...Lab#5 Define a process for Gathering Information pertaining to a GLBA Compliance 1. GLBA repealed parts of an act. Name the act and explain why it was significant for financial institutions and insurance companies. Parts of the glass Steagall act of 1933 GLBA allows financial institutions such as banks to act as insurance companies. GLBA covers both financial institutions and insurance companies since both can perform financial services for its customers. This reform requires banks and insurance companies to comply with both the privacy and safeguard rules of GLBA. 2. What is another name for obtaining information under false pretenses and what does it have to do with GLBA? What is an example of the safeguard pertinent to this requirement? Pre-texting or social engineering. GLBA specifically mentions this in title 15 US code chapter 94 sub chapter 2, section 6821. GLBA encourages companies to implement safeguards around pre-texting and social engineering. Security awareness training and periodic reminders of awareness to pre-texting and social engineering is a best practice performed within the user domain. 3. How does GLBA impact information system security and the need for information systems security practitioners and professionals? The safeguards rule within GLBA requires financial institutions and insurance companies to develop security plan detailing how they will protect their customers nonpublic personal information. The safeguards rule impacts the security...
Words: 1267 - Pages: 6
...can” because a collection of choices are mixed and then chosen to match a problem to a solution. Per the article, “The choice situation becomes a “garbage can” in which problems and solutions are dumped” (Nutt, 606). According to the political model, decision makers base decisions on personal decisions rather than organizational issues. An irrational decision is rational to them because it achieves their ultimate goal. “ This prompts decision makers to seek information that bolsters their position by maintaining images of self, attitudes and the like. Decision makers create the impression that they have arrived at an unbiased inference by making their interpretation of trends and events seem equitable to all concerned” (Nutt, 606). In conclusion, the decision-making models do relate to the information described in the explanatory variable Table 1. As decision makers need to find the appropriate approach to solve problems and execute the best decision. #2. The approach that Nutt suggested in the article, in regards to gathering and extrapolating data involves a two-step...
Words: 1111 - Pages: 5
...Not too long ago, I was apart part of a small team at work and our main job was to find a way where we could store more inventory within our building. At this time we were bring in more fright into our warehouse, then what we were shipping out, because we were getting ready for “Prime Day” event at work. There was 6 of us on this team, 3 from days and 3 from night shift. We will all meet for an hour before/after our normal work schedule and we will discuss what we could do and what will work or not. We came up with many ideas that involved us cherry picking inbound fright as in we will only unload trucks with fast selling items, consolidate pallets from having 4 pallets of items down into 1 pallets to save room in our VNA(very narrow aisle), downsizing other departments that were not utilizing all the space that they did have. After a few weeks gone by and talking to other building in our network on what they were doing. We have decided to try 2 ideas and not the others. We choose not to do the cherry picking idea, due to the fact we don’t want to run into the issue of dealing with unhappy buyers and sellers. Because if we don’t third-party merchants inventory they don’t make money and more likely their product will just destroy by us. So that would not be the best route to take. We did go with the consolidating and downsizing other departments and we give those to options a try for a weeks. We were all impressed by the improvement we have done and we were back to running...
Words: 494 - Pages: 2
...A problem I have encountered in my past was one of my buddys gave me a call and said he was having technical problems with his computer I asked him what it was and try to explain to me briefly what it was doing. He couldn’t really explayin on the phone what the problem was. So I went over to his house to check out the problem. His computer wouldn’t boot it kept on going to the blue screen. I tried everything I could on my part and couldn’t figure out what the real problem was. So we had to bring his computer over to my house so I could get access to the internet on my computer. I got on my computer and went onto some forums for his model computer and got into the details of what was going on with his computer. So in this problem I used step one. It helped me because I was able to collect and analyze the real problem with his computer, I made a post on the forums and got responses winthin twenty minutes. The problem was with his computer that his hard drive somehow got fried nobody knows how in the world this happened so we had to go to the local computer store and buy a new hard drive and a new operating system disc so I could get his computer running again. I installed the hard drive into the computer and booted the drive to the operating system disc. We got the computer back on and running and I installed a few programs to make sure that this issue will not happen again. He was very happy that I got his computer back up and running because he uses it for a lot of things. Like...
Words: 379 - Pages: 2
...IS4560 Unit 3 Assignment 1 Information Gathering Plan The explosive growth and popularity of the world-wide web have resulted in thousands of structured query able information sources on the Internet, and the promise of unprecedented information-gathering capabilities to lay users. Unfortunately, the promise has not yet been transformed into reality. While there are sources relevant to virtually any user-queries, the morass of sources presents a formidable hurdle to effectively accessing the information. One way of alleviating this problem is to develop a information gatherer which take the user’s query, and develop and execute an effective information gathering plan that accesses the relevant sources to answer the user’s query efficiently. Most organizations are familiar with Penetration Testing (often abbreviated to, “pen testing”) and other ethical hacking techniques as a means to understanding the current security status of their information system assets. Consequently, much of the focus of research, discussion, and practice, has traditionally been placed upon active probing and exploitation of security vulnerabilities. Since this type of active probing involves interacting with the target, it is often easily identifiable with the analysis of firewall and intrusion detection/prevention device (IDS or IPS) log files. However, too many organizations fail to identify the potential threats from information unintentionally leaked, freely available over the Internet,...
Words: 596 - Pages: 3
...Material Appendix I Strategies for Gathering Information Fill in the following information for each of your sources: • List the APA reference citation for the source. • Determine the credibility of the source. Consider the following criteria: o What is the purpose and affiliation of the organization or author related to the article? o What are the author’s credentials? o Is the information current? When was the information last updated? o Does the information cross-reference with other sources? o Does the source contain bias without evidence to support the claim? • Explain in at least two to four sentences what information you can gather from this source. |Source (formatted consistent with APA guidelines) |What makes the |What information can | | |source credible or |you gather from this | | |noncredible? |source? | |Alvarez, B. (2013). As more schools embrace tablets, do textbooks have a fighting chance. Retrieved from |This author has |This article is about | |http://www.neatoday.org/2013/07/31/as-more-schools-embrace-tablets-do-textbooks-have-a-fighting-chance/ |written information |a school district that| | ...
Words: 1127 - Pages: 5
...Ethical Hacker Unit 2 Project Presented By Sandra Grannum To Dr. Pace On December 13, 2011 Table of Contents Abstact………………………………………………………………………………………………………..3 Seven steps of Information gathering…………………………………………………..………..4 Popular Reconnaissance tools……………………………………………………………………….5 Methods to crack passwords on windows linux and Mac…………………………….…..8 Password Cracker downloads…………………………………………………………….………….9 Security Plan……………………………………………………………………………………………….. 9-11 Steps to remove evidence……………………………………………………………………………. 11 References:…………………………………………………………………………………………………..12 Abstract This paper list and describe the seven steps of information gathering and describe some of the most popular reconnaissance tools while explaining the benefits and limitations of each. Included as well is the method to crack passwords on Windows, Linux, and Mac. There is also a password cracker tool that was downloaded on my home computer that describes the steps and outcomes. Least but not last, a security plan is also included in this project and the steps to remove evidence of an attack on a network. Define the seven-step information gathering process • Information gathering is divided into seven steps. These steps include gathering information, determining the network range, identifying active machines, finding open ports and access points, OS fingerprinting, fingerprinting services, and mapping the network. Define footprinting • Footprinting...
Words: 2645 - Pages: 11
...to change the current system. First there needs to be information gathering techniques and systems analysis tools that will assist in sorting out certain key documents. Working with cases, process models and data models the purpose of this phase of development is to create a system proposal outlining the requirements and a work plan. How to gather this information is going to be split up amongst system documentation, interviews, questionnaire’s, and work based observation. Making sure that these information gathering techniques are collecting the required information on the project is vital. Last going over project scope and why it is important that a common understanding of the project scope is important among stakeholders. Looking at all of these topics will educate on proper analysis of a project. It is important to begin with information gathering techniques and the ways this will need to be gathered. An important part of the data that can be gathered is Data Flow Diagrams. “DFD is a technique that diagrams the business processes and the data that pass among them.” (Systems 153) It is important that this data reflect the processes or activities performed by the current system. For example, information on the current network diagram show how the different locations use the hardware and how the data is stored on a network. Collection of data will be important to look like this diagram as it will show how information is processed and what it currently looks like on a project...
Words: 1239 - Pages: 5
...Introduction I remember the first day that I left my son with a sitter in order to go to work. My wife was a trauma nurse who worked three twelve hour shifts starting at 7:00pm and ending at 7:00am. In order for her to get rest, we needed to find a sitter. The funny thing is I remember distinctly not feeling comfortable with leaving my son in this persons care, even though the references she provided were solid. To make a long story short, my intuition proved correct and the situation did not work. I fired the caregiver, perhaps hastily, and now had to figure out what to do about childcare. The hospital my wife worked at had a childcare facility and luckily, they had one opening that would allow us to enroll our son. The facility was clean and bright, very well staffed, and very open and inviting. The trade-off was that the “tuition” was a bit much for a young couple, but we agreed the safety and development of our son was much more important than the cost. Reflecting back on this with knowledge I now have, it is an absolute certainty that the daycare had a formalized system in place; however, I cannot identify which method. This “system” is the distinguishing factor between the two examples provided above. In one case, the caregiver assumes the role of guardian. The responsibility, if taken seriously, is to protect the child from harm and provide for the child’s basic needs. Robert Furman recognized in 1966 that caregivers are in a unique position to do something...
Words: 2105 - Pages: 9
...Week 2 Individual Assignment As one of the program outcomes for the Bachelor of Science in Information Technology program, students must apply the principles of systems analysis and design to fundamental business systems within the organization. The final individual paper for this class includes three sections; the final section is due in Week Four. One section of the paper is due each week. Complete Section 1 of the Service Request SR-rm-022 paper. Using the Service Request SR-rm-022, analyze the HR system. Prepare a 4- to 6-page paper that accomplishes the following: • What key stakeholders in Riordan Manufacturing would you gather requirements from? • Describe the information-gathering techniques and systems analysis tools you would propose for the project. • Identify the key factors that help ensure the information required for the project is gathered successfully. • Explain what project scope is and why it is important. Describe the areas of project feasibility that are examined in the analysis phase of the SCLC. • Cite and discuss 2 to 3 references, in addition to the required readings, that are relevant to the assignment. Include citations and references formatted consistent with APA guidelines. Submit Section 1 of the final paper. Week 2 Individual Assignement The Riordan Manufacturing Company has submitted a service request to analyze the human resources department. The goal of this analysis is to integrate the variety...
Words: 1219 - Pages: 5
...Running head: Analytic Competitors Analytic Competitors Lev Mallinger Grand Canyon University BUS 606: Quantitative Methods August 24, 2012 “A wise man is strong and a knowledgeable man increases in his strength” (Proverbs 24:5) Introduction An analytic competitor may be described as an organization engaged in the committed activities of accumulating data, organizing and analyzing it into meaningful information, and following through with business decisions and activities informed by that information. An uninformed layperson may assume most businesses operate as an analytic competitor. This, however, may not be so. Many time business decisions are made through anecdotal or subjective non-quantitative means. An example of this might be a person wanting to open up a restaurant in town. He sees there are no 24 hour diners in the town, so he figures that since he likes diner food, other people must also and without competition he will have a good chance to succeed. It is very possible that he will succeed, but his chances of success might improve if he were to do some research beforehand. Perhaps he could gather data that informed him more about his potential customer base. How interested are they in diner food? Do the town’s people engage in night time activity that would have them out of the house during the night and early morning hours? Buy collecting data and analyzing it the restaurateur can better plan his offerings and hours of operations. While being an analytic...
Words: 1588 - Pages: 7
...Adverse Trend and Data Management University of Phoenix Health Care Informatics HCS482 Richard Ong September 23, 2013 Adverse Trend and Data Management Part I: Step by step guide: Adverse Trend: Immobility. Immobility in hospitalized patients is one of the main risk factors contributing to the development of pressure ulcers. Objective: Identify risk factors related to complications secondary to immobility such as pressure ulcers on the integumentary system. Immobility also leads to other adverse effects affecting cardiovascular system, respiratory system, and musculoskeletal system as well. The assessment is performed on admission data, then once a week. The risk assessment scale used was the Risk Assessment Pressure Sore (RAPS) scale, which includes the following variables; general physical condition, activity, mobility, moisture, food intake, fluid intake, sensory perception, friction and shear, and body temperature (Lindgren & Unosson, 2004). Results: 25 % of patients developed pressure ulcers. Non-blanchable erythema was the most common pressure ulcer noted among these patients. The majority of these patients were significantly older, and hospitalized for a longer period of time. In the analysis using variables included in the RAPS scale, immobility emerged as a major risk factor. Conclusion: Immobility is the main cause of pressure ulcer development among adult hospitalized patients. Part II: After reviewing patient’s charts and documentation...
Words: 925 - Pages: 4
...has input a request, asking the IT department to integrating the information system in the Human Resources department (HR). This request is to take advantage of more sophisticated information system technology and integrate it into the HR departments in the different Riordan Manufacturing locations. This service request will highlight several topics. The main topics that will be discussed are, who are the company’s stakeholders that information will be gathered from for requirements. What type of information-gathering techniques and systems analysis tools are to be used and or proposed to aid in the completion of the project request. Key Stakeholders Mr. Hugh McCauley the COO initiated the service request and he should be the first individual to ask and gather information about his idea of the service request and of what he is looking for about what system requirements for a new Information System for HR. The Director of Human Resources, who is Yvonne McMillan should also be interviewed for her requirements and how does she see what is needed for connectivity to all other business locations using a new Information System. Asking any and all employees who use the current system the company has and what improvements can be done. All of these individuals information is a way of gathering information for this service request. Information Gathering Techniques The primary information gathering technique will be as a proposal to use the Use Case method. A use...
Words: 1089 - Pages: 5
...IS4560 Unit 3 Assignment 1 Information Gathering Plan The explosive growth and popularity of the world-wide web have resulted in thousands of structured query able information sources on the Internet, and the promise of unprecedented information-gathering capabilities to lay users. Unfortunately, the promise has not yet been transformed into reality. While there are sources relevant to virtually any user-queries, the morass of sources presents a formidable hurdle to effectively accessing the information. One way of alleviating this problem is to develop a information gatherer which take the user’s query, and develop and execute an effective information gathering plan that accesses the relevant sources to answer the user’s query efficiently. Most organizations are familiar with Penetration Testing (often abbreviated to, “pen testing”) and other ethical hacking techniques as a means to understanding the current security status of their information system assets. Consequently, much of the focus of research, discussion, and practice, has traditionally been placed upon active probing and exploitation of security vulnerabilities. Since this type of active probing involves interacting with the target, it is often easily identifiable with the analysis of firewall and intrusion detection/prevention device (IDS or IPS) log files. However, too many organizations fail to identify the potential threats from information unintentionally leaked, freely available over the Internet...
Words: 284 - Pages: 2
...allow for network mapping and network address or IP address identification, as well as port information. 2. The differences in the organizations are coverage areas. IANA covers the resources delegated to the other organizations (IANA, N,d,). ARIN is delegated to cover the regions of United States, Canada, several parts of the Caribbean region, and Antarctica. RIPE covers northern parts of Asia, Northern Africa, Europe, and Middle Eastern countries. 3. Sam Spade includes tools that can run WhoIs, HTML source code retrieval, trace route, ping, finger, and nslookup. These functions allow retrieval of data from network traffic, electronic mail headers, and identify origins of addresses. 4 Trace route does exactly as the name states, it traces the route of packets back to the originator. This is useful in finding different jump points and pathways to the targeted website, It traces the routes packets take from the user to the target. It shows a route by hops. They target the host address. 5. WhoIs provides general data such as address or domain owner, contact information for owner, and linked sites to a domain. This information can be used in further data gathering processes. 6. Sam Spade comes equiped with 100 pre-loaded "WhoIs" profiles. Updates may allow for more profiles to be downloaded or updated. 7 Sam Spade is a conglomerate of multiple scanning and data gathering tools that are not intrusive. These tools are for passive scanning of data across networks...
Words: 699 - Pages: 3