Identify the FOUR (4) questions to ask about Collaborative Tools as stated by Jamsa (2013). List the four questions as level 1 headings.
Then, in YOUR OWN words, and in response to the four questions, and from a business owner’s perspective, explain possible issues that could arise in the business if the questions are NOT answered.
please prepare the 2 responses for below discussion post in 50 to 75 words
Post#1
The response to incidents is a phase, not an isolated event. Teams should take a cohesive and structured approach to any incident in order for incident reaction to be successful. In order to effectively resolve the broad range of security incidents that an organization might encounter, there are five essential steps that any response program should cover – that includes preparation, detection and reporting, analysis, containment and neutralization and the post incident activity (Bandos, 2019).
Preparation:
The secret to efficient incident response is planning. Without predetermined protocols, even the best incident management team cannot handle an incident effectively. To help the staff, a strong strategy must be in place. These features should be included in an incident response plan in order to resolve security incidents successfully – Create and document IR policies, establish communicate protocols, incorporate threat intelligence feeds, conduct cyber hunting exercises and access the threat detection capabilities.
Create and Document IR policies: Define incident response management policies, procedures and agreements.
Establish Communication Protocols: Develop criteria and guidelines for communication to allow for smooth communication during and after an incident.
Incorporate Threat Intelligence Feeds: Execute the threat intelligence feeds constantly capture, evaluate, and synchronize.
Conduct cyber hunting exercises: To identify incidents occurring within your environment, execute operational threat hunting exercises. This encourages more constructive reaction to accidents.
Assess the threat Detection Capabilities: Assess your existing capability for threat detection and upgrade systems for risk evaluation and enhancement.
Detection and reporting:
In order to identify, warn and report possible security incidents, the aim of this process is to track security events.
Controlled monitoring: Use firewalls, intrusion prevention systems, and data loss prevention to monitor security incidents in your network.
Detect: Detect by correlating warnings inside a SIEM solution to possible security incidents.
Alert: Analysts build a ticket for an incident, record initial observations and allocate an initial classification for an incident.
Report: The reporting process should provide room for escalations in regulatory reporting.
Analysis:
During this point, the bulk of the effort is made to correctly scope and interpret the security incident. To collect data from instruments and systems for further study and to recognise signs of compromise, resources should be used. In-depth expertise and a comprehensive understanding of live device responses, digital forensics, memory analysis, and malware analysis should be accessible to individuals.
Containment and neutralization:
This is one of the most important incident response levels. The containment and neutralization strategy are based on the intelligence gathered during the review process and the compromise indicators. Normal operations will resume after the system is restored and security is checked.
Post Incident Activity:
After the incident is settled, there is more work to be done. Make sure that any details that can be used to avoid similar events from occurring again in the future is properly recorded.
A proper IR plan design is important for any organization to respond to the incidents. To make a rapid and thorough determination of who, what, how, where, and why the IR plan should be straightforward, easy and direct the incident response team (Kashalkar, 2016). The strategy should also provide detailed instructions so that the company can identify the under-attack structure and data and take steps to protect vital assets. The functions and duties of all the stakeholders are clearly set out. Businesses, and each individual employee in particular, must have a clear understanding of their tasks to be performed in the event of an incident, and adequate steps must be taken to minimize the effect and protect the loss of confidential data. The IR plan should not be limited only to the department of IT or defense. The IR plan is only successful if both the technical and non-technical teams are dedicated and engage in the implementation of the IR plan, such as Legal, Compliance, Human Resources, Public Relations, etc. Take the time to establish relationships with internal and external stakeholders that might be able to respond to a critical incident by supporting the organization. Establish a system for incident classification so that you can prioritize the tasks of incident response properly. For future remediation purposes, classification will also assist you to extract meaningful metrics such as form, intensity, attack vector, effects, and root cause. Finally, the IR approach should fit with the corporate objectives. Identify what matters most to your company and weave those goals into your IR operations.
Post#2
An incident is an unplanned interruption or reduction of quality in any network. Incident response management is the hero of software development and IT operations. A good incident response process works behind the scenes to ensure issues are resolved quickly so that communication, performance, and development can continue to operate the network. In a world where security and business risks are at a high point, companies must invest in an incident response management process. “The modern cloud architecture dictates the requirements for the forensic investigation and incident response model such as being scalable, elastic, easy to integrate – integration with data plane, and easy to manage – integration with control plane” (Adamov, & Carlsson, 2016).
Incident response in the cloud brings its challenges and unique requirements as well. By using some cloud incident response best practices to make sure incidents don’t become crises. Some best practices of cloud computing are discussed below.
Put a process in place before an incident happens: We can’t be able to predict every type of incident or situation that needs to address. So, it’s important to be prepared.
Incident response in the cloud helps in many factors like resolve incidents faster, improve internal and external communication, reduce revenue losses, and promote continuous learning and improvement. “Cloud is able to combine numerous heterogeneous resources (hardware platforms, storage back ends, file systems) that may be geographically distributed” (Urias, et. al., 2016).
Where the data and event occurs, we will have to implement a response immediately. When we work with stakeholders, legal counsel, and organizational leadership to determine only the goal of incident response. Some common goals include containing the issue, recovering the affected resources, preserving data for forensics, resolve the issue rapidly, and attribution.
In incident response, we can assess the impact and prioritize risks using key monitoring systems and escalation and diagnosis processes. But before that, make sure to clear channels of communication between team members, as well as outlined expectations for responsibility. Explain all the priority and severity levels before an incident occurs so incident managers can quickly assess and determine priorities in the heat of the moment. Address all future incidents response in order of the priority list of any organization. “A large number of research efforts have focused on intrusion detection in industrial networks, however, few of them discuss what to do after an intrusion has been detected” (Piedrahita, et. al., 2018).
Cloud computing is large and complex as well, with many moving parts to track and monitor to any network. It’s important to invest in the right incident management tools to support cloud incident response processes. Visualize all the processes and map cloud architecture to keep everyone on the same page and prevent incidents from falling through the cracks or prevent networks from cyber attacks (Adamov, & Carlsson, 2016).
When we come to incident response, there’s no such thing as too much communication. We take advantage of incident response playbooks, messaging scripts, and process flows to ensure every one of our team is on the same page.
Several Big Data Visualization tools have been evaluated in this weeks paper. While the focus was primarily on R and Python with GUI tools, new tools are being introduced every day. Compare and contrast the use of R vs Python and identify the pros and cons of each. Provide an example of both programming languages with coding examples as well as your experience in using one or both programming languages in professional or personal work. If you have no experience with either language, please discuss how you foresee using either/both of these languages in visualizing data when analyzing big data.
Need it to be completed in next 2 hours
Requirements:
Provide a 500 word (or 2 pages double spaced) minimum reflection.
Use of proper APA formatting and citations. If supporting evidence from outside resources is used those must be properly cited.
Share a personal connection that identifies specific knowledge and theories from this course.
Demonstrate a connection to your current work environment. If you are not employed, demonstrate a connection to your desired work environment.
You should NOT, provide an overview of the assignments assigned in the course. The assignment asks that you reflect how the knowledge and skills obtained through meeting course objectives were applied or could be applied in the workplace.
Server Virtualization and Cloud Computing
This week, you have read about server virtualization and cloud computing in chapter 6 of your textbook. For your written assignment this week, complete a case study of the organization you work for (use a hypothetical or “other” organization if more applicable) that will address the following prompts:
• Describe the organization’s environment, and evaluate its preparedness for virtualization.
• Explain Microsoft (or another product) licensing for virtualized environments.
• Recommend a configuration for shared storage; make sure to discuss the need for high availability and redundancy for virtualization for the organization.
• Explain Windows Azure capabilities for virtual machines and managing a hybrid cloud, including Windows Azure’s Internet as a Service (IaaS) and storage capabilities
Make a recommendation for cloud computer use in the organization, including a justification for your recommendations.
Your paper should meet the following requirements:
• Be approximately four to six pages in length (1200-1800 words), not including the required cover page and reference page.
• Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.
Write a program to add two large integers (up to 300 digits each). One approach is to treat each number as a list, each of whose elements is a block of digits of that number. For example, the integer 179,534,672,198 might be stored with block[0] = 198, block[1] = 672, block[2]=534, block[3]=179. Then add the two lists element by element carrying from one element to the next as necessary. Query the user for two large integers and then add them using this method.
1) In your own words, describe the process of “validation” (per the text).
2) What are the concerns of evidence contamination? How can you protect against this issue?
3) What consent to search requirements would you have if you were asked to provide support in an investigation of a device? Please response with whatever would be necessary.
. No Plagiarism
· Should be 400 words without References.
REFER chapter-1 to 4
!!! NEED 2 ANSWERS FOR THIS QUESTION WITH 0% PLAGIARISM !!!!
Discussion Topic: Define and describe Service-Oriented Architecture (SOA). Compare and contrast a web page and a web service.
Paper Topic:
Write a paper on disaster recovery and business continuity. The following are the items to discuss in the paper:
Paper requirements:
