Ethical Decision Making

 

Assignment Content

  1. Resource: Decision Tree Example
    Your team of international developers will be developing a publicly accessible cloud-based application which may potentially house user PII data along with information about users’ behaviors and activities (e.g., physical locations, online sites they visit, searches, purchases, etc.), and user’s intellectual property (e.g., photos, artwork, videos, etc.).

    Based on your work in Weeks 3 and 4, develop an ethical decision-making illustration or decision tree that shows ways to address each risk if an actual incident occurs. Develop an ethical policy statement of the actions your team would take, keeping a global perspective in mind.

    Using the Decision Tree Example provided as a guide, create a PowerPoint presentation containing 4 to 6 slides. Provide 1 file for the team. This example will help you develop your individual assignment in Week 5.

    Note: You may use other applications like Adobe Spark, Microsoft Sway, or Mix instead of PowerPoint.

    Submit your assignment.

Creating Company E-mail/WIFI/Internet Use Policies

Title: Creating Company E-mail and WIFI / Internet Use Policies Attached you will find a description of your final project assignment.

Creating Company E-mail/WIFI/Internet Use Policies

You have just been hired as the Security Manager of a medium-sized Financial Services company employing 250 people in New Hampshire, and have been asked to write two new security policies for this company. The first one is an e-mail policy for employees concentrating on personal use of company resources. The second policy is that of WIFI and Internet use within the company.

There are many resources available on the web so researching these topics and policies should be easy. The most difficult part of this exercise will be determining how strict or how lenient you want to make these policies for this particular company.

Project Plan

You are asked to create two separate policies on use of EMAIL and a WIFI/INTERNET USE within the company.

Be specific in your terms and conditions of use. Consider these items to be included in your policies (as applicable).

1. Overview 

2. Purpose 

3. Scope

4. Policy 

5. Policy Compliance

6. Related Standards, Policies and Processes

7. Definitions and Terms

Some useful links and resources for your research:

https://resources.workable.com/email-usage-policy-template

https://www.sans.org/security-resources/policies/general/pdf/email-policy

https://resources.infosecinstitute.com/acceptable-use-policy-template-public-wifi-networks/#gref

https://www.techrepublic.com/article/download-our-wireless-policy-template/

Requirements:

– 2 pages

– No plagiarism 

Discussion 2

Discussion: This week we focus on the social and organizational issues that exist with better understanding why changes occurs.  This week discuss the phases of change noted in the Linear Development in Learning Approaches section in the Information Technology and Organizational Learning text. 

Textbook Name — Information Technology and Organizational Learning text.

Note: The first post should be made by Wednesday 11:59 p.m., EST. 

Answer below

 

  • Use the star schema developed in Portfolio Milestone 1 – Option 1 in Module 3; incorporate your instructor’s feedback.
  • Use the tables created in Portfolio Milestone 2 – Option 1 in Module 5; incorporate your instructor’s feedback.

Develop and execute the SQL commands to populate the fact and dimension tables by extracting data from the Northwind OLTP database and loading the data into the tables within the Northwind Data Warehouse. Your ETL workflow should consist of selecting the required variables from the source database and tables and inserting the required variables into the destination database and tables. After you have populated the tables, construct an SQL command to count the number of rows in each table. Capture a screenshot of the row count for each table. Finally, construct an SQL command to list the first ten rows of each table. Capture a screenshot of each listing.

Your deliverable for this Portfolio Project is a report containing the following information:

  • Changes to your business process, business questions, and fact table grain from Module 5
  • Updated version of the star schema incorporating your instructor’s feedback from Module 5
  • Screenshots of the row counts and table listings
  • Listing of SQL commands used in this assignment
  • A brief description of lessons learned in completing the Portfolio Project and the two Milestones. Based on your lessons learned, what advice would be offer to an organization embarking on building a data warehouse system?

Opposing Shadow IT

Organizations do not always provide information systems that allow their staff to perform their responsibilities efficiently and effectively. Read the article, “Lifting the Veil Off Shadow IT.” Then, respond to the following:

  • Take a position favoring or opposing shadow IT.
  • If you are in favor, give one reason that shadow IT should be allowed. If you are not in favor, provide one way that the organization can reduce the risks of shadow IT.

Information security

 

Check the slides “OS Security II,” pg. 4-8. You are to implement a Dictionary Attack with and without Password Salt program in either C/C++ or Python.

If you are not familiar with measuring execution time in C++, see the following website:

https://www.geeksforgeeks.org/measure-execution-time-function-cpp/

If you are not familiar with measuring execution time in Python, see the following website:

https://stackoverflow.com/questions/1557571/how-do-i-get-time-of-a-python-programs-execution

See the following steps.

1. Accept a user password of length N as keyboard input to your program. You can determine your own length N.

2. Compute the hash of the password from step 1.

Your hash function H() is simply the checksum. 

3. Now you become an attacker and try to find the password of length N.

Try every combination of length N password and for each combination, compute the hash and compare to the hash of the password from step 2.

Measure execution time.

4. Now let’s reinforce our password using the password salt. Accept an arbitrary non-negative integer number as keyboard input to your program.

5. Compute the hash of the concatenated password salt and password from step 4 and step 1. To compute the password salt portion of the checksum, you can treat the entire password salt as EITHER a single integer OR multiple one-byte integers.

6. Now you become an attacker and try to find the concatenated password salt and password.

Try every combination of an arbitrary non-negative integer number and length N password and for each combination, compute the hash and compare to the hash from step 5.

Measure execution time.

NOTE: your program should have separate functions for the checksum and the two dictionary attacks with and without the password salt by the attacker.