SIK_DIK65

Outline the process that occurs when a hardware interrupt is generated by a disk controller. Set the context for the interrupt (disk read or write) and describe how an interrupt handler would address the event.

After your initial post, review the posts of several students and respond constructively to two of your peers’ posts. In your first response post, identify a student who presented an outline that aligns with your thinking and explain why you are in agreement. In your second response post, identify a student whose outline was different than yours and respectfully recommend at least one idea for them to consider that would enhance their approach.

 

References:

https://www.intel.com/content/www/us/en/support/products/55005/technologies/intel-rapid-storage-technology-intel-rst.html

https://www.youtube.com/watch?v=PP0iQs8qBNU

 

Project2

Today’s companies face many security challenges to their networks, and a company’s incident manager needs to be ready to respond to potential threats. Some of those threats can occur from the actions of well-intentioned employees who fail to follow security protocols, and others can arise from disgruntled workers who may be able to access accounts on personal devices long after leaving an organization.

Wireless devices and bring your own device (BYOD) computing in the workplace often increase productivity and convenience, but such ease of access to resources can be a significant threat to organizational security, and BYOD computing adds another layer of concern for the incident manager.

Remote management, such as tracking and data swipes, helps to locate devices containing company data and to eliminate any unauthorized viewing of that data. Authentication, access controls, and strong encryption are just some of the security measures that need to be part of a secure wireless network and mobile device management practices in the workplace. However, security will need to evolve in order to protect against employees who may have malicious intent. It will need to include behavior cues as well as effective countermeasures, as the need for greater employee availability drives more wireless computing and BYOD integration in the workplace.

For this project, you will take a close look at the variety of threats facing an incident manager as you develop a cybersecurity incident report (CIR) for management with an executive summary.

There are seven steps to complete the project. Each step will highlight the types of threats you will encounter. Most steps in this project should take no more than two hours to complete, and the project as a whole should take no more than two weeks. Begin with the workplace scenario and then continue to Step 1.

Step 1: Develop a Wireless and BYOD Security Plan

 

Since the company you work for has instituted a bring your own device (BYOD)  policy, security attitudes have been lax, and all sorts of devices, authorized and unauthorized, have been found connected to the company’s wireless infrastructure. In this first step, you will develop a wireless and BYOD security plan for the company.

Use the NIST Guidelines for Securing Wireless Local Area Networks (WLANs) Special Publication 800-153 to provide an executive summary to answer other security concerns related to BYOD and wireless. Within your cybersecurity incident report, discuss why the security of wireless access points is important. Provide answers to the threat of unauthorized equipment or rogue access points on the company wireless network and the methods to find other rogue access points. Describe how to detect rogue access points and how they can actually connect to the network. Describe how to identify authorized access points within your network.

Within your plan, include how the Cyber Kill Chain framework and approach could be used to improve the incident response times for networks.

Include this at the beginning of your CIR as the basis for all wireless- and BYOD-related problems within the network. Title the section “Wireless and BYOD Security Plan.”

Step 3: Develop a Continuous Improvement Plan

 

Now that you’ve completed the section on tracking suspicious behavior for your CIR, you are confronted with another situation in the workplace.

You receive a memo for continuous improvement to the wireless network of your company, and you are asked to provide a report on the company’s wireless network. You have been monitoring the activities on WPA2. Provide for your leadership a description of Wi-Fi protected access (WPA) networks and include the pros and cons of each type of wireless network with a focus on WPA2.

Since WPA2 uses encryption to provide secure communications, define the scheme for using pre shared keys for encryption. Is this FIPS 140-2 compliant, and if not, what is necessary to attain this? Include this for leadership. Include a list of other wireless protocols, such as Bluetooth, and provide a comparative analysis of four protocols including the pros, cons, and suitability for your company.

Include your responses as part of the CIR with the title “Continuous Improvement Plan.”

In the next step, you will look at yet another workplace scenario, and you will use that incident to show management how remote configuration management works.

Step 4: Develop Remote Configuration Management

 

You’ve completed the continuous improvement plan portion of the CIR. Now, it’s time to show how your company has implemented remote configuration management.

Start your incident report with a description of remote configuration management and how it is used in maintaining the security posture of your company’s network. Then, consider the following scenario:

An undocumented device is found on the company network. You have determined that the owner of the device should be removed from the network. Implement this and explain how you would remove the employee’s device. How would you show proof that the device was removed?

Include your responses as part of the CIR with the title “Remote Configuration Management.”

In the next step, you will illustrate how you investigate possible employee misconduct.

Step 5: Investigate Employee Misconduct

In this portion of your CIR report, you will show how you would investigate possible employee misconduct. You have been given a report that an employee has recorded log-ins during unofficial duty hours. The employee has set up access through an ad hoc wireless network. Provide a definition of ad hoc wireless networks and identify how such networks could contribute to the company infrastructure while also detailing the threats and vulnerabilities they bring. Use notional information or actual case data and discuss.

Address self-configuring dynamic networks on open access architecture and the threats and vulnerabilities associated with them, as well as the possible protections that should be implemented. From your position as an incident manager, how would you detect an employee connecting to a self-configuring network or an ad hoc network? Provide this information in the report. How would signal hiding be a countermeasure for wireless networks? What are the countermeasures for signal hiding? How is the service set identifier (SSID) used by cybersecurity professionals on wireless networks? Are these always broadcast, and if not, why not? How would you validate that the user is working outside of business hours?

Include your responses as part of the CIR with the title “Employee Misconduct.”

In the next step, you will use lab tools to analyze wireless traffic.

Step 6: Analyze Wireless Traffic

DON’T WORRY ABOUT IT

 

 

Step 7: Prepare and Submit the Cybersecurity Incident Report and Executive Summary

You’ve completed all of the individual steps for your cybersecurity incident report. It’s time to combine the reports you completed in the previous steps into a single CIR.

The assignments for this project are as follows:

  • Cybersecurity Incident Report (CIR): Your report should be a minimum 14-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
  • Executive summary: This is a one-page summary at the beginning of your CIR.
  • Lab report: A document sharing your lab experience and providing screenshots to demonstrate that you performed the lab. Attach it to the CIR as an artifact.

Submit both documents to the assignment folder after reading the instructions below

 

SYS_TSK5

Overview

This assignment will prepare you for the memory management assessment elements of your final project.

Prompt

Identify a graphical or command line utility that displays the allocation of virtual memory on your workstation. For example, memory_pressure provides information about the state of memory pages on OS X. The command or utility you choose must be part of the standard operating system’s distribution. Do not use third-party utilities.

Make sure to include the following in your journal assignment:

  1. State your chosen operating system.
  2. State your chosen command or utility. This command or utility should display the allocation of virtual memory on your workstation and needs to be a part of the standard operating system’s distribution.
  3. Report on your findings from the execution of the command. Talk about how the findings from the execution of the command provides insight into how the command displays physical and virtual memory.

What to Submit

Submit assignment as a Word document with double spacing, 12-point Times New Roman font, and one-inch margins.

 

References:

https://developer.ibm.com/components/aix/

https://www.esrf.fr/computing/scientific/FIT2D/FIT2D_REF/node252.html

 

 

Data Science Python

Project

100 points + 10 bonus points

Note: This is an individual assignment. Each student MUST complete the work on his/her own.

Any code sharing/plagiarism is not tolerated.

Overview

This project consists of three tasks. The goal is to apply what we have learned to solve real problems in Data Science and Machine Learning. Glance at “What to Submit” when you start working on a task so that you know what information to provide from each task.

Submission Example

csci333-project-XX

csci333-project-XX.doc Task1XX.py task2XX.py task3XX.py README.txt

What to Submit

  1. One doc file “csci333-project-XX.doc” including the text source code and screenshots of the outputs of all programs. Please replace XX with your first name and last name. You can copy/paste the text source code from Pycharm or other IDEs into the doc file. Hopefully, based on the screen snapshots of the output, you can show that your programs passed tests and were well.
  2. Python files for all programs. In well-defined programs, proper comments are required. For programs without comments, they will be deducted greatly in grade.

Task 1 (20 points): (Class) Write a class named Pet , which should have the following data attributes:

  • name (for the name of a pet)
  • animal type (for the type of animal that a pet is. Example values are ‘Dog’, ‘Cat’, and

‘Bird’)

  • age (for the pet’s age)

The Pet class should have an init method that creates these attributes. It should also have the following methods:

  • set name – This method assigns a value to the name field.
  • set animal type – This method assigns a value to the animal type field.
  • set age – This method assigns a value to the age field.
  • get name – This method returns the value of the  name field.
  • get animal type – This method returns the value of the animal type field.
  • get age – This method returns the value of the age field.

Once you have written the class, write a program that creates an object of the class and prompts the user to enter the name, type, and age of his or her pet. This data should be stored as the object’s attributes. Use the object’s accessor methods to retrieve the pet’s name, type, and age and display this data on the screen.

Grading Rubric

  • 10 points for defining the class and all functions.
  • 5 points for a runnable python program with correct testing and display
  • 5 points for appropriate comments and screenshots of the output of this program

Task 2(30 points): (Intro to Data Science: Pandas-dataframes) Write a program that does the following tasks with pandas DataFrames:

  • Create a DataFrame named temperatures from a dictionary of three temperature readings each for three people ’Maxine’, ’James’ and ’Amanda’.
  • Recreate the DataFrame temperatures in Part (a) with custom indices using the index keyword argument and a list containing ’Morning’, ’Afternoon’ and ’Evening’.
  • Select from temperatures the column of temperature readings for ’Maxine’.
  • Select from temperatures the row of ’Morning’ temperature readings.
  • Select from temperatures the rows for ’Morning’ and ’Evening’ temperature readings.
  • Select from temperatures the columns of temperature readings for ’Amanda’ and ’Maxine’.
  • Select from temperatures the elements for ’Amanda’ and ’Maxine’ in the ’Morning’ and

’Afternoon’.

  • Use the describe() method to produce temperatures’ descriptive statistics.
  • Transpose temperatures (One example can be found at https://www.geeksforgeeks.org/pythonpandas-dataframe-transpose/).
  • Sort temperatures so that its column names are in alphabetical order.

Grading Rubric

  • 10 points for defining functions.
  • 5 points for finishing Task2(a)-(j).
  • 5 points for appropriate comments and necessary screenshots of the program.
  • 10 points for a runnable python program with correct data visualization.

Task 3 (50 points): (Classification with k-Nearest Neighbors and the Digits Dataset) Read the python program “CaseStudyDemo.py” to learn the algorithm of k-Nearest Neighbors with the Digits dataset for recognizing handwritten digits.

Re-write the python program by doing the following subtasks:

  • Write code to display the two-dimensional array representing the sample image at index 35 and numeric value of the digit the image represents.
  • Write code to display the image for the sample image at index 35 of the Digits dataset.
  • For the Digits dataset, what numbers of samples would the following statement reserve fortraining and testing purposes?
Xtrain, X test, ytrain, y test =

traintestsplit(digits.data, digits.target, randomstate=11, testsize=0.70)

1

2

  • Write code to get and display the number of training examples and the number of testingexamples.
  • Rewrite the list comprehension using a for loop. Hint: create an empty list and then usethe built-in function “append”.
#

wrong = [(p, e) for (p, e) in zip(predicted, expected) if p != e]

1

2

  • Explain row 3 of the confusion matrix presented in the example we have studied in the“Intro-to-MachineLearning-Part-II.mp4”:
[ 0, 1, 130, 0, 0, 0, 0, 1, 6, 0]

1

Grading Rubric

  • 15 points for finishing Task3(a)-(f).
  • 5 points for appropriate comments.
  • 20 points for a runnable rewritten python program 10 points for screen-shots of the program.

Challenges in This Project

  1. For 10% extra credit, you are welcome to explore the design of each task. Note: You still have to finish all tasks required by this project.
  2. You should configure your machine and PyCharm properly to facilitate the project development.

Reference: [1] Computer Science. https://en.wikipedia.org/wiki/Computer science

—————x———— Good Luck ————x————–

INTRODUCTION TO CYBERSECURTY

This week there are three requirements.

  1. 1. Mr. Scott would like for you to apply what you have learned about perimeters on the physical building to a single computer.
  2. 2. Zero Trust Architecture (ZTA)
  3. 3. Using the NICE challenge framework, complete a new challenge.

Week 4 discussion topic

  1. 1. Read/Review Security in the Digital World Chapter 1-11Links to an external site.  (This is more a starting point for those that might not have a lot of IT/Computer experience, This is certainly not an assignment to read all 11 chapters.  Not all of this material will apply.)
  2. 2. Review Defense in Depth concepts Download Defense in Depth concepts
  3. 3. Review the NICE challenges student guide found here: https://docs.google.com/document/d/108gn4WCV5IhNHueZfhcTKfUPdXbm3cYUtkQKH7NPCQw/edit?usp=sharingLinks to an external site.
  4. 4. Optional networking basics refresher: https://www.geeksforgeeks.org/basics-computer-networking/Links to an external site.

Assignment Part 1:

How would we define the perimeters (outer, inner, and interior)  of a computer as we did with the Tech worx building?

Define and justify the perimeters of a computer you have chosen.

What technology, software, or hardware exists that could protect each perimeter?  No more than two examples per perimeter.  In other words, I do not want a list of 10 examples.  Explain your choices.

computer.png

Assignment Part 2:  Mr. Scott attended a meeting about a new concept called Zero Trust.  Please provide a short summary of this

Read

Key terms to consider

Multi-Factor authentication (MFA)

Least Privilege Access

Segmentation

Assignment Part 3:  Play with and familiarize yourself with the NICE challenges.   I will discuss this during the live session.  There are three times that you are available for you to complete this week’s challenge. (M-T, Wed-Thurs Fri-SAT).   You only need to solve the nice challenge one time.

  • Dangerous Drives

Please do include any solutions in the public discussion but include a screenshot of the green checks.    The Technical Tutorial challenge is also available if you did not complete that in week 2.

Grading Late Submission (attached)

DATABASE SYSTEM DESIGN AND MANAGEMENT

Assignment 4: ERD
Use the following business rules to create a Crow’s Foot ERD. Write all appropriate connectivity and
cardinalities in the ERD.
 A department employs many employees, but each employee is employed by only one
department.
 Some employees, known as “rovers,” are not assigned to any department.
 A division operates many departments, but each department is operated by only one division.
 An employee may be assigned many projects, and a project may have many employees
assigned to it.
 A project must have at least one employee assigned to it.
 One of the employees manages each department, and each department is managed by only
one employee.
 One of the employees runs each division, and each division is run by only one employee.

SYS_TSK5

Overview

This assignment will prepare you for the memory management assessment elements of your final project.

Prompt

Identify a graphical or command line utility that displays the allocation of virtual memory on your workstation. For example, memory _pressure provides information about the state of memory pages on OS X. The command or utility you choose must be part of the standard operating system’s distribution. Do not use third-party utilities.

Make sure to include the following in your journal assignment:

  1. State your chosen operating system.
  2. State your chosen command or utility. This command or utility should display the allocation of virtual memory on your workstation and needs to be a part of the standard operating system’s distribution.
  3. Report on your findings from the execution of the command. Talk about how the findings from the execution of the command provides insight into how the command displays physical and virtual memory.

What to Submit

Submit assignment as a Word document with double spacing, 12-point Times New Roman font, and one-inch margins.

 

References:

https://developer.ibm.com/components/aix/

https://www.esrf.fr/computing/scientific/FIT2D/FIT2D_REF/node252.html

 

 

Computer Science Assignment

Purpose

Risk management is an important process for all organizations. This is particularly true in information systems, which provides critical support for organizational missions. The heart of risk management is a formal risk management plan. This project allows you to fulfill the role of an employee participating in the risk management process in a specific business situation.

Learning Objectives and Outcomes

You will gain an overall understanding of risk management, its importance, and critical processes required when developing a formal risk management plan for an organization.

Required Source Information and Tools

Web References: Links to web references in this document and related materials are subject to change without prior notice. These links were last verified on October 8, 2020.

The following tools and resources will be needed to complete this project:

  • Course textbook
  • Internet access
  • Suggested resources:

o    NIST RMF: https://www.nist.gov/system/files/documents/2018/03/28/vickie_nist_risk_management_framework_overview-hpc.pdf

o    NIST risk assessment guidance: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf

o    NIST contingency planning guidance: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-34r1.pdf

o    Business Impact Analysis, https://www.ready.gov/business-impact-analysis

o    Business Continuity Plan (Ready.gov): https://www.ready.gov/business-continuity-plan

 

Scenario

You are an IT security intern working for Health Network, Inc. (Health Network), a fictitious health services organization headquartered in Minneapolis, Minnesota. Health Network has over 600 employees throughout the organization and generates $500 million USD in annual revenue. The company has two additional locations in Portland, Oregon and Arlington, Virginia, which support a mix of corporate operations. Each corporate facility is located near a co-location data center, where production systems are located and managed by third-party data center hosting vendors.

Company Products

Health Network has three main products: HNetExchange, HNetPay, and HNetConnect.

HNetExchange is the primary source of revenue for the company. This service handles secure electronic medical messages that originate from its customers, such as large hospitals, which are then routed to receiving customers such as clinics.

HNetPay is a web portal used by many of the company’s HNetExchange customers to support the management of secure payments and billing. The HNetPay web portal, hosted at Health Network production sites, accepts various forms of payments and interacts with credit-card processing organizations.

HNetConnect is an online directory that lists doctors, clinics, and other medical facilities to allow Health Network customers to find the right type of care at the right locations. It contains doctors’ personal information, work addresses, medical certifications, and types of services that the doctors and clinics offer. Doctors are given credentials and can update the information in their profile.

Health Network customers, which are the hospitals and clinics, connect to all three of the company’s products using HTTPS connections. Doctors and potential patients can make payments and update their profiles using Internet-accessible HTTPS websites.

Information Technology Infrastructure Overview

Health Network operates in three production data centers that provide high availability across the company’s products. The data centers host about 1,000 production servers, and Health Network maintains 650 corporate laptops and company-issued mobile devices for its employees.

Threats Identified

Upon review of the current risk management plan, the following threats were identified:

  • Loss of company data due to hardware being removed from production systems
  • Loss of company information on lost or stolen company-owned assets, such as mobile devices and laptops
  • Loss of customers due to production outages caused by various events, such as natural disasters, change management, unstable software, and so on
  • Internet threats due to company products being accessible on the Internet
  • Insider threats
  • Changes in regulatory landscape that may impact operations

Management Request

Senior management at Health Network has determined that the existing risk management plan for the organization is out of date and a new risk management plan must be developed. Because of the importance of risk management to the organization, senior management is committed to and supportive of the project to develop a new plan. You have been assigned to develop this new plan.

Additional threats other than those described previously may be discovered when re-evaluating the current threat landscape during the risk assessment phase.

The budget for this project has not been defined due to senior management’s desire to react to any and all material risks that are identified within the new plan. Given the company’s annual revenue, reasonable expectations can be determined.

 

Deliverables

This project is divided into several parts, each with a deliverable. The first four parts are drafts. These documents should resemble business reports in that they are organized by headings, include source citations (if any), be readable, and be free from typos and grammatical errors. However, they are not final, polished reports.

 

Project Part 4: Business Impact Analysis (BIA) and Business Continuity Plan (BCP)

Senior management at Health Networkhas decided they want a business impact analysis (BIA) that examines the company’s data center and a business continuity plan (BCP). Because of the importance of risk management to the organization, management has allocated all funds for both efforts. Your team has their full support, as well as permission to contact any of them directly for participation or inclusion in the BIA or BCP.

Winter storms on the East Coast have affected the ability of Health Network employees to reach the Arlington offices in a safe and timely manner. However, no BCP plan currently exists to address corporate operations. The Arlington office is the primary location for business units, such as Finance, Legal, and Customer Support. Some of the corporate systems, such as the payroll and accounting applications, are located only in the corporate offices. Each corporate location is able to access the other two, and remote virtual private network (VPN) exist between each production data center and the corporate locations.

The corporate systems are not currently being backed up and should be addressed in the new plan. The BCP should also include some details regarding how the BCP will be tested.

For this part of the project:

  1. Research BIAs and BCPs.
  2. Develop a draft BIA plan for the Health Network that focuses on the data center. The BIA should identify:
    1. Critical business functions
    2. Critical resources
    3. Maximum acceptable outage (MAO) and impact
    4. Recovery point objective (RPO) and recovery time objective (RTO)
  3. Develop a draft BCP that could recover business operations while efforts are ongoing to restart pervious operations. You may use or repurpose a BCP template you find online. Include a description of how you would test the plan.

Submission Requirements

  • Format: Microsoft Word (or compatible)
  • Font: Arial, size 12, double-space
  • Citation style: Your school’s preferred style guide
  • Estimated length: 6–10 pages

Self-Assessment Checklist

  • I created a basic BIA that focuses on the data center.
  • I identified critical business functions, critical resources, and the MAO, RPO, and RTOfor the BIA.
  • I created a basic BCP for the given scenario that includes a description of how to test the plan.
  • I created a professional, well-developed draft report with proper documentation, grammar, spelling, and punctuation.
  • I included citations for all sources used in the report.

I followed the submission guidelines.

SYST _Diskfiv

Shared memory pages are an example of a topic where a picture is worth a thousand words. Find at least one illustration in Google Images by entering the search key “shared memory pages” in the search box. Be sure to enter it in the search box with quotes so the entire phrase is interpreted by the search engine as a single string.

Using an illustration you find, make that picture the focus of your post. Create a Discussion Topic post that outlines the function of shared memory pages. Go into detail about the proper operation of shared memory pages as described by the course textbook. If you find an illustration that does not agree with the course textbook, be sure to use it and make any inconsistencies the focus of your post.

It is very important that you properly attribute the image by listing the original author(s) of the illustration you find. Go to Citing Your Sources Guide(https://libguides.snhu.edu/citation to find instructions and examples of using proper attribution.

After your initial post, respond constructively to two of your peers’ posts after comparing your initial post to their initial posts. Justify your suggestions for the addition or revision of any of the benefits and drawbacks of using shared pages.

Comment on the accuracy of their specification of the conditions under which the practice provides performance benefits, as well as the specific instances when efficiency is negatively impacted.

References:

https://developer.ibm.com/components/aix/

https://www.esrf.fr/computing/scientific/FIT2D/FIT2D_REF/node252.html

 

 

Scenario

Scenario

You are a member of the Just Ducky network security team. Your company is considering expanding their wireless network and connecting their two buildings. Also, you need to provide wireless access to employees and visitors in the outside areas. Review the attached map for reference. You have been tasked to research the following elements to help in the design project.

Radio Frequency Characteristics

  • Amplitude
  • Wavelength
  • Frequency
  • Phase

Radio Frequency Behaviors

  • Absorption
  • Reflection
  • Scattering
  • Refraction
  • Diffraction
  • Loss (attenuation)
  • Free Space Path Loss

In your opinion, what technology/tools could the company implement to prevent unauthorized access to the network and still provide wireless access to employees and clients in the common outside areas?

Provide definitions, examples, and graphics of the above concepts.

Your paper must be submitted using APA format. (Please refer to the attached APA guide and example):

  • At least two pages (not counting front page or references)
  • Font: Times New Roman
  • Size: 11
  • Double-spaced
  • 1 in margins

Also, please refer to the grading criteria in this rubric prior to submitting your assignment.