Posts in category: Uncategorized

Describe how you would build a PC. Identify the parts used to build the PC and their alignment to the PC’s primary use. Be specific with details for each component. What component would you invest in the most? Explain why.

ATTACHED IS THE COMPUTER THAT I’M BUILDING

Answer the following questions based on this scenario.

Problem: Write a program that reads 10 username and password values into parallel arrays. After the arrays have been loaded, the program should behave like a login screen, prompting for a username and a password. Based on the data read and stored in the arrays, the program should respond appropriately with one of three output messages: “Username not found.”, “Username and password does not match.” or “Access granted.”

Question 1: Would you write this program asking a user to enter the usernames and passwords or would you use a file that contains all the username and passwords as input?  Explain why you would choose one over the other.  

Question 2: Will your answer remain the same if the number of username and password values change to 40, and why?

NIST Cybersecurity Framework (CSF) has implementation Tiers to provide context on how an organization view cybersecurity risk and the processes in place to manage that risk.

Review the NIST Cybersecurity Framework (CSF) and answer the following questions 
Resource: NIST Cybersecurity Framework V1.1
https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf

Question 1: What are the Framework Core Functions

Question 2: What are the four Framework Implementation Tiers? 
And, Explain the following three categories for each Tier 
Risk Management Process
Integrated Risk Management Program 
External Participation

Question 3:  How do you implement NIST security controls?

Question 4: What are the five steps in NIST Cybersecurity Framework?
Resource: https://www.cybersaint.io/blog/nist-cybersecurity-framework-core-explained

Instruction in file

Publishing a policy and standards library depends on the communications tools available within an organization. Some organizations keep documents in Word format and publish them in PDF format. Other organizations use Governance, Risk, and Compliance (GRC), a class of software for supporting policy management and publication.

In addition to authoring documents, GRC software typically includes a comprehensive set of features and functionality, such as assessing the proper technical and nontechnical operation of controls, and mitigating/remediating areas where controls are lacking or not operating properly (governance).

Answer the following question(s):

1. 1. Why might an organization use the Word and PDF approach rather than GRC software, and vice versa?

Please use the proper citation and references.

 IT workers have many different relationships, including those with employers, clients, suppliers, other professionals, IT users, and the society at large, and that in each relationship, an ethical IT worker acts honestly and appropriately. IT workers must set an example and enforce policies regarding the ethical use of IT. IT workers are in a unique position because they have the skills and knowledge to abuse systems and data or to allow others to do so.

Discuss an ethical issue IT organizations face today. Have you been personally affected by an IT ethical issue? Provide examples

refer to the attached document in uploads

 Topic : From my organizational behavioral course . You can either do “Stress at work” or “Cultural Differences” both topics must include “on the job” experiences and information. I also have a link to my book if needed. I must have this to me at 5/22/2022 9 pm. 

Module 01 Content

1. For the first part of your project, you have been given a partial audit, performed by a NASA Blue Team. This audit was part of their Certification and Authorization (C&A) process to ensure Country Roads Space Systems (CRSS) has authorization to operate as a 3rd party entity to NASA and allowed to work with NASA assets. The C&A process includes a line-by-line review of all security controls identified within NIST 800-53b documentation, and their sub-sections. During the initial review process, NASA reviewed the existing security controls employed by CRSS and evaluated their compliance to the identified security controls. All items that were found to be non-compliant are documented for review, and a Plan of Action & Milestones (POAM) document was generated as a guideline to correct or evaluate any exemptions found in the initial C&A audit.

   CRSS_InitialPOAM.xlsx

   You will be responsible for reviewing the POAM and familiarizing yourself with the findings. However, you will only be responsible for auditing two security controls that are found to be non-compliant for the audit that you will perform during this course. Please be aware that once you choose your two specific security controls in this Module, you will continue to build on your analysis of these two controls throughout this course. Therefore, you should be take time to consider which controls you choose. In addition, for your two choices, you must choose:

   • One security control from the group of IA-2, IA-3 or IA-5. (NOTE: IA-5 is a common control that often requires remediation in actual security settings. Student who choose IA-5 will be presented with a challenge, but will also find greater documentation when researching remediation.)
   • One other security control from the group of AC-5, PE-13, RA-5.
   • For your Module One Project, start by taking the time to familiarize yourself with the POAM and understand how various systems are evaluated against a common set of compliance frameworks. Study the controls in the POAM and review them against NIST and COBIT frameworks for similar type of controls. In addition, review these security controls against the standards in ISO 27000.Take note on how security controls can be met in diverse ways and still meet overall compliance. With your review of these controls and standards complete, you should feel confident in picking two security control identified in the POAM listed as being compliant. As part you audit, you should also review the company’s network. Please review the CRSS Network Diagram.

     CRSS Network Diagram.pptx

     NOTE: The various frameworks are usually very similar, though differences exist relevant to their industry focus. ISO 27000 and COBIT are meant to focus on private sector compliance, while NIST is focused on public sector.

     You can review each framework at:
     NIST
     COBIT
     ISO 2700

     For this week, you will use the IA security control you chose and in a brief report address the following:

   • Explain the significance of this control and, in your own words, how it protects CRSS and NASA assets. Do you agree with the assessment of the vulnerability described in Column E “Weakness Description”?
   • Next, look up your IA security control in NIST and summarize the NIST standard for one of your controls.
   • Now find the similar standards in ISO27000 and COBIT. Once you find references to security controls that that are closest to the security controls you chose in ISO27000 and COBIT, write a brief explaining the similarities and/or differences between the three standards with regard to one of your security controls.
   • Highlight if you think NIST is the most appropriate set of regulations for CRSS, when compared to the other standards. Which do you this is the most appropriate standard?
   • Do you agree with how the control is remediated in Column K “Overall Remediation Plan”? If so, explain why. If not, please provide an alternative to the Overall Remediation Plan.
   • Submit your completed assignment by following the directions linked below. Please check the Course Calendar for specific due dates.

Can be implemented in C or C++

Thread 1: The player thread

While playing, the player thread reads one word from the file, prints it, then sleeps until the next word should be displayed, and so on. Each word should be displayed on a separate line of output. (Words are white-space-separated runs of characters.) At a rate of 1.0, the player should print one word per second. At a rate of -1.0, the player prints one word per second, but proceeding backwards through the file.

For this assignment, the player plays back text files, displaying one word per second at normal rate (1.0). 

The player accepts the following commands:

• LoadFile(const      char *filename) — Prepares the player to playback the file whose name is      passed in. Stops the player if currently playing.
• Stop() —      Stops the player if currently playing.
• Start() —      Starts the player if currently stopped.
• Rewind() —      Sets the position of the player to time 0.
• SeekTo(int      byteoffset) — Sets the position of the player to the closest word      boundary past the given byte offset from the start of the file.
• SetRate(float      rate) — Sets the playback rate: 1.0 is forward at normal speed, –
• 1.0 is      reverse, 0.5 is forward at 1/2 speed, etc.

The control threads

The control threads generate commands for the player thread. You can think of each control thread as corresponding to a separate remote control. There are two kinds of control threads. The first kind waits for keypresses, and issues commands to the player thread based on the key pressed:

• ‘ ‘ (blank)      — toggles the player’s mode between ‘playing’ and ‘stopped’
• ‘r’ —      rewinds the player
• ‘s’ —      prompts the user for a time, then seeks the player to that time
• ‘l’ —      prompts the user for a file, then loads the file into the player
• ‘t’ —      prompts the user for a rate, then uses it to set the player’s rate

Two other control thread are “autonomous” controllers, simulating another user issuing commands. One of the autonomous controllers periodically issues a Stop() command to the player, while the other autonomous controller thread issues a Start() command every so often. Each of these autonomous threads should sleep for a random time interval of between 5 and 30 seconds before issuing each command.

Your program should implement a function for each command (Start(), Stop(), etc.). These functions will be called by the control threads to control the player. Shared, global variables for the state, rate, position, etc. of the player thread are accessed by these routines, as well as the player thread routine.