Description
software update
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.
Explanation & Answer
Review
Review
Anonymous
This is great! Exactly what I wanted.
Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4
24/7 Homework Help
Stuck on a homework question? Our verified tutors can answer all questions, from basic math to advanced rocket science!
Most Popular Content
ISM 644 Ashford University Systems Research and Development NORA Responses
I need assistance with a reply for the following questions. For reply Number 1 and Number 2, here is the criteria:Evaluate ...
ISM 644 Ashford University Systems Research and Development NORA Responses
I need assistance with a reply for the following questions. For reply Number 1 and Number 2, here is the criteria:Evaluate your peer’s protocols and indicate aspects of their posts that effectively address the issues of prevention and detection of malicious insider activity. Suggest additional issues not considered in your peer’s initial post. Recommend changes to the protocols that would make them more effective. Support your suggestions and recommendations with evidence from your sources.Your responses should be a minimum of 150 words.For reply Number 3 and Number 4, here is the criteria:Evaluate your peer’s software license language. Suggest at least one additional element for the boilerplate language that might strengthen the efficacy of it. Recommend changes that might clarify any missing points or address issues that should be considered. Explain why you offered these suggestions.Your responses should be a minimum of 200 words.Please provide a reply for each of the following responses:Number 1Malicious insider is anyone that has internal access or more knowledge about an organization’s structure and security procedures that aides them easy access and difficult to detect when abusing the use of the system. It is very difficult to detect a malicious insider but there are still steps and precaution that could be taken to prevent or detect a malicious insider from conducting unethical actions.Monitoring employee abnormal behavior is one way to detect a malicious insider. When an employee is behaving abnormally from the standard or required norms of their duty or acting suspicious, this could be consisted red flags and needs to be monitored. The company has trained all employees especially managers to observe unusual or abnormal behaviors, have a conversation with the employee or person involved and if there are no changes, then the issue would be escalated to the appropriate authorities for further actions.Imitating a look alike phishing or malicious attack is another way to detect malicious insider behaviors. This tests as conducted by my company periodically got me so bad because they looked so real, after failing the test the first time, I had to take a training to remind me of how to prevent and report any malicious or suspicious information. The second time, I failed the test due to ignorance and negligence (which anyone could be a victim of), I took the training again and was warned that I could be terminated or on probation on the third attempt (thankfully I passed) but this helped me know how to detect and prevent external or even internal attacks. This act could help determine an employee’s behavior and watch for patterns and immediately swig into action if the company is at a risk of exposure to internal or external attacks.Two reasonable protocols that recon with me according to Reynolds (2015), are performing thorough background check as well as psychological and drug test for candidates handling sensitive information and positions, and define job roles and procedures so it is impossible for same person to both initiate and approve an action (p. 97). This two protocols are common in several organizations and have helped in preventing malicious insider behaviors, even though this does not entirely prevent such behaviors from happening, they are measures that have proven to detect any unusual or suspicious behaviors.Number 2As CIO of the company of 10,000 employees it is important to safeguard the valuable information held within the organization. The various types of proprietary and valuable data signifies the need for the organization to take the precautionary measures to ensure that this data is protected on all levels and from insider and outsider threats. Taking into consideration the broad legal issues related to data protection two reasonable protocols that could be used to detect malicious insiders and their activity within the organization are utilizing software that will monitor the employee’s activities and detect when malicious coding and intent is being utilized. Another protocol would be utilizing time lockouts to reduce employees accessing organizational equipment when employees should not be working. Legally overtime work should be going through a process to get approved and paid to do so instead of working longer hours and not being compensated for that time. It is unknown what the employee may be doing at the odd hours of the day using organizational equipment so safeguards such as these will mitigate a problem like that. Now taking into consideration the ethical issues related to employee monitoring, two protocols that could be used to prevent activities of malicious insiders so that they do not gain access to proprietary and valuable data is to instill the disciplinary measures and showcase them so that all employees know what to expect if they violate and partake in wrongdoings. Also training would be beneficial for the organization so that they will be able to recognize when an insider threat has been breached and also signs that indicate a potential threat may be forthcoming. It is important to bring awareness to the organization and so that all employees know the steps and measures to take if something may arise and situation occurs.Number 3Only authorized and authenticated site users are allowed to use software on this site. The Software available on this website are provided "as is" without warranty of any kind, either express or implied. Use at your own risk. The use of the software on this site is done at your own discretion and risk and with agreement that you will be solely responsible for any damage to your computer system or loss of data that results from such activities. You are solely responsible for adequate protection and backup of the data and equipment used in connection with any of the software, and we will not be liable for any damages that you may suffer in connection with using this software. No advice or information, whether oral or written, obtained by you from us or from this website shall create any warranty for the software. In no event shall we be liable to you or any third parties for any special, punitive, incidental, indirect or consequential damages of any kind, or any damages whatsoever, including, without limitation, those resulting from loss of use, data or profits, and on any theory of liability, arising out of or in connection with the use of this software.I added the first sentence to the above to add protection based on anonymous users, something that came to light in a 2017 case between Diageo and mySAP.Diageo had implemented a connection to mySAP through a Salesforce third party application, bypassing the mySAP requirements named user accounts (Saran, 2017).The implication was that Diageo was breaking the license with mySAP, but the issue in this case is disclaiming that only authorized users can use the system prevents unauthorized, anonymous users, a security risk anyway, from coming in, using the system, breaking it, and suing based on their use.That first sentence protects the company from such access.Number 4A software license agreement is an agreement between a company and its buyer for the use of a software you have rights to (LegalNature, n.d.). Several companies have investigated ways to limit or avoid liabilities claims even since an uncontrollable increase in security breach. Most organizations have concluded that to avoid these uncontrollable debt, loss, and lawsuit, they must adopt a fair remedy under Uniform Commercial Code (UCC) (Gilstrap, 2012). UCC allows businesses to spread costs more efficiently and give proper incentives to software vendors (Gilstrap, 2012). Below is a boilerplate language that could protect the company from liability risk should the third-party software crash or fail. “The Licensor agrees that the Licensee is not liable for any damages, loss or liability claims, including direct, indirect, compensatory, special, incidental, exemplary, punitive or consequential damages, connected with or resulting from use (access) of this software”.With the above language, licensee would be able to disclaim any potential liabilities claim. Although this does not eliminate the licensor’s ability to refuse claims due to negligent misrepresentation or fraudulent inducement (Gilstrap, 2012). A fictitious example that may not sufficiently protect the company is stated below (Karlyn, 2008): “Licensor shall not be liable to licensee for any lost profits, lost revenues or opportunities, downtime, or any consequential damages or costs, resulting from any claim or cause of action based on breach of warranty, contract, negligence, or any other legal theory, even if licensor knew or should have known of the possibility thereof”. This clause does not favor the company, it leaves the company zero to little protection whatsoever. A software license should include a mutual agreement with some clauses and protection to protect both licensor and licensee from aggregate liability. Also limitation on what damage is covered under the liability contract should be reviewed and should include the obligation of the licensor to indemnify the company for damages due to software infringes (Karlyn, 2008).
San Diego Mesa College Module 4 Smith & Lyngate Insurance Project Paper
I attached the instructions file which correspond to the assignment. It's very important that you use the file provided pl ...
San Diego Mesa College Module 4 Smith & Lyngate Insurance Project Paper
I attached the instructions file which correspond to the assignment. It's very important that you use the file provided please. If you have any questions, please ask. I uploaded everything that you'll be needing.
PM3000 Unit 4 Assignment 1
Project Management Plan and Project ScheduleThere are two parts to this assignment:Part 1: Project Management PlanDevelop ...
PM3000 Unit 4 Assignment 1
Project Management Plan and Project ScheduleThere are two parts to this assignment:Part 1: Project Management PlanDevelop a completed project plan for the business or IT project that you selected in Part 1 of Assignment 2.Use the Project Management Plan Template provided in the Resources.Part 2: Project ScheduleComplete the Project Schedule section of the Project Management Plan Template.Use MS Project 2016, which is available through the Toolwire Virtual Desktop.Develop an MS Project plan for your project schedule. Include an introduction and link into the Project Schedule section of the Project Management Plan. Create a Gantt chart showing: Project tasks, milestones, and other measurable, tangible, and verifiable outcomes or results that must be produced to complete the project.Predecessors to tasks.Resources assigned to each task.Note: You should limit project tasks to 10 business days or less. Shorter task durations make it easier to assess project progress. Provide additional amplifying information about the schedule in your Project Plan, as applicable.Reminder: Examples of business or IT project types:Examples of business projects include (but are not limited to): planning a company event, planning a traditional wedding, construction, or other projects with a business-oriented focus.Examples of IT projects include (but are not limited to): ERP implementation, Web site development, WAN design, IT security, et cetera.Additional RequirementsWritten communication: Ensure written communication is free of errors that detract from the overall message.Documents: Submit the following 2 documents: Completed Project Management Plan (using the Project Management Plan Template).Completed MS Project Plan.List of references: Include a list of references, including books, Web sites, articles, and other resources.Formatting: Resources and citations are formatted according to current APA guidelines for style and formatting.Font and font size: Times New Roman, 12 point.Submission: Be sure to include all parts in your submission.
Windows Server 2016 Discussion Posts with work cited.
Each Discussion Question will be a minimum of 200 words. In additional, these must have citations and references, and foll ...
Windows Server 2016 Discussion Posts with work cited.
Each Discussion Question will be a minimum of 200 words. In additional, these must have citations and references, and follow APA requirements. In APA, you can only reference sources you have cited in the text; you cannot have references without citations. Including figures and quotes is value-added, but they will not count toward your 200 word requirement.Each Discussion Question is separate from the otherDiscussion Question 1:As an administrator for your company, you manage a large server that is running Windows Server 2016 and that has about 8 TB of disk space that you can allocate to be used by other servers. Describe how to configure the servers such that the two other servers running Windows Server 2016 can use the disk space just as if the disk space was local?Discussion Question 2:You are setting up a class so that you can train several junior administrators on Windows Server 2016 Hyper‐V. You don’t have dedicated Hyper‐V hosts, but you do have plenty of resources on your current Hyper‐V environment. Describe your proposed solution.Discussion Question 3:Describe the basics of Active Directory including domain, tree, and forest. What domain model would you recommend to an organization (make and list your assumptions)?Discussion Question 4:Describe in detail some of the aspects of DNS related to Windows Server 2016 including zones, records, commands, etc. Explain how DNS is installed and configured on Windows Server 2016.Discussion Question 5:Describe Group Policy object and why an organization would choose to deploy Group Policy. Explain some of the settings within Group Policy that organizations might choose to keep their desktops and servers secure.Discussion Question 6:You are an administrator for a large organization with a group of web developers that works on UNIX machines. You need to come with a solution that enables the web developers to save their files on the Windows system so that those files can be backed up with all of your other data. Because the web servers are critical to the company, you must ensure that the data is available and backed up regularly. Describe your proposed solution.Discussion Question 7:Describe a role that WSUS and Windows Defender play in securing a Windows Network Infrastructure. What should the policy be to keep the nodes on your network updated with the latest security updates?Discussion Question 8:Describe in detail some of the aspects of DHCP related to Windows Server 2016 including leases, scopes, and commands, etc. Explain how DHCP is installed and configured on Windows Server 2016.Discussion Question 9:Describe how to deploy a website and make it as secure as possible while reducing its resources used. Discussion Question 10:You are the administrator for the contoso.com site. Recently, the server hosting the corporate websites had a failure that caused the server to go down for a short period of time while the server was being fixed. In the future, you need to take steps to avoid any hardware failure that would cause the websites to go down. Describe your recommended course of action. Would clustering be an option here? Why or why not?
Lewis University Final Engagement Presentation
Activity File: Final Group PresentationsOverviewYou are working as a Security Engineer for X-CORP, supporting the SOC infr ...
Lewis University Final Engagement Presentation
Activity File: Final Group PresentationsOverviewYou are working as a Security Engineer for X-CORP, supporting the SOC infrastructure. The SOC Analysts have noticed some discrepancies with alerting in the Kibana system and the manager has asked the Security Engineering team to investigate.Yesterday, you monitored live traffic on the wire to detect any abnormalities that aren't reflected in the alerting system.For the final part of this project, you will report back your findings to both the SOC manager and the Engineering Manager with appropriate analysis.InstructionsCongratulations on making it through a comprehensive and demanding project! The tools and knowledge used to complete this week's tasks are a large chunk of offensive, defensive, networking, and system administration cybersecurity skills.In the final part of this project, you will work with your fellow students to complete a group presentation. The presentation will contain analyses from one of the three perspectives: an offensive red team analysis, a defensive blue team analysis, or a network administration analysis.In groups of three to six, divide responsibilities to complete one of the three presentations below:Offensive Presentation TemplateDefensive Presentation TemplateNetwork Presentation TemplateExample of an Offensive Presentation split between six students: Student A and B work on the "Network Topology" and "Critical Vulnerabilities" portion. Students C and D work on the "Exploits Used" section. Students E and F work on the "Avoiding Detection and Maintaining Access" sections.Once all the sections are complete, combine them into a single slide deck. You will use this to present and submit your findings.As a group, decide on which of the three presentations you would like to complete and present on.This project and all of the deliverables created during this six-month course are valuable evidence of your skills and knowledge, which you can present during job searches and networking events. Make sure your project is complete, presentable, and free of errors.The following is an overview of what each section covers. The slide templates provide the same information.Offensive Security Presentation OptionThe offensive red team section must include the following sections:Exploits UsedChoose three important exploits used during the assessment of the VMs.Explain how each exploit works.Provide the commands used to run them.Add a screenshot confirming success (For example: a screenshot of a user shell if you ran a bind shell exploit).Avoiding DetectionFor each exploit, explain which alerts in Kibana can detect it, if any.Identify which metric the alert is responding to.Suggest a technique for bypassing detection.If possible, demonstrate your stealthier solution in action.Maintaining AccessFind a way to implement a backdoor on each target.Provide an example or screenshot of the commands used.Options include using Metasploit, dropping SSH keys, adding users, etc. You only need to choose one.Defensive Security Presentation OptionThe defensive blue team section must include the following sections:Alerts ImplementedExplain each alert implemented in Kibana and provide the metric it responds to.Note the threshold it fires against.Include a screenshot demonstrating that the alert indeed fired.HardeningChoose three vulnerabilities or exploits.For each, explain how it works, how it’s delivered, and how to harden or patch the vulnerable VM against it.Implementing and Distributing FixesCreate an Ansible playbook that implements all of the hardening steps specified above.Include a README explaining what the playbook does and which vulnerabilities or exploits it mitigates.If creating a functional playbook is too difficult or time-consuming, you can create just a README describing what it should do.Network Security Presentation OptionThe network security section must include the following sections:Traffic ProfileFill out a table with information from the analysis, including data about top talkers, amount of traffic, type of traffic (protocols), and purpose of the observed network activity.Normal ActivityIn this section, identify users who are participating in non-malicious traffic.Explain what they’re doing and include a screenshot of packets clarifying their behavior.Elaborate on the packet, explaining how you know the traffic is not malicious.Malicious ActivityIdentify which users are sending suspicious and malicious traffic.For each, explain what kind of traffic they’re sending.Identify the IP addresses involved.Identify and explain any interesting files in the conversation, such as malware, images, etc.
Similar Content
Trends of Mobile Technology Enhanced Medical Education Essay
Find a research article - mobile technology preferred; but any technology topic is acceptable. A research effort is usual...
Help
Q1.Discuss some of the ways in which data mining can help a company generate more businessQ2.What are some potential probl...
Silicon Valley College Enterprise Risk Management Practical Connection Paper
Assignment: Provide a reflection of at least 500 words (or 2 pages double spaced) of how the knowledge, skills, or theorie...
Auburn University Impacts of Blockchain Technology Essay
Submit a 5 page paper (APA style) that addresses the impact of Basic Attention Token” (BAT), Blockstack and data as a co...
AIU Design Document for Famous Favourite Subs Essay
Assignment OverviewUnit 4 - Individual ProjectASSIGNMENT DESCRIPTIONDeliverable Length: 2-3 additional pages of screenshot...
help please
Application Architecture You
have been tasked with building a payroll program for a large
organization with offices sp...
20191030194727cis349 Worksheet 3 Student Version 1
...
Computer Science Discussion Replies
I also agree with the benefits you listed in this post. Above all, I resonate with the convenience that virtual machines o...
Topic And Research Purposes
The project will focus on answering the following research questions: c. Why should small businesses embrace cloud computi...
Related Tags
Book Guides
The Road
by Cormac McCarthy
Fast Food Nation
by Eric Schlosser
Silas Marner
by George Eliot
A Passage to India
by E. M. Forster
The Fault in Our Stars
by John Green
Their Eyes Were Watching God
by Zora Neale Hurston
The Picture of Dorian Gray
by Oscar Wilde
Ethan Frome
by Edith Wharton
The Adventures of Huckleberry Finn
by Mark Twain
Get 24/7
Homework help
Our tutors provide high quality explanations & answers.
Post question
Most Popular Content
ISM 644 Ashford University Systems Research and Development NORA Responses
I need assistance with a reply for the following questions. For reply Number 1 and Number 2, here is the criteria:Evaluate ...
ISM 644 Ashford University Systems Research and Development NORA Responses
I need assistance with a reply for the following questions. For reply Number 1 and Number 2, here is the criteria:Evaluate your peer’s protocols and indicate aspects of their posts that effectively address the issues of prevention and detection of malicious insider activity. Suggest additional issues not considered in your peer’s initial post. Recommend changes to the protocols that would make them more effective. Support your suggestions and recommendations with evidence from your sources.Your responses should be a minimum of 150 words.For reply Number 3 and Number 4, here is the criteria:Evaluate your peer’s software license language. Suggest at least one additional element for the boilerplate language that might strengthen the efficacy of it. Recommend changes that might clarify any missing points or address issues that should be considered. Explain why you offered these suggestions.Your responses should be a minimum of 200 words.Please provide a reply for each of the following responses:Number 1Malicious insider is anyone that has internal access or more knowledge about an organization’s structure and security procedures that aides them easy access and difficult to detect when abusing the use of the system. It is very difficult to detect a malicious insider but there are still steps and precaution that could be taken to prevent or detect a malicious insider from conducting unethical actions.Monitoring employee abnormal behavior is one way to detect a malicious insider. When an employee is behaving abnormally from the standard or required norms of their duty or acting suspicious, this could be consisted red flags and needs to be monitored. The company has trained all employees especially managers to observe unusual or abnormal behaviors, have a conversation with the employee or person involved and if there are no changes, then the issue would be escalated to the appropriate authorities for further actions.Imitating a look alike phishing or malicious attack is another way to detect malicious insider behaviors. This tests as conducted by my company periodically got me so bad because they looked so real, after failing the test the first time, I had to take a training to remind me of how to prevent and report any malicious or suspicious information. The second time, I failed the test due to ignorance and negligence (which anyone could be a victim of), I took the training again and was warned that I could be terminated or on probation on the third attempt (thankfully I passed) but this helped me know how to detect and prevent external or even internal attacks. This act could help determine an employee’s behavior and watch for patterns and immediately swig into action if the company is at a risk of exposure to internal or external attacks.Two reasonable protocols that recon with me according to Reynolds (2015), are performing thorough background check as well as psychological and drug test for candidates handling sensitive information and positions, and define job roles and procedures so it is impossible for same person to both initiate and approve an action (p. 97). This two protocols are common in several organizations and have helped in preventing malicious insider behaviors, even though this does not entirely prevent such behaviors from happening, they are measures that have proven to detect any unusual or suspicious behaviors.Number 2As CIO of the company of 10,000 employees it is important to safeguard the valuable information held within the organization. The various types of proprietary and valuable data signifies the need for the organization to take the precautionary measures to ensure that this data is protected on all levels and from insider and outsider threats. Taking into consideration the broad legal issues related to data protection two reasonable protocols that could be used to detect malicious insiders and their activity within the organization are utilizing software that will monitor the employee’s activities and detect when malicious coding and intent is being utilized. Another protocol would be utilizing time lockouts to reduce employees accessing organizational equipment when employees should not be working. Legally overtime work should be going through a process to get approved and paid to do so instead of working longer hours and not being compensated for that time. It is unknown what the employee may be doing at the odd hours of the day using organizational equipment so safeguards such as these will mitigate a problem like that. Now taking into consideration the ethical issues related to employee monitoring, two protocols that could be used to prevent activities of malicious insiders so that they do not gain access to proprietary and valuable data is to instill the disciplinary measures and showcase them so that all employees know what to expect if they violate and partake in wrongdoings. Also training would be beneficial for the organization so that they will be able to recognize when an insider threat has been breached and also signs that indicate a potential threat may be forthcoming. It is important to bring awareness to the organization and so that all employees know the steps and measures to take if something may arise and situation occurs.Number 3Only authorized and authenticated site users are allowed to use software on this site. The Software available on this website are provided "as is" without warranty of any kind, either express or implied. Use at your own risk. The use of the software on this site is done at your own discretion and risk and with agreement that you will be solely responsible for any damage to your computer system or loss of data that results from such activities. You are solely responsible for adequate protection and backup of the data and equipment used in connection with any of the software, and we will not be liable for any damages that you may suffer in connection with using this software. No advice or information, whether oral or written, obtained by you from us or from this website shall create any warranty for the software. In no event shall we be liable to you or any third parties for any special, punitive, incidental, indirect or consequential damages of any kind, or any damages whatsoever, including, without limitation, those resulting from loss of use, data or profits, and on any theory of liability, arising out of or in connection with the use of this software.I added the first sentence to the above to add protection based on anonymous users, something that came to light in a 2017 case between Diageo and mySAP.Diageo had implemented a connection to mySAP through a Salesforce third party application, bypassing the mySAP requirements named user accounts (Saran, 2017).The implication was that Diageo was breaking the license with mySAP, but the issue in this case is disclaiming that only authorized users can use the system prevents unauthorized, anonymous users, a security risk anyway, from coming in, using the system, breaking it, and suing based on their use.That first sentence protects the company from such access.Number 4A software license agreement is an agreement between a company and its buyer for the use of a software you have rights to (LegalNature, n.d.). Several companies have investigated ways to limit or avoid liabilities claims even since an uncontrollable increase in security breach. Most organizations have concluded that to avoid these uncontrollable debt, loss, and lawsuit, they must adopt a fair remedy under Uniform Commercial Code (UCC) (Gilstrap, 2012). UCC allows businesses to spread costs more efficiently and give proper incentives to software vendors (Gilstrap, 2012). Below is a boilerplate language that could protect the company from liability risk should the third-party software crash or fail. “The Licensor agrees that the Licensee is not liable for any damages, loss or liability claims, including direct, indirect, compensatory, special, incidental, exemplary, punitive or consequential damages, connected with or resulting from use (access) of this software”.With the above language, licensee would be able to disclaim any potential liabilities claim. Although this does not eliminate the licensor’s ability to refuse claims due to negligent misrepresentation or fraudulent inducement (Gilstrap, 2012). A fictitious example that may not sufficiently protect the company is stated below (Karlyn, 2008): “Licensor shall not be liable to licensee for any lost profits, lost revenues or opportunities, downtime, or any consequential damages or costs, resulting from any claim or cause of action based on breach of warranty, contract, negligence, or any other legal theory, even if licensor knew or should have known of the possibility thereof”. This clause does not favor the company, it leaves the company zero to little protection whatsoever. A software license should include a mutual agreement with some clauses and protection to protect both licensor and licensee from aggregate liability. Also limitation on what damage is covered under the liability contract should be reviewed and should include the obligation of the licensor to indemnify the company for damages due to software infringes (Karlyn, 2008).
San Diego Mesa College Module 4 Smith & Lyngate Insurance Project Paper
I attached the instructions file which correspond to the assignment. It's very important that you use the file provided pl ...
San Diego Mesa College Module 4 Smith & Lyngate Insurance Project Paper
I attached the instructions file which correspond to the assignment. It's very important that you use the file provided please. If you have any questions, please ask. I uploaded everything that you'll be needing.
PM3000 Unit 4 Assignment 1
Project Management Plan and Project ScheduleThere are two parts to this assignment:Part 1: Project Management PlanDevelop ...
PM3000 Unit 4 Assignment 1
Project Management Plan and Project ScheduleThere are two parts to this assignment:Part 1: Project Management PlanDevelop a completed project plan for the business or IT project that you selected in Part 1 of Assignment 2.Use the Project Management Plan Template provided in the Resources.Part 2: Project ScheduleComplete the Project Schedule section of the Project Management Plan Template.Use MS Project 2016, which is available through the Toolwire Virtual Desktop.Develop an MS Project plan for your project schedule. Include an introduction and link into the Project Schedule section of the Project Management Plan. Create a Gantt chart showing: Project tasks, milestones, and other measurable, tangible, and verifiable outcomes or results that must be produced to complete the project.Predecessors to tasks.Resources assigned to each task.Note: You should limit project tasks to 10 business days or less. Shorter task durations make it easier to assess project progress. Provide additional amplifying information about the schedule in your Project Plan, as applicable.Reminder: Examples of business or IT project types:Examples of business projects include (but are not limited to): planning a company event, planning a traditional wedding, construction, or other projects with a business-oriented focus.Examples of IT projects include (but are not limited to): ERP implementation, Web site development, WAN design, IT security, et cetera.Additional RequirementsWritten communication: Ensure written communication is free of errors that detract from the overall message.Documents: Submit the following 2 documents: Completed Project Management Plan (using the Project Management Plan Template).Completed MS Project Plan.List of references: Include a list of references, including books, Web sites, articles, and other resources.Formatting: Resources and citations are formatted according to current APA guidelines for style and formatting.Font and font size: Times New Roman, 12 point.Submission: Be sure to include all parts in your submission.
Windows Server 2016 Discussion Posts with work cited.
Each Discussion Question will be a minimum of 200 words. In additional, these must have citations and references, and foll ...
Windows Server 2016 Discussion Posts with work cited.
Each Discussion Question will be a minimum of 200 words. In additional, these must have citations and references, and follow APA requirements. In APA, you can only reference sources you have cited in the text; you cannot have references without citations. Including figures and quotes is value-added, but they will not count toward your 200 word requirement.Each Discussion Question is separate from the otherDiscussion Question 1:As an administrator for your company, you manage a large server that is running Windows Server 2016 and that has about 8 TB of disk space that you can allocate to be used by other servers. Describe how to configure the servers such that the two other servers running Windows Server 2016 can use the disk space just as if the disk space was local?Discussion Question 2:You are setting up a class so that you can train several junior administrators on Windows Server 2016 Hyper‐V. You don’t have dedicated Hyper‐V hosts, but you do have plenty of resources on your current Hyper‐V environment. Describe your proposed solution.Discussion Question 3:Describe the basics of Active Directory including domain, tree, and forest. What domain model would you recommend to an organization (make and list your assumptions)?Discussion Question 4:Describe in detail some of the aspects of DNS related to Windows Server 2016 including zones, records, commands, etc. Explain how DNS is installed and configured on Windows Server 2016.Discussion Question 5:Describe Group Policy object and why an organization would choose to deploy Group Policy. Explain some of the settings within Group Policy that organizations might choose to keep their desktops and servers secure.Discussion Question 6:You are an administrator for a large organization with a group of web developers that works on UNIX machines. You need to come with a solution that enables the web developers to save their files on the Windows system so that those files can be backed up with all of your other data. Because the web servers are critical to the company, you must ensure that the data is available and backed up regularly. Describe your proposed solution.Discussion Question 7:Describe a role that WSUS and Windows Defender play in securing a Windows Network Infrastructure. What should the policy be to keep the nodes on your network updated with the latest security updates?Discussion Question 8:Describe in detail some of the aspects of DHCP related to Windows Server 2016 including leases, scopes, and commands, etc. Explain how DHCP is installed and configured on Windows Server 2016.Discussion Question 9:Describe how to deploy a website and make it as secure as possible while reducing its resources used. Discussion Question 10:You are the administrator for the contoso.com site. Recently, the server hosting the corporate websites had a failure that caused the server to go down for a short period of time while the server was being fixed. In the future, you need to take steps to avoid any hardware failure that would cause the websites to go down. Describe your recommended course of action. Would clustering be an option here? Why or why not?
Lewis University Final Engagement Presentation
Activity File: Final Group PresentationsOverviewYou are working as a Security Engineer for X-CORP, supporting the SOC infr ...
Lewis University Final Engagement Presentation
Activity File: Final Group PresentationsOverviewYou are working as a Security Engineer for X-CORP, supporting the SOC infrastructure. The SOC Analysts have noticed some discrepancies with alerting in the Kibana system and the manager has asked the Security Engineering team to investigate.Yesterday, you monitored live traffic on the wire to detect any abnormalities that aren't reflected in the alerting system.For the final part of this project, you will report back your findings to both the SOC manager and the Engineering Manager with appropriate analysis.InstructionsCongratulations on making it through a comprehensive and demanding project! The tools and knowledge used to complete this week's tasks are a large chunk of offensive, defensive, networking, and system administration cybersecurity skills.In the final part of this project, you will work with your fellow students to complete a group presentation. The presentation will contain analyses from one of the three perspectives: an offensive red team analysis, a defensive blue team analysis, or a network administration analysis.In groups of three to six, divide responsibilities to complete one of the three presentations below:Offensive Presentation TemplateDefensive Presentation TemplateNetwork Presentation TemplateExample of an Offensive Presentation split between six students: Student A and B work on the "Network Topology" and "Critical Vulnerabilities" portion. Students C and D work on the "Exploits Used" section. Students E and F work on the "Avoiding Detection and Maintaining Access" sections.Once all the sections are complete, combine them into a single slide deck. You will use this to present and submit your findings.As a group, decide on which of the three presentations you would like to complete and present on.This project and all of the deliverables created during this six-month course are valuable evidence of your skills and knowledge, which you can present during job searches and networking events. Make sure your project is complete, presentable, and free of errors.The following is an overview of what each section covers. The slide templates provide the same information.Offensive Security Presentation OptionThe offensive red team section must include the following sections:Exploits UsedChoose three important exploits used during the assessment of the VMs.Explain how each exploit works.Provide the commands used to run them.Add a screenshot confirming success (For example: a screenshot of a user shell if you ran a bind shell exploit).Avoiding DetectionFor each exploit, explain which alerts in Kibana can detect it, if any.Identify which metric the alert is responding to.Suggest a technique for bypassing detection.If possible, demonstrate your stealthier solution in action.Maintaining AccessFind a way to implement a backdoor on each target.Provide an example or screenshot of the commands used.Options include using Metasploit, dropping SSH keys, adding users, etc. You only need to choose one.Defensive Security Presentation OptionThe defensive blue team section must include the following sections:Alerts ImplementedExplain each alert implemented in Kibana and provide the metric it responds to.Note the threshold it fires against.Include a screenshot demonstrating that the alert indeed fired.HardeningChoose three vulnerabilities or exploits.For each, explain how it works, how it’s delivered, and how to harden or patch the vulnerable VM against it.Implementing and Distributing FixesCreate an Ansible playbook that implements all of the hardening steps specified above.Include a README explaining what the playbook does and which vulnerabilities or exploits it mitigates.If creating a functional playbook is too difficult or time-consuming, you can create just a README describing what it should do.Network Security Presentation OptionThe network security section must include the following sections:Traffic ProfileFill out a table with information from the analysis, including data about top talkers, amount of traffic, type of traffic (protocols), and purpose of the observed network activity.Normal ActivityIn this section, identify users who are participating in non-malicious traffic.Explain what they’re doing and include a screenshot of packets clarifying their behavior.Elaborate on the packet, explaining how you know the traffic is not malicious.Malicious ActivityIdentify which users are sending suspicious and malicious traffic.For each, explain what kind of traffic they’re sending.Identify the IP addresses involved.Identify and explain any interesting files in the conversation, such as malware, images, etc.
Earn money selling
your Study Documents