Free Essay

Cryptography Outline

In:

Submitted By cdoyle
Words 3749
Pages 15
Course Title: Cryptography
Section 1-1 Topic: Introduction To Cryptography

Confidentiality, Integrity, Availability and Authentication
How companies use cryptography
How penetration testers can also use cryptography
Tools, Techniques and Attacks
Academics discusses history of encryption.
Academics simply encrypt or hash, why aren't people using hashing more?
Professional is just, encrypt or not, hash or just verify Section 1-2 Topic: Key Concepts of Cryptography: PKIS & Encryption
Learning Objectives: Cryptography is one of the most underrated courses of study in the industry. Of those who do study it, issues with comprehension tend to hinder individual mastery. By taking this course, learners will finally be able to grasp all the critical concepts, theories and practices associated with Cryptography.
This Cryptography presentation discusses and demonstrates the key concepts of Cryptography from attacks, PKIs and Encryption in detail.
You’ll learn about the difference between public and private keys and about the similarities and differences between symmetry & asymmetry. We’ll also discuss the concept of integrity and confidentiality and their relationships to/with protocols.
This Cryptography course will help you master the basics of Cryptography as you begin to develop the discipline needed to become an accomplished pen tester. Keys and Principles
1. Keys
1a. Symmetric - also referred to as same keys, private key, symmetric key - same (confidentially)
Different Version/Ways/Procedures to get PlainText to CipherText Symmetric Cipher Examples:
AES, DES, 3DES, IDEA, CAST, twofish, Blowfish, RC2, Serpent, Rijndael - (there are others, chart at end of section)
PGP, OTP (One Time password) Mnemonic device to remember some Symmetric Ciphers (how it reads, sounds and then corresponds, in English):
Hey! These 3 guys, had an idea to cast their rod to fish for blowfish, but instead received, serpents in the rain.
A! Dees 3 guys, had an IDEA to CAST their rod TWOFISH for BLOWFISH, but instead Received, Serpents in the Rain.
AES DES 3DES IDEA CAST TWOFISH BLOWFISH RC2 Serpent Rijndael 1b. Asymmetric - public/private key pair - what one key does, the other key undoes
(confidentially, authentication, nonrepudiation) Asymmetric Cipher Examples:
DH (key exchange), El Gamal (open source), RSA (internet), Elliptical Curve (for limited processor machines),
Knapsack, DSA (popular as a US standard) Mnemonic device to remember some Asymmetric Ciphers (how it reads and then corresponds, in English):
D-E-R-E-K-S
Diffie Hellman, El Gamal, RSA, Elliptical Curve, Knapsack, DSA 2. Principles (C, I, A)
Principles of CIA (confidentiality, integrity and authentication) along with PAIN will be discussed in detail later, focus on concepts and definitions.
Substitution/Transposition - PlainText to CipherText, and CipherText to PlainText
Disk Encryption (further detail later) Integrity
Detect unauthorized change via output of Message Digest, also known as, a hash.
MD5 (128bit), SHA (160 bit, also variable), Hashing Calculator PKI
A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.
CA, RA, X.509
IKE (internet Key exchange), ISAKMP, CRL (certification revocation list), OCSP (dynamic, checks x.509 cerrtification) Attacks
Known Plaintext
Known CipherText
Chosen CipherText (needs physical access to machine)
Chosen Plaintext (choose what gets decrypted, needs physical access to) Protocols
SSH (replaced Telnet)
HTTPS (SSL/TLS with security protocol, wraps all upper layer application in cryptographic wrapper)
IPSec (Network Layer, analogy truck: authentication header/integrity check, payload: integrity check and confidentiality check)
SSL/TLS (protocols)
Symmetric Ciphers Key Length
Blowfish 1-448 bits
DES 56 bits
IDEA 128 bits
RC4 1-2048 buts
RC5 128-256 bits
Rijndael 128-256 bits
Serpent 128-256 bits
Triple (3) DES 168 bits
Twofish 128-256 bits
Section 1-3 Topic: Introduction to Cryptographic Tools
Section 1-4 Topic: Services & Threats of Cryptography
Section 2-1 Topic: Integrity Checking: Modifications
Learning Objectives: These videos, while separate, build on each other and are all linked.
Explain how cryptography is used to protect CIA. ‘CIA’ can also be a ‘PAIN’ – all defined… 1. Confidentiality (C of CIA) (also Privacy, P of PAIN) - prevent unauthorized disclosure of data
Threats
a. Social Engineering: Opening Unsigned Emails (Spear Phishing, Whaling Attack)
Defense Controls: Physical, Technical, Mail Filter, Administrative Training
Ideas: Separation of Duties, Need to Know
b. Media Reuse: USB Thumb Drive reuse is common.
Sanitizing can also be referred to as Zero'ing
Destroying a hard drive, completely, requires incineration.
Degaussing method only works for Magnetic Media.
Deleting only removes pointer to file and Formatting can be recovered.
c. Eavesdropping: protocol (packet) analyzer/ sniffer. Wireshark is popular.
Replay Attack: Capturing a packet that contains a password and reusing;
This allows access to ‘use’ a password without never knowing the actual password
Zero Knowledge Proof: Kerberos allows end user to prove the password, without sending password across network
Hack Attack Discussion: Directory Services: Query DNS, reply to send Credential to Server 1 2. Integrity (I of CIA, I of PAIN)
Accidental Modifications are checked by message digests, or hashes.
(digital representation of file - checks if identical)
Intentional (Malicious) Modification can be checked by using:
Message Authentication Code (MAC) or
Digital Signatures (both provide an extra step of authentication) 3. Authenticity (A of CIA, A of PAIN)
How to prove is truly came from the sender, is it valid? 4. Non repudiation (N of PAIN)
Combination of Integrity and Authenticity – must have both!
Sender can't dispute sending the message or contents - we use digital signatures for this
(further detailed explanations will follow on how) Mnemonic Device, some remember it as CIA, or PAIN - P(rivacy) A(uthentication) I(ntegrity) N(on Repudiation) Section 2-2 Topic: CipherText
Learning Objectives: Learn how to properly create CipherText and the processes behind it in this lecture series on Cryptography.
Privacy/Confidentiality
Plaintext + Initialization Vector + Algorithm + Key = CipherText
Plaintext is just plain, non-encrypted text or data.
Initialization Vector (IV) adds randomness and complexity. Randomized Starting Point
~Computer cannot generate a random number, so we have a pseudo random number.
~We could take any number of variable pieces of data to generate a pseudo random number such as:
A Date: 12/12/1999 would be 34.
Algorithm (aka Cipher, is a collection of math functions) ~Symmetric Cryptography can also be referred to as: Private Key Secret Key Session Key Shared Key (i.e. shared between two parties) ~Any Symmetric Algorithm, to be discussed later, will be either: Block Stream ~Asymmetric Discrete logarithms Factorization
Key (Crypto Variable) is the instruction on how to use the algorithm (how to use the math) Section 2-3 Topic: Master Pattern Analysis with CrypTool
Learning Objectives: Learn how to perform pattern analysis with CryptTool to identify trends during the encryption process. CrypTool Lab
CrypTool is a non-academic analysis tool that offers a fundamental understanding of encryption algorithms.
Can be found at: http://www.cryptool.org Section 2-4 Topic: Symmetric Encryption
Learning Objectives: The Symmetric Encryption discussion opens by reviewing the usage of random numbers, explaining what Replay Attack is, the importance of unique information on data packets and in sequencing and defining key terms including Nonce and Key Generation.
Then, you’re introduced to Symmetric Encryption with a basic summary of how it works, what ciphers are, the different types of Symmetric Ciphers, what happens with block ciphers, and what the difference means to encryption and decryption as a process.
As a penetration tester, you must know the difference between confusion and diffusion. You’ll observe how that correlates to how algorithms work and the importance of strong math in configuring algorithms. And you’ll learn what happens as algorithms are used and what you need to look for in your testing results.
Cryptographic Uses of Random Numbers ~There is very little true randomness (or entropy) so instead we use pseudo random. Nonces - process of stamping uniqueness on packet without being sequential. Note: Adds uniqueness and helps to stop replay attacks Key Generation - keys must be unique, (pseudo) random and of a suitable length Note: All things being equal, longer will offer more protection. Symmetric Encryption (same key on both ends - real world example: a house key) Ciphers Confusion - Confusion relates to complex math and substitution Diffusion - Diffusion relates to permutations or rounds (DES went through 16 rounds, 3DES goes through 48 times/rounds/permutations) Bit length is not necessarily the final determination of the strength of a key. Open - Kerckhoffs Principles, algorithm should be open Key Generation – (definition above) Example Algorithm:
[R1]+2, [R2]-2, [R3]*2, [R4]/2, ... [R6]^2 - each [R] would be considered an SBox (or substitution box) Block Ciphers (slower, but more secure) ECB CBC DES 3DES (secure, very process intensive, but AES would be preferred) AES (Advanced Encryption Standard) Section 2-5 Topic: Stream Ciphers, XOR and RC4
Learning Objectives: As a continuation of learning about Symmetric Encryption, this lesson explores the other type of cipher: Stream Ciphers.
We’ll go much deeper into what happens during XOR (which stands for exclusive Or), what transposition and substitution is, and whether or not multiple transposition and substitution is preferred. You’ll also observe a rich demonstration of how XOR provides encryption, learn what RC4 is and what takes place at the encryption and decryption level.
As a Penetration Tester, you must understand the key functions of each of these events, what their impact is on each other and how to determine when to use one over another in Symmetric Encryption. StreamCiphers One bit at a time Transposition (THE becomes HET; moving over 1 character) Substitution (A for T, B for H, C for E, assigning different characters, etc.), XOR (Exclusive Or) How XOR works, since it is a stream, it goes bit by bit XOR Example
Plain 1 1 1 1 0 1 1 0 The plaintext
Key 0 1 0 0 1 1 0 0 compared to the key
CIPHER 1 0 1 1 1 0 1 0 If alike, becomes 0. If different becomes 1 A real world example could be WEP/WPA which uses RC4 (fast encryption and decryption, trades security for speed) WPA2 uses AES which is more secure. Section 2-6 Topic: Pros and Cons of Symmetric Cryptography
Learning Objectives: As we wrap up our lesson on Symmetric Cryptography, we must address the pros and cons of this encryption method.
You’ll discuss its greatest pro—speed. But as we know, sometimes being too fast occurs at a cost. Those costs will be discussed when we cover the cons of Symmetric Cryptography, such as Out of Band Key Distribution, lack of authenticity, issues with integrity, and non-repudiation.
Knowing what the boundaries are with your encryption resources will enable you to make accurate decisions and advise decision-makers with specific points of fact. Con: Out of band key distribution (no straight forward means of key exchange) Not Scalable (every unique conversation requires a key) No 'A'uthenticity (no court room authenticity, both parties share the key) No 'I'ntegrity (corruption happens, it cannot detect corruption or packet drops) No 'N'on Repudiation (requires both Authenticity and Integrity)
Pro:
Does provide 'P'(rivacy/Confidentiality) of 'PAIN' FAST, FAST, FAST! (It can be noticably real world faster)
Section 2-7 Topic: Public Key Cryptography
Learning Objectives: This final lesson in Section 2 of the Cryptography module focuses on public key cryptography.
Every user on the network is given a public and private key for encryption. This lesson discusses how the public and private key exchange happens, how Asymmetric Cryptography works, what has to happen so that public and private key exchanges can authenticate, and what the advantage/disadvantages are to employing Asymmetric Cryptography.
And finally, there is a contrast discussion on Symmetric vs. Asymmetric Cryptography discussion introducing how penetration testers can get the best out of both worlds. Public Key Cryptography Two keys issued to each user (simplified example) ~1 public key and 1 private key (a key pair) Done automatically at the application layer with Outlook, Browser, etc. Anything encrypted with one key (public) can only be decrypted with the other (private) and vice versa Provides key exchange, scalability and non-repediation SLOW Section 3-1 Topic: Asymmetric Cryptography Functions
Learning Objectives: As we wrap up our lesson on Cryptography, we spend our last section exploring Asymmetric Cryptography in detail with several labs to supplement the lecture knowledge.
A penetration tester must be able to understand what happens at each stage of encryption/decryption phase and how those transactions affect or trigger the outcomes of other events.
In this session, we learn how Asymmetric Cryptography delivers all four encryption services: privacy, authenticity, integrity, non-repudiation (PAIN). We’ll then we find out what happens at each state of asymmetric cryptography.
At the conclusion of this lesson, you’ll know what info is exchanged between public and private key, how packet verification occurs, how a hash is created and how hashing algorithms are used. Asymetric Cryptography P.A.I.N. Privacy Sender always encrypt with the receiver's PUBLIC key. Receiver decrypts with receiver's PRIVATE key which only that receiver has. Authenticity Sender will encrypt "something" with the sender's PRIVATE key. When the receiver is able to successfully decrypt that 'something' with that sender's PUBLIC key, that proves it was encrypted with the sender's PRIVATE key, which only the sender has. Example: I am sending message; my content is encrypted with receiver’s public key. The time stamp is encrypted with senders (my) private key - this can prove that *I* sent it. Integrity Create a message digest (hash) with a hashing algorithm (MD5:128 bit; used less, SHA-1:160 bit; used less, SHA 256:256 bit) Asymmetric and Symmetric both use keys Hashes do not use keys, they only use math functions Example: Very rudimentary, but concept is important - hashes are one way functions H E L L O (every characters numeric value, or the message, then added together) 8 5 12 12 15 = 52 (this value is the message digest/hash) If you ONLY know the 52 (hash), trying to figure out the corresponding additive values would be arduous. Coupled with higher bit level encryption, the effort could take longer than we have time in the universe. However, if they both match, the message has not been modified. Very easy one way math. Non-Repudiation Sender encrypts hash with the sender’s private key. Receiver decrypts hash with sender’s public key. Receiver hashes document - if hashes match, receiver gets a guaranteed message has not been modified. This is called a digital signature. Example:

Hello Confidentiality (encrypt content with receivers public key)
0LL34
52
(hash value after encryption with senders private key) 3ncryp7ed
*It is generally accepted that you cannot reverse a hash* SSL - secure sockets layer – Asymmetrical (for all above), Symmetrical for data exchange (speed) Section 3-2 Topic: Public Key Exchange
Learning Objectives: we continue our focus on Asymmetric Cryptography with a detailed diagram and discussion on secure public key exchange and how it works. You’ll learn the entire process from start to finish and why it’s a faster, more reliable encryption process.
You’ll also learn about Certificates of Authority (CA), what comprises the certificate revocation list (CRL), what a online certification status protocol (OCSP) is, and why they are each essential to the encryption process. We’ll discuss the entire PKI (public key infrastructure) and what role each of its components has.
And finally, we’ll observe then explore what CA hashing looks like during encryption and decryption at the browser level, and learn why thorough PKI knowledge and training in Symmetric & Asymmetric Encryption for netadmins and cyber security professionals is essential. SSL/TLS
Example:
[Desktop clients] -> uses https:// to reach -> [BofA servers] 1. Client requests via https to server 2. BofA sends public key* to client key 3. Client generates a symmetric session key (i.e. 8439...) how does it get this session key to server?* 4. Client encrypts the session key with servers public key (since server will be able to decode with private key) Result: Enables Asymmetric Key Exchange/Symmetric Data Exchange - Secure Channel Setup *This model still allows Man In The Middle (MITM) attacks, we must go further for assurance and authenticity. To cure this, we must have the following public key being verified by a CA via public key infrastructure BofA server proves to Verisign CA (certificate of authority) that they are truly BofA (other CA’s would be Thawte, Baltimore, Entrust, etc.) The CA then gives a certificate back to bind public/private key to server
*How do we know it came from Verisign, a trusted authority? Verisign sends certificate with private key (can be decrypted with Verisigns public key).
*Your web browser may be pre-loaded with CA's - trust gained by having CA's public key. Could set up our own CA, where we 'vouch' for ourselves. While that may not work for web based transactions, but for internal network transactions, it may be an acceptable trade-off. CRL (pronounced krill) - Certificate Revocation List
OCSP - Online Certificate Status Protocol
Section 3-3 Topic: Advanced Encryption Package
Learning Objectives: The Advanced Encryption Package lab demonstrates use of an advanced encryption analysis components and how to use them to dig deeper in your file, password and data analysis.
You’ll observe creation of a password protected text file, see how the Advanced Encryption Package tool rates the strength of assigned password, and uses powerful algorithms to generate secure encryption for network files and directories.
In the Advanced Encryption Package lab, you’ll learn the advantages and disadvantages in the integrity principle vs. confidentiality principle and how those differences impact Symmetric vs. Asymmetric encryption. You’ll also see how to perform secure deletions, and learn how to use this tool as a key generator and PKI manager. Advanced Encryption Package Lab
Can be found (Free Trial) at: http://www.aeppro.com/ Section 3-4 Topic: Hashing and Hash Collisions
Learning Objectives: This session of our Cryptography module introduces an extensive overview on Hashing. It begins with mapping out exactly what a Hash does and where it falls short and why it’s a disadvantage being one-directional.
You’ll also explore Hash collisions—what they are, how they happen, what it takes to recreate them, what happens when there is no integrity and how that is determined by the penetration tester. Hashing Hash functions Scenario 1: A MITM could just intercept and change the hash! Without authenticity, hash is only useful for detecting accidental changes/corruption. Scenario 2: Digital Signature adds authentication to the integrity, we get true non repudiation: protects against accidental or intentional changes...this all requires a PKI ($ overhead) Scenario 3: Introduce a solution; use a M(essage)A(uthentication)C(ode) = Message + Symmetric Key + Hashing Algorithm (this would be a step below having/paying for the PKI overhead) Passwords, credit cards, PII Digital Forensics Hash the drive before doing forensic analysis (write protect the drive). Even opening a file could change the hash. Malware analysis and virus detection Hash Collisions Two different pieces of text product the same hash. Collision resistant hashes are the goal. If a collision is achieved, you now can produce the hash even though it was not the original. MAC HMAC Section 3-5 Topic: Hash Calc
Learning Objectives: The Hash Calc lab teaches you what information is gained from using Hash Calculators to analyze files within a directory, or specifically targeted files. For example, the output of the Hash Calc tool includes the message digest about the target as well as all its relevant integrity algorithms.
The lab also discloses several integrity algorithms not output from the Hash Calc tool that provide a wider range of output datasets. Used in conjunction with the Hash My Files, and Advanced Encryption Package tool Hash Calc can be a very revealing “go-to” suite of resources for cryptographic analysis. HashCalc is a fast and easy-to-use calculator that allows to compute message digests, checksums and HMACs for files, as well as for text and hex strings. It offers a choice of 13 of the most popular hash and checksum algorithms for calculations.
Can be found at: http://www.slavasoft.com/hashcalc/
Section 3-6 Topic: Digital Signature, SHA2(256) and RSA
Learning Objectives: In this sub-part of our previous Hash lesson, we take a closer, more intimate look at digital signatures, SHA2(256). We’ll look at Asymmetric Algorithm, RSA, what is met by satisfying the digital signature standard, and what the entire packet transfer looks like when hashing takes place.
We will also introduce concepts behind protecting data at rest.
Several key definitions are discussed included full disk encryption, file encryption, code signing with a discussion on how they differ, what occurs in each of those data transactions, and why that sequence of events is important for Penetration Testers to know as part of the Asymmetric encryption process. Digital Signatures Hash (remember, hashes are just one way math) MD4, SHA-1, SHA-2 Asymmetric Algorithm RSA - satisfied the Digital Signature Standard Protecting Data At Rest File Encryption - some files or properties may be readable if hard drive is moved to another computer OS (i.e. Windows Hard Drive using Encrypting File System is physically moved to a Linux Box) Full Disk Encryption - modern motherboard have TPM (trusted platform module) BitLocker, PGP, etc. achieve this. Code Signing - distributed code accessed on Internet (Java, Javascript, ActiveX) should be digitally signed. Section 3-7 Topic: Hash My Files
Learning Objectives: This lab demonstrates the Hash My Files tool which analyzes files by specific file or by directory and validates their integrity. The Hash My Files process report is basic and the output can be exported to a series of different formats including HTML.
You’ll also observe a demonstration of how the Hash My Files tool works and what you can learn from the information it provides.
Because of their strong algorithms, security professionals rely heavily on hashing as a reliable Cryptographic analysis tool for integrity validation. Hash My Files tool analyzes files by specific file or by directory and validates their integrity.
HashMyFiles is small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system. You can easily copy the MD5/SHA1 hashes list into the clipboard, or save them into text/html/xml file.
HashMyFiles can also be launched from the context menu of Windows Explorer, and display the MD5/SHA1 hashes of the selected file or folder.
Can be found at: http://www.nirsoft.net/ Tools Used
CrypTool - http://www.cryptool.org
Advanced Encryption Package - http://www.aeppro.com
HashCalc - http://www.slavasoft.com/hashcalc/
HashMyFiles - http://www.nirsoft.net/
(links cannot be guaranteed, as they are maintained independently) END OF OUTLINE

Similar Documents

Free Essay

I Dont Know

...My overall impression on my speech was better than I anticipated. I was very nervous and anxious to get the speech over. I could tell that in the pace of my speech. I was rushing through it and at times it was hard for me to keep track of my place on the outline. I thought I gave good eye contact and I stayed on the speech path, but I could have projected my voice more so that it would have been easier to hear and understand what I was saying. I felt that the delivery was good but I could have moved around more and gave more hand gestures to keep my speech alive. Although I didn’t feel it was a boring speech, I feel like I still tell showed how nervous I really was by the body chemistry I gave off. I prepared a lot for the speech and I went over the speech 3 times in front of the camera at home. I think this helped me a great deal because I had full knowledge of what my speech was about. Because I was nervous and rushing through my speech I often lost my place on my outline, but was able to wing it because I had practiced. It helped a lot that I did my speech on a topic that I am very familiar with and used to talking about. I also used the technique in the chapter that tells you that when you are nervous take a deep breath and use a focus word, mine was “Money”. This technique helped me a great deal in the beginning because I actually felt overwhelmed and on the verge of an anxiety attack. Using this technique calmed me down and made me able to deliver my speech. ...

Words: 476 - Pages: 2

Free Essay

Paper

...Research or Interview Paper Instructions You can choose 1 of the following two options for your Research or Interview Paper. Your paper will be 7 double-spaced pages for the main content (not including the cover page and reference page). Your choices include: 1. A research paper Steps for writing the research paper: a) Choose a topic in Managerial Economics. b) Submit the topic and the outline of the paper to the instructor anytime for approval. c) A minimum of 3 references besides the textbook are required. Liberty University library has excellent resources for your search for journals. http://www.liberty.edu/index.cfm?PID=178 OR 2. An interview paper Steps for writing the interview paper: a) Choose a topic in Managerial Economics. b) Design at least 5 questions according to the topic. c) Submit your questions to the instructor for approval. d) Contact a local or non-local company for an interview. e) Conduct the interview for answers to your questions. f) The paper must have 3 parts: • The description of the company; • Interview questions and answers; and • Your comments. *The research paper is to be done individually, not as a group. **Do not wait until the last module/week to work on the paper. Do it as early as possible. ***A paper that was written for other classes would not be accepted for...

Words: 265 - Pages: 2

Free Essay

Week 9 Iw Assignment Worksheet

...Composition I Week 9 IW Assignment Worksheet Instructions: As you did in Week 3, please fill in the answers to the prompts on this worksheet and save them as a Word doc. You are only filling in the blue areas! Then, attach your completed worksheet to your drop box submission. You will work to create your thesis statement and a basic outline for a comparison/contrast essay. There are two patterns from which to choose, and you will select ONE below. Creating a Thesis Statement and Basic Outline for the Comparison/Contrast Essay I.) First, you’ll choose two items to compare and contrast. There are some great examples of items to compare/contrast on pages 229-230 in our textbook, especially #9, #10, #11, #12, #14, and #15. Fill in the two items that you will compare/contrast. A.) Nokia 7110 – the first effort at taking the Internet onto a mobile (1999) B.) Amazon Fly – Taking Image Recognition Software to its next level (2014) II.) Next, you will identify three criteria that you’ll use to evaluate each of the items. Think about three qualities or characteristics of the two items that you can evaluate to choose the better item. For example, in the Week 10 Sample essay, the writer compares/contrasts the cost, nutrition and taste of two types of bread. Fill in the three evaluative criteria you will use to decide which of your two selected items is better. 1.) Internet capability 2.) Ability to take pictures and record videos 3.) Text messaging III.)...

Words: 631 - Pages: 3

Free Essay

Procedure for Writing a Term Paper

...PROCEDURE FOR WRITING A TERM PAPE A term (or research) paper is primarily a record of intelligent reading in several sources on a particular subject. The task of writing such is not as formidable as it seems if it is thought out in advance as a definite procedure with systematic perpetration. The procedure for writing such a report consists of the following steps: 1. Choosing a subject 2. Finding sources of materials 3. Gathering the notes 4. Outlining the paper 5. Writing the first draft 6. Editing the paper Now let's look at each of them. CHOOSING A SUBJECT Most good papers are built around questions. You can find subjects in any textbook. Simply take some part of the text that interest you and examine it carefully. Ask yourself the following things about it to see if you can locate a question to answer in your paper. Does it tell you all you might wish to learn about the subject? Are you sure it is accurate? Does the author make any assumptions that need examining? Can two of the more interesting sections in the text be shown to be interrelated in some useful way? Your paper is an attempt to write a well-organized answer to whatever question you decide upon, using facts for the purpose of proving (or at least supporting) your contention. The most common error made by students in choosing a subject for a term paper is to choose one that is too general. (The most specific subject will always have enough aspects to furnish a long paper, if you think...

Words: 1279 - Pages: 6

Free Essay

Classroom Tab

...the page next to the home tab. Click the classroom tab. The student’s next page will be the current class the student is participating in. Under the classroom tab are four new tabs. They are materials, discussions, assignments, and grades. The University of Phoenix is geared for adult learners. UoP has a very extensive user friendly website for the active learner. Figure 1.3 CLASSROOM TAB 5.1.1 COURSE OUTLINE When the student has clicked the classroom tab, the next screen will be automatically being the materials tab. The tabs are located at the top of the screen, directly under the classroom tab. In the materials tab the student will have a variety of information at their fingertips. Located on the left will be the course outline. The outline will give the student an overview of week to week activities. It will also give the student a course overview, and course policies. The student has the ability to access an overview of the course. Figure 1.4 MATERIALS TAB, COURSE OUTLINE 5.1.2 POLICIES Under the course outline there is a link for policies. When the link is clicked on, it will open another window. It will give the student the opportunity to read all the policies and procedures of UofP. It gives the user the opportunity to read all the rules and policies under several different types of students. 5.2 DISCUSSION TAB Next to the materials tab at the top of the page is the discussion tab. Under the discussion tab are the forums...

Words: 597 - Pages: 3

Premium Essay

Introductory Presentation

...Introductory Presentation ------------------------------------------------- ------------------------------------------------- Purpose of Presentation: to introduce yourself as a (potential) professional ------------------------------------------------- Audience: class members and your tutor ------------------------------------------------- Due: Week 3 Seminar 1 (Week starting 27 August 2012) ------------------------------------------------- Time limit: (3 minutes, Powerpoint not required) ------------------------------------------------- This presentation is video-taped. ------------------------------------------------- Short written outline of your presentation (one page or less), submitted to your tutor ------------------------------------------------- in hard copy on the day you present. ------------------------------------------------- Presentation Assignment Prepare a presentation to introduce yourself to your class and tutor. The speech will be videotaped for your review and self-assessment. Your presentation should be thoroughly planned, outlined, and rehearsed but not memorized or read. This handout covers the introductory presentation assignment, procedures for giving most business presentations, and a specific assessment sheet to help you prepare your talk and to give peer feedback. TASK: Adapt to Audience and Purpose Prepare and rehearse a presentation to develop your professional identity, establish rapport with your peers, and practise...

Words: 2525 - Pages: 11

Free Essay

Mission

...However, as I’m coming close to the end of my college career I realized I was wrong. Nonetheless, looking at my freshman essay now, I do see how I’ve grown within these past for years. Within my freshman year, I realized didn’t take the time to actually analyze my topic to where I could have understand it more. Therefore, it didn’t come out the way that I’ve envisioned it to be. The topic of evil is a widespread and extensive topic. If I was to approach this topic now, I would have done more extensive research on the nature of evil. This would have made me more knowledgeable about the topic at hand and helped me determine how to start this paper. In addition, before beginning this essay, I should have created an outline to help guide me throughout my paper. The outline would have given me the opportunity go through the research that I’ve gathered and helped to be more critical on how I wanted to present evil and it’s different levels. Doing this would have help me to develop this essay within a more critical and organize matter. While reading my freshman essay, I find myself coming up with more ideas of how I could have develop my point of view of the branches of evil, hence making an stronger argument. For example, I should have went into more deal of the ways evil is view within religion and our society. By doing this, it would have gave a more insight to the reader of how the paper is developing. This also would have given the reader an additional understanding of what evil...

Words: 398 - Pages: 2

Free Essay

Com150 Appendix D

...Appendix D Topic Outline and Thesis Statement Guide My thesis is : Even though most people think that tattoos and piercings are known to be unholy, there are a lot people in the world today who strongly believe that they are meant to be pictures of art from personal feelings such as personal histories, special events, or past/present experiences in their lives. ________________________________ I. All Peoples views on tattoos in today’s world A. many people view tattoos as good/or bad 1. Most People view tattoos as being unholy 2. Younger people view tattoos as being a form of art B. Why most people view tattoos as being bad 1. Tattoo’s are unholy 2. Many people believe you are to treat your body as a temple II. Effects of tattoos A. How tattoos effects you 1. Tattoos are feelings of art, or personal experiences 2. Help people express their selves with pictures B. How tattoos effects other people 1. People may dislike you 2. People may feel angry III. Cost of tattoos in today’s world A. Are tattoos worth a lot of money? 1. How expensive are tattoos 2. What do you get for your money? B. Do teenagers spend all of their money on getting tattoos? 1. How much do teenagers spend? 2. How many teenagers get tattoos, and why? IV. Health Risks and prevention from tattoos A. What are the health risks of getting Tattoo’s? 1. Blood Bourne diseases 2. Skin disorders and infections 3. Allergic reactions ...

Words: 259 - Pages: 2

Free Essay

How to Write Research Ppaper

...Chapter 1. How to Write an A+ Research Paper This Chapter outlines the logical steps to writing a good research paper. To achieve supreme excellence or perfection in anything you do, you need more than just the knowledge. Like the Olympic athlete aiming for the gold medal, you must have a positive attitude and the belief that you have the ability to achieve it. That is the real start to writing an A+ research paper. CONTENTS: STEP 1. CHOOSE A TOPIC STEP 2. FIND INFORMATION STEP 3. STATE YOUR THESIS STEP 4. MAKE A TENTATIVE OUTLINE STEP 5. ORGANIZE YOUR NOTES STEP 6. WRITE YOUR FIRST DRAFT STEP 7. REVISE YOUR OUTLINE AND DRAFT Checklist One Checklist Two STEP 8. TYPE FINAL PAPER STEP 1. CHOOSE A TOPIC Choose a topic which interests and challenges you. Your attitude towards the topic may well determine the amount of effort and enthusiasm you put into your research. Focus on a limited aspect, e.g. narrow it down from "Religion" to "World Religion" to "Buddhism". Obtain teacher approval for your topic before embarking on a full-scale research. If you are uncertain as to what is expected of you in completing the assignment or project, re-read your assignment sheet carefully or ASK your teacher. Select a subject you can manage. Avoid subjects that are too technical, learned, or specialized. Avoid topics that have only a very narrow range of source materials. STEP 2. FIND INFORMATION Surf the Net. For general or background information...

Words: 2333 - Pages: 10

Free Essay

Places to Go for Business and Managment

...topic: Security Issues involved with the transition from IPv4 to IPv6-Goal for next week: have all of our research papers together to divide among the team Team Meeting #2 10/2/2013 -All team members were present -Shared research papers among the team. Discussed potential topics for next semester to get a better idea of what to include in this phase of the paper. Team Meeting #3 10/9/2013 -All team members were present. - Discussed important points to cover based on our research, and laid down a rough outline for the background and introduction. Created and shared Google docs for the outline and for collaborative list of citable resources. Goal for this week: continue research and begin filling in the outline. Team Meeting #4 10/16/2013 -All team members were present -Continued filling in the outline. -Goal for next week: Have it mostly complete! Team Meeting #5 10/23/2013 -All team members were present -Busy week for everyone. Continued filling in the outline. Team Meeting #6 10/30/2013 -All team members present. -Continued filling in rough draft. Working on continuity. Team Meeting #7 11/6/2013 -All team members were present -Mostly done with rough draft. Working to add more technical info into body. Team Meeting #8 11/13/2013 -All team members were present -Not much progress this week. Team focused on project 2. Team Meeting #9 11/20/2013 -All team members were present -Not much progress this week. Team focused on project 2. Team Meeting...

Words: 282 - Pages: 2

Free Essay

Demonstrative Communication

...websites, before choosing one that I deemed credible. Aaron started the outline, and we all agreed to turn in our assigned sections of the outline. However, Michael informed us he would not be attending class, so we had to complete his section. We decided to post our portions of the presentation to OLS. On Monday I posted all of my information, and added all information and the outline. Aaron added the conclusion and posted all of the work between the both of us. We put the information together even though our third person quit. I think our presentation would have been better if we would have known sooner that Michael would not be a part of the project. Aaron and I didn’t have the opportunity to meet and go over our presentation together. Aaron works nights, making it hard for him to meet during the day. Alternatively, we decided to post our work to OLS, in order to modify our work together. I posted all of my slides on Sunday night, and Aaron reviewed them. He also added pictures and created the quiz, and then added some pictures to the slide. After, I looked over our work and increased the amount of questions we had for the quiz, along with additional pictures for the slides. Aaron looked it over one last time, then proceeded to post our outline and PowerPoint. The ouline was not very difficult to create, as we just restructured the information on our slides into a condensed format better suited for an outline. The presentation was started by Aaron, who took longer than expected...

Words: 364 - Pages: 2

Free Essay

Jerks

...successfully perform a step in the speech, show me how you would correct the problem I noted on your evaluation form. Your Name: Section # Persuasive Speech Questions 20 pts. *1. Write the outline for the introduction of your speech. Provide a complete specific purpose and overview of main points. Also present a complete bibliography of the sources you used. Provide brief summaries of the other two steps. Outline for Introduction Step 1- Step 2- Step 3- Step 4- Step 5- 20 pts. *2. Write the outline for the body of your speech. Provide complete transitions in between each main point. Provide paragraph summaries for each main point. Outline for Body Main Point #1 Main Point #2 Main Point #3 Main Point #4 10 pts. *3. Write the outline for the conclusion of your speech. Provide a complete restatement of main points and specific purpose. Provide brief summaries of the other two steps. Outline for Conclusion Step 1 Step 2 Step 3 Step 4 *Do not write out the entire speech. The only steps in the three (3) parts of the speech that I want written out completely are noted in the question (e.g. transitions in the body.) As noted, only summaries of all other steps should be provided. *Answers to questions 1, 2 and 3 must be in outline form or you will receive 0 points for your answer. 25 pts. 4. Provide four examples of how you adapted your persuasive speech...

Words: 401 - Pages: 2

Free Essay

1122121

...anything. Any fanciful cover that you would like to enclose should be placed after the Assignment Front Cover. Copies of the Assignment Front Cover are available at the information counter at the respective College in which you are studying. Kindly ensure that all details requested for on the front cover are completed and that the recipient of your assignment counter signs, acknowledging receipt. Remember to keep a copy of the assignment cover sheet as proof of submission. |[Type College Name] | [Type Subject Name] Executive Summary [Type short paragraph on the outline of assignment which is relevant to the assignment being presented] Student Particulars |Name | | | |IC Number | | | |Student Number | | | |Course | | | |Subject Title | | | |Subject Code ...

Words: 252 - Pages: 2

Free Essay

Arjun

...material to work with, start outlining your speech. Use brief sentences to write out an introduction, a thesis, two main points, and a conclusion. Your thesis (and therefore, your speech) should address the following question: what kind of person is my classmate? Think about two qualities or attributes that describe your partner. Your classmate could be someone like: a sports fan, a musical talent, an outdoorsman, a car enthusiast, a spontaneous free spirit, or anything else that comes to mind. Be creative! 3. Once your full-sentence outline is completed, you can start rehearsing your speech. Be sure that your speech is not written out word-for-word; for extemporaneous speaking, you want your outline to be as concise as possible so that you can develop a more conversational style of delivery. 4. As you rehearse your speech, you should make adjustments and changes. If you’re confident enough, condense your full sentence outline into a speaking outline, such that it includes only your basic speech structure and key phrases and details....

Words: 814 - Pages: 4

Premium Essay

English 216

...This is a two part question. I need an outline created then a final draft for a project on turnover rates. The two files that are attached show the requirements and the second one is the outline template that HAS to be used. The two items are based off the following question: Employee turnover rates are high for many organizations, and you have noticed that the company you work for is no different. Research what other organizations are doing to hire and retain good employees in order to combat the high employee turnover rate. Use this research to make recommendations to the management of your organization. ENGL 216 Formal Report/Proposal Outline Template Your name: Directions: Refer to your textbook (Chapter 2, page 48 and Chapter 10, page 311) and the Week 4 Lecture to complete this outline. Write in complete sentences, not single words or short phrases. Be as detailed as possible, adding in-text citations for all references noted on your References page from Week 3, which should also be included here. The more information you place in this final outline, the less work you will have to do for the report drafts. Introduction: This section sets the stage and purpose of the report. See page 320 in the text for help in completing this section. (Minimum of one sentence per point) Purpose: Description/Background: Find the best study resources around, tagged to your specific courses. Share your own to gain free Course Hero access or to earn money with our Marketplace...

Words: 263 - Pages: 2