Description
- After reading and then listening to the poem by Langston Hughes, write a brief paragraph, describing the difference between reading a poem and hearing it read aloud. For example, how was your experience different in reading the poem versus listening to it? How did you feel when listening to the poem as compared to reading it? Do you feel that you were better able to understand the poem by reading it, or by listening to it?
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.
Explanation & Answer
Thank you for the opportunity to help you with your question!
how long does it have to be
Please let me know if you need any clarification. I'm always happy to answer your questions.Completion Status:
100%
Review
Review
Anonymous
I was having a hard time with this subject, and this was a great help.
Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4
24/7 Homework Help
Stuck on a homework question? Our verified tutors can answer all questions, from basic math to advanced rocket science!
Most Popular Content
Final Project: Incident Response Exercise and Report
Final Project: Incident Response Exercise & ReportYour TaskYou have been assigned to work incident clean-up as part of the ...
Final Project: Incident Response Exercise and Report
Final Project: Incident Response Exercise & ReportYour TaskYou have been assigned to work incident clean-up as part of the Sifers-Grayson Blue Team. Your task is to assist in analyzing and documenting the incident described below. The Blue Team has already created a set of enterprise architecture diagrams (see figures 1-4) to help with your analysis of the incident and preparation of the incident report as required by the company’s contracts with the federal government. After completing their penetration tests, the Red Team provided Sifers-Grayson executives with a diagram showing their analysis of the threat environment and potential weaknesses in the company’s security posture for the R&D DevOps Lab (see figure 5).Your DeliverableComplete and submit the Incident Report form found at the end of this file. Consult the “Notes to Students” for additional directions regarding completion of the form.Overview of the IncidentSifers-Grayson hired a cybersecurity consulting firm to help it meet the security requirements of a contract with a federal agency. The consulting firm’s Red Team conducted a penetration test and was able to gain access to the engineering center’s R&D servers by hacking into the enterprise network through an unprotected network connection (see figure 2). The Red Team proceeded to exfiltrate files from those servers and managed to steal 100% of the design documents and source code for the AX10 Drone System. The Red Team also reported that it had stolen passwords for 20% of the employee logins using keylogging software installed on USB keys that were left on the lunch table in the headquarters building employee lounge (see Figure 3). The Red Team also noted that the Sifers-Grayson employees were quite friendly and talkative as they opened the RFID controlled doors for the “new folks” on the engineering staff (who were actually Red Teamers).The Red Team continued its efforts to penetrate the enterprise and used a stolen login to install malware over the network onto a workstation connected to a PROM burner in the R&D DevOps lab (See Figure 3). This malware made its way onto a PROM that was then installed in an AX10-a test vehicle undergoing flight trials at the Sifers-Grayson test range (See Figures 1 and 4). The malware “phoned home” to the Red Team over a cellular connection to the R&D center. The Red Team took control of the test vehicle and flew it from the test range to a safe landing in the parking lot at Sifers-Grayson headquarters.BackgroundSifers-Grayson is a family owned business headquartered in Grayson County, Kentucky, USA. The company’s physical address is 1555 Pine Knob Trail, Pine Knob, KY 42721. The president of the company is Ira John Sifers, III. He is the great-grandson of one of the company’s founders and is also the head of the engineering department. The chief operating officer is Michael Coles, Jr. who is Ira John’s great nephew. Mary Beth Sifers is the chief financial officer and also serves as the head of personnel for the company.Recent contracts with the Departments of Defense and Homeland Security have imposed additional security requirements upon the company and its R&D DevOps and SCADA labs operations. The company is now required to comply with NIST Special Publication 800-171 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. The company must also comply with provisions of the Defense Federal Acquisition Regulations (DFARS) including section 252-204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting. These requirements are designed to ensure that sensitive technical information, provided by the federal government and stored on computer systems in the Sifers-Grayson R&D DevOps and SCADA labs, is protected from unauthorized disclosure. This information includes software designs and source code. The contract requirements also mandate that Sifers-Grayson report cyber incidents to the federal government in a timely manner.SCADA LABThe SCADA lab was originally setup in 1974. It has been upgraded and rehabbed several times since then. The most recent hardware and software upgrades were completed three years ago after the lab was hit with a ransomware attack that exploited several Windows XP vulnerabilities. At that time, the engineering and design workstations were upgraded to Windows 8.1 professional. A second successful ransomware attack occurred three months ago. The company paid the ransom in both cases because the lab did not have file backups that it could use to recover the damaged files (in the first case) and did not have system backups that it could use to rebuild the system hard drives (in the second case).The SCADA Lab is locked into using Windows 8.1. The planned transition to Windows 10 is on indefinite hold due to technical problems encountered during previous attempts to modify required software applications to work under the new version of the operating system. This means that an incident response and recovery capability for the lab must support the Windows 8.1 operating system and its utilities.R&D DEVOPS LABThe R&D DevOps Lab was built in 2010 and is used to develop, integrate, test, support, and maintain software and firmware (software embedded in chips) for the company’s robots, drones, and non-SCADA industrial control systems product lines. The workstations in this lab are running Windows 10 and are configured to receive security updates per Microsoft’s monthly schedule.ENTERPRISE IT OPERATIONSThe company uses a combination of Windows 10 workstations and laptops as the foundation of its enterprise IT capabilities. The servers in the data center and the engineering R&D center are built upon Windows Server 2012.Issues Summary:Newly won government contracts now require compliance with DFARS §252.204-7008, 7009, and 7012Derivative requirements include:Additional Contractual Requirements for Lab Operations include:Notes to Students:1.Your final deliverable should be professionally formatted and should not exceed 10 pages. The goal is to be clear and concise in your reporting of your analysis of this incident.2.You may include annotated diagrams if necessary to illustrate your analysis and/or make your point(s). You may use the figures in this assignment as the foundation for diagrams in your final report (no citations required).3.Use the NIST Incident Handling Process (see Table 1) to guide your incident analysis.4.You may assume that the company has implemented one or more of the IT products that you recommended in your Case Studies for this course. You may also assume that the company is using the incident response guidance documents that you wrote for your labs and that the associated operating systems utilities are in use (e.g. you can assume that system backups are being made, etc.).DOCUMENT YOUR ASSUMPTIONS about people, processes, and technologies as if they were fact. But, don’t change any of the factual information provided in the incident report from the Red Team.Use the incident report form that appears at the end of this file. Copy it to a new MS Word document. After you perform your incident analysis, fill in the required information, attach the file to your assignment folder entry, and submit it for grading as your final project.For section 1 of the form, use your own name but provide reasonable but fictitious information for the remaining fields.For section 2 of the form, assign IP addresses in the following ranges to any servers, workstations, or network connections that you need to discuss.R&D Center 10.10.150.0/24Test Range 10.10.148.0/24Corporate Headquarters 10.10.155.0/24For sections 2, 3, and 5, you should use and interpret information provided in this file (Overview, Background, Issues Summary). You may use a judicious amount of creativity, if necessary, to fill in any missing information.For section 4 of the form you may provide a fictitious cost estimate based upon $100 per hour for IT staff to perform “clean-up” activities. Reasonable estimates are probably in the range of 150 to 300 person hours. What’s important is that you document how you arrived at your cost estimate.Discuss the contract requirements and derivative requirements for cybersecurity at Sifers-Grayson in 3 to 5 paragraphs under “Section 6 General Comments.”Words for the Wise …Do not let “perfection” be a barrier to completing this assignment. It’s more importation to be on-time and provide SOME analysis in a professional format than to find and document every single possible vulnerability.
Figure 1. Overview of Sifers-Grayson Enterprise IT ArchitectureFigure 2. Combined Network and Systems Views:Sifers-Grayson Headquarters, R&D Center, and Data Center
Figure 3. Combined Network and Systems View for Sifers-Grayson R&D DevOps Lab
Figure 4. Combined Communications and Systems Views for Sifers-Grayson Test Range
Figure 5. Threat Landscape for Sifers-Grayson R&D DevOps Lab
NIST Incident Handling Checklist by PhaseDetection and Analysis1.Determine whether an incident has occurred1.1Analyze the precursors and indicators1.2Look for correlating information1.3Perform research (e.g., search engines, knowledge base)1.4As soon as the handler believes an incident has occurred, begin documenting the investigation and gathering evidence2.Prioritize handling the incident based on the relevant factors (functional impact, information impact, recoverability effort, etc.)3.Report the incident to the appropriate internal personnel and external organizationsContainment, Eradication, and Recovery4.Acquire, preserve, secure, and document evidence5.Contain the incident6.Eradicate the incident6.1Identify and mitigate all vulnerabilities that were exploited6.2Remove malware, inappropriate materials, and other components6.3If more affected hosts are discovered (e.g., new malware infections), repeat the Detection and Analysis steps (1.1, 1.2) to identify all other affected hosts, then contain (5) and eradicate (6) the incident for them7.Recover from the incident7.1Return affected systems to an operationally ready state7.2Confirm that the affected systems are functioning normally7.3If necessary, implement additional monitoring to look for future related activityPost-Incident Activity8.Create a follow-up report9.Hold a lessons learned meeting (mandatory for major incidents, optional otherwise)Source: NIST SP 800-61r2Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide (NIST SP 800-62 rev. 2). http://dx.doi.org/10.6028/NIST.SP.800-61r2
Contact Information for the Incident Reporter and HandlerIncident DetailsCause of the Incident (e.g., misconfigured application, unpatched host)Cost of the IncidentBusiness Impact of the IncidentGeneral Comments– Name– Role– Organizational unit (e.g., agency, department, division, team) and affiliation– Email address– Phone number– Location (e.g., mailing address, office room number)– Status change date/timestamps (including time zone): when the incident started, when the incident was discovered/detected, when the incident was reported, when the incident was resolved/ended, etc.– Physical location of the incident (e.g., city, state)– Current status of the incident (e.g., ongoing attack)– Source/cause of the incident (if known), including hostnames and IP addresses– Description of the incident (e.g., how it was detected, what occurred)– Description of affected resources (e.g., networks, hosts, applications, data), including systems’ hostnames, IP addresses, and function– If known, incident category, vectors of attack associated with the incident, and indicators related to the incident (traffic patterns, registry keys, etc.)– Prioritization factors (functional impact, information impact, recoverability, etc.)– Mitigating factors (e.g., stolen laptop containing sensitive data was using full disk encryption)– Response actions performed (e.g., shut off host, disconnected host from network)– Other organizations contacted (e.g., software vendor)
PHI413V GCU University Case Study: Healing and Autonomy
This assignment will incorporate a common practical tool in helping clinicians begin to ethically analyze a case. Organizi ...
PHI413V GCU University Case Study: Healing and Autonomy
This assignment will incorporate a common practical tool in helping clinicians begin to ethically analyze a case. Organizing the data in this way will help you apply the four principles of principlism.Based on the "Case Study: Healing and Autonomy" and other required topic study materials, you will complete the "Applying the Four Principles: Case Study" document that includes the following:Part 1: ChartThis chart will formalize principlism and the four-boxes approach by organizing the data from the case study according to the relevant principles of biomedical ethics: autonomy, beneficence, nonmaleficence, and justice.Part 2: EvaluationThis part includes questions, to be answered in a total of 500 words, that describe how principalism would be applied according to the Christian worldview.Remember to support your responses with the topic study materials.APA style is not required, but solid academic writing is expected.You are required to submit this assignment to LopesWrite. Refer to the LopesWrite Technical Support articles for assistance.
9 pages
Clere Law Enforcement Scandal Paper.
The adverse impacts of scandals have resulted in a detrimental impact on the Los Angeles Police Department (L.A.P.D). The ...
Clere Law Enforcement Scandal Paper.
The adverse impacts of scandals have resulted in a detrimental impact on the Los Angeles Police Department (L.A.P.D). The Rampart scandal of the Los ...
Discussion Post - Collecting Reliable Data in my Professional Setting
Instructions :
Collecting Reliable Data in my Professional Setting
1. Name and describe one data collection instrume ...
Discussion Post - Collecting Reliable Data in my Professional Setting
Instructions :
Collecting Reliable Data in my Professional Setting
1. Name and describe one data collection instrument that is used in YOUR field. It does not have to be your current field.
* this discussion is about the observer's reliability when using the instrument....NOT the instrument's reliability...see below.
2. How do you, OR would you, assure interobserver reliability when using this instrument? Please describe thoroughly.
3. How do you, OR would you, assure intraobserver reliability when using this instrument? Please describe thoroughly.
4. Respond to at least one of your peers' posts.
Note: In spite of the fact that you are selecting a data collection INSTRUMENT for this posting.....this concept is about the OBSERVER'S reliability when using this instrument.
For example, as the observer, a Weight Watcher meeting leader might use a data collection instrument such as a digital scale. With that in mind, to answer this forum, the observer would indicate how he/she practices interobserver reliability with all of the other WW meeting leaders at one location: they all use the same scale, they all allow shoes to come off and pockets to be emptied; they all weigh at the beginning of the meeting.....etc. In other words, the leaders calibrate how they "observe" the data they are collecting with the data collection instrument.
In contrast, if the observer is the only person that is overseeing the data collection at a meeting, he/she may describe intrarelibility as their standard routine of data collection (each and every time) - having everyone stand on the same place on the scale, having everyone empty their pockets, weighing everyone at the beginning of the meeting. So, to assure that the observer has intraobserver reliability, he/she standardizes their own methods and to make certain to follow the same methods with everyone that is observed.
This course is about recognizing and using evidence. So, in order to earn full points, you will need to support each of your postings with the appropriate evidence.
SOCW 6446 Walden University Social Work Practice With Children and Adolescents Paper
Discussion: Reactions to Disruptive BehaviorsMany children and adolescents who go to counseling engage in behaviors that a ...
SOCW 6446 Walden University Social Work Practice With Children and Adolescents Paper
Discussion: Reactions to Disruptive BehaviorsMany children and adolescents who go to counseling engage in behaviors that are disruptive to others. These children and adolescents are sometimes labeled as having “externalizing” disorders because they tend to “act out” their symptoms, which causes other people distress. Disorders such as depression and anxiety are “internalizing” disorders because children and adolescents generally internalize their symptoms in a way that causes them distress. When children “act out” their symptoms, adults can become impatient, annoyed, and angry. These responses often intensify when children are unwilling or unable to take personal responsibility for their behavior. As a future child and adolescent clinician, it is important for you to gauge your reactions toward children and adolescents with disruptive behaviors and consider how your reactions may impact the counseling process.For this Discussion, review each of the clips in the media Disruptive Behaviors Part One and think about your reactions to the behavior exhibited in the media. Select one particular child or adolescent in the media and think about how your reactions to that child’s or adolescent’s behavior might impact a therapeutic relationship with that child or adolescent. Also, consider how you might transform any negative reactions you may have to the child or adolescent you selected to an appropriate therapeutic response.With these thoughts in mind:By Day 3Post a brief description of the disruptive behavior you selected, and explain one way your reactions might positively or negatively influence the development of a therapeutic relationship with that child or adolescent. Then, explain one way you might transform a negative reaction into an appropriate therapeutic response and how. Be specific and use examples.
Similar Content
Anthropology essay 9 pages double space
Topic proposal.docx Annotated Bibliography.docx Introduction.docx Hi, I have an essay that's about "Soil Qu...
St Petersburg College Resolving Workplace Conflicts Discussion Forum
Reflect on a time when you had a conflict with a coworker, patient, colleague or teacher. (If you are having difficu...
Georgia Cyber Academy Ancient Egyptian Myth Literature Worksheet
Question 12
Which of the following sentences is punctuated correctly?
A
Mark took a much needed break from his job as a so...
What Causes Traffic Congestion and Jams Discussion
My Thesis: Houston has one of the worst traffic problems in the United States. In many ways, Houston is the champion...
ENC 1102 everythings an argument with reading
HW 2 HAS PART A AND PART B. BOTH MUST BE COMPLETED.A)– re: from The Power of WordsThis essay focuses on both denotatio...
El Camino College Philosophy Worksheet
1.For Hume, the ideas of power and necessary connexion only have meaning if
a.they are related to some object in the world...
Reliability And Validity
Reliability is synonymous to consistency. This refers to the scenario where a test produces relatively the same results, n...
Academic Paper
The American independence from colonialism saw the emergence of a new era which was coined to the industrial revolution. T...
Es.edited
I think the reason that the letter Elvis wrote to Nixon was not very convincing was that the nature of the letter was not ...
Related Tags
Book Guides
Macbeth
by William Shakespeare
Fear - Trump in the White House
by Bob Woodward
Oliver Twist
by Charles Dickens
Cat on a Hot Tin Roof
by Tennessee Williams
12 Rules for Life
by Jordan Peterson
The Girl With The Dragon Tattoo
by Stieg Larsson
The Jade Peony
by Wayson Choy
The President is Missing
by James Patterson, Bill Clinton
Cry the Beloved Country
by Alan Paton
Get 24/7
Homework help
Our tutors provide high quality explanations & answers.
Post question
Most Popular Content
Final Project: Incident Response Exercise and Report
Final Project: Incident Response Exercise & ReportYour TaskYou have been assigned to work incident clean-up as part of the ...
Final Project: Incident Response Exercise and Report
Final Project: Incident Response Exercise & ReportYour TaskYou have been assigned to work incident clean-up as part of the Sifers-Grayson Blue Team. Your task is to assist in analyzing and documenting the incident described below. The Blue Team has already created a set of enterprise architecture diagrams (see figures 1-4) to help with your analysis of the incident and preparation of the incident report as required by the company’s contracts with the federal government. After completing their penetration tests, the Red Team provided Sifers-Grayson executives with a diagram showing their analysis of the threat environment and potential weaknesses in the company’s security posture for the R&D DevOps Lab (see figure 5).Your DeliverableComplete and submit the Incident Report form found at the end of this file. Consult the “Notes to Students” for additional directions regarding completion of the form.Overview of the IncidentSifers-Grayson hired a cybersecurity consulting firm to help it meet the security requirements of a contract with a federal agency. The consulting firm’s Red Team conducted a penetration test and was able to gain access to the engineering center’s R&D servers by hacking into the enterprise network through an unprotected network connection (see figure 2). The Red Team proceeded to exfiltrate files from those servers and managed to steal 100% of the design documents and source code for the AX10 Drone System. The Red Team also reported that it had stolen passwords for 20% of the employee logins using keylogging software installed on USB keys that were left on the lunch table in the headquarters building employee lounge (see Figure 3). The Red Team also noted that the Sifers-Grayson employees were quite friendly and talkative as they opened the RFID controlled doors for the “new folks” on the engineering staff (who were actually Red Teamers).The Red Team continued its efforts to penetrate the enterprise and used a stolen login to install malware over the network onto a workstation connected to a PROM burner in the R&D DevOps lab (See Figure 3). This malware made its way onto a PROM that was then installed in an AX10-a test vehicle undergoing flight trials at the Sifers-Grayson test range (See Figures 1 and 4). The malware “phoned home” to the Red Team over a cellular connection to the R&D center. The Red Team took control of the test vehicle and flew it from the test range to a safe landing in the parking lot at Sifers-Grayson headquarters.BackgroundSifers-Grayson is a family owned business headquartered in Grayson County, Kentucky, USA. The company’s physical address is 1555 Pine Knob Trail, Pine Knob, KY 42721. The president of the company is Ira John Sifers, III. He is the great-grandson of one of the company’s founders and is also the head of the engineering department. The chief operating officer is Michael Coles, Jr. who is Ira John’s great nephew. Mary Beth Sifers is the chief financial officer and also serves as the head of personnel for the company.Recent contracts with the Departments of Defense and Homeland Security have imposed additional security requirements upon the company and its R&D DevOps and SCADA labs operations. The company is now required to comply with NIST Special Publication 800-171 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. The company must also comply with provisions of the Defense Federal Acquisition Regulations (DFARS) including section 252-204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting. These requirements are designed to ensure that sensitive technical information, provided by the federal government and stored on computer systems in the Sifers-Grayson R&D DevOps and SCADA labs, is protected from unauthorized disclosure. This information includes software designs and source code. The contract requirements also mandate that Sifers-Grayson report cyber incidents to the federal government in a timely manner.SCADA LABThe SCADA lab was originally setup in 1974. It has been upgraded and rehabbed several times since then. The most recent hardware and software upgrades were completed three years ago after the lab was hit with a ransomware attack that exploited several Windows XP vulnerabilities. At that time, the engineering and design workstations were upgraded to Windows 8.1 professional. A second successful ransomware attack occurred three months ago. The company paid the ransom in both cases because the lab did not have file backups that it could use to recover the damaged files (in the first case) and did not have system backups that it could use to rebuild the system hard drives (in the second case).The SCADA Lab is locked into using Windows 8.1. The planned transition to Windows 10 is on indefinite hold due to technical problems encountered during previous attempts to modify required software applications to work under the new version of the operating system. This means that an incident response and recovery capability for the lab must support the Windows 8.1 operating system and its utilities.R&D DEVOPS LABThe R&D DevOps Lab was built in 2010 and is used to develop, integrate, test, support, and maintain software and firmware (software embedded in chips) for the company’s robots, drones, and non-SCADA industrial control systems product lines. The workstations in this lab are running Windows 10 and are configured to receive security updates per Microsoft’s monthly schedule.ENTERPRISE IT OPERATIONSThe company uses a combination of Windows 10 workstations and laptops as the foundation of its enterprise IT capabilities. The servers in the data center and the engineering R&D center are built upon Windows Server 2012.Issues Summary:Newly won government contracts now require compliance with DFARS §252.204-7008, 7009, and 7012Derivative requirements include:Additional Contractual Requirements for Lab Operations include:Notes to Students:1.Your final deliverable should be professionally formatted and should not exceed 10 pages. The goal is to be clear and concise in your reporting of your analysis of this incident.2.You may include annotated diagrams if necessary to illustrate your analysis and/or make your point(s). You may use the figures in this assignment as the foundation for diagrams in your final report (no citations required).3.Use the NIST Incident Handling Process (see Table 1) to guide your incident analysis.4.You may assume that the company has implemented one or more of the IT products that you recommended in your Case Studies for this course. You may also assume that the company is using the incident response guidance documents that you wrote for your labs and that the associated operating systems utilities are in use (e.g. you can assume that system backups are being made, etc.).DOCUMENT YOUR ASSUMPTIONS about people, processes, and technologies as if they were fact. But, don’t change any of the factual information provided in the incident report from the Red Team.Use the incident report form that appears at the end of this file. Copy it to a new MS Word document. After you perform your incident analysis, fill in the required information, attach the file to your assignment folder entry, and submit it for grading as your final project.For section 1 of the form, use your own name but provide reasonable but fictitious information for the remaining fields.For section 2 of the form, assign IP addresses in the following ranges to any servers, workstations, or network connections that you need to discuss.R&D Center 10.10.150.0/24Test Range 10.10.148.0/24Corporate Headquarters 10.10.155.0/24For sections 2, 3, and 5, you should use and interpret information provided in this file (Overview, Background, Issues Summary). You may use a judicious amount of creativity, if necessary, to fill in any missing information.For section 4 of the form you may provide a fictitious cost estimate based upon $100 per hour for IT staff to perform “clean-up” activities. Reasonable estimates are probably in the range of 150 to 300 person hours. What’s important is that you document how you arrived at your cost estimate.Discuss the contract requirements and derivative requirements for cybersecurity at Sifers-Grayson in 3 to 5 paragraphs under “Section 6 General Comments.”Words for the Wise …Do not let “perfection” be a barrier to completing this assignment. It’s more importation to be on-time and provide SOME analysis in a professional format than to find and document every single possible vulnerability.
Figure 1. Overview of Sifers-Grayson Enterprise IT ArchitectureFigure 2. Combined Network and Systems Views:Sifers-Grayson Headquarters, R&D Center, and Data Center
Figure 3. Combined Network and Systems View for Sifers-Grayson R&D DevOps Lab
Figure 4. Combined Communications and Systems Views for Sifers-Grayson Test Range
Figure 5. Threat Landscape for Sifers-Grayson R&D DevOps Lab
NIST Incident Handling Checklist by PhaseDetection and Analysis1.Determine whether an incident has occurred1.1Analyze the precursors and indicators1.2Look for correlating information1.3Perform research (e.g., search engines, knowledge base)1.4As soon as the handler believes an incident has occurred, begin documenting the investigation and gathering evidence2.Prioritize handling the incident based on the relevant factors (functional impact, information impact, recoverability effort, etc.)3.Report the incident to the appropriate internal personnel and external organizationsContainment, Eradication, and Recovery4.Acquire, preserve, secure, and document evidence5.Contain the incident6.Eradicate the incident6.1Identify and mitigate all vulnerabilities that were exploited6.2Remove malware, inappropriate materials, and other components6.3If more affected hosts are discovered (e.g., new malware infections), repeat the Detection and Analysis steps (1.1, 1.2) to identify all other affected hosts, then contain (5) and eradicate (6) the incident for them7.Recover from the incident7.1Return affected systems to an operationally ready state7.2Confirm that the affected systems are functioning normally7.3If necessary, implement additional monitoring to look for future related activityPost-Incident Activity8.Create a follow-up report9.Hold a lessons learned meeting (mandatory for major incidents, optional otherwise)Source: NIST SP 800-61r2Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide (NIST SP 800-62 rev. 2). http://dx.doi.org/10.6028/NIST.SP.800-61r2
Contact Information for the Incident Reporter and HandlerIncident DetailsCause of the Incident (e.g., misconfigured application, unpatched host)Cost of the IncidentBusiness Impact of the IncidentGeneral Comments– Name– Role– Organizational unit (e.g., agency, department, division, team) and affiliation– Email address– Phone number– Location (e.g., mailing address, office room number)– Status change date/timestamps (including time zone): when the incident started, when the incident was discovered/detected, when the incident was reported, when the incident was resolved/ended, etc.– Physical location of the incident (e.g., city, state)– Current status of the incident (e.g., ongoing attack)– Source/cause of the incident (if known), including hostnames and IP addresses– Description of the incident (e.g., how it was detected, what occurred)– Description of affected resources (e.g., networks, hosts, applications, data), including systems’ hostnames, IP addresses, and function– If known, incident category, vectors of attack associated with the incident, and indicators related to the incident (traffic patterns, registry keys, etc.)– Prioritization factors (functional impact, information impact, recoverability, etc.)– Mitigating factors (e.g., stolen laptop containing sensitive data was using full disk encryption)– Response actions performed (e.g., shut off host, disconnected host from network)– Other organizations contacted (e.g., software vendor)
PHI413V GCU University Case Study: Healing and Autonomy
This assignment will incorporate a common practical tool in helping clinicians begin to ethically analyze a case. Organizi ...
PHI413V GCU University Case Study: Healing and Autonomy
This assignment will incorporate a common practical tool in helping clinicians begin to ethically analyze a case. Organizing the data in this way will help you apply the four principles of principlism.Based on the "Case Study: Healing and Autonomy" and other required topic study materials, you will complete the "Applying the Four Principles: Case Study" document that includes the following:Part 1: ChartThis chart will formalize principlism and the four-boxes approach by organizing the data from the case study according to the relevant principles of biomedical ethics: autonomy, beneficence, nonmaleficence, and justice.Part 2: EvaluationThis part includes questions, to be answered in a total of 500 words, that describe how principalism would be applied according to the Christian worldview.Remember to support your responses with the topic study materials.APA style is not required, but solid academic writing is expected.You are required to submit this assignment to LopesWrite. Refer to the LopesWrite Technical Support articles for assistance.
9 pages
Clere Law Enforcement Scandal Paper.
The adverse impacts of scandals have resulted in a detrimental impact on the Los Angeles Police Department (L.A.P.D). The ...
Clere Law Enforcement Scandal Paper.
The adverse impacts of scandals have resulted in a detrimental impact on the Los Angeles Police Department (L.A.P.D). The Rampart scandal of the Los ...
Discussion Post - Collecting Reliable Data in my Professional Setting
Instructions :
Collecting Reliable Data in my Professional Setting
1. Name and describe one data collection instrume ...
Discussion Post - Collecting Reliable Data in my Professional Setting
Instructions :
Collecting Reliable Data in my Professional Setting
1. Name and describe one data collection instrument that is used in YOUR field. It does not have to be your current field.
* this discussion is about the observer's reliability when using the instrument....NOT the instrument's reliability...see below.
2. How do you, OR would you, assure interobserver reliability when using this instrument? Please describe thoroughly.
3. How do you, OR would you, assure intraobserver reliability when using this instrument? Please describe thoroughly.
4. Respond to at least one of your peers' posts.
Note: In spite of the fact that you are selecting a data collection INSTRUMENT for this posting.....this concept is about the OBSERVER'S reliability when using this instrument.
For example, as the observer, a Weight Watcher meeting leader might use a data collection instrument such as a digital scale. With that in mind, to answer this forum, the observer would indicate how he/she practices interobserver reliability with all of the other WW meeting leaders at one location: they all use the same scale, they all allow shoes to come off and pockets to be emptied; they all weigh at the beginning of the meeting.....etc. In other words, the leaders calibrate how they "observe" the data they are collecting with the data collection instrument.
In contrast, if the observer is the only person that is overseeing the data collection at a meeting, he/she may describe intrarelibility as their standard routine of data collection (each and every time) - having everyone stand on the same place on the scale, having everyone empty their pockets, weighing everyone at the beginning of the meeting. So, to assure that the observer has intraobserver reliability, he/she standardizes their own methods and to make certain to follow the same methods with everyone that is observed.
This course is about recognizing and using evidence. So, in order to earn full points, you will need to support each of your postings with the appropriate evidence.
SOCW 6446 Walden University Social Work Practice With Children and Adolescents Paper
Discussion: Reactions to Disruptive BehaviorsMany children and adolescents who go to counseling engage in behaviors that a ...
SOCW 6446 Walden University Social Work Practice With Children and Adolescents Paper
Discussion: Reactions to Disruptive BehaviorsMany children and adolescents who go to counseling engage in behaviors that are disruptive to others. These children and adolescents are sometimes labeled as having “externalizing” disorders because they tend to “act out” their symptoms, which causes other people distress. Disorders such as depression and anxiety are “internalizing” disorders because children and adolescents generally internalize their symptoms in a way that causes them distress. When children “act out” their symptoms, adults can become impatient, annoyed, and angry. These responses often intensify when children are unwilling or unable to take personal responsibility for their behavior. As a future child and adolescent clinician, it is important for you to gauge your reactions toward children and adolescents with disruptive behaviors and consider how your reactions may impact the counseling process.For this Discussion, review each of the clips in the media Disruptive Behaviors Part One and think about your reactions to the behavior exhibited in the media. Select one particular child or adolescent in the media and think about how your reactions to that child’s or adolescent’s behavior might impact a therapeutic relationship with that child or adolescent. Also, consider how you might transform any negative reactions you may have to the child or adolescent you selected to an appropriate therapeutic response.With these thoughts in mind:By Day 3Post a brief description of the disruptive behavior you selected, and explain one way your reactions might positively or negatively influence the development of a therapeutic relationship with that child or adolescent. Then, explain one way you might transform a negative reaction into an appropriate therapeutic response and how. Be specific and use examples.
Earn money selling
your Study Documents