Configuring Kaspersky and Avast AntiVirus Software You are a security analyst at a large Security Operations Center (SOC).
Configuring Kaspersky and Avast AntiVirus Software
Malware infections have noticeably increased, and all the impacted machines did not have updated anti-virus signatures. Your task is to set the anti-virus software to secure your company’s computers.
Note: Module 3 of Certified Secure Computer User details two options for anti-virus protection, Kaspersky and Avast anti-virus software.
Choose one of the following two options:
Option 1 (choose this option if you do not have Kaspersky or Avast anti-virus software on your machine):
Follow the directions given in Module 3 to install and configure Kaspersky or Avast anti-virus software on your machine.
Verify that virus definitions are current. Take a screenshot.
Run a scan of your machine. Take a screenshot of the results.
Paste screenshots into a Microsoft® Word document to demonstrate you applied appropriate configurations and definitions are current.
Option 2 (choose this option if you already have anti-virus software installed on your machine):
Verify that virus definitions are current. Take a screenshot.
Run a scan of your machine. Take a screenshot of the results.
Paste screenshots into a Microsoft® Word document to demonstrate you applied appropriate configurations and definitions are current.
Securing an Operating System in Windows and Mac You are a security administrator responsible for providing secure configuration requirements for new laptop deployments.
Securing an Operating System in Windows and Mac
After reading Module 2 of Certified Secure Computer User v2exercises, apply the configuration settings below on your Windows® or Mac® computer and take screenshots of each step:
Due: All artifacts or deliverables for the exam must be uploaded to the “Final Exam” D2L dropbox folder by: Thursday, 12/13: 11:59pm
This is an INDIVIDUAL project. Any form of plagiarism on the exam will result in forfeiting all the points awarded for the final exam. You must cite all your sources.
Software Engineering Case Study
FUNCTIONAL REQUIREMENTS
You are a Solutions Architect at a Software Consulting firm in Chicago, IL. Your company is interested in building a prototype of a B2B ECommerce web application that will be eventually\ handed over to your offshore developers in India to complete. Your company prefers to use Microsoft technologies.
Your final working PoC must exhibit the following features:
Ability to Register as a New User
Ability to Login after registering as a user
Ability to Search for products once a user logs in successfully
Ability to navigate to a Product Detail page to view the Discount Price, List Price, Product
Description, Product Name, and additional product attributes once an item in the search results page is selected.
Ability to add an item to the Cart from the Product Detail page
Ability to navigate to a Checkout page listing all items previously added to the cart
NON-FUNCTIONAL REQUIREMENTS
The Proof-of-Concept (PoC) application must be implemented using the following technology stack: ASP.NET / C#, MS Access or SQL Server.
NOTE: Your SQL Server database file must reside in your “App_Data” folder in Visual Studio.To receive full credit, your final output must exhibit knowledge of: Methods, Decision Structures (i.e. if/switch statements), Exception Handling (i.e. try … catch), Arrays and Loops, Variables, and Input Validation patterns.
FINAL DELIVERABLES:
Identify and list all the User Stories described in this business scenario
Identify and list all the Acceptance Criteria for at least 3 of the User Stories in this scenario
Provide a Sequence diagram or Swim Lane diagram or Activity diagram to show all the interactions between End Users, Web Pages, and the database
Provide a Software Architecture diagram for this scenario
Provide a complete normalized logical data model (using Crow’s Foot notation) to support this Web Application
Build the database. All tables in your application must have a Prefix of your first name (e.g. Ivor_Orders for the Orders table). You are not required to create all the tables identified in the ERD. However, you must manually populate the database tables with enough data to test all the features in your App.
Using C# and ASP.NET, build all the web pages in this PoC scenario. Provide the full working prototype code and associated database files (including .aspx,.aspx.cs, .mdb, .web.config). Your PoC code must be as database-driven as possible. Provide information on how to test your App
Name the ideal software development life cycle necessary for completing the final implementation of this project. Justify your recommendation
Using industry analysis, recommend a “commercial off-the-shelf” (COTS) Ecommerce software package that can be used to build the final product. Justify your recommendation with appropriate references and/or supporting charts
In no more than 1 paragraph, reflect on what you learned in this class and summarize how your newfound knowledge or appreciation for applications development will support you in your future career path. You must complete all 10 steps and provide the required artifacts to receive full credit
Instructions for the Deliverables:
You must upload all the contents of your Visual Studio project folder in a ZIP file to D2L to get full credit.
The prototype must be a web site with a SQL Server database back-end Your zipped file must include at least 1 database file in your “App_Data” folder, as well as all the “.aspx”, “.aspx.cs” and “web.config” files.
Provide an accompanying Word or PDF document containing all the non-programming sections of the project.
We can write this or a similar paper for you! Simply fill the order form!
Programming using the Java language This course provides an introduction to programming using the Java language. It covers an overview of the Java Virtual Machine. This course focuses on algorithm design, problem-solving strategies and program design.
Programming using the Java language
Topics covered include variables, types, expressions and control structures. Additional topics are standard input/output; file input/output; file streams; single and multi dimensional arrays; searching; sorting; and recursion and its relation to iteration. This course also introduces object-oriented programming concepts such as classes and objects; syntax of class definitions; methods and parameter passing. F,S (No prerequisite course, Offered in the fall and spring)
Programming using the Java language Essay Questions
Write Short Answer / Essay Questions about what do you learned on the Computer Science class?
(5 points) Explain the reasons why computer forensics is performed. (Explain uses of computer forensics giving examples.)
This course has introduced you to computer forensics. Consider what stakeholders need and what computer forensics can do. Respond to the following:
Describe what you feel are the three best uses of computer forensics. Give reasons for your choices.
(15 points) Identify e-evidence and physical evidence.
With the increasing use of technology, e-evidence has become an integral part of evidence collection. As a Forensics practitioner we read many articles related to cyber fraud and cybercrimes. Use the Internet to find an article that discusses a crime or investigation (e.g., fraud or misconduct) that involved e-evidence (e.g., email, instant messages, electronic records, GPS, cell phone records, postings in MySpace, etc.). List the date, title, and full URL of the article. Ensure that the link works for the article. Do not use proprietary sources or those that require registration.
Respond to the following:
What was the crime or the reason for the investigation?
What types of e-evidence were involved and why?
What were the outcomes?
Were there any attempts to destroy or alter the e-evidence?
Was there any physical evidence?
Was a crime committed? Why or why not?
(5 points) Identify the requirements for acquiring and authenticating evidence.
Different kinds of cases go through different processes. It is important that the investigator manage e-evidence throughout this process. Consider the do’s and don’ts of managing e-evidence and respond to the following:
Explain how to manage e-evidence throughout the life-cycle of a case so that it is admissible in court or that it can be used for legal action. List two reasons why e-evidence might be inadmissible.
(5 points) Describe acceptable methods for searching and analyzing evidence.
Explain the ethical and legal implications regarding how evidence is gathered and analyzed.
(5 points) Archived and Temp Data
Discuss how archived/temp data can be obtained when collecting e-evidence.
(5 points) Discuss at least 3 methods that can be used to hide data and three approaches to recovering that hidden data.
(5 points) How does the boot process differ between Unix, Macintosh, and Windows systems?
(5 points). Discuss some of the content found within an email header that can be useful in an investigation.
(5 points) Discuss at least 3 challenges associated with performing a forensics investigation on a mobile device.
(5 points) Discuss the role that volatility plays in a digital forensics investigation. What would be the most volatile data?
(5 points) What are the Federal Rules of Evidence? Can computer log files be admissible as evidence?
(5 points) Discuss what a Chain of Custody is and its import to evidence presented in court.
(5 points) Discuss some challenges to performing computer forensics on cloud-based systems.
(20 point question) Read the following scenario and respond to the questions below:
As a digital forensics examiner, you have been called to the scene of a kidnapping. Several witnesses have told the investigator that the victim was very excited about a new person they met online. Your job at the scene as a digital forensics examiner is to recommend to the investigating officer a course of action as to what digital evidence may or may not be needed to investigate this crime.
Provide a list of potential digital evidence that the investigator is going to want to seize for possible forensic examination. Be thorough, as the lead investigator in this case is not computer savvy.
What additional sources of evidence might there be besides the digital equipment and media that would have been seized? How would you gain access to this evidence?
Describe how you will maintain the collected evidence.
What will you do to prepare for presenting this evidence in court?
We can write this or a similar paper for you! Simply fill the order form!
Starting in the spring of 2014, eBay was subjected to a series of security intrusions into its database of user passwords.
eBay Employee Password Compromise by Hackers
The breach occurred when hackers compromised some employee login credentials, giving them access to the eBay system. It took over two months for eBay to know it had been compromised. The eBay hack came on the heels of the massive Target hack. Target’s security center was warned of the invasion but did nothing. At Neiman Marcus, alarms were set off as credit card data was being stolen. Sony with its enormously large and successful Cloud-based gaming system, the PlayStation network, also was attacked. Intrusions resulted in compromising financial data, including credit card numbers, for literally millions of participants. Moreover, this was not a single giant assault, but a series of recurring attacks (apparently conducted by a collective) that Sony’s security experts seem to have been unable to stem. The result has been huge financial losses for the company and, potentially more seriously, damage to its reputation that it may never be able to repair.
You can read about these hacks in the following articles.
Mac, Ryan (2014). California joins other states in investigation of EBay hack. http://www.forbes.com/sites/ryanmac/2014/05/23/as-ebay-notifies-users-of-hack-states-launch-investigation/
Riley M., Elgin, B., Lawrence, D., and Matlack. C. (2014). Missed alarms and 40 million stolen credit card numbers: How Target blew it. March 13, 2014. http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data
Elgin, B., Lawrence, D., and Riley, M. (2014). Neiman Marcus hackers set of 60,000 alerts while bagging credit card data, Feb 21, 2014. http://www.businessweek.com/articles/2014-02-21/neiman-marcus-hackers-set-off-60-000-alerts-while-bagging-credit-card-data
Mills, E. (2011) Attacks on Sony, others show it’s an open hacking season. CNET News. Retrieved June 13, 2011, from http://news.cnet.com/8301-27080_3-20069995-245/attacks-on-sony-others-show-its-open-hacking-season/#ixzz1PHwIH7dt
Mills, E. (2011) Who is behind the hacks? (FAQ). CNET News. Retrieved June 14, 2011, from http://news.cnet.com/8301-27080_3-20071100-245/who-is-behind-the-hacks-faq/?tag=rtcol;inTheNewsNow
Undoubtedly, you will wish to do some further research on this situation. A good place to begin would be googling a search term such as “Sony security problems” or some variant on that theme, and then following leads as they seem interesting to you.
Now you should consider some of the things that the security experts say about such challenges. Here are two useful articles that discuss information security in the context of Cloud-based systems, and how to respond to incidents:
Rudman, R.J. (2010). Incremental Risks in Web 2.0 Applications. The Electronic Library, 28(2), 210-230. [ProQuest]
Lanois, Paul. (2011). Privacy in the age of the cloud. Journal of Internet Law. 15(6), 3-17. [ProQuest]
In addition, the optional readings expand on many of the central points; you may also want to do some independent research of your own to clarify any issues that concern you.
As we noted before, if you don’t really pay attention to this material, it’s really unlikely that you can write an acceptable paper on the topic below, let alone an exceptional one. We spend quite a lot of time trying to identify useful sources for you that bear on our topics for analysis; while we strongly encourage you to conduct your own further research and identify additional useful sources, this should be an add-on to the basic material rather than a substitute for it.
SLP Assignment
When you have read through the articles and related material and believe that you have a reasonable understanding of the hacking situations, compose a 4- to 6-page critical analysis paper, on the topic:
The best alternative(s) available to these firms who have been hacked and how to resolve their security crisis
Clearly, there are multiple possible answers that you probably will find during your research on this issue; there’s no one necessarily best answer, although it is pretty clear that good solutions will have to be both social and technical (i.e., sociotechnical) in nature. Your paper will be assessed primarily on how well you are able to support your viewpoint with the literature and the evidence. Obviously, as noted below, this will obligate you to actually be able to present such evidence in an academically respectable manner.
SLP Assignment Expectations
Length: Follow the number of pages required in the assignment excluding cover page and references. Each page should have about 300 words.
Assignment-driven criteria (14 points): Demonstrates a clear understanding of the subject and addresses all key elements of the assignment.
Critical thinking (6 points): Demonstrates mastery conceptualizing the problem. Shows analysis, synthesis, and evaluation of required material. Conclusions are logically presented.
Scholarly writing (3 points): Demonstrates proficiency in written communication at the academic level of the course.
Assignment Organization (3 points): Assignment is well organized and follows the required structure and organization of the assignment.
Citing and using references (4 points): Uses relevant and credible sources to support assertions; uses in-text citations; properly formats references.
Future trends and directions in computer forensics
Future trends and directions in computer forensics
Computer Forensics is a fast growing and ever changing field of study. Describe the qualities and skill-set to be looked for in an Incident Response Team.
Discuss the future trends and directions that you see computer forensics headed.
Using the Online Library, find an article, case study, or publication about your favorite topic covered in this computer forensics course – then summarize the article in a paragraph and submit your summary along with a copy of the article or the link of the article to this forum for sharing.
We can write this or a similar paper for you! Simply fill the order form!
Analytical Database Practicum NoSQL Find or conceptualize a hypothetical scenario where a noSQL database seems to be the right solution.
Analytical Database Practicum NoSQL
Write at least 1000 words describing:
1. The scenario
2. A discussion of why a NoSQL database would work well
3. A discussion describing the form that the NoSQL DB should take (including choosing a specific DB)
4. Provide a set of example records to show the type of data that your solution is designed to support. Try to give example data for as many realistic types of records as you can.
5. Implement your solution and submit screenshots demonstrating its functionality.
Homemade Wireless Antenna and Security 1. A big part of wireless security is making sure our signal doesn’t go too far outside our walls.
Homemade Wireless Antenna and Security
However, we can’t really completely mitigate that risk. Many attacks come from an individual with too much time on their hands that just want to mess with someone. How easy is it to build your own antenna to receive signals from a long distance away? Use the internet to find the funkiest homemade wireless antenna and tell me about it.
2. Some of the tools you may use in IT for site surveys can include the Oscilloscope, Spectrum Analyzer, and a Time Domain Reflectometer (each of these may not be used for wireless). What are the purposes of each of these instruments? You don’t have to give me a paragraph for each, just give me at least one paragraph total.
3. Outdoor site surveys bring a different set of challenges. What happens after a disaster, such as Hurricane Katrina, that takes out power and cell towers for a large geographical area? What do the wireless carriers do mitigate this threat or recover from a disaster?
