Business Intelligence - Flowchart

Write the process of registering to MIC for HND

Write the process of buying and owning a car in Brunei

Write the process of opening a bank account

Network Security - Breaches

Two (2) network security breaches

Phishing
Definition

• It is a fraud action that make use of the electronic communications to get what they want from the current user that they target
• This is to attempt taking the sensitive, confidential information (passwords, credit cart information)

How it work? And what happen

• The person who wants to get the information might act like a legitimate individual or institution from a phone call or email 
• Example by email. They send a link to the person and if the person click on the link it will automatically directing the person who send the email to get any information that they want from the user. 

How to prevent?

• Organizations can train the employee on how to recognize any suspicious email, links or attachments.
• The person who are doing this breach are always refining their techniques, in order to deal with this, continued education is imperative
• Some tell-tale signs of a phishing email include:

1. Poor spelling and grammar
2. Threats of account shutdown
3. Unexpected attachments that usually ends with ".exe" files

• Additional technical security measures:

1. Two factor authentication (two methods of identifying confirmation i.e password)
2. Have other password logins (using personal images, security skins)

Password Attacks/Cracking
Definition

• Refers to the several measures to discover the computer passwords
• Usually accomplished by the recovering passwords from the data that are stored in or transported from the computer system

How it works?

• This is done by guessing the password repeatedly usually through a algorithm of the computer where the computer tries numerous combinations until the password are correctly discovered

How to prevent?

• The user must make sure that they password are strong, which must have at least eight (8) characters long
• The password must contain a combination of mixed-case random letters, digits or symbols
• Strong password must not be an actual words 

References:

Forcepoint. (2018). What is Phishing?. [online] Available at: https://www.forcepoint.com/cyber-edu/phishing-attack [Accessed 8 Oct. 2019].

Techopedia.com. (2019). What is Password Cracking? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/4044/password-cracking [Accessed 8 Oct. 2019].

Network Security

Network Security

• It is a term that covers the multitude of technologies, devices, and processes.
• In a simple term, a set of rules and configurations designed to protect the integrity, confidentiality and accessibility of the computer networks and data using both software and hardware technologies. 

Advantages

• Protection from malicious attacks on the network
• Prevents users from unauthorized access to the network
• Protect the confidential information

Disadvantages

• Strict regulations
• Difficult to work with the non-technical users
• Easy to be attacked

Importance
This network security is important especially for home networks but also in business world. Most homes that has high speed internet connections will have wireless routers, not one but more, which this can be exploited or hack if it is not properly secured. By this, a solid network security system can help to reduce the data loss, theft, or even sabotage.

Basically network security is to protect the data from being lost and to protect the network from being hack.


Example of network security breach 

Date: May 2014
Impact: 145 million users compromised
Details: The online auction giant reported a cyberattack in May 2014 that it said exposed names, addresses, dates of birth and encrypted passwords of all of its 145 million users. The company said hackers got into the company network using the credentials of three corporate employees, and had complete inside access for 229 days, during which time they were able to make their way to the user database.

It asked its customers to change their passwords, but said financial information, such as credit card numbers, was stored separately and was not compromised. The company was criticized at the time for a lack of communication informing its users and poor implementation of the password-renewal process.

CEO John Donahue said the breach resulted in a decline in user activity, but had little impact on the bottom line – its Q2 revenue was up 13 percent and earnings up 6 percent, in line with analyst expectations.

How did this happen?

According to eBay, attackers compromised employee log-in credentials. This gave the attackers access to the corporate network and the systems on it.

As is the case with most attacks that result in credential theft, the attackers likely used a socially-based attack of some kind. The best bet is Phishing. However, eBay isn't discussing how the credentials were compromised, so it could be Phishing, or it could be malware. The public may never know.

References:

Forcepoint. (2018). What is Network Security?. [online] Available at: https://www.forcepoint.com/cyber-edu/network-security [Accessed 8 Oct. 2019].

profile, V. (2009). Internet Security : Advantages and Disadvantages. [online] Crush64.blogspot.com. Available at: http://crush64.blogspot.com/2009/10/internet-security-laws-advantages-and.html [Accessed 8 Oct. 2019].

Herzing University. (2017). What is Network Security and Why is it Important?. [online] Available at: https://www.herzing.edu/blog/what-network-security-and-why-it-important [Accessed 8 Oct. 2019].

Armerding, T. (2019). The 18 biggest data breaches of the 21st century. [online] CSO Online. Available at: https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html [Accessed 15 Oct. 2019].

Ragan, S. (2019). Raising awareness quickly: The eBay data breach. [online] CSO Online. Available at: https://www.csoonline.com/article/2157782/security-awareness-raising-awareness-quickly-the-ebay-database-compromise.html [Accessed 15 Oct. 2019].

Business Intelligence

LO1 Exercise:

Explain Business Intelligence and its purpose

Business Intelligence refers to the tools, technologies, applications, and practices, that is used to collect and analyze and present the organization's raw data to create actionable business information.

Purpose:

• To help corporate executives, business managers, and other operational workers to make a better and more informed business decisions. 
• Companies use business intelligence to identify new business opportunities, and spot inefficient business process

Discuss "Business Process" with example

1. Finance - billing process, risk management process
2. Health - medical assessment, drug approval
3. Banking - credit check
4. Public Sector - application for a government service
5. Travel - trip booking, agent billing

Identify and describe the business process model

• Business process model is a graphical representation of a company's business process or workflows (identifying the potential improvements)
• Usually done through different graphing methods (flowcharts, data flow diagram)

References:

Financesonline.com. (2017). What Is the Purpose of Business Intelligence in a Business? - Financesonline.com. [online] Available at: https://financesonline.com/purpose-business-intelligence-business/#bi [Accessed 7 Oct. 2019].

PNMsoft. (2019). Business Processes - Explanation and Examples. [online] Available at: http://www.pnmsoft.com/resources/bpm-tutorial/business-process/ [Accessed 7 Oct. 2019].

Kothari, A. (2017). Business Process Modeling: Definition, Benefits and Techniques. [online] Tallyfy. Available at: https://tallyfy.com/business-process-modeling/ [Accessed 7 Oct. 2019].

Qualitative and Quantitative Research Methods

Focus on different methods of gathering data and material. Feedback the advantages and disadvantages. Choose the method that you will use in this project. Justify your choices

Qualitative Research Method
It is a type of research that collects non-numerical data and seeks to interpret the meaning of these data that helps us to understand it. The data can be collected through observation or interviews.

Advantages & Disadvantages:

Quantitative Research Method
A way of collecting and analyzing the data that is obtained from different sources. It involves the use of computational, statistical, and mathematical tools in order to get the information or data.

Advantages & Disadvantages:

For this project, I will choose the quantitative research method as the quantitative research method has a survey or questionnaire, as it is easier to know how many people that knows about the project's topic that is about AI, and they can also leave a comment or suggestion on how to improve the AI.


References:

ThoughtCo. (2019). What Is Qualitative Research?. [online] Available at: https://www.thoughtco.com/qualitative-research-methods-3026555 [Accessed 19 May 2019].

Mcleod, S. (2019). Qualitative vs Quantitative Research | Simply Psychology. [online] Simplypsychology.org. Available at: https://www.simplypsychology.org/qualitative-quantitative.html [Accessed 19 May 2019].

Sisinternational.com. (2019). What is Quantitative Research? | SIS International Research. [online] Available at: https://www.sisinternational.com/what-is-quantitative-research/ [Accessed 19 May 2019].

Security Tools and Techniques

Provide description
Discuss its purpose
Give the advantages (2) and disadvantages (2)
Explain why organizations need to implement it
Explain what will happen if it is not configured/set up properly

Demilitarized Zone
It is also called as a DMZ. It is a host or a network that is use to secure and intermediate network between the organization's internal and the external network. Also known as a network perimeter.

Purpose
To allow access to servers from the internet without having to access to the other corporate network

Advantages 

• Increase the security of the LAN networks

Disadvantages


Network Address Translation
A process of changing the destination IP addresses and the source. The address translation reduces the need for IPv4 public addresses and hides the private network address range. This process is usually done by routers or firewalls

Purpose

Advantages 

Disadvantages

Firewalls
A software that is used to maintain the security of a private network. It block unauthorized access to or from a private network and often employed to prevent unauthorized web users from gaining access to private network that are connected to the internet.

Purpose
To block any unauthorized request from the client

Advantages 

• Better security and network monitoring features
• Allows for more advanced network functionality
• Helps in VOIP phone reliability

Disadvantages

• Cost and maintenance
• Need for professionals to manage 
• Can slow down the internet speeds

References

Techopedia.com. (2019). What is a Demilitarized Zone (DMZ)? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/10266/demilitarized-zone-dmz [Accessed 8 May 2019].

Study-ccna.com. (2016). What is NAT?. [online] Available at: https://study-ccna.com/what-is-nat/ [Accessed 8 May 2019].

Techopedia.com. (2019). What is a Firewall? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/5355/firewall [Accessed 8 May 2019].

getthehelp. (2015). Advantage & Disadvantage of using DMZ. [online] Available at: https://getthehelp.wordpress.com/2015/09/08/advantage-disadvantage-of-using-dmz/ [Accessed 13 May 2019].

Firewall, 1. (2018). What are the Pros and Cons of Getting a Firewall - LME Services. [online] LME Services. Available at: https://www.lmeservices.com/pros-cons-getting-firewall/ [Accessed 13 May 2019].

IT Security

Explore a range of:

• tools (2)
• techniques (2) 
• methods (2)

used for implementing network security

Tools
1. Aircrack

Enables to identify weak points in the wireless network's security. Can attempt to crack encryption password and test the capabilities of the WiFi cards and drivers

2. Solarwinds Network Performance Monitor

A solution that intend for use on large, mission-critical networks. This tools offers advanced network and device monitoring that can be instrumental in securing the network

Techniques
1. Network Scanning (Scan the network)

2. Firewall

3. Encryption

Methods
1. Access Control

Block any of unauthorized users and devices from accessing the network. Only users that are permitted to access the network

2. Anti-malware

Viruses can spread across the network and can damage the machine and the network. This anti-malware security effort should be able to prevent the damage from happening. 

References:

KisMAC. (2019). What is Network Security and How Can I Implement It?. [online] Available at: https://kismac-ng.org/network-security-tools/ [Accessed 2 May 2019].

Fruhlinger, J. (2019). What is network security? Definition, methods, jobs & salaries. [online] CSO Online. Available at: https://www.csoonline.com/article/3285651/what-is-network-security-definition-methods-jobs-and-salaries.html [Accessed 7 May 2019].