Computer Science

Complete Part A or Part B (1000 words)

Part A 

Search the internet for the series of ISO standards relating to digital forensics and list each of the standards you think applies
Search the internet for the current UK Forensic Science Regulator’s Codes of Practice and Conduct (Forensic Science Regulator, 2011). Read Section 21 and say why a digital forensic scientist might have difficulty complying with this item
Using the evidences shown in the figure below write a short report discussing how you going to complete your investigation using the three digital forensic process. Include suitable screenshots. Your report should include at least 3 of the evidences from the figure below.
Collecting
Analysing
Presenting

Include suitable screenshots and references in the report. Please annotate the screenshots

Produce conclusion and reflection of the tasks completed above.
You tasks would be assessed for similarity index (maximum 30%), spelling and grammar, structure and consistent format (font size and type).

Part B

Physical Security

You are the Security Manager for a medium-sized bank. You have been asked to design a security solution to keep intruders out of the bank after hours. The three areas of the bank you need to secure are the parking lot, the building perimeter, and the vault. List what technologies you would use in each of these areas

Social Engineering

You work for the Contoso Corporation. Your manager wants you to put together a training class about end-user security. To begin, use the Internet to research three cases or instances in which individuals used social engineering to break into a system, and list how they attempted to get access.

Biometrics

You are the IT administrator for the Contoso Corporation. Your CIO wants you to investigate the possible use of biometrics for security purposes. The CIO understands what biometrics is and how this technology can be used, but he does not understand the potential disadvantages of using biometrics. What should you tell him?

Changing Passwords

Imagine that you work for the Contoso Corporation. Your CIO tells you that he just got a message on his computer saying that he has to change his password. He wants to know why he must not only use such a relatively long password, but also why he must change that password on a regular basis. What should you tell him?

Firewall

You work for the ABC Corporation. You need to tell a user how to open the Windows Firewall console on a computer running Windows 7 and create a Windows Firewall inbound rule that allows Internet Explorer to communicate over ports 80 and 443. What steps must this user follow?

a) Include suitable screenshots and references in the report. Please annotate the screenshots
b) Produce conclusion and reflection of the tasks completed above.
c) You tasks would be assessed for similarity index (maximum 30%), spelling and grammar, structure and consistent format (font size and type).

Designing Security Policy for a Named Company of Your ChoiceDefinition of a Policy
By definition, security policy refers to clear, comprehensive, and well-defined plans, rules, and practices that regulate access to an organization’s system and the information included in it. Good policy protects not only information and systems, but also individual employees and the organization as a whole.
A policy generally has these characteristics:
• Communicates a consensus of judgment
• Defines appropriate behavior for users
• Identifies what tools and procedures are needed
• Provides directives for Human Resources action in response to inappropriate behavior
• May be helpful if it is necessary to prosecute violators

Purpose. The purpose of this project is to ensure that appropriate measures are put in place to protect “Your Company’s” information and the Information Technology Services (ITS) systems, and equipment of the infrastructure.

Requirements:
a. Students are required to select a company of their choice. It could be an existing company or your own creation. This is an individual project; not a group project!

b. For the company/organization you selected or made up, create a comprehensive Security Policy you deem appropriate to address all aspects of their infrastructure. Please bear in mind that the purpose of this document is to ensure that appropriate measures are put in place to protect corporate information and the Information Technology Services (ITS) systems, services, and equipment of “Your Company” and associated infrastructure. This means that the policy aspects you select should address all the functional areas of the organization. First, conduct a brief research of the company you intend to use for this project to learn more about their security functional areas. This will help you to determine the policy aspects you should use.

Policy Templates designed for this purpose are available for use by the public from the SANS website at no cost (pages 4 – 5). A minimum of TWELVE aspects must be selected from all the FOUR major functional security areas (General Security, Network Security, Server Security, Application Security). Many of the Aspects listed in each main Security Functional area also have sub-categories, so you may have to dig further down to download those specific policy documents. Don’t use any policy that is not applicable to “Your Company”. For example, there is no need to use the Lab Security Policy if your company doesn’t have a lab.

Your duty is to search and replace all generic company names in the template documents with your chosen “Company Name”. You also have to customize the templates to match the needs of your company. Each template comes in pdf or Word format. For easy editing, it is recommended that you download the Word format. Your document should be formatted in sections by each Security Policy Aspect. For example, if “Acceptable Use Policy” ends in the middle of page 20, start the next policy aspect on page 21.

c. Table of Content (ToC) – Create ToC listing all the policy and sub policy aspects used in your document.

d. Abstract – Create an Abstract describing the company’s functional security areas and explaining the need of this document by your company. In simple terms, describe/state how the company will benefit from this Security Policy document.

e. Formatting – Since this is a formal document, it must be formatted appropriately. Page number the document, create Header/Footer, insert company logo at appropriate page location, spell-check the entire document. You may use APA style for this project. Abstact and ToC pages should be numbered in Roman Numerals (not counted towards total page-count). Apply regular page-numbering to the remaining document (Page 1 and up)

f. Definition of Terms – Use this section to help non-technical readers understand the technical jargons used in the document. The Templates provide that so use them.

g. References – Make sure to cite all used documents, graphics, etc., that were not your own creation.

h. Cover page – Create appropriate title for the cover page, stating phrases like: “Security Policy for Company Name”, Prepared by Your Name”, “Date/Semester”, etc. Simply, be creative!

i. Submit a hard copy to your professor and upload a digital copy to Blackboard Dropbox as instructed by your professor. Store your copy in a safe place for future reference. You never know when…!

Words of Encouragement:
Don’t see this as a tedious task. Enjoy doing it and learn useful lessons from it. Read this email statement from a former student who completed this project years ago:
“I wish to thank you for assigning the Security Policy project and guiding us through the process. On my new job, one of the first tasks I was assigned to do along with two other coworkers was to create a Security Policy for the company. The other two individuals had no clue as to how to start the project. Our job became much easier when I showed them my Monroe Project.”

Note: See next two pages for the SANS website address (URL) and other pertinent information.

https://www.sans.org/security-resources/policies
Find the Policy Template You Need! Below are links to the Policy Documents.
General
• Acceptable Encryption Policy
• Acceptable Use Policy
• Clean Desk Policy
• Data Breach Response Policy
• Disaster Recovery Plan Policy
• Digital Signature Acceptance Policy
• Email Policy
• Ethics Policy
• Pandemic Response Planning Policy
• Password Construction Guidelines
• Password Protection Policy
• Security Response Plan Policy
• End User Encryption Key Protection Policy
Network Security
• Acquisition Assessment Policy
• Bluetooth Baseline Requirements Policy
• Remote Access Policy
• Remote Access Tools Policy
• Router and Switch Security Policy
• Wireless Communication Policy
• Wireless Communication Standard
Server Security
• Database Credentials Policy
• Technology Equipment Disposal Policy
• Information Logging Standard
• Lab Security Policy
• Server Security Policy
• Software Installation Policy
• Workstation Security (For HIPAA) Policy
Application Security
• Web Application Security Policy
CAUTION: Policy, Standard, Guideline are terms often confused by many students.
The following definitions of Security Policy, Standard, and Guidelines, by SANS will be helpful as you plan your research project
A policy is typically a document that outlines specific requirements or rules that must be met. In the information/network security realm, policies are usually point-specific, covering a single area. For example, an “Acceptable Use” policy would cover the rules and regulations for appropriate use of the computing facilities.
A standard is typically a collection of system-specific or procedural-specific requirements that must be met by everyone. For example, you might have a standard that describes how to harden a Windows 8.1 workstation for placement on an external (DMZ) network. People must follow this standard exactly if they wish to install a Windows 8.1 workstation on an external network segment. In addition, a standard can be a technology selection, e.g. Company Name uses Tenable SecurityCenter for continuous monitoring, and supporting policies and procedures define how it is used.
A guideline is typically a collection of system-specific or procedural specific “suggestions” for best practice. They are not requirements to be met but are strongly recommended. Effective security policies make frequent references to standards and guidelines that exist within an organization.

You were selected to design a small peer-to-peer network for a new facility which has six computers and a networked printer. Each desk computer must have a wired network connection. The rooms are to have wireless access for mobile devices.

For this assignment, you will utilize Gliffy®, (Links to an external site.) a software application to create a basic network diagram depicting a star topology with a switch as the central communications node. The focus here is on the network communications equipment for this LAN. Include only that equipment and end node devices on the network diagram. There is no need to draw out the layout of the physical space.

In addition to providing a network diagram, you must also provide a short essay that describes the details of the LAN equipment that is being used and the connections. In the essay, be sure to explain why each device is positioned where it is.

Also, briefly state any assumptions you’ve made about the kind of work being done, the demands the personnel in the office will put on the network, how they’ll use it, and how that influenced your design. For example, if the business that uses the LAN is a small video-based news streaming service, they will probably need more performance from both their network and ISP than a small rental property management office might need.

Requirments.
1. Depict a star topology that uses Ethernet.
2.Provide a ‘cloud’ shape or another symbol for the ISP WAN service. Label the symbol as ‘Dial-up,’ ‘Cable,’ or ‘Fiber Optic.’
3.Label all network devices in the LAN (brand and model names are acceptable but not required).
4.Connect to the ISP service using a dial-up modem, cable modem, or, if using fiber optic service, an optical network terminal (ONT). Do not use a combination device such as a modem/router.
5.Connect the LAN router (wireless router) to the ISP WAN service device. The LAN router provides many capabilities to include: DHCP, (Links to an external site.) NAT translation, (Links to an external site.) port forwarding, (Links to an external site.) QoS, (Links to an external site.) and software firewall services. Do not use a router/switch combination device; however, a router with integrated wireless capabilities is acceptable.
6.Use a managed switch as a centrally-located device to provide wired network connectivity for the seven end nodes (six desktop computers and a printer). Connect the switch directly to the main LAN router.
7. Connect the seven end nodes directly to the central switch.
8. Label the specific type of physical media (cables) being used to connect the LAN router to the ISP service device, the central switch to the LAN router, and the seven end nodes to the central switch.
9. Use a screen capture tool such as Snagit (Links to an external site.) or the Microsoft Clipping Tool to copy your diagram and paste the copied image into a Word document with the written essay.
Your application response is a reflective written assignment relating to the module readings, discussion, and other activities presented. All work must be original and not taken from Internet sources.

In a document, compose an essay consisting of three paragraphs (250-300 words) This assignment must be in essay format with an introductory paragraph, body, and conclusion.

Instructions
Read the below case study and answer the questions within your critical analysis. Remember this should not be in question-answer format.

The case study is in PDF format. The Cover and title page of the book it comes from is included to help you create your references. Be sure to follow the correct APA formatting and Case Study directions listed on the Assignment Information page..

Case Study file: EXPLORING THE IMPORTANCE OF BEHAVIOR DURING PERSONAL INTERACTIONS AND CUSTOMER RELATIONSHIP

Perform a critical analysis of the case study presented above. Research examples of both good and bad customer relationship management. Do you think that having a system (technology) in place will help to manage customer relationships? Back up your stance.

This should not be in first person even though your opinion is being asked.

I’ve attached the PDF file andhere is the URL link for the pdf file the instructor gave us just in case it doesn’t upload properly

the pdf file is in the middle of the page at the bottom under attatchments.

Discussion Board Post

Initial Post:

Browse either Android apps at Google Play or Apple apps at the iTunes App Store. Search under medical apps and attempt to organize them into categories in a table. Are there categories that are missing, e.g. clinical guidelines for patients? Any future predictions about new categories of software? Pick one of your categories and describe the types of Apps in it.

This activity will address module outcomes 1, 2, 3, 4, and 5. Upon completion of this activity, you will be able to:

Identify an organization’s cybersecurity stakeholders, their responsibilities, and sources of authority. (CO1)
Contrast various management styles and their applicability to various cyber roles. (CO1)
Describe relevant strategic and tactical goals within the cybersecurity context. (CO2)
Determine organizational communications models in use by organizations for cybersecurity—critical and non-critical—event management. (CO1, CO2)
Synthesize how a CISO would lead and communicate to pursue organizational goals. (CO1, CO2)

review the scenario presented:

Imagine this is your first day as Senior Chief Information Security Officer (CISO) of Company A. The Chief Financial Officer (CFO) calls you wondering what should have been done differently during a recent incident involving your predecessor. The following incidents recently occurred and were closed out without any alert to senior staff or the CFO.

The Chief Financial Officer’s admin reported that their laptops were performing erratically and many popup screens kept appearing while browsing the Internet. Upon inspection, it was found that the laptops were infected with malware and computer viruses. As the users were the CFO’s direct subordinates, the service desk decided to respond quickly. However, the service desk did not report the incident up the chain. As soon as the malware was removed, the service desk closed the ticket.

Based on your understanding of the prior scenario involving the CFO’s admin, identify at least one risk if the process or procedures are not changed.

Your paper should include the following information:

Executive summary describing Incident
Analysis Section describing the risk or risks identified.
Categorize the risk or risks if not changed (high, medium or low) and the potential impact (what is the worst that could happen).
Describe the mitigation or process and procedure that should be changed.
Categorize any remaining risk.

Discussion Forum 1
Internet Impact
In Discussion Forum 1, post your response to the following discussion questions. Reply to at least two classmates’ responses by the date indicated in the Course Calendar.
How has the Internet impacted your life? List and explain your top 5 preferred or most used sites and explain why you prefer or use these sites. Describe three ways that using the Internet has changed your life. Have these changes been for better or worse?

1. Discuss the potential of an innovation to establish competitive advantage. Give suitable examples from real market.

2. When and how does the vertical integration become a solution for a company to maintain its competitive advantage? Enrich your answer by suitable examples from Saudi market.

each question not to be less than 275 words ( page and half for each questing )
? Support your submission with course material concepts, principles, and theories from the textbook along with at least two scholarly, peer-reviewed journal articles.
? A mark of zero will be given for any submission that includes copying from other resource without referencing it.

The Scenario
Design a local and wide area network at seven sites with remote access for a 3,500 person international company in the pharmaceutical industry. The company recently was formed through a number of acquisitions via venture capitalists.

There are seven company locations each containing one building including the corporate headquarters in New York, NY – 1000 employees, San Diego, CA – 250 employees, central research in Houston, TX – 750 employees, Madrid – 500 employees, India – 50 employees, London – 150 employees, China – 300 employees and 500 remote users – sales force.

There is a diverse computing environment with no standards in place including a combination of devices (e.g. network printers) and desktop operating systems (e.g. Macintosh OS, UNIX, Linux and Microsoft Windows). There are three different data centers in operation. The first data center is located in New York, NY being used as the main corporate data center (e.g. email, file, print, database and intranet web servers) the second is located in San Diego, CA being used for R&D (e.g. high performance computing, technical application servers and video-streaming services), and the third is located in Houston, TX being used for disaster recovery. The company does large file transfers (e.g. video and graphics) between San Diego, CA and Houston, TX. There is one Internet connection located in the corporate data center that services all company locations.

The Assignment
Provide a proposed network topology design using a software program capable of developing a diagram such as Microsoft PowerPoint, Microsoft Visio, or an evaluation copy of business graphics software such as SmartDraw or EDraw Max. The final product should be submitted in a Microsoft Word document.

Specify the type(s) of media (fiber and copper), network devices (switches and routers), protocols, WAN circuits and connectivity, remote access method and authentication, fault tolerance and security in your design.

I need a paper that explains how digitalization and technization have affected the world we live in today. I don’t need them focussing on organizations and businesses because this is not a business paper. It is a sociology paper and it needs to focus on the human being and the environment around him.