risk management

Bellow URLS Will discusses broad context of risk and investigative forensics. Part of risk management is to understand when things go wrong, we need to be able to investigate and report our findings to management.

Using this research, or other research you have uncovered discuss in detail how risk and investigate techniques could work to help the organization. 

ERM helps to protect an organization before an attack, where as forensics investigate technique will help us after an attack – so lets discus both this week.

URL : https://s3.amazonaws.com/blackboard.learn.xythos.prod/5a31b16bb2c48/7209489?response-cache-control=private%2C%20max-age%3D21600&response-content-disposition=inline%3B%20filename%2A%3DUTF-8%27%27Week9-Interdependent%2520Strategic%2520Security%2520Risk%2520Management%2520With%2520Bounded%2520Rationality%2520in%2520the%2520Internet%2520of%2520Things.pdf&response-content-type=application%2Fpdf&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20201020T180000Z&X-Amz-SignedHeaders=host&X-Amz-Expires=21600&X-Amz-Credential=AKIAYDKQORRYTKBSBE4S%2F20201020%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=e26ec3baa22db08b5f2bb413601387c1f340d6e88d07bdccf91e126e4724f5e5

URL : https://web.a.ebscohost.com/ehost/results?vid=0&sid=34cd95fb-0bc3-4ed4-a199-d7450c412c71%40sdc-v-sessmgr02&bquery=Total%2BInformation%2BRisk%2BManagement%253a%2BMaximizing%2Bthe%2BValue%2Bof%2BData%2Band%2BInformation%2BAssets&bdata=JkF1dGhUeXBlPXNoaWImZGI9ZTAwMHhuYSZ0eXBlPTAmc2VhcmNoTW9kZT1BbmQmc2l0ZT1laG9zdC1saXZl

Discussion

 

This is a required assignment worth 20 points (20-points/1000-points). Assignment must be submitted by the due date. No late assignments are allowed. Please discuss the following topics and provide substantive comments to at least two other posts.

Select from the following list four (4) topics and discuss. Use only 50-words max per topic to discuss and present your answer. The discussion questions this week are from Chapter 6   (Jamsa, 2013).

Chapter 6 topics:

  • Define and describe a SAN.
  • Define and describe NAS.
  • Describe how cloud-based data storage works.
  • Assume that you must select a cloud-based data storage solution for your company. List the factors you would consider when selecting a vendor.
  • Many users do not yet feel comfortable storing data within the cloud. Discuss some steps you can take to reduce their concerns.
  • Assume that you must select a cloud-based data storage solution for your company. List the factors you would consider when selecting a vendor.
  • List the pros and cons of cloud-based data storage.
  • List the pros and cons of a cloud-based database.

NOTE: You are required to use at least two-peer reviewed sources (besides your textbook) to answer the above questions.  The initial post is due by Wednesday at 11:59pm ET.  You must engage on at least three separate days (by Wednesday for the first post and two additional days of peer engagement).  Do not wait until Sunday to engage with peers, this should be an active conversation with your peers.  When replying to peers be sure to engage with substantial posts that add to the conversation.  

Write an essay for 500 words on topic placed below ?

Investigate whether or not an employee at a local hospital has been accessing patient records and setting information to online pharmacies. It is your first day of the investigation. Put together a list of data sources that must be examined during the investigation.

Case Study 5 – Dianrong

 

Please read the Dianrong case study (see HBS Coursepack) and answer the following questions with substantive answers in a cohesive essay. Your paper should be at least 3 pages in length. Use proper grammar, spelling, citations, etc.

1. What are the trade offs that Dianrong is facing? How should the company prioritize its objectives? What should Soul Htite do?

2. As detailed in Exhibit 1 of the case, there are different collaboration models that Dianrong has adopted in working with various parties on technological development. How should the company decide on the nature of collaboration for technological developments in the future (via organic and in-house developments, partnerships, joint ventures, or acquisitions)?

3. Assuming that the company manages to raise an additional US$100 million, how should Dianrong allocate the capital across its many business units to maximize value in the long run? Should the company spend the money on internal R&D initiatives or M&A pursuits? Or both?

4. How should the company work with the local regulations in China? Should the company focus on reviving the P2 industry in China in the process? If so, how?

5. Are there other technologies that Dianrong should consider adding to its already expansive portfolio of technologies? In contrast, are there technologies that may seem redundant at the firm at the moment? How should Dianrong manage this to improve its competitive edge with its “technology DNA?”

Compose your essay in APA format, including the introduction and conclusion, and in-text citations for all sources used. In addition to your 3 page (minimum) essay, you must include an APA-style title page and reference page. Click the assignment link to compare your work to the rubric before submitting it. Click the same link to submit your assignment.

malicious attacks

Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure in 4-5 pages, including a cover page and reference page, at least three references and in APA format.

InfoTech in a Global Economy 2.1

 Find a peer-reviewed scholarly journal article discussing blockchain technology. Complete a review of the article by writing a 2-3 page overview of the article. This will be a detailed summary of the journal article, including concepts discussed and findings. Additionally, find one other source (it does not have to be a peer-reviewed journal article) that substantiates the findings in the article you are reviewing. You should use the UC library ( https://www.ucumberlands.edu/library) and/or Google Scholar to find these types of articles ( https://scholar.google.com/ )Once you find the article, you will read it and write a review of it.  This is considered a research article review.Your paper should meet these requirements: 

  • Be approximately three to four pages in length, not including the required cover page and reference page.
  • Follow APA 7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
  • Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
  • Be clearly and well-written, concise, and logical, using excellent grammar and style techniques.

cloud computing

This is a required assignment worth 75 points (75-points/1000-points). Assignment must be submitted by the due date. No late assignments are allowed. Please discuss the following topics and provide substantive comments to at least two other posts. Select from the following list four (4) topics and discuss. Use only 50-words max per topic to discuss and present your answer.  The discussion questions this week are from Chapter’s 1 & 2  (Jamsa, 2013).Chapter 1 topics:

  • Define and discuss cloud computing.
  • Discuss how cloud computing has changed how companies budget for software solutions.
  • Compare and contrast SaaS, PaaS, and IaaS, and provide an example of each.
  • Define scalability and discuss how the cloud impacts it.
  • List three advantages and three disadvantages of cloud computing.
  • Define virtualization and discuss how the cloud impacts it.
  • Describe three cloud-based solutions for individuals and three cloud-based solutions for businesses.
  • Discuss how Web 2.0 has driven the growth of the web.
  • Compare and contrast public, private, community, and hybrid clouds.

Chapter 2 topics:

  • Define and describe PaaS
  • List the benefits of PaaS
  • Describe the potential disadvantages of PaaS
  • Describe how a cloud-based database management system differs from an on-site database.
  • List the computing resources normally provided with PaaS.
  • Assume your company must deploy a .NET solution to the cloud.  Discuss the options available to developers.  Research on the web and estimate the costs associated with deploying a PaaS solution.
  • Assume your company must deploy a PHP or Java solution to the cloud.  Discuss the options available to developers.  Research on the web and estimate the costs associated with deploying a PaaS solution.

Project 1: Explore Networking in the Cloud ( please submit Steps 4, 5, 6, and 7 separately)

****Please submit Steps 4, 5, 6, and 7 separately, before submitting the completed project 1****

In CCA 610: Cloud Services and Technology, you assumed the role of an IT analyst at BallotOnline, a company providing electronic voting solutions worldwide. Your proposal to begin migrating systems to the cloud has been approved.

BallotOnline has now initiated preparations for the cloud deployment. The company decided to start with deeper investigations of crucial technologies enabling cloud computing. You became acquainted with the basics of these technologies in CCA 610. 

In this project, you will conduct more in-depth investigation of cloud networking, which makes cloud connectivity on-demand operations possible. You need to have a good understanding of this as you prepare the BallotOnline network for migration to the cloud as well as designing the appropriate network infrastructure in the cloud for BallotOnline.

To do that, you will assume the role of a BallotOnline network engineer. You will explore the network protocols that enable the company and its customers to connect to the cloud, as well as technologies making it possible to create on-demand in-cloud virtual networks into which the cloud resources will be deployed.

You will conduct two lab experiments exploring the TCP/IP protocols and software-defined networking. You will also perform a subnetting task to demonstrate your understanding of TCP/IP network addressing. Your final deliverable will be the technical report describing your findings and explaining the use of these technologies for BallotOnline’s cloud deployment.

Step 1: Review Networking Concepts

In this step, you will establish an understanding of networking concepts and terms. It will help the recipients of your technical report, including BallotOnline’s technical management, to become familiar with networking vocabulary and definitions.

You will start with reviewing basic networking concepts such as local area network (LAN), Ethernet, and packet switching—the technique of splitting transmitted data into smaller portions and transmitting them separately. 

Splitting data into packets, transmitting the packets reliably, and reassembling the data is performed by networking software. It is important to know about basic networking concepts since they serve as the underlying technology for cloud computing. This will ultimately prepare you to submit your technical report for this project. (http://intronetworks.cs.luc.edu/current/html/intro.html)

Networking software follows the popular model of layered design of network protocols, with each layer using the functionality of the layer below it and implementing new functionality to be used by the layer above. The technical report should include the popular internet suite of protocols—TCP/IP. Application protocols such as HTTP or SMTP are implemented in layers above TCP/IP. (http://intronetworks.cs.luc.edu/current2/html/tcpA.html?highlight=transmission%20control%20protocol)

Other basic networking concepts include Domain Name Service, network firewalls, and Network Address Translation. As the network engineer for BallotOnline, you know that these protocols play an important role in enabling cloud computing. 

Step 2: Explore Internet Packet Switching—IP

The Internet Protocol (IP) is the workhorse of today’s internet connectivity. As the network engineer for BallotOnline, you know that today’s cloud computing is built on top of IP. Most communication between systems in the cloud is done using this protocol.

IP employs the technique of packet switching, which breaks the data to be transmitted into smaller parts, called packets or datagrams, that are sent over the network independently. Understanding IP is crucial to designing and maintaining cloud deployments, which are provisioned within virtual IP networks and accessed via global internet. You will review the basic elements of IP protocol and include their brief discussion in your technical report.

Network devices have a network address to allow other devices to connect to it. The network addresses used in IP are called IP addressing. BallotOnline will need IPv4 addressing to be able to provide network addresses to a cloud system and to create a virtual network in the cloud.

Every system on the network must have an IP address. The assignments of IP addresses to the network systems can be done manually or dynamically through a Dynamic Host Configuration Protocol (DHCP) server. As the network engineer for BallotOnline, you know that manually assigning IP addresses is time-consuming and should only be used on a small number of systems where the IP address will not change frequently. (http://intronetworks.cs.luc.edu/current/html/ipv4.html#dynamic-host-configuration-protocol-dhcp)

Because numeric addresses are not human-friendly, a domain/machine naming convention defines human-readable names for internet hosts. An internet-based service called DNS (Domain Name System) provides translation between the IP addresses and the domain names. In general, people will use the domain names when addressing a system on the internet instead of using its IP address. You will need to explain in the technical report how DNS is used alongside IP addresses.  

As the network engineer for BallotOnline, you also know the importance of IP routing, the mechanism used to route the IP packets across the internet from the sender to the recipient. IP routing of IP packets is accomplished by network routers, which determine the next destination for each packet and are able to learn new routes. (http://dtucker.cs.edinboro.edu/IPRouting.htm) (https://www.learncisco.net/courses/icnd-1/lan-connections/packet-delivery-process-at-l3.html)

Step 3: Investigate Internet Transport—TCP

As robust as the IP protocol is, it does not perform the actual transmission of the data. In this step, you will investigate the network protocol called Transmission Control Protocol (TCP), responsible for creation, reliability of delivery, and proper assembling of data packets. 

In addition to IP, TCP is also widely used on the internet, especially for any network communication where it is essential to confirm receipt of the transmission. Many of the network protocols used to implement cloud computing use both TCP and IP. You will review TCP’s workings and discuss them in your final technical report. 

In general, there is no guarantee that a data packet will reach its destination. Packets can get lost or corrupted during transmission, and there are network applications where you need assurance that the packets have reached their destination. To achieve reliability, TCP establishes connections between communicating hosts, using port numbers to refer to applications on these hosts. Then, packets are created, sequenced, transmitted, acknowledged, and retransmitted if missing or containing errors. Finally, at the destination, they are reassembled into the original messages. 

To synchronize the flow of packets between sender and receiver, and avoid packet congestion in case of varying speeds, TCP uses sliding windows for packets remaining in processing at a given time, at both the sender and receiver ends. (http://intronetworks.cs.luc.edu/current/html/slidingwindows.html#sliding-windows)

Step 4: Review Advantages of IP Subnetting

One of the drawbacks of IPv4 is the maximum number of network devices it can support. IPv4 addressing uses a 32-bit network address. This allows for 232,, or a little over 4 billion devices. However, today there are significantly more devices on the internet. Even though the more robust IPv6 version has been introduced and efforts are under way to assure wide adoption, IPv4 is still widely used.

One method used to more efficiently use the IPv4 network addresses is a technique to optimize the addresses by splitting them into network addresses and host addresses within designated networks. You will need to take advantage of IP address splitting so that you can efficiently use and allocate the IPv4 network addresses that have been assigned to BallotOnline.

For a given large network, rather than addressing all the hosts using the host part of the address, subnetting allows for splitting the network into several smaller ones by borrowing the host part bits and adding them to the network bits. ( http://intronetworks.cs.luc.edu/current/html/ipv4.html#ipv4-subnets ). It supports efficient management of local networks composed of multiple LANs. In this step, you will investigate subnetting conventions and discuss them in your final report in order to lay ground for the use of subnets by BallotOnline.

As the network engineer for BallotOnline, you know that subnetting a network into several smaller and variable-sized networks will be best for the organization’s needs. BallotOnline has been assigned a network address block by the Internet Assigned Numbers Authority (IANA). ( https://www.iana.org/ )

Because BallotOnline has several offices around the world, you will need to subnet this network address to assign just the right number of addresses to each office location based on the number of systems at that office location (the network address assigned by IANA and the number of offices along with their sizes is provided bellow).

Your task is to create the appropriate number of subnets with the right size to optimize the network.

Your technical report should include Classless Interdomain Routing (CIDR) notation, which allows for specifying a variable-length network as part of the IPv4 address, leaving the rest for addressing hosts within the network. ( https://opensource.com/article/16/12/cidr-network-notation-configuration-linux )

***Network address assigned by IANA and the number of offices along with their sizes***

+++Submission for Project 1: Subnetting+++

The first interim deliverable for Project 1 is for you to learn about subnetting and demonstrate that you know how to do this.

Below, please find a list of 30 subnetting problems.  Make sure no two students select the same project. Please select one that you want to do.  Please reply to this thread with your selected problem number. As I see them, I will scratch them from the list.

You are to perform subnetting on your given network.  The deliverable is for you to provide the following information for each of the subnet identified (there are four of them for each problem):

  • Network address
  • Subnet Mask
  • Range of IP Addresses available
  • Broadcast Address
  • The number of subnets that you will be able to get
  • The number of hosts that each subnet will be able to have

You will also need to show the calculation on how you get your answers.

1. 214.135.174.0/24 subnetted to 23 subnets and provide information for subnets #1, #4, #5, and #23
2. 209.44.165.0/24 subnetted to 18 subnets and provide information for subnets #1, #4, #5, and #18
3. 208.101.170.0/24 subnetted to 16 subnets and provide information for subnets #1, #4, #5, and #16
4. 201.107.51.0/24 subnetted to 9 subnets and provide information for subnets #1, #4, #5, and #9
5. 196.4.85.0/24 subnetted to 13 subnets and provide information for subnets #1, #4, #5, and #13
6. 197.231.214.0/24 subnetted to 9 subnets and provide information for subnets #1, #4, #5, and #9
7. 217.86.213.0/24 subnetted to 14 subnets and provide information for subnets #1, #4, #5, and #14
8. 219.141.75.0/24 subnetted to 21 subnets and provide information for subnets #1, #4, #5, and #21
9. 217.64.152.0/24 subnetted to 18 subnets and provide information for subnets #1, #4, #5, and #18
10. 199.90.199.0/24 subnetted to 16 subnets and provide information for subnets #1, #4, #5, and #16
11. 208.198.235.0/24 subnetted to 14 subnets and provide information for subnets #1, #4, #5, and #14
12. 200.203.113.0/24 subnetted to 26 subnets and provide information for subnets #1, #4, #5, and #26
13. 212.166.231.0/24 subnetted to 14 subnets and provide information for subnets #1, #4, #5, and #14
14. 207.229.107.0/24 subnetted to 26 subnets and provide information for subnets #1, #4, #5, and #26
15. 202.46.198.0/24 subnetted to 16 subnets and provide information for subnets #1, #4, #5, and #16
16. 197.142.43.0/24 subnetted to 24 subnets and provide information for subnets #1, #4, #5, and #24
17. 197.183.21.0/24 subnetted to 10 subnets and provide information for subnets #1, #4, #5, and #10
18. 219.62.162.0/24 subnetted to 29 subnets and provide information for subnets #1, #4, #5, and #29
19. 200.103.113.0/24 subnetted to 22 subnets and provide information for subnets #1, #4, #5, and #22
20. 208.142.121.0/24 subnetted to 18 subnets and provide information for subnets #1, #4, #5, and #18
21. 199.228.167.0/24 subnetted to 16 subnets and provide information for subnets #1, #4, #5, and #16
22. 197.216.7.0/24 subnetted to 18 subnets and provide information for subnets #1, #4, #5, and #18
23. 211.220.70.0/24 subnetted to 22 subnets and provide information for subnets #1, #4, #5, and #22
24. 200.199.177.0/24 subnetted to 24 subnets and provide information for subnets #1, #4, #5, and #24
25. 197.7.221.0/24 subnetted to 10 subnets and provide information for subnets #1, #4, #5, and #10
26. 211.30.43.0/24 subnetted to 12 subnets and provide information for subnets #1, #4, #5, and #12
27. 212.96.179.0/24 subnetted to 22 subnets and provide information for subnets #1, #4, #5, and #22
28. 197.21.197.0/24 subnetted to 22 subnets and provide information for subnets #1, #4, #5, and #22
29. 200.190.92.0/24 subnetted to 16 subnets and provide information for subnets #1, #4, #5, and #16
30. 209.50.103.0/24 subnetted to 9 subnets and provide information for subnets #1, #4, #5, and #9

+++Submission for Project 1: Lab 1 Report+++ (File CCA 625 Project 1: Analyzing Network Traffic Using Wireshark attached)

Step 5: Capture and Analyze Network Traffic

Another skill that you will need as the network engineer for BallotOnline is being able to capture network traffic. It’s important to analyze network traffic to find and troubleshoot network issues. This method is commonly used to identify a malfunctioning network device or to detect a possible network issue, such as an ongoing network attack.  Normally, this process can take hours, days, or even weeks, depending on the size of the network and the specific traffic that you are trying to capture and analyze.  In this scenario, you will be provided with a captured network traffic and you will be directed to look for specific network packets.

You will use Wireshark, a popular open-source network traffic capture and analysis tool. To analyze the capture file provided to you, here is an introductory tutorial. (https://www.wireshark.org/) ( https://www.wireshark.org/video/wireshark/introduction-to-wireshark/ )

Follow the steps in the Analyzing Network Traffic Using Wireshark Guide and prepare a lab report with answers and screenshots to support your answers. The lab report will be attached to your final technical report to demonstrate your proficiency in using the tool to do basic network analysis.

Step 6: Explore Networks Inside the Cloud—SDN

Cloud computing defines network resources as needing to be “rapidly provisioned and released with minimal management effort or service provider interaction” (Mell & Grance, 2011), As cloud networks developed, it was clear that further virtualization of network devices such as switches and routers was needed.

This led to what is known as software-defined networking (SDN) technology, enabling programmatic interfaces to control functions of these devices. ( http://ipj.dreamhosters.com/wp-content/uploads/issues/2013/ipj16-1.pdf ). You know that it will be important for management to understand how SDN supports cloud deployments like BallotOnline’s, so it will be a key part of your technical report.

Instead of manually programming network devices to configure a LAN, cloud management systems using SDN can set these devices up to forward packets to particular destinations by “calling” SDN APIs (application programming interfaces – libraries of software routines). This allows for the creation of virtual networks in the cloud by software.

The most popular SDN standard is OpenFlow by the Open Networking Foundation (https://www.opennetworking.org/).  OpenFlow switches include SDN controllers, which maintain flow tables to control forwarding of IP datagrams, and they can learn routes as IP packets when particular source and destination addresses arrive.

References

Mell, P., & Grance, T. (2011). SP 800-145: The NIST definition of cloud computing. Retrieved from https://csrc.nist.gov/publications/detail/sp/800-145/final

Once you participate in the discussion below, proceed to the next step. There, you will use a network simulator to show how packets are transmitted.

Software-Defined Network Discussion

Discuss what software-defined networking is and what networking challenges it addresses. What is the role of OpenFlow protocol? Describe how BallotOnline could benefit from SDN in its cloud deployment.

Once you have submitted your post, make sure your response advances the conversation. Do not simply agree or disagree with a post, but instead explain the reasons for your opinions and how they relate to your experiences.

Use the discussion to develop awareness, share your thoughts, ask questions, and reflect.

Step 7: Simulate a Network With Mininet

Submission for Project 1: Lab 2 Report

Step 7: Simulate a Network With Mininet

To demonstrate your understanding how network packets are transmitted in the cloud, you will use Mininet, (http://intronetworks.cs.luc.edu/current/html/mininet.html#installing-mininet) a popular open-source network simulator that can be used together with Wireshark. This demonstration will be part of your technical report.  Follow the steps in this Simulating a Network Using Mininet and Analyzing Packets Using Wireshark Guide. (https://leocontent.umgc.edu/content/dam/course-content/tgs/cca/cca-625/document/SimulatingaNetworkusingMininetandAnalyzingPacketsusingWireSharkGuide.pdf?ou=535215).

During the lab, you will provision an EC2 instance in AWS using a preconfigured AWS Machine Image (AMI) and use the Mininet simulator in the EC2 instance to create two hosts. You will then use Wireshark to capture the packet exchanges. (https://aws.amazon.com/ec2/?ec2-whats-new.sort-by=item.additionalFields.postDateTime&ec2-whats-new.sort-order=desc) ( https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-best-practices.html )

You will prepare a lab report as per the lab guide and attach it to your final technical report.

In the next step, you will put together your technical report for BallotOnline.

Step 8: Submit Networking in the Cloud Technical Report

As your final submission, you will write a technical report about networking in the cloud. It will be addressed to BallotOnline technical managers to help them understand how these networking technologies will be implemented as BallotOnline migrates to the cloud.

It will include technical review of the topics covered in the project. Follow the Networking in the Cloud Technical Report Template to cover all the topics required ( https://leocontent.umgc.edu/content/dam/course-content/tgs/cca/cca-625/document/CCA625Project1_NetworkingintheCloudTechnicalReportTemplate.docx?ou=535215 ). 

Make sure you provide headings to clearly identify sections of your report. The technical review part of the report should be eight to 12 pages. You should also include both Project 1 lab reports (1 and 2), with incorporated feedback from Steps 5 and 7 if any.

Wireless Security & Forensics

 

In this weekly discussion, you will discuss the use of a tool for manual examination of a phone:

  • Select  one of the tools mentioned in the text and describe the tools  functionality and process used in an examination of a device.
  • Using the Internet, research the web for an article related to the tool and answer the following questions:
  1. What are some of the advantages or disadvantages of the tool?
  2. Discuss the tools setup
  3. Appraise the value of the tool in gathering evidence for prosecution

Your  response to the DQ must be a minimum of 400 words. You must provide  references for your response (APA format). You will need to reply to two  (2) other fellow student’s posts (See the syllabus). The responses must be made in the week due.