Category: Computer Science homework help

What is a zero-day attack in relation to cybersecurity? What processes are in place to facilitate zero-day patching on Windows systems? What issues can arise from emergency patching of enterprise systems? What advantages are there?

Submit a draft of your research of DOD-specific requirements for an organization’s IT infrastructure and U.S. compliance laws that may affect the firm.

 Instructions
You will be required to write one term paper this semester. The specifications are as follows: 
You must write a 4-6 page term paper on a topic of your choice related to Cyber Security (ALL TOPICS MUST BE APPROVED).   Please write the term paper in a Word document and then upload it for grading.
Your term paper outline is due at the end of Week 2.
Your term paper is due at the end of Week 8.
In addition to the 4-6 pages of the paper itself, you must include a title page and a reference page.
Your title page must include the title of your paper, the date, the name of the course, your name, and your instructor’s name.
Your reference page must be written in APA citation style, Arial or Time New Roman styles, 12-point font.
Page margins Top, Bottom, Left Side, and Right Side = 1 inch, with reasonable accommodation being made for special situations.
Your paper must be in your own words, representing original work. Paraphrases of others’ work must include attributions to the authors. Limit quotations to an average of no more than 3-5 lines, and use quotations sparingly. It is always better to write the information in your own words than to directly quote.
Papers will automatically be submitted to www.turnitin.com for review. PAPERS WITH AN ORIGINALITY REPORT FROM TURNITIN OVER 15% OR OVER 2% FROM A SINGLE SOURCE WILL RESULT IN A SIGNIFICANT POINT REDUCTION.
PER THE STUDENT HANDBOOK, YOU CANNOT SUBMIT A PAPER THAT HAS BEEN SUBMITTED IN ANOTHER COURSE.

  
You work as a junior security analyst for a governmental organization with Department of Defense (DoD) ties. Your manager has asked you to:
§ Identify and explain three business considerations relating to security policy frameworks
§ Describe the factors relating to them, especially for a DoD-focused organization
Your organization’s long-term strategic goal is to make DoD its primary focus of business. In doing so, your organization will be faced with a different set of business considerations—that is, DoD contracts, their security level requirements, and their time constraints.
For this assignment:
1. Research security policy frameworks appropriate for a DoD-focused organization.
2. Create a table showing three DoD frameworks and align them to your firm’s business considerations and goal of becoming a DoD-focused organization.
3. Create a summary report with an introduction describing business considerations relating to a DoD-supplier organization, the table you created in Step 1, and a conclusion that includes the rationale for choosing the frameworks.

Research how network-connected devices, such as a smartphone, can be used in a network forensics investigation. Discuss at least two cases.

 
Purpose
This assignment allows you to define cybercrime and the categories included under cybercrime. You will then examine laws related to cybercrime from three different countries and compare and contrast those laws. You will discuss the ethical dilemmas that can arise from these differences.
Assignment Instructions
Define cybercrime and the categories of cybercrime.
Research how cybercrime (either in general or with respect to certain crimes — e.g., hacking, identity theft, cyberstalking) is handled in at least three different countries (one can be the United States).
Compare and contrast each country’s laws. What ethical issues arise as a result of differences in cybercriminal prosecution across cultures?
How will your understanding of the differences among cultures affect your ability to make decisions within your company?
Assignment Requirements
Your paper should be a minimum of 3 double-spaced pages.
Use Times New Roman 12 pt font.
Use APA formatting for paper, citations, and references.
Be sure to cite your sources and provide the appropriate references.

Using either the Wall Street Journal or U.S. Newsstream, search for the term “physical security breach.” Select two news articles on the search topic that were posted within the last six months.
For each of the articles answer the following questions
Summarize, concisely, the key details of the physical security breach described in the articles
Describe, clearly and accurately, the steps that were taken in the articles, or are being taken, to alleviate the effects of the breaches after the fact or to resolve each issue
Explain whether the physical security breaches were preventable, why or why not, and if preventable, what preventive steps could have been taken
Describe physical access security best practices that could have been used to prevent the breaches, citing specific, credible sources of best practices

 
IT590-2: Discuss recent legislation related to ethical computing.
Purpose
This assignment allows you to place yourself in an ethical dilemma related to data security and privacy. You will analyze the scenario from a number of ethical perspectives, identify laws that are relevant for this scenario, and decide how you would respond to the situation.
Assignment Instructions
Select from one of the following scenarios:
You are the IT administrator for your company. One of the employees discovers a loophole in the security whereby the employees may access the personnel records of other employees in the company. Personnel records include names, addresses, Social Security numbers, disciplinary actions, annual reviews, and salary information. You are working on a time-sensitive project and do not fix the problem for 2 weeks. As you are fixing the problem, you note that several employees have accessed personnel records using the loophole.
You are the CIO of a large national auto retailer. As a part of your service, you offer auto loans through your dealerships. This requires your company to collect and store personally identifiable information on your customers. Additionally, you store customer bank account and credit card information so that customers can use automatic payment options for their loans. Recently, your company has been hacked, and a significant number of client accounts have been breached. The CEO is demanding that the IT group handle this privately rather than reporting the breach for fear that publicizing the information will have a negative effect on quarterly earnings.
Complete the following for your chosen scenario:
Analyze your chosen scenario from the aspect of computing ethics and privacy ethics.
Discuss the ethical dilemma from the perspective of societal ethics, organizational ethics, and individual ethics.
Research on the Internet to determine what data security and privacy laws are relevant in this scenario.
Describe each law and consequences for violation of the law.
Discuss the reputational and financial impact this scenario might have on the organization.
From the perspective of the IT administrator in Scenario 1, or the perspective of the CIO in Scenario 2, how would you respond to the situation? Justify your response from an ethical and legal perspective.
Assignment Requirements
Your paper should be 2–3 double spaced pages in length.
Use Times New Roman 12 pt font.
Use APA formatting for paper, citations, and references.
Be sure to cite your sources and provide the appropriate references.

 
Purpose
In this assignment, you will be provided a scenario in which you need to prepare for a HIPAA audit using materials found on the healthIT.gov website and using a government-provided online or downloadable tool to perform a risk assessment.
Assignment Instructions
You are the IT and Security Manager for a small five-physician medical practice that uses electronic medical records (EMR) but has never performed a HIPAA security risk assessment. You need to prepare for the upcoming HIPAA Audit, and the healthIT.gov site recommends performing a security risk assessment using their Security Risk Assessment (SRA) tool (downloadable or paper).
Based on the scenario above, review the questions in the Administrative Safeguards portion of the tool. This private practice has many written policies, but the policies are often not updated, and training new personnel on HIPAA requirements is a bit haphazard and poorly coordinated. The practice does not have a formally appointed security contact, although the office general manager is the one that most people go to. The one-person IT professional tries to protect the patient’s information and access to that information as best that is possible, but people that leave the organization are often not immediately removed from having that access. Physical access to the building does require a key card access, but the building entrance is not monitored by cameras or the need to sign in. The company has not formally documented and mapped relevant business associates and has not secured business associate agreements related to patient information security. Although the receptionist area has a high counter, and patients typically cannot see the receptionist’s computer screen, patients can hear the phone conversations in the receptionist area. Access to the medical records is password protected but not encrypted, and not all computer screens have automatic locks when the screens are idle.
Identify at least 10 Administrative Safeguard questions from the tool that are particularly relevant to this organization. Identify each by number and the specific wording of the question.
Discuss at least five identified threats or vulnerabilities and discuss the likelihood and overall impact of each of these vulnerabilities in a table like the one below for each threat/vulnerability (you should have five tables).
Likelihood
Impact
Low
Medium
High
Low
Low Risk
Low Risk
Low Risk
Medium
Low Risk
Medium Risk
Medium Risk
High
Low Risk
Medium Risk
High Risk
For each threat/vulnerability, describe one or more safeguards that could be implemented against the threat/vulnerability. Suggested safeguards can be found in the SRA tool.
Write a summary that discusses what you learned by participating in this exercise. Discuss how difficult and costly completing this assessment might be for the small medical practice described in this case. Recommend possible solutions to make this assessment process possible for this small practice.
Assignment Requirements
5–6 pages of content (exclusive of cover sheet and references page), using Times New Roman font style, 12 point, double-spaced, using correct APA formatting, and include a cover sheet, table of contents, abstract, and reference page(s)
At least 1 credible source cited and referenced
No spelling errors
No grammar errors
No APA errors

 
IT591-3: Apply auditing processes within a technical scenario.
Purpose 
This assignment helps you learn how to prepare for a specific audit, in this case, the PCI-DSS audit. You will use the PCI-DSS Self-Assessment Questionnaire D for Merchants (Version 4.0 (Available in your readings) and become familiar with the various sections that the audit will cover, and what preparation must occur to ensure compliance within each section.
Assignment Instructions 
Use the link to the PCI-DSS self-assessment questionnaire (SQA-D) for Vendors (V. 4.0) provided in this week’s readings and use this information to complete the assignment.
Consider the PCI-DSS self-assessment questionnaire D for Merchants (V. 4.0) which a typical retail merchant would have to show compliance in order to continue doing business with credit cards.
Review the questions associated with four different requirements of the twelve covered by the assessment questions (specifically sections 3, 8, 9, and one other section of your choice)
For each section explain:
The purpose of that section, why it is important, and what these questions seek to achieve.
Pick any three questions in that section and explain:
What the question means
What evidence would be needed to show compliance
Whether it would be easy or difficult to achieve compliance and why
Do not pick three that are all easy
Summarize your impressions of the questions for this section and discuss how a merchant would establish or maintain compliance.
For any question that you examined in item 2 above, (which was deemed hard to comply with) assume that you cannot fully meet the requirement and draft up a half-page compensating control (Refer to Appendix B) that would substitute for a fully compliant response.
Write a 1-paragraph summary about what you learned from this exercise.
Assignment Requirements
5–6 pages of content (exclusive of the cover sheet and references page), using Times New Roman font style, 12 point, double-spaced, using correct APA formatting, and include a cover sheet, table of contents, abstract, and reference page(s).
At least 1 credible source cited and referenced
No more than 1 table or figure
No spelling errors
No grammar errors
No APA errors