Monthly Archives: June 2023

Assume you have created an array of pets: 

var mypets = new Array();

mypets[0] = “dog”;

mypets[1] = “cat”;

mypets[2] = “goldfish”;

Write a JavaScript code to answer the following questions:

1. a)Add a for loop to print out the array 
2. b)Write a fragment of code to insert a new pet named ‘turtle’to the end of mypets array .
3. c)Write a fragment of code to removes the pet named ‘turtle’ from mypets array 

Discuss the potential trade‐offs of development versus sustainability. Are opportunities for development growing or diminishing? Does the internet provide opportunities for development with limited trade‐offs? Frame your discussion in a global context. 

Based on the work done and research accomplished, consider what you have learned so far. Build upon the findings recorded in the previous step to write a lessons learned report.

Is a vulnerability and threat assessment a technical undertaking only, or should it consider other factors? When is the assessment complete? What are the “next steps” based on your assessment? These are some examples of issues that should be addressed. This report will serve as the conclusion of the final report.

Submit a two- to three-page report of lessons learned for feedback. Once this reflection is complete, you will be ready to compile the overall vulnerability and threat assessment report. In the next step, you will revise your findings as necessary.

See attached

Both sets of business projects for your Course Project require adherence to PCI-DSS standards. You have been requested to create a power point in which you will present the:

• Need for training.
• The basic outline/idea of the training.
• The learning objectives you intend on meeting with the training.
• The differentiation of the groups. (For this part, identify what you will communicate to the different groups targeted by your program.)
• The methods of determination for success.

Review the following document, and use it as a basis for you your presentation:

PCI-DSS Best Practices for Implementing a Security Awareness Program.pdf

Create a minimum ten (10) slide PowerPoint presentation in which you:

• Illustrate your recommendations and justifications.
• Create bulleted speaking notes for your presentation to the executive board in the notes section of the PowerPoint.
• Note: You may create or assume any fictitious names, data, or scenarios that have not been established in this assignment for a realistic flow of communication.
• Use a professional and technical style to convey the information.
• Use at least three (3) quality resources as references in this assignment. Wikipedia and similar Websites do not qualify as quality resources.

Submit your completed assignment by following the directions linked below. Please check the Course Calendar for specific due dates.

Need a document to be paraphrased and the references in IEEE format 

Assignment Content

1. A project plan is a document created at the beginning of the project lifecycle that gives stakeholders and everyone else involved a clear idea of what the project will entail in terms of effort, time, cost, and anticipated results. 

   The methodology or approach the project manager plans to use to manage the project must be identified before the project plan can be created. Choosing a methodology is important because a methodology provides the framework—that is, an overall process and suggested documents and deliverables—that will guide project development from beginning to end. Some project methodologies are more appropriate for some types of projects than for others. 

   Over the next few weeks you will develop pieces of a project plan. This week you will determine your methodology based on project requirements and the components needed in your plan.

   Read the Manage Your Health Inc. Case Study and complete the assignment below.

   Consider the differences between Agile and waterfall.

   Select 1 methodology to use for a project plan for this initiative.

   Create a simplified project plan such as the examples listed in the “Tips” section below. Include, at least, the following criteria:

   • Name of task
   • Duration
   • Predecessors
   • Notes
   • After completing your simplified project plan, write a 175-word paragraph and complete the following:
   • Define which methodology, Agile or waterfall, is most appropriate for this project. Why? Cite at least 2 sources to support your rationale.
   • Describe the following roles for this project: project manager, project sponsor, business analyst, and scrum master or program manager.
   • You may create your simplified project plan using Microsoft® Excel® or another software application of your choice. 

      

1. 

a) Discuss what are the factors that an organization should consider when determining the scope for establishing security control testing requirements

b)  Discuss two of the barriers to establishing an effective security test plan that provides an organization the ability to assess the effectiveness of the set of controls in use.

2.

Compare and contrast the NIST definition of risk contained in NIST Interagency Report (NISTIR) 7298, revision 2 (http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf (Links to an external site.)) on page 161, sourced from FIPS 200, with Paul Hopkin’s preferred definition of risk on page 14 of the course text: “An event with the ability to impact (inhibit, enhance or cause doubt about) the effectiveness and efficiency of the core processes of an organization.”  Which definition do you think is better and why? 

Cite all your sources, including the ones identified here (e.g., your course text) using APA format.  If possible, cite external sources that help substantiate your position. 

Provide any available scholarly research, directives, publications, memorandums to support your discussion and provide references in APA format.

Assignment:1

Answer each these questions in a paragraph with at least five sentences: Include the question and number your responses accordingly. Provide a citation for each answer.

1. What kind of speech was the First Amendment written to protect?

2. Does the First Amendment apply only to spoken words?

3. What does it mean that laws regulating speech must be content neutral?

4. Why are common carriers prohibited from controlling the content of the material they carry? 

5. How does the Supreme Court determine whether material is obscene?

6. Why have attempts to censor the Internet failed in the US?

7. Why not just ban spam? 

8. Why did Facebook ban Alex Jones and Louis Farrakan?

9. Should websites that show how to 3d print guns be banned? 

10. According to the Supreme Court ‘anonymity is a shield from the tyranny of the majority’. What does that mean?

Assignment:2

Answer each these questions in a paragraph with at least five sentences: Include the question and number your responses accordingly. Provide a citation for each answer. 

1. What is privacy?

2. What risks, if any, does facial recognition software raise?

3. How much information about you can be found on-line with a simple google search? 

4. How much information about you can be found by searching government and commercial databases?

5. Describe informed consent. 

6. Should secondary use of consumer provided data be available without notice to the consumer?

7. How do data mining and predictive analytics work? 

8. Watch this Science Friday video by Ira Flatow. And, offer your opinion – Are advancing algorithms taking our free will? 

9. Should Facebook be regulated, at least as far as it’s privacy and data policies? 

10. How many public cameras is too many?

Assignment:3

Answer each these questions in a paragraph with at least five sentences: Include the question and number your responses accordingly. Provide a citation for each answer.

1. what do each of these terms refer to: copyright, patent, trademark, trade secret?

2. Why is intellectual property entitled to legal protection? 

3. Why did copyright laws become stricter and more punishing in the late 20th century?

4. What is the Fair Use doctrine?

5. Make an argument for legalizing the copying of music or software. 

6. Do I or don’t I own the books on my Kindle? If I own them, why can’t I transfer them? If I don’t own them, what is my legal right to them?

7. What was the 1984 Sony Supreme Court case about?

8. Was Napster responsible for the actions of its users?

9. Why did the court find in favor of Diamond in the Rio case? 

10. What is Digital Rights Management?

Assignment:4

Answer each these questions in a paragraph with at least five sentences: Include the question and number your responses accordingly. Provide a citation for each answer.

1. With all the stories about millions and millions of bytes of personal data having been exposed, why is their still any faith at all in the Internet?

2. How has the term hacking changed meaning over the years?

3. What is the most dangerous hacker tool?

4. From the news: How were NSA’s hacker tools compromised? 

5. What was the vulnerability in the Target Breach?

6. What do you think of hactivism?

7. How did Stuxnet work? 

8. What was the Arpanet?

9. Deep brain stimulation is a treatment for Parkinson’s disease. Medical devices such as these are now becoming accessible through the web. Consider the dangers (threat surface)?

10. What is the Red Team?

Assignment:5

This quiz is based on chapter 6 in the text. Answer each these questions in a paragraph with at least five sentences: Include the question and number your responses accordingly. Provide a citation for each answer.

1. Should society help workers dislocated when technology, like the Internet, elimlnates their jobs in a process called ‘Creative Destruction’?

2. are we working more and earning less?

3. Would you want a telecommuting job? Why or why not? 

4. Does the gig economy appeal to you? Why or why not?

5. How is an employee differentiated from a contracter under US law? 

6. Why have some municipalities put restrictions on innovations in the sharing economy and in on-demand services?

7. What has been the effect on the US economy of outsourcing (or offshoring) technical and professional jobs? 

8. How much monitoring of employee activities at work is appropriate? 

9. Should an employer be able to discipline or terminate an employee for on-line behavior in his/her own time? 

10. What is the relationship betwee BYOD (bring your own device) and shadow IT. 

11. What is cyberloafing?

Part 1: Research Remote Access Policies (0/1 completed)

Note: In this part of the lab, you will review internet resources on remote access policies in order to form a basis for their purpose and usage. Understanding the reason behind a remote access policy is key to understanding the component policies and procedures. Please take the time to review the research thoroughly and think through the concepts of the policy itself.

1. In your browser, navigate to and read the “Remote Access Policy” template at https://www.sans.org/information-security-policy/.

2. Using your favorite search engine, locate a remote access policy for a higher education institution.

3. Using your favorite search engine, locate a remote access policy for a healthcare provider.

4. Write a brief summary of the information during your research. In your summary, focus on the key elements of the remote access policy. You should also identify any unique elements of remote access policies for higher education and healthcare institutions. Be sure to provide links to the remote access policies you identified in steps 2 and 3.

Part 2: Create a Remote Access Policy (0/7 completed)Note: As you found in your research, different industries have similar but different policies. When using a policy template, it is important to ensure that the template matches the needs of your specific industry and business.

Review the following risks and threats found in the Remote Access Domain:

• The organization is a local credit union that has several branches and locations throughout the region.
• Online banking and use of the internet are the bank’s strengths, given its limited human resources.
• The customer service department is the organization’s most critical business function.
• The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees.
• The organization wants to monitor and control use of the internet by implementing content filtering.
• The organization wants to eliminate personal use of organization-owned IT assets and systems.
• The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls.
• The organization wants to implement security awareness training policy mandates for all new hires and existing employees. Policy definitions are to include GLBA and customer privacy data requirements, in addition to a mandate for annual security awareness training for all employees.

1. 1. Identify a security control or countermeasure to mitigate each risk and threat identified in the Remote Access Domain. These security controls or countermeasures will become the basis of the scope of the Remote Access Domain policy definition to help mitigate the risks and threats commonly found within the Remote Access Domain.
2. 2. Review the following characteristics of the fictional Healthwise Health Care Provider:
   • Healthwise has several remote health care branches and locations throughout the region.
   • Online access to patients’ medical records through the public Internet is required for remote nurses and hospices providing in-home medical services.
   • Online access to patients’ medical records from remote clinics is facilitated through a virtual private network (VPN) and a secure web application front-end over the public Internet.
   • The organization wants to be in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and IT security best practices regarding remote access through the public internet.
   • The organization wants to monitor and control the use of remote access by implementing system logging.
   • The organization wants to implement a security awareness training policy mandating that all new hires and existing employees obtain remote access security training. Policy definition is to include HIPAA and electronic protected health information (ePHI) security requirements and a mandate for annual security awareness training for all remote or mobile employees.
3. 1. Create an organization-wide remote access policy for Healthwise Health Care:

Healthwise Health Care

Remote Access Policy for Remote Workers and Medical Clinics

Policy Statement
Define your policy verbiage.

Purpose/Objectives
Define the policy’s purpose as well as its objectives and policy definitions

Scope
Define whom this policy covers and its scope. What elements, IT assets, or organization-owned assets are within this policy’s scope?

Standards
Does the policy statement point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards. In this case, Remote Access Domain standards should be referenced, such as encryption standards and VPN standards; make any necessary assumptions.

Procedures
Explain how you intend to implement this policy for the entire organization.

Guidelines
Explain any roadblocks or implementation issues that you must overcome in this section and how you will surmount them per defined guidelines. Any disputes or gaps in the definition and separation of duties responsibility may need to be addressed in this section.

Challenge Exercise Note: The following challenge exercise is provided to allow independent, unguided work – similar to what you will encounter in a real situation.

For this portion of the lab, you will create training documentation for remote employees of Healthwise Health Care. This training will provide remote employees with methods they can use to secure their home network before connecting a company computer, as well as guidance on how to access the corporate network while traveling.

Use the internet to find information about remote access policies and home network protection, and then use this information to create a training document for remote employees.