be short and should define what someone would have to do to comply with the policy.
The following is the deliverable for this segment of the project:
Deliverables
· Enterprise Key Management Policy: A two- to three-page double-spaced Word document.
Check Your Evaluation Criteria
Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them. To view the complete grading rubric, click My Tools, select Assignments from the drop-down menu, and then click the project title.
· 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment.
· 1.2: Develop coherent paragraphs or points so that each is internally unified and so that each functions as part of the whole document or presentation.
· 1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.
· 1.4: Tailor communications to the audience.
· 2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
· 2.2: Locate and access sufficient information to investigate the issue or problem.
· 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
· 2.4: Consider and analyze information in context to the issue or problem.
· 2.5: Develop well-reasoned ideas, conclusions or decisions, checking them against relevant criteria and benchmarks.
· 5.1: Knowledge of procedures, tools, and applications used to keep data or information secure, including public key infrastructure, point-to-point encryption, and smart cards.
· 7.3: Knowledge of methods and tools used for risk management and mitigation of risk.
· 7.4: Knowledge of policies, processes, and technologies that are used to create a balanced approach to identifying and assessing risks to information assets, personnel, facilities, and equipment, and to manage mitigation strategies that achieve the security needed at an affordable cost
monitor
Selecting appropriate monitoring tools for a virtual environment is a very important responsibility of the System Administrators. For this discussion research applications from two (2) different vendors offering monitoring tools for a virtual environment. Evaluate at least one (1) application from each vendor and answer the following questions:
- List the main features of each product.
- What type of monitoring is being performed?
- Provide a real-world example of how and where these products are being used
- What would you monitor in a large, enterprise with over 1000 VMs?
You are NOT limited to the Hyper-V tools but can and should expand your research to include monitoring tools designed for other virtualization environments, including VMware vSphere and Citrix XenServer.
Please DO NOT pick the same products, if it was already selected and described by other students. This will ensure much better discussion and learning opportunities.
Provide references to support your statements and conclusions. Do not copy and paste from the internet. Instead, include URLs to original sources so that anyone can get more information.
Paper1
Write a white paper that describes how to create a modern software development environment that incorporates and integrates all SDLC processes. Your paper should be approximately 4-6 pages, not including the title page and Works Cited.
Follow the Paper Direction Your task is to make recommendations for creating a state-of-the-art software development environment. Your audience is mid-level managers such IT managers.
HW
300 words
Topics: Building Secure Web Applications
Topics: Policy Legal Ethics
- How did this Topics help prepare you for future endeavors, both academically and in the workplace?
- What was the best and worst parts of your overall experience?
- What surprised you about this internship?
- What, if any, were any dissapointments?
Prepare your paper in WORD using APA format.
2 discussions and 2 Assignments
Discussion – Intro to Data Mining (1 Page)
Assignment – Intro to Data Mining (2-3 Pages)
Discussion – Cloud Computing ( 350 Words)
Assignment – Cloud Computing (4 Pages)