All posts by : chebby

What are baseline security requirements that should be applied to the design and implementation of applications, databases, systems, network infrastructure, and information processing when considering cloud computing within an enterprise risk management framework?

Your paper should meet the following requirements:

• Be approximately four to six pages in length, not including the required cover page and reference page.
• Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. 
• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Acme Enterprise Scenario Residency Week

Acme Enterprise is a private company that is gearing up for an initial public offering (IPO). Prior to going public Acme must be in compliance with: GDPR, PCI DSS, and SOX. Acme is in the water purification business with new technologies that purify water in any form whether it is sewage, ocean, lake etc. 

Part of its IPO process is to show due diligence and due care. Acme has identified your team to conduct a risk assessment and analysis of its information technology infrastructure to uncover any threats and exposures and provide mitigations and controls to reduce those uncovered threat/exposures, so it can have a successful IPO. 

Using the Network Infrastructure design of the Acme Enterprise you are to assess risk of Acme’s:

1. Perimeter Security

2. Network Security

3. Endpoint Security

4. Application Security

5. Data Security

6. Operations

7. Policy Management

Acme Perimeter Security

Acme is currently protected by two dual Dynamic Stateful Inspection Firewalls that are configured in active and stand by mode. Acme is also configured to use PAT (port address translation) where 200.200.200.1 represents Acme on the public Internet. Acme translates this public IP through its clustered firewall to the internal IP space of 10.100.0.0/16 giving Acme 65334 useable IP addresses. 

As part of Acme’s infrastructure, it also accesses cloud services for its business office tools through Office 365 and uses Dropbox for end user’s storage. Acme uses a web hosting service for its web front end and ecommerce which is connected to a back-end Oracle Database using enterprise MySQL. The database administrators have full access to all database information, but they lack oversight from anyone else. 

There are two DMZ’s, but they are not utilized. 

Network Security

Acme has a collapsed core design which means all internal LAN routing and Internet access occurs on its distribution level devices. This means, wireless access, web proxy access, access control lists and entries are located at this layer of the infrastructure. Currently Acme is using WPA 2 (wireless protected access 2) for is wireless security. The web proxy is configured with the following: General, Limited, and Exclusive Internet access. Each of these categories dictates what type of Internet access an end user will experience if belongs to one of these groups. 

The Local area network uses the IP block in the following way: 10.100.1.0/24 User VLAN, 10.100.2.0/24 Research and Development VLAN.

Current access control lists are permit 10.100.2.0 0.0.0.255, permit 10.100.1.0 0.0.0.255. All other devices use the rest of the unallocated IP block of 10.100.0.0/16. 

Also, all IP space is statically assigned. There is one default route to Internet but users of complain about access to internal services. 

Endpoint Security

There is a mixture of MAC and Windows systems, XP, 7, and 10. JAMF is used to control and monitor MAC systems, the Windows devices rely on its end users to patch and update systems. The current endpoint security is signature-based MacAfee with no centralized control. 

Application Security

DevOps is responsible for secure coding and development of applications, but it has no formal oversight. Policy for application monitoring tracking is adhoc there are no formalized procedures. The server farm houses all applications, the operating systems range from Server 2003 to 2016. Mobile device management, media server, content management, file server, directory services, database, are all the services being offered from the server farm. This server architecture is all hardware based there are no hypervisor systems in place. 

Data Security

Data has not been classified, identity access management relies on one factor authentication; encryption, digital signatures, PKI rely on self-signed certificates, protection in the cloud is also missing and there is a lack of DLP (data loss prevention). Acme does store financial information in its data center as well as personal identifiable information. 

Operations

Information technology is responsible for security however there is a security team under the IT department. The Chief Information Security Officer reports to the Chief Information Officer. 

Policy Management

Acme has one Information Security Policy that addresses its information security architecture and program. It is not based on any of the existing information security management frameworks such as: IS0 27002, NIST CSF, or COBIT 5. 

You are going to conduct a risk assessment on Acme Enterprise using the risk assessment concepts we have learned about thus far. Each of the areas of the infrastructure mentioned above is where you will concentrate your assessments. After you have completed your risk assessment, you will then provide recommendations for each area that you assessed to reduce risk, exposure, and threat. Also, as part of your final submission demonstrate through a redesign where your mitigations will take place within the architecture. You can use the image below as guide for your risk analysis of each area.

PPT:

 Develop an 8 to 10 slide PowerPoint presentation with notes to summarize your written assignment. Be careful not to copy and paste excerpts exclusively from your written assignment 

Topic: VEEM and Blockchain Technologies Transforming Global Marketing.

 Write 4-5 page paper & accompanied 8-12 slide power point.

• Paper: Must be APA format, 12 pt font, Times New Roman, with title page and references page. Minimum 2-3 references. Title page and References page do NOT count towards minimum.
• Power Point: Is a summary presentation overview of paper, with additional charts/graphs to help demonstrate your insights on the topic.  Any template is fine to use.

Answer the following questions in your paper and power point.

1) Define how VEEM and Blockchain is expanding the global marketing efforts of companies

2) In your company of choice, who are they, are how do you think they use Blockchain and VEEM technologies to operate their digital marketing efforts?

3) How does this company use those technologies to expand globally their marketing efforts?

4) What challenges do companies in general face when it comes to implementing these technologies for their marketing efforts?

5) What forward thinking 1-2 key strategies do you think this company and their industry can implement to be competitive in the global marketing landscape?

You can use magazines, company websites, journals, news articles, interviews etc, to research and uncover your information.  There is no exact right or wrong answer to the questions on the strategies and challenges you think face that company and their industry, as long as your supportive research supports your thoughts. Looking for more what you think based on the research conducted. 

Abstract for the project

Your Research Project on the surveillance state consists of two parts:

1 a Powerpoint presentation consisting of at least 12 slides not including title and references.

2. 750 word research  paper with at least 3 sources. There should be no lists. Write in essay format not outline format. Include a meaningful title.

Do not double space.

You must include at least 3 quotes from your sources enclosing the copied words in quotation marks and cited in-line. 

There should be no lists – bulleted, numbered or otherwise. 

Write in essay format with coherent paragraphs not in outline format. Distribute your quotes among the paragraphs.

Do your own work. Zero points will be awarded if you copy other’s work and do not cite your source or you use word replacement software. 

The topic must be appropriate for graduate level. Find a topic that we covered in the course and dig deeper or find something that will help you in your work or in a subject area of interest related to the course topic. Use academically appropriate resources which you can find in the Danforth Library Research Databases.

Submit all documents at on time. Do not zip or otherwise compress them. Do not use .rar. Use .doc and .ppt extensions

Endpoint Protection vs. Anti-Malware  discuss the differences ?

Write a brief essay describing that case, 

Use the paragraph format. Include quotes with quotation marks and cited in-line and in a list of references.  

Data Quality and Security

The reading in the text provides two key reasons for poor data quality, “the rush to install new systems and the failure to take an integrated view of the organization’s data” (p. 109). Data security breaches seem to occur every other day, and as discussed in the Week Three lecture, there are serious implications for organizations that do not take the necessary measures to ensure data security. Include the following elements in your paper supporting your statements using the required sources for this assignment.

Analyze the role of data in information systems for business and describe the risks that can arise from poor data quality.

Explain the challenges that can result from poor data quality. Provide an example of the results of poor data quality from your own personal or professional experience.

Explain at least two methods of how organizations can ensure good data including the structure and applications necessary.

Analyze the risks of poor data security.

Research an article in the popular media that covers a recent data breach. Explain the impact of the data security breach on the organization and its leaders using evidence from your article.

Explain the role of data governance in keeping data secure.

The Data Quality and Security Paper

Must be two to three double-spaced pages (600-900 words) in length (not including title and references pages) and formatted according to APA style 

Must include a separate title page with the following:

Title of paper

Student’s name

Course name and number

Instructor’s name

Date submitted

Must use at least two credible sources in addition to the course text.

Write an essay discussing sqlmap, an automated tool for sql injection and database takeover in 500 words or more. Why do we need an automated tool for sql injection?  Include an interesting meaningful title.

Cite your sources in a clickable reference list at the end. Do not copy without providing proper attribution (quotation marks and in-line citations)
With atleast 3 references 

Select from the following list four (4) topics and discuss. Use only 70-words max per topic to discuss and present your answer. The discussion questions this week are from Chapter 14  (Jamsa, 2013).Chapter 14 topics:

• Define and describe the mobile web.
• Describe the different generations of cell phones.
• Describe how smartphones differ from ordinary cell phones.
• Select a mobile or traditional website that interests you. Describe the site in terms of the ecosystem that makes up the site’s user experience.
• Describe how web pages differ from apps and how apps differ from widgets.
• Discuss why developers say that HTML5 will drive mobile solutions.
• Describe some development best practices for designing solutions for the mobile cloud.

Chapter 15 topics:

• Define corporate governance.
• Discuss the events that led up to the need for increased corporate governance.
• Define business strategy. List five possible business strategies.
• Discuss the purpose of the Capability Maturity Model.
• Define auditing.
• Define internal control and provide an example of control.
• Discuss the role Sarbanes/Oxley has played with respect to corporate governance.
• Define IT governance.
• List factors one should consider with respect to governing the cloud.

NOTE: You are required to use at least two-peer reviewed sources (besides your textbook) to answer the above questions.  

Paper Section 1: Reflection and Literature Review

Using Microsoft Word and Professional APA format, prepare a professional written paper supported with three sources of research that details what you have learned from chapters 1 and 2.  This section of the paper should be a minimum of two pages. 

Paper Section 2:  Applied Learning Exercises

In this section of the professional paper, apply what you have learned from chapters 1 and 2 to descriptively address and answer the problems below.  Important Note:  Dot not type the actual written problems within the paper itself.

1. Search the Internet for material regarding the work of managers and the role analytics play. What kind of references to consulting firms, academic departments and programs do you find? What major areas are represented? Select five sites that cover one area and report your findings.
2. Most companies and organizations have downloadable demos or trial versions of their software products on the Web so that you can copy and try them out on your own computer. Others have online demos. Find one that provides decision support, try it out, and write a short report about it. Include details about the intended purpose of the software, how it works, and how it supports decision making.
3. Comment on Simon’s (1977) philosophy that managerial decision making is synonymous with the whole process of management. Does this make sense? Explain. Use a real-world example in your explanation.

Important Note:  There is no specific page requirement for this section of the paper but make sure any content provided fully addresses each problem.

Paper Section 3:  Conclusions

After addressing the problems, conclude your paper with details on how you will use this knowledge and skills to support your professional and or academic goals. This section of the paper should be around one page including a custom and original process flow or flow diagram to visually represent how you will apply this knowledge going forward.  This customized and original flow process flow or flow diagram can be created using the “Smart Art” tools in Microsoft Word.

Paper Section 4:  APA Reference Page

The three or more sources of research used to support this overall paper should be included in proper APA format in the final section of the paper.

Text book:  

Sharda, R., Delen, D., & Turban, E. (2015) Business intelligence and analytics: Systems for decision support (10th ed.). Boston: Pearson.

Digital: ISBN-13: 978-0-13-340193-6

Print: ISBN-13: 978-0-13-305090-5

Note: I have attached PPTs in attachment