Security Analysis Project

Using proxy software Burp Suite it was discovered that the shopping site contained a hidden form field that could be manipulated.

Both Wireshark and NetWitness Investigator can be used for packet capture and analysis. Which tool is preferred for each task, and why?

This was a simulation project related to application of different tools of portfolio management. The project was applied by using stocktrak.com platform. This website provides the students and teachers with a real time simulation platform for learning the portfolio investment. A specific allocated amount was used in this simulation project for portfolio investment. A portfolio was created of different securities like stocks, bonds and currencies. These bonds and securities were from different sectors of economy like technology industry, financial industry, consumer goods industry, services industry, health industry, industrial goods industry, utilities industry, and basic materials industry. The top performing stocks in this simulation project were Bank of America Corporation, Hersha Hospitality trust, Deans Food Company, Loews Corporation, and Pepsi Co Inc. The study also found that the percentage return on portfolio remained above the return realized on Dow Jones ETF during the timeline of the project.

The stock market has always intrigued me and I have since been eager to learn more about it. Starting back in January of this year, I ordered three textbooks on stock trading to become more informed on the subject. After reading these books, I gained further insight on stock trading which led me to open my own brokerage account where I could buy and sell stocks. I started by playing a stock simulation which was very similar in concept to StockTrak, a program we used in this class. I found that this helped provide me with a hands on experience which helped familiarize me with stock trading and learning how to manage and use my money efficiently. I continued to play this simulation for about two months and during this time my portfolio grew about 4%, which provided me a confidence boost and motivated me to invest in my real money into the stock market. In March of 2015, I officially began trading in the stock market and I continued to learn along the way. As of now, I have roughly nine months of stock trading experience. As stated previously, I have always had in interest in the stock market, but I never acted upon it until as recently as earlier this year. My interest in the stock market was peaked because I enjoy taking risks and the stock market

     On September 24, 2010, a laptop was stolen from an unlocked Urology office at the Henry Ford Health Systems hospital. The laptop did contain password protection software; however, it may not have been enough to permit access if the thief had advanced knowledge in computers. Additionally, the information stored on the laptop did not include social security or health insurance information, but instead held “patient names, medical record numbers, dates of birth, telephone numbers, e-mail addresses, and treatment and doctor visits” (Moscaritolo, 2010, p. 1). It is unknown how many records were contained on the laptop, but all records were related to prostate services that were provided during an eleven year span.

The framework of security policy is defined to construct a structure by the help of which policy gaps can be identified in an easy manner. A system specific policy would assist to ensure that all employees and management comply with the policies. This is also used to maintain the confidentiality for user authentication would assist in the confidentiality aspect of security, maintain integrity (There are several limiting rules or constraints which are distinct in the relational data model and whose work is to maintain the data’s accuracy and maintain its integrity.), availability and authenticity of the system. Access controls are a collection of mechanisms that work together to create security architecture to protect the assets of an information system. One of the goals of access control is personal accountability, which is the mechanism that proves someone performed a computer activity at a specific point in time. So, the framework acts as the guideline

Global Information Assurance Certification (GIAC) is an information security certification entity that specialises in technical and practical certification as well as new research in the form of its GIAC Gold program. SANS Institute founded the certification entity in 1999 and the term GIAC is trademarked by The Escal Institute of Advanced Technologies.

* Suggest three (3) penetration testing methods that you would use for a small day care business. Provide a rationale to support your response. Note: The day care is located in the heart of downtown, currently uses a Website, databases, file servers, printers, both wireless (802.11x) and Ethernet access to the Internet, and card readers for physical entry for its employees.

Computer security is the security applied to the computers and their networks including the internet. Physical security and information security are the two types of computer securities which prevent theft of equipment and data. (Man, 2015).

A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property. The most common concept of a data breach is an attacker hacking into a corporate network to steal sensitive data. However, not all data breaches are so dramatic. If an unauthorized hospital employee views a patient's health information on a computer screen over the shoulder of an authorized employee that also constitutes a data breach.

Vulnerable. Susceptible to physical or emotional attack or harm. The feeling that no one wants to feel. The feeling that everyone just wants to ignore. When I look back and talk about how I lost my accent and what that caused me, I am reliving the hurt that I felt. When I talk about all the struggles I felt, I am reliving the hurt that I felt.

On 2/10/16 at 11:57 P.M. Security was notified via email by Loss Prevention Specialist (LPS) Corey Green to look into a theft of a pizza slice that occurred in the B Building break room. Shift Supervisor (S/S) Enmanuel Cabrera start by pulling the complainant Kyle Smith (smithky) lenels’. S/S Cabrera was able see to that Mr. Smith enters the B building with a domino’s box at 6:45 P.M through turnstile 5. Upon entering, Mr. Smith places domino’s box in the refrigerator along the B building bathroom wall at 6:46 P.M. After further review of camera C140 at 8:27 P.M, Security Officer Christopher Maletta was seen taken a slice of pizza of the pizza

Security is now and again called an "overall concern" in light of the fact that everything required in the Web administrations environment needs some level of insurance against the numerous dangers and difficulties that IT divisions must manage all the time. For instance, SOAP messages should be secure, WSDL records may should be secured against unapproved get to, firewall ports may require extra systems to make preparations for overwhelming burdens and to assess Web administrations messages, et cetera. Since Web administrations are intended for interoperability, an imperative objective of the security innovations is to empower execution environment advances to keep on working while adding security instruments to the Web administrations layers above them.

In the last decade it’s amazing how technology has advanced over the years and will continue to advance for many years to come. Every year there is a new cell phone from Apple or Samsung, with new features that make our lives more convenient. From faster software to higher picture quality and so on. I am unable to recall the last time I used a camera to take pictures or went to the bank to deposit a check. Technology advances every day and many can’t wait to see what’s next to come. But with new technology comes greater risk for violations of privacy. In the following research paper I will discuss the types of security breaches and the cost associated with these breaches that businesses around the world face on a daily basis.

In the event that, regardless, security operations must be off- stacked to parts running on an untrusted stage, the configuration ought to force great alert on how the reckoning and it’s yield are dealt with. Normal shortcomings identified with customer trust live in different parts of the framework, yet have a tendency to impart a sensibility. A planner may Verify all information got from an untrusted customer are appropriately approved before transforming.