Category: Computer Science Homework Help

I’m trying to learn for my Cyber Security class and I’m stuck. Can you help?

Develop a secure network architecture diagram between two sites. Your diagram must be in PowerPoint slide presentation. Your diagram needs to show how data will be transmitted, processed, and stored securely between the two sites. This diagram should be a representation of your enterprise architecture. In other words, if you were to have 600 remote locations, this diagram would reflect how all locations are configured and connected, so that at a glance, you would know if you had a vulnerability, you would know exactly where it was, and how many resources and time it would take to mitigate the risk.

Minimum requirements for your network diagram is a one page architecture design reflecting your dedicated circuits, VPNs, and the placement of your security devices, e.g. firewalls, Intrusion Detection Systems, along with your encryption solution. Your architecture should have as a minimum, a file server, email server, database server, and web-server. It needs to reflect its routers and switches as well.

Note – Please remember, it can only be a one page diagram. To have more than one page will cost points. It depends on number of slides it takes to explain/present the diagram.

I’m working on a computer science discussion question and need an explanation to help me learn.

The article on IRB this week discusses broad consent under the revised Common Rule. When you are doing any sort of research you are going to need to have your research plan approved by the University’s institutional review board or IRB. If you have never heard of this term before, please take a look online and find a brief summary of what it is about, before you read the article.

Please answer the following questions in your main post:

• What are the main issues that the article addresses?
• What is the Common Rule?
• How is this issue related to information systems and digital privacy?

Please make your initial post and two response posts substantive. A substantive post will do at least two of the following:

• Ask an interesting, thoughtful question pertaining to the topic
• Answer a question (in detail) posted by another student or the instructor
• Provide extensive additional information on the topic
• Explain, define, or analyze the topic in detail
• Share an applicable personal experience
• Provide an outside source (for example, an article from the UC Library) that applies to the topic, along with additional information about the topic or the source (please cite properly in APA)
• Make an argument concerning the topic.
• References:
• IT Governance and IT Risk Management Practices”Vincent, N. E., Higgs, J. L., & Pinsker, R. E. (2017). IT Governance and the Maturity of IT Risk Management Practices. Journal of Information Systems, 31(1), 59–77. https://doi.org/10.2308/isys-51365
• Etges, A. P. B. da S., Grenon, V., Lu, M., Cardoso, R. B., de Souza, J. S., Kliemann Neto, F. J., & Felix, E. A. (2018). Development of an enterprise risk inventory for healthcare. BMC Health Services Research, 18(1), N.PAG. https://doi.org/10.1186/s12913-018-3400-7

After reading the required articles this week, please write a research paper that answers the following questions:

• What are mobile forensics and do you believe that they are different from computer forensics?
• What is the percentage of attacks on networks that come from mobile devices?
• What are challenges to mobile forensics?
• What are some mobile forensic tools?
• Should the analysis be different on iOS vs Android?

References:

• Montasari, R., & Hill, R. (2019). Next-Generation Digital Forensics: Challenges and Future Paradigms. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3), Global Security, Safety and Sustainability (ICGS3), 205. https://doi.org/10.1109/ICGS3.2019.8688020Sahinoglu, M., Stockton, S., Barclay, R. M., & Morton, S. (2016). Metrics Based Risk Assessment and Management of Digital Forensics. Defense Acquisition Research Journal: A Publication of the Defense Acquisition University, 23(2), 152–177. https://doi.org/10.22594/dau.16-748.23.02Nnoli, H. Lindskog, D, Zavarsky, P., Aghili, S., & Ruhl, R. (2012). The Governance of Corporate Forensics Using COBIT, NIST and Increased Automated Forensic Approaches, 2012 International Conference on Privacy, Security, Risk and Trust and 2012 International Conference on Social Computing, Amsterdam, 734-741.

• Assume that you are the network administrator for Online Goodies, an Internet-based company that provides custom promotional gifts, such as T-shirts, mugs, computer accessories, and office décor items to its corporate customers. Online Goodies is an e-commerce site that receives most of its income from online credit card purchases. Repeat customers receive discounts based on the amount of their total annual purchases.
• In your Lab Report file, create a test plan that conforms to the OWASP standards and includes the following elements. You will be responsible for determining what to document in this report based on what you learned in your research.
  • Executive Summary
  • Table of Contents
  • Overview of the tests you would perform
  • Rationale for including each test

PART 1 

Specifically, the following critical elements must be addressed:

I. Project Proposal: The project proposal should contain enough detail so that relevant stakeholders (who will vary, depending on your topic of interest) can

determine if the proposed solution is feasible and will address the needs or gaps in the current operating environment.

A. Problem Statement: Craft a clear, accurate problem statement that highlights the information technology-related aspects of the challenges that

you are facing.

B. Significance: Analyze the significance of this problem and what a solution could mean to you, the company or group, and the discipline or area

of interest within information technology. In other words, describe the significance that this project has to your discipline or area of interest

within information technology and your development as a practitioner. This will be your chance to sell this project idea, so that it is exciting for

your imaginary stakeholder audience, and also for your real-world instructor, peers, and potential employers.

C. Objectives: Describe the scope, goals, and objectives of your project. If you are addressing only a part of the overarching problem, state this in

this section. Make sure that your objectives are reasonable (i.e., could be accomplished without exorbitant resource usage, an irrational

timeline, etc.).

D. Deliverables: Propose your overall solution, highlighting the key deliverables that you will create to solve the problem or challenge the

statement.

E. Methodology: Establish the methodology and techniques that you intend to use throughout the design phase of your project, with support as to

how each is appropriate for the situation.

F. Risks: Analyze the problem and your own solution proposal to highlight any risks that may prevent successful completion of your solution

design. Include risks that result from the project not fulfilling the objective to solve the information technology problem. In other words, what

risks are present and how would they impact the potential for a successful information technology solution?

Prompt II: Project Plan and System Design

Your project plan and system design will be submitted together in Module Seven, and should communicate a problem to be solved by your proposed

information technology solution. These deliverables will be used to direct the implementation effort in your next course, IT 420.

Specifically, the following critical elements must be addressed:

I. Project Plan: The project plan will be drafted early in the course but further refined as you develop the system design. This way, the work breakdown

structure and tasks identified in the design in need of development are added to the project plan.

A. Work Breakdown Structure: Clearly communicate a logical work breakdown structure for stakeholders to ensure successful completion of the

project. Identify all tasks and artifacts to be developed.

B. Timeline: Illustrate the overall project timeline, identifying start and finish dates, major milestones, and any other relevant data points during

the design and implementation of the project/solution. (Implementation should happen in IT 420, the implementation course.)

C. Dependencies: Clearly communicate any dependencies between tasks or resources for ensuring successful communication of needs.

D. Use of Tools: Professionally document project plan using Microsoft Project or Excel. 

II. System Design Document: Although you will individually develop your recommended information technology project, the project design should contain

enough detail to support another skilled information technology practitioner in implementing the solution. Determine a reasonable scope for your project

so that it can be implemented within the timeframe of the IT 420 course. The following sections should be included:

A. Introduction: Articulate the overall purpose and scope of the system design in terms of addressing the problem or challenges identified in your

proposal.

B. Requirements: Determine all relevant and necessary system requirements based on analysis of the problem faced. The requirements should be

written as “system shall” statements that are testable and include functional, design, security, safety, and performance requirements.

C. Constraints: Determine the constraints of the system design and any assumptions made in terms of the problem being solved.

D. Resources: Identify necessary resources—hardware, software, servers, virtual desktop resources, and so on—that are required to complete the

project, based on analysis of the problem being solved.

E. System Overview: Describe the overall design in terms of the integration of tools and technology for successfully constructing your solution. In

this section, you should describe the high-level design and architecture, making sure that details are congruent with the type of project you are

working on. For example, use of case and class diagrams would need to be included if your project focused on a software application, website

wireframe, screen mock-ups for a web application, and so on.

F. Documented Detailed Design: Your detailed design should illustrate and annotate all important details to be developed of the system and its

components, interfaces, subsystems, and more. It further breaks down the high-level design into small enough chunks to be properly

implemented. The detailed design should align with the work breakdown structure in the product plan. The detailed design should inform the

tasks identified and included in the project plan.

PART 2:

Specifically, the following critical elements must be addressed: I. Project Plan: The project plan will be drafted early in the course but further refined as you develop the system design. This way, the work breakdown structure and tasks identified in the design in need of development are added to the project plan. A. Work Breakdown Structure: Clearly communicate a logical work breakdown structure for stakeholders to ensure successful completion of the project. Identify all tasks and artifacts to be developed. B. Timeline: Illustrate the overall project timeline, identifying start and finish dates, major milestones, and any other relevant data points during the design and implementation of the project/solution. (Implementation should happen in IT 420, the implementation course.) C. Dependencies: Clearly communicate any dependencies between tasks or resources for ensuring successful communication of needs. D. Use of Tools: Professionally document project plan using Microsoft Project or Excel.  II. System Design Document: Although you will individually develop your recommended information technology project, the project design should contain enough detail to support another skilled information technology practitioner in implementing the solution. Determine a reasonable scope for your project so that it can be implemented within the timeframe of the IT 420 course. The following sections should be included: A. Introduction: Articulate the overall purpose and scope of the system design in terms of addressing the problem or challenges identified in your proposal. B. Requirements: Determine all relevant and necessary system requirements based on analysis of the problem faced. The requirements should be written as “system shall” statements that are testable and include functional, design, security, safety, and performance requirements. C. Constraints: Determine the constraints of the system design and any assumptions made in terms of the problem being solved. D. Resources: Identify necessary resources—hardware, software, servers, virtual desktop resources, and so on—that are required to complete the project, based on analysis of the problem being solved. E. System Overview: Describe the overall design in terms of the integration of tools and technology for successfully constructing your solution. In this section, you should describe the high-level design and architecture, making sure that details are congruent with the type of project you are working on. For example, use of case and class diagrams would need to be included if your project focused on a software application, website wireframe, screen mock-ups for a web application, and so on. F. Documented Detailed Design: Your detailed design should illustrate and annotate all important details to be developed of the system and its components, interfaces, subsystems, and more. It further breaks down the high-level design into small enough chunks to be properly implemented. The detailed design should align with the work breakdown structure in the product plan. The detailed design should inform the tasks identified and included in the project plan.

Project 4-The Cybersecurity Threat Landscape Assignment

Scenario

“Thanks to all of your efforts, we have significantly increased our reach, accessibility, and presence on the web,” says Eliza, your CTO.

“But,” she adds, “this also increases the chance that our company will be a target for hackers and online attacks. If we are going to move forward, we need to anticipate those problems before they happen. In particular, we are especially worried about advanced persistent threats (APTs). I’m looking for as many ways to ward these off as possible, so I’m setting up teams to assess how APTs have operated, what they will look like in the near future, and what countermeasures we can implement against them.”

“I want this on my desk in two weeks.”

The Cybersecurity Threat Landscape Team Assignment Instructions

Advanced persistent threats (APTs) have been thrust into the spotlight due to their advanced tactics, techniques, procedures, and tools. These APTs are resourced unlike other types of cyber threat actors.

Your chief technology officer (CTO) has formed teams to each develop a detailed analysis and presentation of a specific APT (Attached see APT32), which she will assign to the team.

Your team’s report should use the Cybersecurity Threat Landscape Team Assignment Template (Attached) to cover the following six areas:

Part 1: Threat Landscape Analysis

• Provide a detailed analysis of the threat landscape today.
• What has changed in the past few years?
• Describe common tactics, techniques, and procedures to include threat actor types.
• What are the exploit vectors and vulnerabilities threat actors are predicted to take advantage of?

Part 2: APT Analysis

• Provide a detailed analysis and description of the APT your group was assigned. Describe the specific tactics used to gain access to the target(s).
• Describe the tools used. Describe what the objective of the APT was/is. Was it successful?

Part 3: Cybersecurity Tools, Tactics, and Procedures

• Describe current hardware- and software-based cybersecurity tools, tactics, and procedures.
• Consider the hardware and software solutions deployed today in the context of defense-in-depth.
• Elaborate on why these devices are not successful against the APTs.

Part 4: Machine Learning and Data Analytics

• Describe the concepts of machine learning and data analytics and how applying them to cybersecurity will evolve the field.
• Are there companies providing innovative defensive cybersecurity measures based on these technologies? If so, what are they? Would you recommend any of these to the CTO?

Part 5: Using Machine Learning and Data Analytics to Prevent APT

• Describe how machine learning and data analytics could have detected and/or prevented the APT you analyzed had the victim organization deployed these technologies at the time of the event. Be specific.

Part 6: Ethics in Cybersecurity. Ethical issues are at the core of what we do as cybersecurity professionals. Think of the example of a cyber defender working in a hospital. They are charged with securing the network, medical devices, and protecting sensitive personal health information from unauthorized disclosure. They are not only protecting patient privacy but their health and perhaps even their lives. Confidentiality, Integrity, Availability – the C-I-A triad – and many other cybersecurity practices are increasingly at play in protecting citizens in all walks of life and in all sectors. Thus, acting in an ethical manner, is one of the hallmarks of a cybersecurity professional.

• Do you think the vulnerability(ies) exploited by the APT consitute an ethical failure by the defender? Why or why not?
• For the APT scenario your group studied, were there identifiable harms to privacy or property? How are these harms linked to C-I-A? If not, what ethically significant harms could result from the scenario your group researched?
• For the APT scenario your group studied, when the targeted organization idenitified in the breach were they transparent in their disclosure? Do you feel the organization acted ethically?

Notes

• Use additional sources of information but also describe the concept in layman’s terms.
• Use visuals where appropriate.
• While quality is valued over quantity, it is expected that a quality paper will result in a minimum length of 10–15 pages.
• You will be assigned an individual grade for this assignment based on your contribution to the overall project.
• We will be using APA 7th Edition for the NRP.

The following evaluation criteria aligned to the competencies will be used to grade your assignment:

1.1.3: Present ideas in a clear, logical order appropriate to the task.

2.1.3: Explain the significance of the issue or problem.

4.1.1: Establish a collaborative approach for working together as a team.

4.2.4: Prepare a finished teamwork product.

10.1.1: Identify the problem to be solved.

12.6.1: Identify the controls needed for confidentiality.

12.6.2: Identify the controls needed for integrity.

12.6.3: Identify the controls needed for availability.

12.7.2: Explain the process of analyzing IT incidents.

14.1.1: Explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.

I’m working on a Computer Science question and need guidance to help me study.

Business intelligence is important in modern business. It is common knowledge that in today’s business environment, organizations must continually strive to achieve a competitive advantage. Likewise, they are reliant on large amounts of data to make their business decisions.

Using an organization of your choice:

• Explain the key way(s) in which your organization/agency uses business intelligence to gain a competitive advantage.
• Next, speculate on the technological limitations regarding data, software, and hardware that you believe might challenge your chosen organization/agency in the future.
• Discuss the role of databases and database management systems in the context of enterprise systems. Also, include a discussion on the components of the DBMS 

Many organizations use password-based authentication to authenticate their users. Passwords that do not meet criteria can be placed in a vulnerable state. Hackers can use password crackers to guess the passwords and infiltrate systems.

Go to Basic Search: Strayer University Online Library to locate and integrate at least two quality, academic resources (in addition to your textbook) on risks associated with password-based authentication. You may also use government websites, such as Cybersecurity from the National Institute of Standards and Technology.

Please respond to the following in a post of at least 200 words:

• Describe the methods organizations use to address the      risks associated with password-based authentication.
• Recommend two methods you believe are the most      effective in addressing these risks.
  • Be sure to justify your recommendations.

Cybersecurity is critical to protecting an organization’s infrastructure. Even within the cybersecurity field, several people may be responsible for ensuring an organization’s infrastructure is protected.

Go to Basic Search: Strayer University Online Library to locate and integrate at least two quality, academic resources (in addition to your textbook) on how to apply change management principles to infrastructure protection. You may also use government websites, such as Cybersecurity from the National Institute of Standards and Technology.

Please respond to the following in a post of at least 200 words:

• Explain the purpose of change management and how it      applies to infrastructure protection.
• Describe the methods organizations use to determine      whether changes have been made to the infrastructure.
• Outline the process to be followed prior to integrating      any changes into a production environment.

Data representation and interactivity are important aspects of data visualization.  Review the text by Kirk (2019) and note at least three storytelling techniques.  Note the importance of each and the advantages of using these techniques.