Network Security - Designing a network

Original
Lab 4:

• 1 Projector
• 1 Projector Screen
• 30 Computers
• 1 Switch
• 1 Printer
• 1 WiFi
• 2 CCTV

Lecturer Room 1:

• 8 Computers
• 1 Switch
• 2 CCTV
• 1 WiFi

Lecturer Room 2:

• 4 Computers
• 1 Switch
• 1 CCTV
• 1 WiFi

Theater Room:

• 1 Projector
• 1 Projector Screen
• 1 WiFi
• 2 CCTV

Classroom 2:

• 1 Projector
• 1 Projector Screen
• 2 CCTV
• 1 Computer 

Lab 7:

• 1 WiFi
• 31 PC
• 1 Projector
• 1 Projector Screen
• 1 Printer
• 1 Switch
• 3 CCTV

The diagram above:

Classroom 2:

• 1 Projector
• 1 Projector Screen
• 12 Tables
• 1 Computer
• 1 Switch
• 2 CCTV

Lab 7:

• 5 Computers
• 1 Projector 
• 1 Projector Screen
• 1 Printer
• 1 Wireless hub
• 1 Router
• 1 Switch
• 3 CCTV

Lab 4:

• 5 Computers
• 1 Printer
• 1 Wireless hub
• 1 Projector
• 1 Projector Screen
• 2 CCTV
• 1 Switch
• 1 Router

Lecturer Room 1:

• 6 Computers
• 1 Wireless hub
• 1 Router
• 1 Switch
• 1 Telephone 
• Pantry

Lecturer Room 2:

• 4 Computers
• 1 Telephone
• 1 Router
• 1 Switch
• 1 Wireless hub

Theater Room:

• 12 Tables
• 1 Projector
• 1 Projector Screen
• 1 Wireless hub
• 1 Router
• 1 Switch
• 2 CCTV

TV Room

Network Security Devices:

• Anti-virus
• Router VPN
• Firewall
• Email Security

Business Intelligence - System and Technologies

Explain each system and include the features, advantages and disadvantages. Identify in which level does it operate. Provide diagram where necessary.

Transaction Processing Systems (TPS)

• It is an information processing system for business transaction that involves the collection, modification, and retrieval of transaction data
• Characteristics, include performance, reliability, and consistency
• Example: Credit card transactions

Characteristics:

• Reliability 

Failure rates must be low

If failure occurs, the recovery must be quick

• Controlled processing

Support the organization's operations

TPS should maintain the requirements of the roles and responsibility's operation

Management Information System (MIS)

• It is a computer system consists of hardware and software serves as the backbone of an organization's operation
• Gathers and collect data from multiple online systems, analyzes information, and reports the data to aid in the management decision making

Features:

• Flexible

Should allow to analyze and evaluate the data from the multiple sources as needed 

• Easy to use

• Collaborative

Using MIS should facilitate the communication between managers and staff throughout the organization

• Versatile

Should be able to support the different skills and knowledge

Decision Support Systems (DSS)

• It is a computer program application that analyzes the business data and presents it for the users that can make business decision easily
• An informational application 
• May present the information graphically and may include an expert system or artificial intelligence (AI)
• Aimed at business executives or some other group of knowledge workers.
• Example: Process loan application

Characteristics:

• Designed to facilitate decision processes
• Should support automate decision making
• Should be able to respond fast to the changing the need to decision makers

1. Facilitation. DSS facilitate and support specific decision-making activities and/or decision processes.



2. Interaction. DSS are computer-based systems designed for interactive use by decision makers or staff users who control the sequence of interaction and the operations performed.



3. Ancillary. DSS can support decision makers at any level in an organization. They are NOT intended to replace decision makers.



4. Repeated Use. DSS are intended for repeated use. A specific DSS may be used routinely or used as needed for ad hoc decision support tasks.



5. Task-oriented. DSS provide specific capabilities that support one or more tasks related to decision-making, including: intelligence and data analysis; identification and design of alternatives; choice among alternatives; and decision implementation.



6. Identifiable. DSS may be independent systems that collect or replicate data from other information systems OR subsystems of a larger, more integrated information system.



7. Decision Impact. DSS are intended to improve the accuracy, timeliness, quality and overall effectiveness of a specific decision or a set of related decisions.

Expert Systems (ES)

• It is a computer program designed to emulate and mimic the human intelligence, skills or behavior. 
• Developed by using artificial intelligence concepts, tools, and technologies, and possess expert knowledge in a specific field, topic, or skill.

Characteristics:

• Good reliability - must be as reliable as a human expert
• Understandable - able to explain the steps of reasoning while executing. Should have an explanation capability that is similar to the ability of human experts

 



References:

Techopedia.com. (2019). What is a Transaction Process System (TPS)? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/707/transaction-process-system-tps [Accessed 4 Nov. 2019].

Coursehero.com. (2019). Advantages and Disadvantages Transaction Processing System TPS Advantages Batch | Course Hero . [online] Available at: https://www.coursehero.com/file/p25bp0d/Advantages-and-Disadvantages-Transaction-Processing-System-TPS-Advantages-Batch/ [Accessed 4 Nov. 2019].

Shopify. (2019). Management Information Systems (MIS) Definition - What is Management Information Systems (MIS). [online] Available at: https://www.shopify.com/encyclopedia/management-information-systems-mis [Accessed 4 Nov. 2019].

SearchCIO. (2019). What is decision support system (DSS)? - Definition from WhatIs.com. [online] Available at: https://searchcio.techtarget.com/definition/decision-support-system [Accessed 4 Nov. 2019].

Techopedia.com. (2019). What is an Expert System? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/613/expert-system [Accessed 7 Nov. 2019].

Guru99.com. (2019). Types of Information System: TPS, DSS & Pyramid Diagram. [online] Available at: https://www.guru99.com/mis-types-information-system.html [Accessed 7 Nov. 2019].

Sites.google.com. (2019). 1. Characteristics of transaction processing systems - Transaction&processingsystems. [online] Available at: https://sites.google.com/site/transactionprocessingsystems/1-characteristics-of-transaction-processing-systems [Accessed 7 Nov. 2019].

Bizfluent.com. (2019). [online] Available at: https://bizfluent.com/info-8024187-management-information-system-features.html [Accessed 7 Nov. 2019].

Daniel J. Power, P. (2019). Ask Dan! about DSS - What are characteristics of a decision support system?. [online] Dssresources.com. Available at: http://dssresources.com/faq/index.php?action=artikel&id=13 [Accessed 7 Nov. 2019].

System, C. (2019). Characteristics of an Expert System. [online] BrainKart. Available at: https://www.brainkart.com/article/Characteristics-of-an-Expert-System_8929/ [Accessed 7 Nov. 2019].

Network Planning - Proof of Concept

How to design a secured network (methods)

1. Identify the network assets (hardware, software, employee)
2. Analyze the security risks (hackers)
3. Analyze the security requirements (backup)
4. Develop a security plan (plan if any of the security risk happen)
5. Define a security policy (rules of the security, example do not change the settings of the computer)
6. Develop the procedure for applying the security policies
7. Develop a technical implementation strategy
8. Train the users, managers, and technical staff
9. Implement the technical strategy and security procedures
10. Test the security and update it if any problems are found
11. Maintain security

The different types of network security designs that will aid good network security
Antivirus and Anti malware Software

• Both of these, antivirus and anti malware can only detect viruses or malware, and then it will removes the threat and fixes the damage.

Application Security

• It is the software to secure the loopholes of our application from the perpetrators. 
• It tracks the procedure of finding our application's vulnerabilities, after then it fixes and preventing them from any cyber attack.
• Uses software, hardware, and processes to keep the assets intact.

Data Loss Prevention (DLP)

• It is a technology, responsible to secure the communication network of an organization.
• To protect the sensitive data.
• Nowadays, employees in an organization are prohibited to upload, forward, or print critical information in an unprotected manner. 

Email Security

• Popular medium to spread threats such as the malware, spams, and phishing attack.
• Social engineering methodologies make these threats appear genuine and sophisticated.
• Email application security is used to secure the access and the data of an email account by blocking the incoming attacks and controls the outbound messages.

Firewalls

• Monitor the incoming and outgoing traffic that are based on a set of predefined rules
• Is a barrier that separates the trusted networks from the untrusted.
• Can be a hardware or a software.

Network Access Control (NAC)

• Strengthen the network by controlling its access,
• By blocking the non compliant endpoint devices, it can save the network from any potential security breaches.

Wireless Security

• It is become another channel for security breaches.
• With wireless security makes it very challenging for any of the unauthorized access to the damage of the data that is stored in any devices.

References:

EC-Council Official Blog. (2019). What Is Network Security? Types of Network Security - EC-Council Official Blog. [online] Available at: https://blog.eccouncil.org/what-is-network-security-types-of-network-security/ [Accessed 1 Nov. 2019].

Oppenheimer, P. (2019). Developing Network Security Strategies > Network Security Design. [online] Ciscopress.com. Available at: http://www.ciscopress.com/articles/article.asp?p=1626588 [Accessed 1 Nov. 2019].

Network Security Protocols and Technologies

SMTP
DHCP
DNS
MD5

Choose four (4) protocols and discuss its details and importance in network security. Research how they aid network security.

SMTP

• Simple Mail Transfer Protocol
• Used to send and receive email
• Due to its ability to queue the messages at the receiving end, this protocols usually used with one of two other protocols: Post Office Protocol (POP3), and Internet Message Access Protocol (IMAP). These will let the user to save messages in a server mailbox and download them periodically
• Typically, users use a program that uses SMTP to send email, and POP3 or IMAP use to receive email.

How it works?

Importance:

It verifies the configuration of the computer from the email that is being sent and grants the permission for the process. It sends out the message and follow the successful delivery of the email. 

DHCP 

• Dynamic Host Configuration Protocol
• It is a network management protocol that is used to assign an IP address to any of the new node entering the network
• It permits the node to be configured automatically, and it avoid the necessity of involvement by a network administrator
• DHCP is also known as RFC 2131
• It does:

1. Manages the provision of the added nodes or even dropped by the network
2. Maintains the IP address of the host by using the DHCP server

How it works?

Importance:

The DHCP reduces the amount of work that is required for the large network administration by eliminating the need to individually configure, and manage the IP address for every machine. And the administration is done in a single point

DNS

• Domain Name System
• It connects the URLs with their IP address
• With DNS, it is possible to type the words rather than a string of numbers into a browser
• When a user search for a domain names in the browser, it will sends a query to the internet to match the domain with the corresponding IP. 
• Once it is already matches, it uses the IP to retrieve the content of the website

How it works?

Importance:
Can increase the internet security, especially for organizations where hacking can always occur because they are handling with sensitive data for the clients. The organizations need proper security controls to protect the data, they can use DNS servers. 

MD5

• Known as cryptographic has algorithm 
• Produces hash value in a hexadecimal format
• Competes with other designs where hash functions take certain data and change it to provide a value that will be used in the place of the original value

How it works?

Importance:

References:

WhatIs.com. (2019). What is SMTP (Simple Mail Transfer Protocol)? - Definition from WhatIs.com. [online] Available at: https://whatis.techtarget.com/definition/SMTP-Simple-Mail-Transfer-Protocol [Accessed 23 Oct. 2019].

Techopedia.com. (2019). What is DHCP? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/11337/dynamic-host-configuration-protocol-dhcp [Accessed 23 Oct. 2019].

Namecheap.com. (2019). What is DNS? | DNS Definition | Namecheap . [online] Available at: https://www.namecheap.com/dns/what-is-dns-domain-name-system-definition/ [Accessed 23 Oct. 2019].

Webdevelopersnotes.com. (2019). What is SMTP - definition, function, importance and usage. [online] Available at: https://www.webdevelopersnotes.com/what-is-smtp [Accessed 23 Oct. 2019].

Techopedia.com. (2019). What is MD5? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/4022/md5 [Accessed 28 Oct. 2019].

TinyDNS.org. (2019). DNS Server: What Are They? Why Are They Used? Why Are They Important? - TinyDNS.org. [online] Available at: https://tinydns.org/dns-server/ [Accessed 28 Oct. 2019].

Slideshare.net. (2019). E-DHCP. [online] Available at: https://www.slideshare.net/ahmadtaweel2/edhcp [Accessed 29 Oct. 2019].

Business Intelligence

Create a table of comparisons for operational data, data warehouse, and data mart

Describe the purpose of 3 tools and explain how it works. Include the advantages and disadvantages.

Spreadsheets

• It is a file that has rows and columns
• Helps to sort the data, easy to arrange data, calculate the numerical data
• It has the ability to calculate values using mathematical formulas and the data in cells
• Mostly used in banks to calculate the bank balance

Advantages:

1. Easy to create instant calculations
2. Easy to change the data
3. It keeps the data organized efficiently
4. Can create multiple spreadsheets in one file

Disadvantages:

1. Take time to learn the formulas
2. Calculation error may be not recognized by the software or app
3. Take time to enter the data into each cell
4. Some of the files may be incompatible

Data Mining

• Process of analyzing the hidden patterns of data that are according to the different perspectives to categorize the data into a useful information
• The data is collected and assembled in common areas (data warehouse) for the efficient analysis, data mining algorithms, facilitating the business decision making and other information requirements to cut costs and increase revenue

Advantages:

1. Contribute in the strategic decision making by discovering the information
2. Discover information that was not expected to be obtained
3. Huge database can be analyzed 
4. Can offer the customers of the products or services that they need

Disadvantages:

1. Difficulty of collecting the data 
2. Depending on the amount of the database that it can take some time to process the information
3. Lack of appropriate security system that can be a risk in the privacy of the user's information
4. Not a perfect process if the information is inaccurate, can affect the outcome of the decision making process

Operational Dashboard

• Focusing on the performance of monitoring and measure the important metrics for any user
• Contain a set of well defined business metrics (KPIs and KRIs)
• The information is updated in real time
• Allowing the employee to monitor closely the efficiency and effectiveness of the operations

Advantages:

1. Manage the delivery of roll-up reporting to assist the measurement of corporate KPIs
2. Consistent, corporate

Disadvantages:

1. Costly to assure the executive, management, and operational needs are met
2. The impact leans heavily on maintaining the consistency 

Research the role of business processes within an organization and their function at different levels.

References:

Your Article Library. (2013). Decisions Making: Strategic, Tactical and Operational Decisions | Business Management. [online] Available at: http://www.yourarticlelibrary.com/information-technology/decisions-making-strategic-tactical-and-operational-decisions-business-management/10271 [Accessed 26 Oct. 2019].

JReport Blog. (2014). 5 Types of Business Intelligence Technologies Explained - JReport Blog. [online] Available at: https://www.jinfonet.com/blog/5-types-of-business-intelligence-technologies-explained/ [Accessed 26 Oct. 2019].

Techopedia.com. (2019). What is a Data Mart? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/134/data-mart [Accessed 26 Oct. 2019].

Definitions, S. and Hope, C. (2019). What is a Spreadsheet?. [online] Computerhope.com. Available at: https://www.computerhope.com/jargon/s/spreadsheet.htm [Accessed 26 Oct. 2019].

Gaille, B. (2016). 11 Pros and Cons of Spreadsheets. [online] BrandonGaille.com. Available at: https://brandongaille.com/11-pros-and-cons-of-spreadsheets/ [Accessed 26 Oct. 2019].

Techopedia.com. (2019). What is Data Mining? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/1181/data-mining [Accessed 26 Oct. 2019].

LORECENTRAL. (2018). Advantages and disadvantages of data mining ~ LORECENTRAL. [online] Available at: https://www.lorecentral.org/2018/12/advantages-and-disadvantages-of-data-mining.html [Accessed 26 Oct. 2019].

Dundas.com. (2014). Types of Dashboards: The Operational Dashboard. [online] Available at: https://www.dundas.com/resources/dundas-data-visualization-blog/types-of-dashboards-the-operational-dashboard [Accessed 26 Oct. 2019].

MashMetrics. (2019). Pros and Cons of Dashboards, Custom Reports and Performance Monitoring | MashMetrics. [online] Available at: https://mashmetrics.com/marketing-reports-dashboards-performance-alerts-pros-cons-of-each/ [Accessed 26 Oct. 2019].

Business Intelligence

Analyse and compare the systems and technologies associated with business intelligence.
For example:
Data warehouses

• It is a system, can be used for data to analysis or with a reporting software. 
• We can use data warehouse to integrate data from one or more disparate sources, creating a central repository of data
• Maintains a copy of the information from the source transaction systems, we only need a single query engine in order to view the data that we need
• It is useful to keep historical data, to improve the quality of the data (to be more consistent, less bad data), to combine all of the data from different sources into single data model
• Main goal is to combine the data form different sources and types of the data source
• Main benefit all of the associated data that can be used in disparate applications or in a singular application

Executive information systems

• It is a decision support system that is used to assist the senior executives for decision making process
• This is done by providing easier access to the important data that are needed in order to achieve the goals in an organization
• Usually features the graphical displays on the easy-to-use interface
• Can be used in many different types of organization to monitor the enterprise performance and to identify the opportunities and the problems 

Online analytical processing (OLAP)

• It is a category of software allowing the users to analyze the information from multiple database systems at the same time
• A technology that enables the analysts to extract and view the business data from different point of view
• With OLAP, the data can be pre-calculated and pre-aggregated and this make the analysis faster
• OLAP database are divided into one or more cubes, and the cubes are then designed in a way that creating and viewing reports become easy

References:

JReport Blog. (2014). 5 Types of Business Intelligence Technologies Explained - JReport Blog. [online] Available at: https://www.jinfonet.com/blog/5-types-of-business-intelligence-technologies-explained/ [Accessed 21 Oct. 2019].

Techopedia.com. (2019). What is an Executive Information System (EIS)? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/1016/executive-information-system-eis [Accessed 24 Oct. 2019].

Guru99.com. (2019). What is OLAP (Online Analytical Processing): Cube, Operations & Types. [online] Available at: https://www.guru99.com/online-analytical-processing.html [Accessed 24 Oct. 2019].

Network Security - Devices

Discuss the different types of network security devices
Explain how they are used to provide network security
Explain their advantages
Provide diagrams on how each device is used with justifications

Secure modem

• To transmit the signals that are digital over analog telephone lines
• The digital signals are converted into analog signals with different frequencies and then transmitted to the modem at the receiving locations. The receiving modem will reverse the transformation and will provide the digital output to the connected device to the mode, (computer)
• There are many telephone companies offer DSL services and many computers cable use modems as their end terminals for the use of identification and recognition of home and personal users

Advantage for wireless modem:

1. The internet connection is always on 
2. The modem provide fast internet connection
3. Offer a secure network with the flexibility and convenience of a wireless internet connection

Intrusion Prevention System (IPS)

• It is a form of the network security to prevent any identified threats. This IPS is monitoring the network continuously, this is to look for any possible malicious incidents in the network
• It is a network security prevention technology that will examine the traffic flows in the network and any vulnerability exploits, which usually comes in the form of malicious inputs to a service where the attackers use to interrupt and gain access to the application.
• IPS does scanning the network traffic as it will go across the network, this is to prevent from malicious events from happening. 
• This IPS will be sitting between your firewall and the other of your network to stop the malicious traffic from entering the network. Same concept for security guard. When any of the unknown event is detected, the packet will then be rejected.

Advantages/Benefits:

• Less security incidents

While the connected devices does not notice any changes, this IPS is making sure the disruption is less for the systems and reducing the numbers of security incidents

• Selective Logging

It only records the network activity if there is any action, maintaining the privacy of the network users

• Privacy Protection

An IPS is also protecting the privacy of the information that are available in the network

Wireless Intrusion Prevention and Detection System (WIDPS)

• Used to protect any wireless network or in any other cases a wired network, from any unauthorized users (WIPS)
• System sensors used in order to monitor the network in case if there is any intrusion of any unauthorized devices (WIDS)

References

Blog.netwrix.com. (2019). Network Devices Explained. [online] Available at: https://blog.netwrix.com/2019/01/08/network-devices-explained/ [Accessed 18 Oct. 2019].

Forcepoint. (2019). What is an Intrusion Prevention System (IPS)?. [online] Available at: https://www.forcepoint.com/cyber-edu/intrusion-prevention-system-ips [Accessed 16 Oct. 2019].

Paloaltonetworks.com. (2019). What is an Intrusion Prevention System? - Palo Alto Networks. [online] Available at: https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-prevention-system-ips [Accessed 16 Oct. 2019].

Wilkins, S. (2019). Basic Intrusion Prevention System (IPS) Concepts and Configuration > Basic Intrusion Prevention System (IPS) Concepts and Configuration. [online] Ciscopress.com. Available at: http://www.ciscopress.com/articles/article.asp?p=1722559 [Accessed 16 Oct. 2019].

Lewis, T. (2019). IDS and IPS 101: How Each System Works and Why You Need Them. [online] LBMC Family of Companies. Available at: https://www.lbmc.com/blog/ids-and-ips-101/ [Accessed 16 Oct. 2019].

Its.umich.edu. (2019). Intrusion Prevention System Benefits / U-M Information and Technology Services. [online] Available at: https://its.umich.edu/enterprise/wifi-networks/network-security/ips/benefits [Accessed 18 Oct. 2019].

Reuters.com. (2019). Wireless Intrusion Detection and Prevention Systems (WIPDS) Market – Global Industry Analysis, Size, Share, Growth, Trends and Forecast 2018 – 2025 - Reuters. [online] Available at: https://www.reuters.com/brandfeatures/venture-capital/article?id=50395 [Accessed 22 Oct. 2019].

Business Intelligence - Data Types & Mechanism

Produce a table of examples for unstructured and semi-structured data

Semi-structured data

• Is the information that is not reside in a rational database but have some organizational properties which is easier to analyze
• By performing some process, we can store the data in the relation database, but this semi-structured exist to make the space more easier

Unstructured data

• The data is not organized in a pre-defined manner or it does not have any pre-defined data model
• This is not good for any mainstream relational database
• There are alternative platforms to store and manage the data 
• Used by organizations in variety of business intelligence and analytical applications (Word, PDF)

Explain each type of decision in business and give example (strategic, tactical, operational)

Strategic Decisions

• It is the most major choices of actions or part in a business enterprise
• They contribute directly to the achievement goals of the enterprise
• They have long term implications on the business enterprise
• Might involve major departures from the procedures 
• Is unstructured and the manager must apply his business judgement, evaluation, and intuition into defining the problem
• The decision will be taken to the higher level of management 

Tactical Decisions

• Relate to the implementation of strategic decisions
• Directed to developing divisional plans, structuring workflows, establishing distribution channels, acquisition of resources (men, materials, money)
• This decision will be taken at the middle level of management

Operational Decisions

• Relate to the day-to-day operations of the enterprise
• Have short term horizon because they are taken repetitively
• The decisions are based on the facts regarding to the events and does not need much of the business judgement
• Taken at lower levels of management
• The information is needed to help the manager to take rational, well informed decisions, information systems that need to focus on the process of the managerial decision making

Discuss the functionality of business intelligence

Give the advantages and disadvantages of using an application software as a mechanism for business processing

• Meet the needs of the user because they are designed for only use one specific software to accomplished the task
• Cannot restrict any access as this can protect their network due to the viruses threat that can be custom made the application is very small
• The application software that has licensed has a regular updates from the developer in order to have security purposes. The developer will frequently send personnel to correct if the application software has problems that may arise

References:

Your Article Library. (2013). Decisions Making: Strategic, Tactical and Operational Decisions | Business Management. [online] Available at: http://www.yourarticlelibrary.com/information-technology/decisions-making-strategic-tactical-and-operational-decisions-business-management/10271 [Accessed 17 Oct. 2019].

Techspirited. (2019). Advantages And Disadvantages of Application Software You Didn't Know. [online] Available at: https://techspirited.com/advantages-disadvantages-of-application-software [Accessed 17 Oct. 2019].

GeeksforGeeks. (2018). Difference between Structured, Semi-structured and Unstructured data - GeeksforGeeks. [online] Available at: https://www.geeksforgeeks.org/difference-between-structured-semi-structured-and-unstructured-data/ [Accessed 21 Oct. 2019].

Network Security - Type of hacker

Academic Hacker

It is an action of hacking the academic or any institution. This is mostly done by either by the student or anyone in order to get what they want (to change their grades, or to know what is on the exam paper).

Below is the article of academy hacker:

A few short decades ago, the archetypal hacker was a bored teenager breaking into his school's network to change grades, à la Ferris Bueller. So today, when cybersecurity has become the domain of state-sponsored spy agencies and multibillion-dollar companies, it may be refreshing to know that the high school hacker lives on—as do the glaring vulnerabilities in school software.

At the Defcon hacker conference in Las Vegas today, 18-year-old Bill Demirkapi presented his findings from three years of after-school hacking that began when he was a high school freshman. Demirkapi poked around the web interfaces of two common pieces of software, sold by tech firms Blackboard and Follett and used by his own school. In both cases, he found serious bugs that would allow a hacker to gain deep access to student data. In Blackboard's case in particular, Demirkapi found 5 million vulnerable records for students and teachers, including student grades, immunization records, cafeteria balance, schedules, cryptographically hashed passwords, and photos.

Demirkapi points out that if he, then a bored 16-year-old motivated only by his own curiosity, could so easily access these corporate databases, his story doesn't reflect well on the broader security of the companies holding millions of students' personal information."The access I had was pretty much anything the school had," Demirkapi says. "The state of cybersecurity in education software is really bad, and not enough people are paying attention to it."

References:

Nast, C. (2019). Teen Hacker Finds Bugs in School Software That Exposed Millions of Records. [online] Wired. Available at: https://www.wired.com/story/teen-hacker-school-software-blackboard-follett/ [Accessed 13 Oct. 2019].

Business Intelligence - Data Input / Data Output

Produce and I/O for the following scenario:
- Enrolling HND in Micronet
Data Input

• Full name
• Address
• Postcode
• Date of birth
• Phone number
• Email address
• Nationality
• Religion
• I.C Number
• Signature 
• Parents information

Data Capture

• Gender
• Course
• Campus 
• I.C Color
• Status 

Data Process Activity

• Storing
• Communication

- Creating an Email
Data Input

• First name
• Last name
• Password
• Confirm password
• Another alternative email
• Username that will appear

Data Capture

• Date of birth
• Gender

Data Process Activity

• Collect
• Storing

- Registering on Facebook
Data Input

• First name
• Last name
• Name that will appear 
• Password
• Email
• Phone number 

Data Capture

• Gender
• Date of birth

Data Process Activity

• Storing
• Collect

Business Intelligence - Flowchart

Write the process of registering to MIC for HND

Write the process of buying and owning a car in Brunei

Write the process of opening a bank account

Network Security - Breaches

Two (2) network security breaches

Phishing
Definition

• It is a fraud action that make use of the electronic communications to get what they want from the current user that they target
• This is to attempt taking the sensitive, confidential information (passwords, credit cart information)

How it work? And what happen

• The person who wants to get the information might act like a legitimate individual or institution from a phone call or email 
• Example by email. They send a link to the person and if the person click on the link it will automatically directing the person who send the email to get any information that they want from the user. 

How to prevent?

• Organizations can train the employee on how to recognize any suspicious email, links or attachments.
• The person who are doing this breach are always refining their techniques, in order to deal with this, continued education is imperative
• Some tell-tale signs of a phishing email include:

1. Poor spelling and grammar
2. Threats of account shutdown
3. Unexpected attachments that usually ends with ".exe" files

• Additional technical security measures:

1. Two factor authentication (two methods of identifying confirmation i.e password)
2. Have other password logins (using personal images, security skins)

Password Attacks/Cracking
Definition

• Refers to the several measures to discover the computer passwords
• Usually accomplished by the recovering passwords from the data that are stored in or transported from the computer system

How it works?

• This is done by guessing the password repeatedly usually through a algorithm of the computer where the computer tries numerous combinations until the password are correctly discovered

How to prevent?

• The user must make sure that they password are strong, which must have at least eight (8) characters long
• The password must contain a combination of mixed-case random letters, digits or symbols
• Strong password must not be an actual words 

References:

Forcepoint. (2018). What is Phishing?. [online] Available at: https://www.forcepoint.com/cyber-edu/phishing-attack [Accessed 8 Oct. 2019].

Techopedia.com. (2019). What is Password Cracking? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/4044/password-cracking [Accessed 8 Oct. 2019].

Network Security

Network Security

• It is a term that covers the multitude of technologies, devices, and processes.
• In a simple term, a set of rules and configurations designed to protect the integrity, confidentiality and accessibility of the computer networks and data using both software and hardware technologies. 

Advantages

• Protection from malicious attacks on the network
• Prevents users from unauthorized access to the network
• Protect the confidential information

Disadvantages

• Strict regulations
• Difficult to work with the non-technical users
• Easy to be attacked

Importance
This network security is important especially for home networks but also in business world. Most homes that has high speed internet connections will have wireless routers, not one but more, which this can be exploited or hack if it is not properly secured. By this, a solid network security system can help to reduce the data loss, theft, or even sabotage.

Basically network security is to protect the data from being lost and to protect the network from being hack.


Example of network security breach 

Date: May 2014
Impact: 145 million users compromised
Details: The online auction giant reported a cyberattack in May 2014 that it said exposed names, addresses, dates of birth and encrypted passwords of all of its 145 million users. The company said hackers got into the company network using the credentials of three corporate employees, and had complete inside access for 229 days, during which time they were able to make their way to the user database.

It asked its customers to change their passwords, but said financial information, such as credit card numbers, was stored separately and was not compromised. The company was criticized at the time for a lack of communication informing its users and poor implementation of the password-renewal process.

CEO John Donahue said the breach resulted in a decline in user activity, but had little impact on the bottom line – its Q2 revenue was up 13 percent and earnings up 6 percent, in line with analyst expectations.

How did this happen?

According to eBay, attackers compromised employee log-in credentials. This gave the attackers access to the corporate network and the systems on it.

As is the case with most attacks that result in credential theft, the attackers likely used a socially-based attack of some kind. The best bet is Phishing. However, eBay isn't discussing how the credentials were compromised, so it could be Phishing, or it could be malware. The public may never know.

References:

Forcepoint. (2018). What is Network Security?. [online] Available at: https://www.forcepoint.com/cyber-edu/network-security [Accessed 8 Oct. 2019].

profile, V. (2009). Internet Security : Advantages and Disadvantages. [online] Crush64.blogspot.com. Available at: http://crush64.blogspot.com/2009/10/internet-security-laws-advantages-and.html [Accessed 8 Oct. 2019].

Herzing University. (2017). What is Network Security and Why is it Important?. [online] Available at: https://www.herzing.edu/blog/what-network-security-and-why-it-important [Accessed 8 Oct. 2019].

Armerding, T. (2019). The 18 biggest data breaches of the 21st century. [online] CSO Online. Available at: https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html [Accessed 15 Oct. 2019].

Ragan, S. (2019). Raising awareness quickly: The eBay data breach. [online] CSO Online. Available at: https://www.csoonline.com/article/2157782/security-awareness-raising-awareness-quickly-the-ebay-database-compromise.html [Accessed 15 Oct. 2019].

Business Intelligence

LO1 Exercise:

Explain Business Intelligence and its purpose

Business Intelligence refers to the tools, technologies, applications, and practices, that is used to collect and analyze and present the organization's raw data to create actionable business information.

Purpose:

• To help corporate executives, business managers, and other operational workers to make a better and more informed business decisions. 
• Companies use business intelligence to identify new business opportunities, and spot inefficient business process

Discuss "Business Process" with example

1. Finance - billing process, risk management process
2. Health - medical assessment, drug approval
3. Banking - credit check
4. Public Sector - application for a government service
5. Travel - trip booking, agent billing

Identify and describe the business process model

• Business process model is a graphical representation of a company's business process or workflows (identifying the potential improvements)
• Usually done through different graphing methods (flowcharts, data flow diagram)

References:

Financesonline.com. (2017). What Is the Purpose of Business Intelligence in a Business? - Financesonline.com. [online] Available at: https://financesonline.com/purpose-business-intelligence-business/#bi [Accessed 7 Oct. 2019].

PNMsoft. (2019). Business Processes - Explanation and Examples. [online] Available at: http://www.pnmsoft.com/resources/bpm-tutorial/business-process/ [Accessed 7 Oct. 2019].

Kothari, A. (2017). Business Process Modeling: Definition, Benefits and Techniques. [online] Tallyfy. Available at: https://tallyfy.com/business-process-modeling/ [Accessed 7 Oct. 2019].

Qualitative and Quantitative Research Methods

Focus on different methods of gathering data and material. Feedback the advantages and disadvantages. Choose the method that you will use in this project. Justify your choices

Qualitative Research Method
It is a type of research that collects non-numerical data and seeks to interpret the meaning of these data that helps us to understand it. The data can be collected through observation or interviews.

Advantages & Disadvantages:

Quantitative Research Method
A way of collecting and analyzing the data that is obtained from different sources. It involves the use of computational, statistical, and mathematical tools in order to get the information or data.

Advantages & Disadvantages:

For this project, I will choose the quantitative research method as the quantitative research method has a survey or questionnaire, as it is easier to know how many people that knows about the project's topic that is about AI, and they can also leave a comment or suggestion on how to improve the AI.


References:

ThoughtCo. (2019). What Is Qualitative Research?. [online] Available at: https://www.thoughtco.com/qualitative-research-methods-3026555 [Accessed 19 May 2019].

Mcleod, S. (2019). Qualitative vs Quantitative Research | Simply Psychology. [online] Simplypsychology.org. Available at: https://www.simplypsychology.org/qualitative-quantitative.html [Accessed 19 May 2019].

Sisinternational.com. (2019). What is Quantitative Research? | SIS International Research. [online] Available at: https://www.sisinternational.com/what-is-quantitative-research/ [Accessed 19 May 2019].

Security Tools and Techniques

Provide description
Discuss its purpose
Give the advantages (2) and disadvantages (2)
Explain why organizations need to implement it
Explain what will happen if it is not configured/set up properly

Demilitarized Zone
It is also called as a DMZ. It is a host or a network that is use to secure and intermediate network between the organization's internal and the external network. Also known as a network perimeter.

Purpose
To allow access to servers from the internet without having to access to the other corporate network

Advantages 

• Increase the security of the LAN networks

Disadvantages


Network Address Translation
A process of changing the destination IP addresses and the source. The address translation reduces the need for IPv4 public addresses and hides the private network address range. This process is usually done by routers or firewalls

Purpose

Advantages 

Disadvantages

Firewalls
A software that is used to maintain the security of a private network. It block unauthorized access to or from a private network and often employed to prevent unauthorized web users from gaining access to private network that are connected to the internet.

Purpose
To block any unauthorized request from the client

Advantages 

• Better security and network monitoring features
• Allows for more advanced network functionality
• Helps in VOIP phone reliability

Disadvantages

• Cost and maintenance
• Need for professionals to manage 
• Can slow down the internet speeds

References

Techopedia.com. (2019). What is a Demilitarized Zone (DMZ)? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/10266/demilitarized-zone-dmz [Accessed 8 May 2019].

Study-ccna.com. (2016). What is NAT?. [online] Available at: https://study-ccna.com/what-is-nat/ [Accessed 8 May 2019].

Techopedia.com. (2019). What is a Firewall? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/5355/firewall [Accessed 8 May 2019].

getthehelp. (2015). Advantage & Disadvantage of using DMZ. [online] Available at: https://getthehelp.wordpress.com/2015/09/08/advantage-disadvantage-of-using-dmz/ [Accessed 13 May 2019].

Firewall, 1. (2018). What are the Pros and Cons of Getting a Firewall - LME Services. [online] LME Services. Available at: https://www.lmeservices.com/pros-cons-getting-firewall/ [Accessed 13 May 2019].

IT Security

Explore a range of:

• tools (2)
• techniques (2) 
• methods (2)

used for implementing network security

Tools
1. Aircrack

Enables to identify weak points in the wireless network's security. Can attempt to crack encryption password and test the capabilities of the WiFi cards and drivers

2. Solarwinds Network Performance Monitor

A solution that intend for use on large, mission-critical networks. This tools offers advanced network and device monitoring that can be instrumental in securing the network

Techniques
1. Network Scanning (Scan the network)

2. Firewall

3. Encryption

Methods
1. Access Control

Block any of unauthorized users and devices from accessing the network. Only users that are permitted to access the network

2. Anti-malware

Viruses can spread across the network and can damage the machine and the network. This anti-malware security effort should be able to prevent the damage from happening. 

References:

KisMAC. (2019). What is Network Security and How Can I Implement It?. [online] Available at: https://kismac-ng.org/network-security-tools/ [Accessed 2 May 2019].

Fruhlinger, J. (2019). What is network security? Definition, methods, jobs & salaries. [online] CSO Online. Available at: https://www.csoonline.com/article/3285651/what-is-network-security-definition-methods-jobs-and-salaries.html [Accessed 7 May 2019].