Given the broad range of organizations that are targeted by cyber criminals, what advice can you give companies that are looking to create or mature their cybersecurity programs?

Developing a Culture of Cyber Preparedness We spoke with Mike Kelly, Commercial Banking’s Head of Cybersecurity and Technology Controls, about how to create an environment that prioritizes security and fraud preparedness. Learn why organizations today are so focused on security, and what steps you can take to defend yourself from fraud.
Oct 29, 2019 The cybersecurity field continues to evolve, and we hear all the time about new schemes from criminals trying to gain access to systems. What have our clients learned and what more do they need to know now? Over the past few years we’ve seen cyber criminals expand their targets to include a broad range of types and sizes of organizations, and clients—from smaller businesses, like laundromats and corner stores, to large corporations—want to stay ahead of cyberattacks. It’s important for every company or organization to take as many steps as they can to help prevent cyberattacks. Larger companies clearly have more resources, but there is a lot that smaller businesses can do, too. Keep anti-virus software up to date. Don’t open emails from addresses you don’t recognize. Validate all requests for payment by speaking to the person making the request, either in person or with a known phone number. Bring in a cybersecurity consultant for a review of their systems and vulnerabilities. Small steps matter. What’s motivating the shift in interest in cybersecurity preparedness? Unfortunately, cyberattacks are escalating, and that’s the motivation. The wide range of targets, the increased public attention and the experience of actually being targeted—whether it’s successful or not —are the biggest drivers of clients’ cybersecurity preparedness. In the last three years, we’ve doubled the number of clients that we meet with to discuss the tools and controls they can use. We visit offices, speak at conferences and have detailed discussions, and sometimes that’s still not enough. For example, recently one of our clients was developing a cybersecurity program based on best practices. Unfortunately, the client’s project was delayed by other priorities that impacted the program’s launch. During the delay, criminals launched a cyber attack against them and demanded a ransom to return the client’s employee data. Since the incident, building and maintaining a solid cybersecurity program quickly has become a top priority for that client.
The more organizations are hit with some type of cyber event or cyberfraud, the greater the interest they have in maturing their programs. If awareness is growing, what’s still in the way of clients creating a culture of cybersecurity preparedness? Culturally, there’s a difference between organizations that have experienced an incident and those that haven’t. The organizations that have moved the needle the most are those that have experienced an attack, even if it was not successful. Every organization has to weigh competing priorities. It’s natural that the people deciding an organization’s priorities give it more attention after an incident. You just “get it” once you’ve lived through it. So what can cybersecurity leaders do to help push organizational cultures toward cyber preparedness? Cybersecurity preparedness programs don’t have to be expensive, but the lessons that come from a cyberattack are costly in terms of lost business and reputation, lost revenue and lost assets. Organizations are more likely to be the target of a cyberattack than to experience a fire in their office, but often, they are more likely to practice fire drills than cyber preparedness drills. Testing systems helps to uncover gaps in cybersecurity preparedness and employee training. Given the broad range of organizations that are targeted by cyber criminals, what advice can you give companies that are looking to create or mature their cybersecurity programs?

Cybersecurity preparedness programs don’t have to mean an organization must invest in expensive solutions. Having people involved in a system creates an opportunity for human error. So a strong return on investment can come from lower tech strategies including training and testing—such as phishing drills and tabletop exercises. An old fence can still keep people out. Finding and mending any gaps in that fence is critical, and repeated training and practice is one of the simplest ways to do that.

What are all the file systems types that a windows and a Mac uses by the operating system and how large of a file is supported in each (max size)

Make sure you provide enough detail to your answer to show you understand the question, simple answers (no detail) or 1 or 2 sentences as answers will be worth very little.
1. Explain in the windows operating system how the operating system changes from one process to the next, basically the context switch (do not include the algorithms used by the scheduler, or scheduler activities)
2. Explain in the windows operating system how an interrupt is handled (for example a keyboard entry)
3. Of the three basic operating systems we have covered, windows, Linux and mac, if you had a customer that was new to PC systems, what questions would you ask them to determine which operating system they should use/purchase.
4. What are all the file systems types that a windows and a Mac uses by the operating system and how large of a file is supported in each (max size),
5. A customer running windows 10, wants to use Windows XP for older applications, it has been suggested that they use a VM (Virtual Machine). What steps should the customer take to install a XP operating system into a VM running on the windows 10 machine.
6. What makes a server operating system more robust than your standard pc based operating system.
7. What is the max number of simultaneous users that the windows 10 operating system supports, what is the max number of simultaneous users that a Mac operating system supports?
8. What steps should be taken to install a device driver into a windows operating system, what steps should be taken to install a new device into a Mac.
9. You want to upgrade your PC from windows XP to windows 10, is there an upgrade path?, Explain. You also would like to upgrade from windows 8.1 to windows 10, what steps should you take.
10. What are the differences between the Von Neumann vs. Harvard architecture?
11. How is a CPU cache used to increase the performance of the Operating system?, who controls the usage, the operating system or the CPU. Explain
12. What is the difference between a UNIX operating system and a Linux Operating system?
13. What is a “Page Fault” in an operating system.
14. Explain the difference between Multitasking and Multi-Processing?
15. What is the difference between time-sharing and Multi-user processing?
16. What is the difference between soft real-time and Hard real-time operating systems, what does windows support?

What BI tools would you utilize to manipulate that data in order to establish trends and patterns that can help you target potential buyers?

Option #1: Car Dealership Data System

You are a sales manager for a car dealership who wants to effectively target potential customers. Write a paper that details how you would create a data system to reach potential customers and addresses the following questions:

  • What kind of data would you find helpful in populating your system?
  • What sources would you find helpful in the selection process? What ethical considerations must be part of this process?
  • What BI tools would you utilize to manipulate that data in order to establish trends and patterns that can help you target potential buyers? (Hint: If you suggest spreadsheet as a tool, you should provide snapshots of your activities, like tables, formulas, or other tools.)

Your paper should be two pages in length (excluding cover and reference pages), written according to the CSU-Global Guide to Writing & APA (Links to an external site.), and supported by a minimum of three academic sources. The “Best Bet Databases for Information System Management” (Links to an external site.) resource from the CSU-Global Library is a good place to find these sources.

 

How does this concept relate to or apply to the therapeutic nurse-client relationship?

Criteria Weight Mark
Introduction -Introduction is focused and sets the stage for the ensuing paper

  • Engaging opening sentence
  • Present the concept clearly and concisely (include supporting literature)
  • Purpose statement is clear and concise
  • Explain how the concept will be explored
10  
Concept Description

  • Define/describe the concept according to literature
  • If applicable, include reference to relevant RNAO, CNO or CNA documents
10  
Implications for nursing practice

  • Why is this concept important to nursing?
  • What do the professional nursing bodies say about the concept?
  • How does this concept relate to or apply to the therapeutic nurse-client relationship?
25  
Reflection

  • What does this mean to nursing and/or nursing practice?
  • What pre-conceived ideas or assumptions did you have regarding this concept prior to writing this paper and how has this changed?
  • How does this concept resonate with you personally and link with your knowledge/experience both past and present?

 

15  
Use of scholarly literature

  • Integration of literature is apparent and woven appropriately throughout paper.

·         Minimum of five (5) current (2015-2020) references.  Five of those 6 references are to be from nursing peer reviewed journals. The other one reference must be peer-reviewed but not necessarily nursing-based. Beyond the minimum of six, other relevant resources may include (but not limited to) government sites, literature from professional associations (eg., CNA, CNO, RNAO), etc.

·         Some concepts may have seminal work published prior to 2015 and this work should be included.

15  
Quality of writing

  • Use of APA (6th ed.) formatting, referencing, title page, citing and word count
  • Logical flow, organization, spelling, grammar, syntax and clarity of expression
15  
Summary

  • Summarize key points and make links between the concept explored and what has been learned
10  
Total 100  

Comments:

Demonstrate a deep and systematic understanding of conventional and contemporary ICS implementations and their comparison to IT systems in the context of cyber security.

 

Section 1:       Overview of Assessment

This assignment assesses the following module learning outcomes:

  • Demonstrate a deep and systematic understanding of conventional and contemporary ICS implementations and their comparison to IT systems in the context of cyber security; (A, B)
  • Undertake the analysis of the cyber threat landscape in ICS and evaluate current cyber protection approaches in the field; (B)
  • Design and evaluate improvements in current cyber protection approaches to tackle the cyber security challenges that arise in ICS. (B)

The assignment is worth 50% of the overall mark for the module.

Broadly speaking, the assignment requires you to write a 4,000 words report on the analysis of the current cyber threat landscape and cyber protection approaches in the Critical Infrastructure, proposing ways for improvement. The report will be research-based, written in an industrial standards format; you are expected to draw information from one or more case studies including but not limited to “Stuxnet” (and/or variations of Stuxnet), the “Analysis of the Cyber Attack on the Ukrainian Power Grid” in 2015 and Wannacry.

The assignment is described in more detail in section 2.

This is an individual assignment.

Working on this assignment will help you to identify and analyse the challenges that arise in the cyber protection of cyber physical control systems used in the Critical Infrastructure, and present them in a report that follows industrial standards. Through your research you will analyse and evaluate the current threat landscape and the cyber protection approaches in the field, and propose ways for improvement. If you have questions about this assignment, please post them to the discussion board on Blackboard.

Section 2:       Task Specification

Produce a 4,000 words report analysing selected case study/-ies on cyber security incidents in the Critical Infrastructure.

You are working as an independent consultant for a Cyber Security firm that operates a Research and Development department on Cyber Security in Industrial Control Systems. The firm wants to gather intelligence on cyber security in Critical Systems in order to come up with new products and solutions. Your assignment is to do research in this area and produce a report that addresses the firm’s needs. In particular, your research will focus on:

  • The analysis of the current threat landscape in cyber physical control systems used in the Critical Infrastructure.
  • The analysis and evaluation of current cyber-security approaches in the field.
  • Ways to improve current cyber security approaches, analysing their impact on the system.

Your research must draw information from one or more case studies provided in the lectures (e.g. Stuxnet, Flame, Ukrainian Power Grid, Wannacry etc.) and relevant papers of high quality. In your report, you must clearly identify the following elements:

  • The differences between traditional IT systems and Critical Systems and how they affect cyber security;
  • The entities involved in cyber security incidents in the Critical Infrastructure (e.g. attack actors, ICS vendors, environment etc.);
  • The cyber security risks and the associated threat vectors;
  • Current cyber security approaches and their limitations, analysing the technical and operational challenges that arise;
  • Ways to improve cyber security in this area, discussing their impact on the system.

 

The report must follow professional standards, written in an appropriate style and format. Accuracy, completeness and consistency of citation and listing of sources must also be taken into account.

 

Section 3:       Deliverables

A 4,000 words written report is to be submitted via Blackboard by XXX in PDF format.

Your report should include the result of your research as described in Section 2. On the first page of your report you should clearly identify the subject/title of the report, your name and surname followed by your student ID and the current date.

 

 

 

Section 4:       Marking Criteria

  0-29 30-39 40-49 50-59 60-69 70-84 85-100 Mark & Advice for Improvement
Understanding the nature of ICS (differences with IT systems and impact on cyber security in ICS)

(25%)

Poor content; little or no description of the differences between IT and ICS systems. Provides some description of the differences between IT systems and ICS; content not adequate; further analysis is needed on the impact they have on cyber security. Provides a description of the differences between IT systems and ICS; impact analysis could be clearer. Provides a well written description of the differences between IT systems and ICS, giving an impact analysis based on information drawn from good quality sources. Very well written description of the differences between IT systems and ICS based on high quality sources; provides a well written impact analysis based on high quality sources. Excellent description of the differences between IT and ICS systems, explaining in detail how they affect cyber security in ICS. Appropriate sources used. Outstanding description of the differences between IT and ICS systems and how they affect cyber security, providing examples from case studies; use of additional sources.; publishable material.  
Analysis of the threat landscape and evaluation of current cyber-security approaches

(25%)

Poor content; little or no analysis of the threat landscape and/or evaluation of current cyber security approaches. Provides some analysis of current threat landscape and security approaches; misses important elements; inadequate depth of content. Provides a description of the landscape and some evaluation of current cyber security approaches. Provides a well written description of the threat landscape and an evaluation of current cyber security approaches based on data drawn from good quality sources. Provides a very well written description of the threat landscape and an evaluation of current cyber security approaches based on data drawn from high quality sources. Excellent analysis of the threat landscape and current cyber security approaches; appropriate sources used. Outstanding analysis of the threat landscape and current cyber security approaches, providing examples from case studies; use of additional sources; publishable material.  
Ways to improve current cyber security approaches

(25%)

Poor content; little or no discussion on ways to improve cyber security in ICS. Some suggestions on how to improve cyber security in ICS; inadequate content; little or no evaluation of the proposed methods. Provides suggestions to improve cyber security in ICS; not clear how they map to the rest of the report; provides some evaluation of proposed improvements. Well written suggestions on how to improve cyber security in ICS; based on the analysis of current approaches; provides evaluation of proposed improvements. Very well written suggestions on how to improve cyber security in ICS; based on detailed analysis of current approaches; provides evaluation of proposed improvements. Excellent work on suggestions to improve cyber security in ICS; based on detailed analysis of current approaches as identified in relevant papers or case studies; well-presented evaluation of proposed improvements. Outstanding work on suggestions to improve cyber security in ICS; based on detailed analysis of current approaches as identified in relevant papers and case studies. Publishable material; well-presented evaluation of proposed improvements.  
Quality of writing

(25%)

No use of the appropriate terminology; fails to describe the problem and the work done; shows a lack of structure,

comprehensibility, clarity and grammatical quality.

Lack of or

inaccurate use of

the appropriate

terminology; shows a lack of structure,

comprehensibility, clarity and grammatical quality.

 

Often fails to use appropriate terminology; may lack in layout and/or logical structure; may show a lack of clarity and comprehensibility;

lacking grammatical structure.

 

Mostly uses appropriate terminology; well presented; lacking in clarity and grammatical structure. A good grasp of the appropriate terminology; well presented in both layout on the page and logical structure; resented in an appropriate style; good grammatical standard. Uses appropriate terminology accurately; professionally presented in both layout on the page and logical structure; very well presented in an appropriate style; grammatically of a very high standard. Uses appropriate terminology accurately; professionally presented in both layout on the page and logical structure; impressively presented in an appropriate style; grammatically of an extremely high standard.  

 

Describe at least 2 identity and access management tools needed to measure and monitor security risks across the enterprise.

Management is pleased with the progress that has been made and likes the steps you have taken to set up a secured network environment. During the last status meeting, the following was asked: “Has everything been done that is possible to ensure the security of the environment?” Your response was that you believed it has, but one way to be sure is to conduct a vulnerability assessment and a penetration test.
• Create a PowerPoint presentation of 6–8 slides that includes speaker notes and a reference slide. It must cover the following:
o Describe at least 2 common security threats against wired and wireless devices and typical countermeasures used by corporate security teams.
o Describe at least 2 identity and access management tools needed to measure and monitor security risks across the enterprise.
o Explain penetration testing and vulnerability assessments and how they differ.
o Identify the benefits of using penetration testing and vulnerability assessments relative to threats.
o Discuss the tools available in the industry (at least 5 different tools should be discussed) and explain how they can be used to mitigate security vulnerabilities.
The presentation must include a title slide, topics of discussion slides, main content slides, and reference slides. The references must use APA structure for organization of reference information. Font and font size are not required to meet APA format.

Write a three- to five- page research-based report in which you summarize your research and discuss the similarities and differences between the two IT security policy documents.

Project 5: Compare / Contrast Two State Government IT Security Policies.

For this research-based report, you will perform a comparative analysis that examines the strengths and weaknesses of two existing IT Security Policies published by state governments (agencies and offices of the executive branch under the leadership of the state governors). You may choose any two states’ IT Security Policies from the list published by the Multi-State Information Sharing and Analysis Center (MSISAC). (See item #1 under Research.)

Your analysis must include consideration of best practices and other recommendations for improving cybersecurity for state government information technology operations (state agencies and offices). Your paper should also address the question: why should every state in the nation have a comprehensive IT security policy for state agencies and offices?

Research:

  1. Select two state government IT Security Policies. Use the list at https://www.cisecurity.org/partners-state-government/ (The list items are not clickable. Cut/paste your choices into the browser search field to find your selection.)
  2. Download and review your selected state governments’ IT Security Policy documents.
  3. Develop five or more points that are common across the two documents. (Similarities)
  4. Identify and review at least three unique items in each document. (Differences)
  5. Research best practices for IT Security and/or IT Security Policies for state governments. Here are several sources which you may find helpful:
    1. https://www.nist.gov/cyberframework/perspectives/state-local-tribal-and-territorial-perspectives
    2. https://www2.deloitte.com/insights/us/en/industry/public-sector/nascio-survey-government-cybersecurity-strategies.html
    3. https://www2.deloitte.com/content/dam/insights/us/articles/4751_2018-Deloitte-NASCIO-Cybersecurity-Study/DI_2018-Deloitte-NASCIO-Cybersecurity-Study.pdf
  6. Using your research and your comparison of the two policy documents, develop an answer to the question: Why should every state government have an IT security policy for state agencies and offices under the state’s executive branch?

Write:

Write a three- to five- page research-based report in which you summarize your research and discuss the similarities and differences between the two IT security policy documents. You should focus upon clarity and conciseness more than length when determining what content to include in your paper. At a minimum, your report must include the following:

  1. An introduction or overview of IT Security Policies for the executive branch of state governments (covering state agencies and offices in the executive branch including the governor’s office). Explain the purpose of an IT security policy and how states use security policies. Answer the question: why should every state in the nation have a comprehensive IT security policy for state agencies and offices? (Make sure that you address the importance of such strategies to small, resource-poor states as well as to large or wealthy states.)
  2. A separate section in which you discuss and provide five or more specific examples of the common principles and policy sections/statements (similarities) found in both IT security policy documents.
  3. A separate section in which you discuss the unique aspects of the first state’s IT security policy document. Provide five or more the policy document. e specific principles or guidelines or other content that is unique to the policy document.
  4. A separate section in which you discuss the unique aspects of the second state’s IT security policy document. Provide five or more the policy document. e specific principles or guidelines or other content that is unique to the policy document.
  5. A section in which you discuss your evaluation of which state government has the better of the two IT security policy documents. You should also present five or more best practice recommendations for improvements for both IT security policy documents. (Note: you may have different recommendations for the individual policies depending upon the characteristics of each document.) Answer the question: why should every state in the nation have a comprehensive IT security policy for state agencies and offices?
  6. A separate section in which you summarize your research and recommendations.

Submit for Grading

Submit your work in MS Word format (.docx or .doc file) using the Project 5 Assignment in your assignment folder. (Attach the file.)

Additional Information

  1. Consult the grading rubric for specific content and formatting requirements for this assignment.
  2. Your 3-5-page research-based report should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings and page breaks to organize your paper.
  3. Your paper should use standard terms and definitions for cybersecurity. See Course Resources > Cybersecurity Concepts Review for recommended resources.
  4. The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,DEC2018).docx.
  5. You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s page count.
  6. You should write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
  7. You must credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).

Identify and describe five or more types of personal / private information or data that will be collected, stored, processed, and transmitted in conjunction with the use case.

Research Report #2: Emerging Issues Risk Analysis and Report

Scenario

The Entertainment Team (ET — part of Resort Operations at Padgett-Beale, Inc.) is excited about a new event management platform and is ready to go to contract with the vendor. This platform is a cloud-based service that provides end-to-end management for events (conferences, concerts, festivals). The head of Marketing & Media (M&M) is on board and strongly supports the use of this system. M&M believes that the data collection and analysis capabilities of the system will prove extremely valuable for its efforts. Resort Operations (RO) also believes that the technology could be leveraged to provide additional capabilities for managing participation in hotel sponsored “kids programs” and related children-only events.

For an additional fee, the event management platform’s vendor will provide customized RFID bands to be worn by attendees.

The RFID bands and RFID readers use near-field communications to identify the wearer and complete the desired transactions (e.g. record a booth visit, make a purchase, vote for a favorite activity or performer, etc.).

The RFID bands have unique identifiers embedded in the band that allow tracking of attendees (admittance, where they go within the venue, what they “like,” how long they stay in a given location, etc.).

The RFID bands can also be connected to an attendee’s credit card or debit card account and then used by the attendee to make purchases for food, beverages, and souvenirs.

For children, the RFID bands can be paired with a parent’s band, loaded with allergy information, and have a parent specified spending limit or spending preauthorization tied to the parent’s credit card account.

The head of Corporate IT has tentatively given approval for this outsourcing because it leverages cloud-computing capabilities. IT’s approval is very important to supporters of this the acquisition because of the company’s ban on “Shadow IT.” (Only Corporate IT is allowed to issue contracts for information technology related purchases, acquisitions, and outsourcing contracts.) Corporate IT also supports a cloud-based platform since this reduces the amount of infrastructure which IT must support and manage directly.

The project has come to a screeching halt, however, due to an objection by the Chief Financial Officer. The CFO has asked that the IT Governance Board investigate this project and obtain more information about the benefits and risks of using RFID bands linked to an external system which processes transactions and authorizations of mobile / cashless payments for goods and services. The CFO is concerned that the company’s PCI Compliance status may be adversely affected.

The Chief Privacy Officer has also expressed an objection about this project. The CPO is concerned about the privacy implications of tracking both movement of individuals and the tracking of their purchasing behaviors.

The IT Governance Board agreed that the concerns expressed by two of its members (the CFO and CPO) have merit. The board has requested an unbiased analysis of the proposed use cases and the security and privacy issues which could be reasonably expected to arise.

The IT Governance Board has also agreed to a request from the Chief of Staff that the management interns be allowed to participate in this analysis as their final project. Per the agreement, their involvement will be limited to providing background research into the defined use cases for cashless purchases. These use cases are:

  1. Purchases for craft materials and snacks by children (under the age of 13) attending a hotel sponsored “kids club” program.
  2. Purchases by Individuals attending a music festival or other event where IDs must be checked to establish proof of age (legal requirement for local alcoholic beverage consumption).
  3. Purchases by attendees at trade shows (attendees are “adults”).

Your Task

Pick one of the three use cases listed above. Then, follow the directions below to complete the required research and write your final report.

Research

  1. Read / Review the readings in the LEO classroom.
  2. Read this introductions to RFID technologies: https://www.gettoken.com/beginners-guide-rfid-technology-events/
  3. Research one or more of the Use Cases
    1. Children: 8 Benefits of Using RFID Wristbands for Resorts & Attractions (see section 4: Family Freedom) https://www.idcband.com/en-us/blog-us/8-benefits-of-using-rfid-wristbands-resorts-attractions/ and https://tappit.com/rfid-wristband-safety/
    2. Managing Adult Attendees at Music Festivals (includes RFID bands linked to twitter, Facebook, and credit/debit card) http://www.techradar.com/news/world-of-tech/rfid-wristbands-vs-nfc-smartphones-what-s-winning-the-contactless-battle-1167135
    3. Tracking Adults at Trade Shows http://www.universalrfid.com/product/rfid-labels-provide-technology-at-trade-shows/ and https://blog.printsome.com/rfid-wristbands-good-bad/
  4. Choose one of the Use Cases then find and review at least one additional resource on your own that provides information about privacy and security related laws that could limit or impose additional responsibilities upon Padgett-Beale’s collection, storage, transmission, and use of data about guests. (Note: laws may differ with respect to collecting data from or about children.) You should also investigate laws, regulations, or standards which impact the use of the RFID bands for mobile purchases.
  5. Using all of your readings, identify and research at least 5 security and privacy issues which the IT Governance Board needs to consider and address as it considers the implications of your chosen use case upon the adoption or rejection of the proposed IT project (Event Management Platform & RFID bands).
  6. Then, identify 5 best practices that you can recommend to Padgett-Beale’s leadership team to reduce and/or manage risks associated with the security and privacy of data associated with the event management platform.

Write

Write a five to seven (5-7) page report using your research. At a minimum, your report must include the following:

  1. An introduction or overview of event management systems and the potential security and privacy concerns which could arise when implementing this technology. This introduction should be suitable for an executive audience. Provide a brief explanation as to why three major operating units believe the company needs this capability.
  2. An analysis section in which you address the following:
    1. Identify and describe your chosen Use Case
    2. Identify and describe five or more types of personal / private information or data that will be collected, stored, processed, and transmitted in conjunction with the use case.
    3. Identify and describe five or more compliance issues related to the use of the RFID bands to make and track mobile purchases.
    4. Analyze and discuss five or more privacy and security issues related to the use case.
    5. Identify and discuss 3 or more relevant laws, regulations, or standards which could impact the planned implementation of the event management system with RFID wrist bands.
  3. A recommendations section in which you identify and discuss five or more best practices for security and privacy that should be implemented before the technology is put into use by the company. Include at least one recommendation in each of the following categories: people, processes, policies, and technologies.
  4. A closing section (summary) in which you summarize the issues related to your chosen use case and the event management platform overall. Include a summary of your recommendations to the IT Governance Board.

Additional Information

  1. To save you time, a set of appropriate resources / reference materials has been included as part of this assignment. You must incorporate at least five of these resources into your final deliverable. You must also include one resource that you found on your own.
  2. Your research report should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts for recommended resources.
  3. Your research report should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings to organize your paper. The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use.
  4. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
  5. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).

Identify each item of physical evidence, and fully justify your decision to collect it as evidence.

FORENSIC BIOLOGY:
John Jay College of Criminal Justice, New York, New York, USA
9781498733960
So far in this course, your study has been concentrated on the origin, developmental stages, and many uses of DNA to solve crimes. You have studied how various body fluids such as blood, saliva, and semen are tested, as well as identified the importance of DNA and nuclear DNA in DNA profiling. Below are several case studies that were solved using the procedures and analyses studied in class, and the application of the information obtained was used to solve the criminal investigation.
Choose only 1 of the cases listed below and explain how the physical evidence recovered from the crime scene was tested and analyzed to solve the crime.

Case Study 1
A man and his wife were on vacation in Paris. On the way back to the hotel, they were approached by two men with weapons who demanded their jewelry. A physical interaction occurred in which the robbers violently wrestled the man to the ground and removed his watch and rings while his wife tried to run away. The man and his wife were shot and killed. The bodies of the two victims were pulled into an alley. Multiple scratches were on the body of the male victim, and blood was also found on the female victim because the robbers tore the necklace, rings, and earrings off that she was wearing. The two men committing the crime both had previous records for assault and robbery. How were the men convicted of the crime?

Case Study 2
After 10 years of being free, a man was convicted of a rape after DNA evidence was allowed to be used. The female he raped was not able to make an identification, so the attorney had to get permission to do a DNA profile on the suspect. The suspect had lived as a neighbor of the victim, only a few houses away. This man was considered a family friend; however, after the rape incident occurred, he abruptly moved to another state. How was he convicted or exonerated?

Assignment Guidelines
Address the following in 4–5 pages:
What exactly is DNA profiling? Explain in detail.
How it is used to solve crimes? Explain in detail.
Regarding your selected case study:
What physical evidence would be retrieved from the crime scene?
Identify each item of physical evidence, and fully justify your decision to collect it as evidence.
What type(s) of DNA tests are required to investigate the crime you have chosen? Explain in detail, and fully support your argument.
What is the testing process for the technique(s) used to test each piece of evidence? Be specific, and explain in detail.
After analyzing the evidence, explain how the evidence exonerated or convicted the suspects.

Describe the four components of an information system. Why is it important to consider each of them when designing and installing an information system?

Learning objective: Describe technology and its impact on business decisions.
Prompt:
Describe the four components of an information system. Why is it important to consider each of them when designing and installing an information system?
Instructions:
In a formal 250 – 500 word essay
Your essay should include an introductory paragraph and a conclusion.
Follow APA format for structure. An APA template is attached here. Support your essay with 2 to 3 credible references beyond the course materials. Please note Wikipedia, Investopedia and similar websites are not credible academic references.