Paper 1(K) – Assignment Help | coursefighter.com

Paper 1(K) – Assignment Help | coursefighter.com

Course Fighter  Information Systems Homework Help

Instructions are attached

Our assignment help experts start writing the papers as soon as the payment is done. The writers work fast to complete the task within the deadline. You will receive your assignment in your registered account prior to the submission deadline.

Place Your Order Now

Threat modelling with stride – Assignment Help | coursefighter.com

Threat modelling with stride – Assignment Help | coursefighter.com

Course Fighter  Information Systems Homework Help

PurposeThis project provides an opportunity to apply the concepts of using a Threat Modeling methodology, STRIDE, against a fictitious Healthcare organization’s application.Learning Objectives and OutcomesYou will gain an overall understanding of risk management, its importance, and critical processes required when developing a threat model as a part of risk management for an organization.Required Source Information and ToolsWeb References:  https://www.webtrends.com/blog/2015/04/threat-modeling-with-stride/DeliverablesAs discussed in this course, risk management is an important process for all organizations. This is particularly true in information systems, which provides critical support for organizational missions. The project activities described in this document allow you to fulfill the role of an employee participating in the risk management process in a specific business situation, identifying the threats and vulnerabilities facing your organization.Submission RequirementsAll project submissions should follow this format:Format:      Microsoft Word or compatibleFont:      Arial, 10-point, double-spaceCitation      Style: APA style. Any work copied      from Internet or other sources will automatically receive a 0.ScenarioYou are an information technology (IT) intern working for Health Network, Inc. (Health Network), a fictitious health services organization headquartered in Minneapolis, Minnesota. Health Network has over 600 employees throughout the organization and generates $500 million USD in annual revenue. The company has two additional locations in Portland, Oregon and Arlington, Virginia, which support a mix of corporate operations. Each corporate facility is located near a co-location data center, where production systems are located and managed by third-party data center hosting vendors.Company ProductsHealth Network has three main products: HNetExchange, HNetPay, and HNetConnect.HNetExchange is the primary source of revenue for the company. The service handles secure electronic medical messages that originate from its customers, such as large hospitals, which are then routed to receiving customers such as clinics over the Internet. Information transmitted over this network include patient health information, xrays, bloodwork, and diagnoses.HNetPay is a Web portal used by many of the company’s HNetExchange customers to support the management of secure payments and billing. The HNetPay Web portal, hosted at Health Network production sites, accepts various forms of payments and interacts with credit-card processing organizations much like a Web commerce shopping cart. The Web portal is hosted on a Windows IIS Web server. Data from the portal is stored in an Oracle database on a Unix server.HNetConnect is an online directory that lists doctors, clinics, and other medical facilities to allow Health Network customers to find the right type of care at the right locations. It contains doctors’ personal information, work addresses, medical certifications, and types of services that the doctors and clinics offer. Doctors are given credentials and are able to update the information in their profile. Health Network customers, which are the hospitals and clinics, connect to all three of the company’s products using HTTPS connections. Doctors and potential patients are able to make payments and update their profiles using Internet-accessible HTTPS Web sites. You have already run a Nessus scan and used nmap to determine vulnerabilities.Information Technology Infrastructure OverviewHealth Network operates in a production data center that provide high availability across the company’s products. The data center host about 1,000 production servers, and Health Network maintains 650 corporate laptops and company-issued mobile devices for its employees. Employees are allowed to work from home, using their company-issued laptops. There is also a wireless network available at work.ProjectFor the project,you must create a threat model, using STRIDE (remember to use the information in the article at the Web link, to understand these sections).To do so, you must analyze the data and create a threat model document that contains the following sections:1. A section titled Attacker Viewpoint discussing framing the threat from the mindset of the perceived attacker. Address the following questions: 5 points.a. Who is likely to attack the system?b. What are they likely to attack to accomplish their goal?2. A section titled Asset Viewpoint discussing the organization’s assets from the information provided in the scenario, above. Be sure to also address the following questions (I recommend placing this in a table). 15 pointsa. What is the asset?b. What value does the asset have to the organization?c. How might that asset be exploited by an attacker?3. A section, titled STRIDE, that will identify the following security threats for six different categories, as discussed in the article in the Web reference you were asked to read, as they apply to this scenario.  Include the following: 60 pointsa. Spoofing – address any spoofing threats that might be present in the applications or systems. Include the ramifications (impact) of a spoofing attack.b. Tampering – address any data or databases that might be subject to data tampering (applications, for instance, that might be vulnerable to cross site scripting attacks or SQL injection in the healthcare organization scenario, above).c. Repudiation – address where repudiation attacks might be possible in the organization.d. Information disclosure – address where there may be the likelihood for a data breach in the organization’s assets listed in the scenario that would allow the attacker to access private information (or, worse, patient health information). Discuss the laws and regulations that would be impacted and the ramifications (impact and penalities) that would be incurred by this organization in that event.e. Denial of Service – discuss the potential for service interruptions for those systems or applications connected to the Internet. Which systems are vulnerable? What would be the impact to the organization for each connected system, if it were to be unavailable?f. Elevation of Privilege – discuss the systems and applications that might be subject to an attacker elevating his privilege levels (think of a patient database – what would happen if the attacker was able to gain Administrator access to the database?).4. A section, titled Risk Mitigation Plan, that summarizes your findings for the boss and discusses the security controls that you recommend for each of the potential attacks that you have identified. This can be summarized using the table I’ve provided for you below for each of your threats. Remember to assign the implementation of the recommended security control to a role within the organization (you can use a generic role, such as System Administrator, Database Admin, Security Officer, etc. – your textbook and other supplemental readings listed different organizational roles responsible for managing risk) 20 points.Risk Mitigation Plan:AssetThreatImpactRecommended Security ControlResponsible Role

Our assignment help experts start writing the papers as soon as the payment is done. The writers work fast to complete the task within the deadline. You will receive your assignment in your registered account prior to the submission deadline.

Place Your Order Now

Case Study 1: Computer Ethics – Assignment Help | coursefighter.com

Case Study 1: Computer Ethics – Assignment Help | coursefighter.com

Course Fighter  Information Systems Homework Help

Case Study 1: Computer EthicsDue Week 3 and worth 75 pointsRead the case from Deccan Herald titled “Hackers holding your PC to ransom”, dated November 25, 2013, located at http://www.deccanherald.com/content/297460/hackers-holding-your-pc-ransom.html.Write a two to three (2-3) page paper in which you:Describe two (2) potential computer ethics issues associated with holding computers hostage.Propose two (2) methods that computer users could use to prevent this type of attack.Propose two (2) governmental legislations that could be enacted against this type of attack.Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.Your assignment must follow these formatting requirements:Be typed, double-spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.The specific course learning outcomes associated with this assignment are:Outline why the Information Assurance and Security perspective needs to pervade all aspects of information technology.Evaluate the ethical concerns that information technologies raise in society, and the impact of information technologies on crime, terrorism, and war.Use technology and information resources to research issues in information technology.Write clearly and concisely about introductory information technology topics using proper writing mechanics and technical style conventions.

Our assignment help experts start writing the papers as soon as the payment is done. The writers work fast to complete the task within the deadline. You will receive your assignment in your registered account prior to the submission deadline.

Place Your Order Now

Midterm Research Paper – Assignment Help | coursefighter.com

Midterm Research Paper – Assignment Help | coursefighter.com

Course Fighter  Information Systems Homework Help

This week, you have read about entrepreneurship in a global economy. For your written assignment this week, complete a case study of the organization you work for (use a hypothetical or “other” organization if more applicable) that will address the following prompts:Describe the organization’s environment, and evaluate its preparedness to go global, if not already, and it’s strategy for staying global if it is.Research other company’s strategy for going global and explain if this will or will not work for your company.Make a recommendation for a global strategy in the organization, including a justification for your recommendations.Submit your midterm research paper as a single document. Your paper should meet the following requirements:Be approximately four to six pages in length, not including the required cover page and reference page.Follow APA 7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Our assignment help experts start writing the papers as soon as the payment is done. The writers work fast to complete the task within the deadline. You will receive your assignment in your registered account prior to the submission deadline.

Place Your Order Now