Premium Essay

Unit 2 Lab Align Auditing Frameworks for a Business Unit with in the Dod

In: Computers and Technology

Submitted By jirtlea
Words 1031
Pages 5
1. What is the difference between DITSCAP and DIACP? a. DITSCAP provided guidance on roles, activities and documents for performing C&A, but it did not clearly identify what requirements to use. b. DIACAP points to DoDD 8500.2, making it clear where to start identifying the IA capabilities that should be included and assessed for a particular C&A effort. c. One of the biggest complaints about DITSCAP was that it required too much documentation and took too long to perform. d. DIACAP identifies four spreadsheets that summarize important C&A information. e. A second complaint about DITSCAP was that it only accommodated individual systems. f. DIACAP addresses the need to expand C&A to account for components outside of a site’s control. 2. What is DCID 6/3, and why would you use DCID 6/3 as opposed to DIACAP for Certification and Accreditation of a system? g. It is the policy for “Protecting Sensitive Compartmented Information Within Information Systems”. This directive establishes the security policy and procedures for storing, processing, and communicating classified intelligence information in information systems (ISs). For purposes of this Directive, intelligence information refers to Sensitive Compartmented Information and special access programs for intelligence under the purview of the DCI. An information system is any telecommunications and/or computer related equipment or interconnected system or subsystems of equipment that is used in the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of voice and/or data (digital or analog); it includes software, firmware, and hardware. h. DCID 6/3 should be used because it outlines specifically what needs to be done for Certification and Accreditation of a system. Where…...

Similar Documents

Premium Essay

P2 Unit 2 Business

...any part of the business. British Red Cross Donors Staff/volunteers Benefactors Government British Red Cross Donors Staff/volunteers Benefactors Government British Red Cross is a voluntary business set up to help UK and overseas people in crisis. It is also an international business. Stakeholders for the business include: STAKEHODLERS STAKEHODLERS * Employees /Voluntary workers (internal) – these are the people that work for the business to help them raise the money they need to carry out what their aim is to do. The employees aim to get a wage from working from the business, whereas the voluntary workers aim to help raise money for the charity. These are one of the most important stakeholders of the business because without them the business will not be able to run. * Government (external) – this is another major stakeholder for the business because they fund what the business needs to do to raise the money. Without the government funding the charity they wouldn’t have the shops and events that go on to make the business/ charity work. * Benefactors (external) – these are another stakeholder in the business because they rely on the business raising money for them to help with the needs the business raise money. The benefactors are the main reason in which the business is running, without them needing the help, the business would have nothing to run for. * Donors (external) – these are one of the major stakeholders within the business because......

Words: 648 - Pages: 3

Premium Essay

Nt1430 Unit 2 Lab Procedure

...Unit 2 Lab Procedure ***IMPORTANT: Read the lab procedure completely before beginning. Reading for Next Week Chapter 11 and 12 in Practical Guide to Red Hat Linux Exercise 1: Virtual Library research Search and explore the ITT Tech Virtual Library for resources on bash. Use the following keywords and phrases to help you locate appropriate resources: * bash scripts * bash history * the bourne shell * bourne again shell * commands in Linux Required Resources Access to the Internet Access to ITT Tech Virtual Library Submission Requirements * Students bring to class the following: * one printed copy of one pertinent resource found through the ITT Tech Virtual Library * one printed copy of one pertinent resource found through the Internet * Students should be prepared to share and discuss one or two critical points from each resource with classmates. * After small group discussion, students will hand in the printed copies of resources for a pass/fail grade. (print an extra copy for yourself to take notes on and keep.) The resources must pertain to the given topic to receive a passing grade. * Note: If the resource shared is a full website or tutorial, you can just print the lead page that gives key information about the content of the resource. (cont’d) Exercise 2: Accessing the man Pages 1. Start the primary system and log in as the regular none-privilege user 2. Read...

Words: 1532 - Pages: 7

Premium Essay

Unit 2 Lab

...Unit 2 Lab The five characteristics of cloud computing as defined by the NIST is as follows, on demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. On demand self-service is defined as a service provided by cloud computing vendors that enables the provision of cloud resources on demand whenever they’re required. Broad network access is defined as a private cloud network operated within a company’s firewall that are available for access from a wide range of devices such as tablets, PC’s, Mac’s and smartphones. These resources are accessible from a wide range of locations that offer online access. Resource pooling is defined as a situation in which providers serve multiple clients, and customers with provisional and scalable services. These services can be adjusted to suit each client’s needs without any changes being apparent to the client or end user. Rapid elasticity is defined as the ability to provide scalable services. Measured service is defined as aspects of cloud service that are controlled and monitored by the cloud provider. Rackspace offers many options for cloud computing. You can build your own account which you would manage or you can get one for a flat fee an account that Rackspace will manage for you. Services offered by Rackspace are cloud servers, cloud backup, cloud files, cloud load balancers, could database, cloud monitoring, cloud block storage, and cloud bandwidth. Rackspace also offers services...

Words: 260 - Pages: 2

Premium Essay

Unit 2 Lab

...Name: Patricia Sellers Date: November 22, 2013 Instructor’s Name: Trena Woolridge Assignment: SCIE211 Phase 2 Lab Report Title: Speciation Instructions: You will need to write a 1-page lab report using the scientific method to answer the following question: • What would happen if a species within a population were suddenly split into 2 groups by an earthquake that creates a physical barrier like a canyon? When your lab report is complete, post it in Submitted Assignment files. Part I: Use the animated time progression of speciation to help you write up your lab report. Part II: Write a 1-page lab report using the following scientific method sections: • Purpose • What would happen if a species within a population were to suddenly split in two groups by an earthquake that creates a physical barrier like a canyon? • Introduction • Reproduction is a natural and normal thing in our day to day lives. Animals and humans reproduce offspring, all year round. Separation is usually the furthest thing from our minds. But, mother natural can always turn anyone’s world upside down. For Example, What if a really bad earthquake hit, and caused the ground to split and drift far away from one another? Many species would be isolated from their families and environments. • Hypothesis/Predicted Outcome • A species is defined as a group of organisms that are able to interbreed to produce fertile and viable offspring under natural conditions. (Audesirk,......

Words: 450 - Pages: 2

Free Essay

Unit 6 Lab 2

...Unit 6 Lab 6.2 1. What are the available Password Policy options that could be enforced to improve security in a Group Policy? * Enforce password history: * Maximum password age * Minimum password age * Minimum password length * Passwords should always meet complexity requirements 2. How could you se security permissions and user access rights on a home computer using Windows XP Professional or similar that is not a member of the domain? Security permissions and user access can still be managed locally on the computer with local groups and applying the proper permissions to local users on the computer. Local group policies can also be managed. 3. Why is the use of different password policy options available and why is it important to implement complexity and length requirements? There are different policy options to have different options for companies to use, if it were all the same then hackers would know exactly what to look for, in this case it can be vary. It is important implement complexity and length requirements to secure and assure the company that proper passwords are being used to prevent easy hacking access for hackers. 4. Microsoft defines user rights in two types of categories: Logon rights and privileges. Explain the difference of the two from an access control perspective. Log on rights manage and control who can log in to a specific computer. Privileges determine what the user can access one they log in, they go hand and hand. ...

Words: 657 - Pages: 3

Premium Essay

Business Btec: Unit 2

...Bilborough College College Way Nottingham NG8 4DQ Riverside Café Canal Street Nottingham NG2 1CB 17th November 2014 Dear Adam and Josh, Having looked at the predicted and actual budgets for the business, I am going to give you some advice on how to manage your money more effectively which could start to help you and the business make a profit again. It is very important that you look after your cost and your budgets because you will be able to manage your finances; if you manage your costs you will be able to save more on your expenses which can then lead to increasing your revenue, for example if you controlled your costs you will be able to save money and then by having the correct amount of stock which can then be sold for money which will then bring extra money in so that you can spend that money on improving your business. If you didn’t look after your costs the amount that you spent on your expenses could impact on the amount of profit that you make. If you control your budget then you will be able to increase you income, you’ll be making sure that you have working capital and you will be able to set aside extra money when it is needed. You are over spending on the following things: stock, wages, administration, insurance, interest and loans, bank charges and repairs and maintenance. There are ways that you can adopt to make sure that the overspending stops. You could hire an accountant to help you structure you budgets, you could do research on what......

Words: 2403 - Pages: 10

Free Essay

Lab 2 Unit 2

...Lab 2.1 1. What are the Regulatory requirements? 2. What are medical rules or laws of private information that we need to know to set up this Database with the customer information (Data privacy)? 3. Please give me any specific requirements that are necessary? Business rules 1. Appointments 2. Social security 3. Medical record 4. Driver license 1. Middle initial 2. Are you a Jr. or Sr. Patient Entity | Patient Visit entity | 1. Medical record number | 1. Group number, appointment | 2. Social security number, Driver license | 2. Allergies | 3. Taking any medications | 4. Taking any medications | Composite key | Composite keys are the most common. | Make sure patient fills out all the whole application. Lab 2.2 Data Requirements 1. Allow Software Management Team and IT Staff to view, add, edit, and delete the types of software to be tracked. This includes type of software, licensing dates, status, and location. 2. Allow Software Management Team to enter, edit, and delete New Software Requests. 3. Allow Software Management Team to view the different licensing agreements and types. This includes viewing the pricing per agreement. 4. Allow Software Management Team to sign out software to users with administrative privileges. 5. Allow Software Management Team and IT Staff to update the status of software licenses. 6. Allow users, assigned IT users, Staff, and Software......

Words: 342 - Pages: 2

Premium Essay

Unit 4 Lab 2

...Security and Web Applications Unit 4 Vlab 2 Assessment 1. Injection, Broken Authentication and Session Management, XSS, Insecure Direct Object References, Security Misconfiguration, Sensitive Data Exposure, Missing Function Level Access Control, Cross-Site Request Forgery, Using Components with Known Vulnerabilities, Unvalidated Redirects and Forwards. 2. A Brute force attack in an attack that uses force instead of vulnerabilities to make its way into a site. Usually trying to crack username and password combinations. The risks of these attacks can be mitigated by strengthening password requirements, introducing lockouts when let’s say 3 attempts are made. That would unmotivated and attacker. 3. A user has established a level of privilege with Amazon. AN attacker uses CSRF to exploit the trust of that user. The attacker is posing as the user and is performing actions to get the latest porn film sent to his house. Boom, free porn. 4. SQL Injection, Brute Force, CSRF. 5. Hackers will use web applications with uploading options to upload files that are malicious. 6. A successful SQL injection exploit can read sensitive data from the database, modify database data execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. (http://www.owasp.org/index.php/SQL_Injection) 7. That user information pertaining to...

Words: 285 - Pages: 2

Premium Essay

Business Unit 2

...Annabelle Linney Unit 2: People in business 20970 9047 Introduction In this portfolio I am going to produce work investigating a local business. This will include me describing the roles and responsibilities of a supervisor, manager and employee within this business. I shall also make plans and take part in recruitment and the selection process, this will explain the self-regulatory, legal, social and ethical responsibilities considered in the recruitment process. I will then show this through a practical exercise and participation in a mock interview which is part of the interview panel. This will also include the vacant position, the development of the key recruitment documentations. During this I will analyse how the following contributed to the effectiveness of the recruitment process. Lastly I will judge the effectiveness of the recruitment exercise’s processes and will recommend ways in the recruitment documentation, the interview process and the training and motivational methods used and the relevant which it could be improved. In AO1 I will write a detailed and comprehensive description for a manager, supervisor and employee. This will include their roles and responsibilities, the qualities they should have and their training and development opportunities. The realistic and detailed examples are used to illustrate the methods of motivation used by the business to retain staff and to have relevant PEST factors in the workplace plan. For AO2 I will......

Words: 21728 - Pages: 87

Premium Essay

Auditing Unit 2 Assignment

...Unit 2 Assignment 1-38 A. The value of an audit to investors is critical because it allows them to assess performance, which in turn allows them to vote on organizational matters such as a board of directors. It also helps them make decisions on whether or not to buy or sell stock. As for creditors, an audit report serves a basis for realizing performance. With this they are able to make loan decisions and analyze risk. As far as the community as a whole, an audit reports shows true performance and therefore helps others understand its ability for future growth. With that being said, people have a chance to make investment decisions for the future. B. An audit of internal control is vital for the investing public because it assures them that there is no corruption and that their money is safer. Before 2002 auditors weren’t required to test internal controls, which lead to huge controversy over the collapse of several big time companies. Now, auditors serve somewhat as investigators to make sure internal controls are correctly doing their job. It is also management’s responsibility to assess and report the quality of its internal controls over financial reporting. C. An audit committee is responsible for hiring and firing an audit firm. The audit committee is established by a company as an independent subcommittee under the board of directors to provide oversight for audit functions. Because this committee is independent, it reduces any possible risk of bias when......

Words: 1481 - Pages: 6

Premium Essay

Business Unit 2 P6

...Unit 2: Business Resources P6 Introduction In this task I will illustrate the use of budgets as a means of exercising financial control of east ham shipping. Fixed cost Fixed costs are the expenses that do not change regardless of the activity of a business. For example Eastham shipping has to pay rent and utility bills and all of their overheads regardless of sales or profit. Variable cost Variable costs are costs that can change depending on the activity of the business such as production volume and sales. An example for east ham shipping may be the cost of their fuel. Since fuel prices change due to supply and demand this can be a variable cost. Fuel usage can increase or decrease due to the amount times East ham shipping has to ship Items. Semi variable cost Semi-variable costs are made up of different fixed and variable components. Semi-variable costs are fixed for a certain limit of production or consumption once this limit has been exceeded the cost then becomes a variable. Step cost A step cost is a fixed cost within certain limits. Step costs are expenses that stay the same until a level of activity has been reached. For example if in East Ham shipping employee receives between zero and a certain amount of orders to process then the company will only need one employee. However if this limit is exceeded then East ham shipping will need to hire an extra employee A budget is a plan of expenditure usually tied to a fixed period of time as well as......

Words: 271 - Pages: 2

Free Essay

Unit 2 P2 Business

...have a huge influence over the business. They use their customer insight to make any appropriate and needed changes to their business. If Tesco don’t offer the right services, products and promotions, then their customers will end up shopping in alternative stores. This will reduce any profit being made. Tesco’s customers have a huge influence over the business. They use their customer insight to make any appropriate and needed changes to their business. If Tesco don’t offer the right services, products and promotions, then their customers will end up shopping in alternative stores. This will reduce any profit being made. Shareholders are often the most important type of stakeholders. This is because, without them, businesses lose their value which will affect its overall business standing and performance. Shareholders are often the most important type of stakeholders. This is because, without them, businesses lose their value which will affect its overall business standing and performance. Pressure groups have an influence over Tesco because if the business faces an investor revolt, then it is very concerning as it will not only make the business look bad, but it can also put the company at risk of being shut down. Pressure groups also have the ability to make people consider shopping at another chain of supermarkets, which means that Tesco could lose many of its customers. Pressure groups have an influence over Tesco because if the business faces an investor revolt,......

Words: 2217 - Pages: 9

Premium Essay

Nt1310 Unit 2 Lab 1

...speeds and your storage for your BIGQUERY service is increased 1TB every single month you use their service. This is protected by their 24/7 security and redundancy services where they back up your data and run multiple raid systems for constant up time and services. Google being a worldwide service also offers a very special service of translator they offer this service as GOOGLE TRANSLATE API. This service takes any document in cloud services which your permit its use to take a document in a different language and make it into a language which you would like to read it in. Rackspace Rackspace itself makes a very user friendly way to get introduced into the cloud services. Their services are more based of what appears to be small business and customer orientated. Their services are mainly based upon the On Metal tm Cloud servers using the same API and control panel as your virtual servers to achieve high end application. The Rackspace solution is also based upon API and SDK language specific computing systems. Also they boast with their server solutions that they are all SSD based instead of physical drives. Rackspace also has a large selection of managed services such as managed RQSL and BIG DATA. Rackspace also provides service for amazon’s web cloud services. Rackspace covers many services such as Cloud networks, Cloud DNS servers, Cloud load balances to allocate load accordingly, Cloud back up storage, Cloud Backup, Cloud files and Cloud orchestration. Rackspace......

Words: 1385 - Pages: 6

Premium Essay

Unit 2 - Starting a Business

..."We're Moving On Up" Mike and Earl Moore, owners of College Men's Unlimited, have just signed a 5-year lease in the new College Town Mall. The new mall is ideally located for their business—a short walk from campus and only two blocks from downtown. The far side of the mall is bounded by the most prestigious homes in the city. It will be opening in 5 weeks, and Mike and Earl are lucky to have such a prime spot. Ray Thomas, their banker, called them last Wednesday with word that the store, which had agreed to take the space they just leased, had canceled. Eighteen months ago when the mall had put this location up for lease, they were not in financial condition to make a commitment. In the last 18 months, however, business has been exceptional. The city has grown, and the college has experienced expanded enrollments. By next Monday morning, Mike and Earl must provide the mall developer with a complete layout for their new store so the developer can assign an emergency work crew to complete the store for the grand opening. College Men's Unlimited is a full-line men's store offering middle- to upper-quality traditional men's wearing apparel. The present location is an old two-story house that Mike and Earl converted into their combination business and living area. The house has 4,000 square feet of area, 3,600 being used for the store, and the rest for a 3-room apartment. The new store has a 40-foot front and is 70 feet deep. The mall developer is willing to put up walls......

Words: 460 - Pages: 2

Premium Essay

Business Law - Unit 2

...Unit Two Assignment – Why is Strategy Important to Business? Your Name Kaplan University School of Business and Management MT460-02 Management Policy and Strategy Dr. Daniel K. Dayton Date Unit Two Assignment – Why is Strategy Important to Business? This assignment will address why strategy is important to business. One will address the primary components of strategic management in the process of discussing the significance of strategy for business. Strategy is defined as the best practice of figuring out the best way to get from here to there (Arauz, 2012). According to Pearce and Robinson (2010), strategic management is defined as the set of decisions and activities that lead to the formulation and implementation of plans that have the purpose to achieve a company’s goals. Strategic management has nine important components to help an organization do a better hob. The first component is to devise the business mission, including statements about the reasoning for the mission, the philosophy, and also the goals. The second component is to perform an analysis that exposes a corporation’s internal conditions and capabilities. This component is known as the SWOT analysis, where the strengths, weaknesses, opportunities, and threats, are evaluated. The next task in a strategic management process would be assessing the company’s external environment, considering both the competition and the general contextual factors. Consequently, this task may be part of...

Words: 755 - Pages: 4