Please read the following outline and the attached file carefully.

Project Part 1: Risk Management Plan Outline and Research

For the first part of the assigned project, you will create a partial draft of the risk management plan. To do so, follow these steps:

1. Research risk management plans.
2. Create an outline for a basic risk management plan with anticipated section headings (as indicated in this numbered list). This plan will include a qualitative risk assessment, which is addressed later in the project.
3. Write an introduction to the plan by explaining its purpose and importance.
4. Define the scope and boundaries of the plan.
5. Research and summarize compliance laws and regulations that pertain to the organization. Keep track of sources you use for citation purposes.
6. Identify the key roles and responsibilities of individuals and departments within the organization as they pertain to risk management.
7. Develop a proposed schedule for the risk management planning process.
8. Create a draft risk management plan detailing the information above. Format the plan similar to a professional business report and cite any sources you used.

Submission Requirements

• Format: Microsoft Word (or compatible)
• Font: Arial, size 12, double-space
• Citation style: Your school’s preferred style guide

Estimated length: 4–6 pages

Project: Methodology Development Analysis Assignment Instructions

Overview

This part of the project develops the methodology and begins analysis of the information security solution. The problem statement, project scope, risk analysis, and literature review performed in the Project: Problem Identification Assignment must justify the selection of the elements that require analysis for the final fault-tolerant security solution. For example, if the final solution requires a network security solution, an analysis may begin by evaluating the network architecture diagram in Project: Problem Identification Assignment.

Instructions

Segments of the network must be assessed, such as all local node connections in the LAN (e.g. local processes, local devices, local data storage), as well as other connections to the LAN (e.g. network gateways, WANs, wireless APs, network control resources, network databases, cloud integrations). The environment and architecture must justify the analysis of the coinciding threats. A few of the many network threats you could analyze (but are certainly not limited to) are DDS, session hijacking, parameter modification, server-side includes, addressing errors, message integrity, protocol flaws, reconnaissance, impersonation, wiretapping, malicious active code, connection flooding, man-in-the-middle, spoofing, misdelivery, redirection, and/or other transmission failures. The analysis in the latter example must identify any targets such as confidentiality, integrity, or availability and the coinciding vulnerability such as impersonation, protocol flaw, or misdelivery.

This is just an example given for a network security project and in no way limits the outcomes. The review of literature and detailed analysis of the system or application will determine the primary deliverables. Each requires objective justification for credit.

It is critical to identify the proper targets and vulnerabilities to ensure the final fault tolerant security design includes the appropriate correlated controls. For example, if the target is confidentiality, and the vulnerability is misdelivery, an appropriate control solution to design could be encryption. If the target is availability, and the target is a DNS attack, an appropriate control solution to design could be an intrusion detection system (IDS), access control list, and honeypot.

Current and proper APA formatting is required and must include a title page, proper margins, citations, organization, proper grammar and spelling, and an ending resources page.

At the minimum, this phase of the project must include:

I. Executive summary, introduction, and conclusion

II. Methodology (must be supported by relevant and current research from scholarly, peer-reviewed journals)

a. Approach(es) for the information security analyses and design

i. Organizational security structure

ii. System, computing, network, or application architecture

iii. Security models that will be utilized

b. How the data will be gathered to objectively analyze the solution

i. System evaluation method

c. Limitations of the analysis

i. Security threats and risks inside the scope that need to be addressed

ii. Security threats and risks outside the scope

III. Synthesis review of literature to support analysis decisions

a. Analysis of the proper solution

i. Targets of the attack

ii. Vulnerabilities

iii. Controls

b. Create the appropriate correlated diagrams

c. Detail the results of the analysis

d. NOTE: Required minimum length (8 peer-reviewed sources and at least 7 double-spaced current APA formatted pages) in the grading rubric excludes all systems analysis and design (SAD) diagrams and any other tables and/or graphical elements

IV. Diagram examples in this phase could include but are not limited to:

a. Advanced system and/or network architecture diagrams

b. Use case, activity, class, system sequence, and/or state machine diagrams

c. Fault tree

d. Access control matrix

e. Authentication, traffic, and/or data map

f. Dataflow diagrams (DFD)

g. CPU/Memory/OS buffer, segmenting, address, and/or data bus mappings

h. NOTE: A minimum of 5 diagrams exist that accurately analyze a secure system, network, and/or application solution. Within EACH of the 5 diagrams, a minimum of 10 elements exist that accurately detail analysis of the environment that needs securing (Note, if 10 elements are not necessary in a diagram add diagrams as needed to sufficiently meet this requirement). Each diagram is thoroughly developed based upon existing architecture and/or applications. Each diagram meets the associated technical requirements, programming language, notations, formatting, and modeling rules of the language (e.g. UML), industry standards for the diagram, and/or literature review. Analysis and design diagrams must have an associated industry standard that is widely accepted to be recognized (e.g. UML).

Each diagram must be justified by the literature review. In other words, if the plan secures an object-oriented language such as Java, the Java Virtual Machine must be properly analyzed from the class loader to the applet security manager. Analysis and associated diagrams must parallel the proper notations, formatting, and modeling rules and standards outlined in the prior IT infrastructure and systems analysis and design. These must align with peer-reviewed journal research as well as industry best practices.

Note: Your assignment will be checked for originality via the Turnitin plagiarism tool.

8 peer-reviewed sources exist (can have overlap from Phase 1 if appropriate) and a minimum of 7 double-spaced, current APA-formatted pages, excluding the SAD diagrams, graphics, tables, or any other non-textual components.

Subject: ITS-834: Emerging Threats & Countermeasures

Textbook Title: (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide ISBN: 9781119475958, Authors: Mike Chapple, James Michael Stewart, Darril Gibson, Publisher: John Wiley & Sons, Publication Date: 2018-04-10 

Discussion: PKI and Cryptographic Applications

Word count: 300+ words

Chapters 6, 7, and 8 in the course textbook.

Malicious individuals have discovered several methods to attack and defeat cryptosystems. It’s important that understand the threats posed by cryptographic attacks to minimize the risks to your network systems.

Identify one cryptographic attack and how you can protect against it. 

Make sure to back up your statements with scholarly support.

• Please cite properly in APA 7
• At least one scholarly source should be used. 
• Use proper citations and references in your post.

Research Paper: Threat Modeling

Number of pages: 4+

A new medium-sized health care facility just opened and you are hired as the CIO. The CEO is somewhat technical and has tasked you with creating a threat model. The CEO needs to decide from 3 selected models but needs your recommendation. Review this week’s readings, conduct your own research, then choose a model to recommend with proper justifications. Items to include (at a minimum) are:

• User authentication and credentials with third-party applications
• 3 common security risks with ratings: low, medium or high
• Justification of your threat model (why it was chosen over the other two: compare and contrast)

You will research several threat models as it applies to the health care industry, summarize three models and choose one as a recommendation to the CEO in a summary with a model using UML Diagrams (Do not copy and paste images from the Internet). In your research paper, be sure to discuss the security risks and assign a label of low, medium or high risks and the CEO will make the determination to accept the risks or mitigate them.

 Your paper should meet the following requirements:

• Four pages in length, not including the required cover page and reference page.
• Follow APA 7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook.
• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Note: plagiarism check required, APA7 format, include References, within 8hrs

This post has 2 individual assignments (a discussion and a research paper). Please provide answers in separate documents.

In this week’s discussion, you were introduced to Wireshark and GlassWire, two free network monitor & security tools. Compare and contrast these two tools. explaining the benefits and features of each, then decide which of these two choices you would prefer to use if you were the Network Manager. Explain why you made your decision.

https://www.glasswire.com/

https://www.wireshark.org/

Describe in 500 words the shared security responsibility model that a dba must be aware of  when moving to the cloud.

Cite your sources. Do not copy. Write in essay format not in bulleted, numbered or other list format. 

 1 page 

You provide a lecture to the working group regarding the importance of security education, awareness, and training due to the oft-quoted security maxim that users/humans are the weakest link in the security chain. While making users aware of security risks and training them how to protect company assets will reduce risk, it is important to put technical controls in place to protect the operating systems and applications that employees use every day.

Discuss the importance of “hardening” the PCS client workstations and servers. Make recommendations for operating system hardening options and describe how these are related to the concept of “system-specific policies” discussed earlier in the course. One of the working group members blurts out that antivirus protection is a waste of computing resources and patching applications takes too much time. Be sure to address these two concepts in your initial thread. Include at least one research reference and associated in-text citation using APA standards. In your replies to your peers further discuss the importance of software security.

Choose a publicly available data visualization. (be sure to provide the link, cite, and reference).Analyze the visualization within the context of the data visualization workflow.

Create a proposal of enhancements to create a better user/viewer experience. Use the data visualization workflow as framework for both your analysis and your proposal.

Consider the various roles of the project team as specified by Kirk’s concept of “hats”.

APA compliance required.

References and In-text citations required.

Minimum word count = 1500. 

Exp19_Excel_AppCapstone_CompAssessment_Manufacturing

 You have recently become the CFO for Beta Manufacturing, a small cap company that produces auto parts. As you step into your new position, you have decided to compile a report that details all aspects of the business, including: employee tax withholding, facility management, sales data, and product inventory. To complete the task, you will duplicate existing formatting, utilize various conditional logic functions, complete an amortization table with financial functions, visualize data with PivotTables, and lastly import data from another source.

1

Start Excel. Download and open   the file named Exp19_Excel_AppCapstone_ComprehensiveAssessment- Manufacturing.xlsx. Grader has   automatically added your last name to the beginning of the filename. 

2

Group all the worksheets in the   workbook and fill the range A1:F1 from the Insurance worksheet across all   worksheets including the formatting. Ungroup the worksheets after the fill is   complete and ensure the Insurance worksheet is active.

3

Click cell I5, and enter a   function that determines the number of full-time employees, (FT).

4

Enter a database function in   cell I6 that determines the average salary of all full-time employees with at   least one dependent. Format the results in Accounting Number Format.

5

Enter a lookup function in cell   E5 that returns the tax deduction amount for the number of dependents listed   in the cell C5. Use   the table in range H13:I17 to complete the function. The maximum deduction is   $500.00; therefore, employees with more than four dependents will receive no   additional deductions.

6

Use Auto Fill to copy the   function down, completing column E. Be sure to use the appropriate cell   referencing. Format the data in column E with the Accounting Number Format.

7

Enter a logical function in cell   F5 that calculates employee FICA withholding. If the employee is full-time   and has at least one dependent, then he or she pays 7% of the annual salary   minus any deductions. All other employees pay 5% of the annual salary minus   any deductions. Copy the function down through column F. Format the data in   column F with Accounting Number Format.

8

Apply conditional formatting to   the range C5:C34   that highlights any dependents that are greater than 3 with Light Red Fill and Dark Red Text.

9

Click cell H10, and enter an   AVERAGEIFS function to determine the average salary of full-time employees   with at least one dependent. Format the results in Accounting Number Format.

10

Use Advanced Filtering to   restrict the data to only display full-time employees with at least one   dependent. Place the results in cell A37. Use the criteria in the range   H24:M25 to complete the function.

11

Ensure that the Facilities   worksheet is active. Use Goal Seek to reduce the monthly payment in cell B6   to the optimal value of $6000. Complete this task by changing the Loan amount in cell E6.

12

Create the following three   scenarios using Scenario Manager. The scenarios should change the cells B7, B8,   and E6.
 

Good   
  B7 = .0325
  B8 = 5
  E6 = 275000
 

Most   Likely
  B7 = .057
  B8 = 5
  E6 = 312227.32
 

Bad
  B7 = .0700
  B8 = 3
  E6 = 350000
 

  Create a Scenario Summary Report based on the value in cell B6. Format the   new report appropriately.

13

Ensure that the Facilities   worksheet is active. Enter a reference to the beginning loan balance in cell   B12 and enter a   reference to the payment amount in cell C12. 

14

Enter a function in cell D12,   based on the payment and loan details, that calculates the amount of interest   paid on the first payment. Be sure to use the appropriate absolute, relative,   or mixed cell references.

15

Enter a function in cell E12,   based on the payment and loan details, that calculates the amount of   principal paid on the first payment. Be sure to use the appropriate absolute,   relative, or mixed cell references.

16

Enter a formula in cell F12 to   calculate the remaining balance after the current payment. The remaining   balance is calculated by subtracting the principal payment from the balance   in column B.

17

Enter a function in cell G12, based on the payment   and loan details, that calculates the amount of cumulative interest paid on   the first payment. Be sure to use the appropriate absolute, relative, or   mixed cell references.

18

Enter a function in cell H12,   based on the payment and loan details, that calculates the amount of   cumulative principal paid on the first payment. Be sure to use the   appropriate absolute, relative, or mixed cell references.

19

Enter a reference to the   remaining balance of payment 1 in cell B13. Use the fill handle to copy the functions created in   the prior steps down to complete the amortization table. 

20

Ensure the Sales worksheet is   active. Enter a function in cell B8 to create a custom transaction number.   The transaction number should be comprised of the item number listed in cell   C8 combined with the quantity in cell D8 and the first initial of the payment type in cell E8. Use   Auto Fill to copy the function down, completing the data in column B.

21

Enter a nested function in cell G8 that displays the word Flag if the Payment Type is Credit and the Amount is greater than   or equal to $4000. Otherwise, the function will display a blank cell. Use Auto   Fill to copy the function down, completing the data in column G. 

22

Create a data validation list in   cell D5 that displays Quantity, Payment Type, and Amount (in that order).

23

Type the Trans# 30038C in cell B5, and select Quantity from the validation list in   cell D5.

24

Enter a nested lookup function   in cell F5 that evaluates the Trans # in cell B5 as well as the Category in   cell D5, and returns the results based on the data in the range A8:F32.

25

Create a PivotTable based on the   range A7:G32. Place the PivotTable in cell I17 on the current worksheet.   Place Payment Type in the Rows box and Amount in the Values box. Format the   Amount with Accounting Number Format.

26

Insert a PivotChart using the   Pie chart type based on the data. Place the upper-left corner of the chart   inside cell I22. Format the Legend of the chart to appear at the bottom of   the chart area. Format the Data Labels to appear on the Outside end of the   chart.

27

Insert a Slicer based on Date.   Place the upper-left corner of the Slicer inside cell L8.

28

Use PowerQuery to connect to the   Access database Exp19_Excel_AppCapstone_Comprehensive_Inventory.accdb.   Load the Inventory table into a new worksheet named Inventory.
 

  Note, Mac users, download and import the delimited Inventory.txt file into a new worksheet named Inventory starting in cell A1.

29

Create a footer with your name   on the left, the sheet code in the center, and the file name on the right for   each worksheet.

30

Save the file Exp19_Excel_AppCapstone_ComprehensiveAssessment-   Manufacturing.xlsx. Exit Excel. Submit the file as directed.

Assignment Content

1. Review the following video “Tips for job seekers: How to negotiate your salary pt. 1” and “Tips for job seekers: Advice on personal branding pt. 2”, and answer the critical thinking question that follows:

https://youtu.be/alhqQ_RYqys

Summarize the key points from the video in terms of what you have learned regarding what skills and knowledge you would focus on when building your personal branding information for a potential job interview. Why focus on those skills? In your summary, reflect on, and explain, how you will apply what you have learned in a career context. 

Your summary should be a minimum of one page of content in length. Properly cite any references utilized in APA format

  Create a 2 page Word document after reviewing the videos to include:

1. A brief description of 2 careers, 1 in your major and the the second in the technology field.
2. Describe each career in detail including salary (based in MD, VA, and DC geographical area), education level or certification needed, and duties. 
3. What emerging technology (within the past 5 years) is used in the industry (your chosen career) to improve production or work flow. 
4. What are the ethical issues.
5. Include 4 sources.
6. Submit as a Word (25 points) .