tag:blogger.com,1999:blog-33542863640025298602024-03-14T11:49:06.725-07:00William Slater's CIS 608 BlogWilliam Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.comBlogger69125tag:blogger.com,1999:blog-3354286364002529860.post-42656658591657815532011-12-09T23:05:00.000-08:002011-12-09T23:11:23.268-08:00Post 069 - CIS 608<span class="Apple-style-span" ><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNu-jT_Y2wTGDk6fuKXdQ6_nuCGDrzh5igAnzfyjroiaLxh_GM3JomSzA_8ySZKq2qaNQqACy-Qo8Q5ccGS7r8NpeDbRJ1MsszMwjeKDk_o4hF-ghfykbmr5A4IGObl_pm9B5VyOrpRhs/s1600/00_MS_Cybersecurity_01.JPG" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 358px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNu-jT_Y2wTGDk6fuKXdQ6_nuCGDrzh5igAnzfyjroiaLxh_GM3JomSzA_8ySZKq2qaNQqACy-Qo8Q5ccGS7r8NpeDbRJ1MsszMwjeKDk_o4hF-ghfykbmr5A4IGObl_pm9B5VyOrpRhs/s400/00_MS_Cybersecurity_01.JPG" border="0" alt="" id="BLOGGER_PHOTO_ID_5684393006276708722" /></a><br /></span><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><span class="Apple-style-span" ><b>The M.S. in Cybersecurity at Bellevue University</b></span><br /><a href="http://www.bellevue.edu/degrees/graduate/cybersecurity-ms/">(Click for more information)</a></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><span class="Apple-style-span"><span class="Apple-style-span">I started this program on Monday, August 29, 2011. The links below will take you to the course blog that has been set up for each course in this program:<br /><br />=========================================================<br /><br /><span class="Apple-style-span"><a href="http://cis608.blogspot.com/">CIS 608 - Information Security Management</a><br /><a href="http://cybr515.blogspot.com/">CYBR 515 - Security Architecture and Design</a><br /><a href="http://cybr510.blogspot.com/">CYBR 510 - Physical, Operations, and Personnel Security</a><br /><a href="http://cis537-wfs.blogspot.com/">CIS 537 - Introduction to Cyber Ethics</a><br /><a href="http://cis607.blogspot.com/">CIS 607 - Computer Forensics</a><br /><a href="http://cybr520.blogspot.com/">CYBR 520 - Human Aspects of Cybersecurity</a><br /><a href="http://cybr610.blogspot.com/">CYBR 610 - Risk Management Studies</a><br /><a href="http://cybr615.blogspot.com/">CYBR 615 - Cybersecurity Governance and Compliance</a><br /><a href="http://cybr625.blogspot.com/">CYBR 625 - Business Continuity Planning and Recovery</a><br /><a href="http://det630.blogspot.com/">DET 630 - Cyber Warfare & Deterrence</a><br /><a href="http://cybr525.blogspot.com/">CYBR 525 - Ethical Hacking and Response</a><br /><a href="http://cybr650.blogspot.com/">CYBR 650 - Current Trends in Cybersecurity </a></span><br /><br />=========================================================<br /><br />If you are interested in me and my career, here are some additional links:<br /><br /><span class="Apple-style-span"><a href="http://billslater.com/wfs_resume.pdf">Resume </a><br /><a href="http://billslater.com/career">Career </a><br /><a href="http://billslater.com/certifications">Certifications</a><br /><a href="http://on.fb.me/fW3wH0">Credentials</a><br /><a href="http://billslater.com/iso27001">ISO 27001</a><br /><a href="http://billlslater.com/uop">M.S.</a><br /><a href="http://billslater.com/uopmba">MBA</a><br /><a href="http://billslater.com/bio">Bio</a><br /><a href="http://billslater.com/writing">Writing</a><br /><a href="http://billslater.com/thoughts">Thoughts</a><br /><a href="http://billslater.com/secrets">Secrets</a><br /></span></span></span><span class="Apple-style-span"><span class="Apple-style-span"><span class="Apple-style-span"><span class="Apple-style-span"><a href="http://billslater.com/mychicago">Chicago</a><br /></span></span></span><span class="Apple-style-span"><span class="Apple-style-span"><span class="Apple-style-span"><span class="Apple-style-span"><a href="http://billslater.com/internetlovestory.htm">Love Story</a></span><br /></span></span></span></span></span><div><div><div><span class="Apple-style-span" ><a href="http://billslater.com/gallery">Gallery</a></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >====================================</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >William Favre Slater, III</span></div><span class="Apple-style-span"><span class="Apple-style-span" >MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br />Project Manager / Program Manager<br />slater@billslater.com<br />Chicago, IL</span><br /></span></div></div></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com1tag:blogger.com,1999:blog-3354286364002529860.post-10353851271779923382011-11-20T16:33:00.000-08:002011-11-20T16:44:26.522-08:00Post 068 - CIS 608<span class="Apple-style-span" ><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhvxtLNlg6IbQYX5U2XGGN8SYKflO8bm3YMtmdZXzcXlthyphenhyphenJjEdF3RAqNaDKhkt8eLfuUGTBCWHgymJ_SuNtCkOSRfUFOiwMFiyjJXmMDTfOyEIgImdh68440_77mZifQEzBvb02rZ3nQ/s1600/Fat_lady_Singing_Warning_Sign.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 309px; height: 400px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhvxtLNlg6IbQYX5U2XGGN8SYKflO8bm3YMtmdZXzcXlthyphenhyphenJjEdF3RAqNaDKhkt8eLfuUGTBCWHgymJ_SuNtCkOSRfUFOiwMFiyjJXmMDTfOyEIgImdh68440_77mZifQEzBvb02rZ3nQ/s400/Fat_lady_Singing_Warning_Sign.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5677242546391605026" /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhw97_uaVp5Nn2QI5nOSynbxusogxp1fzBr4PS84O4Z5t2gCca7gF8gGot9tdCHFjq-53N2gWrE4dpRHthdMBPet_E-lfyuMXz1OliYxMFa_RYnJJabdMobfcq-ZKJNuFWJQEhwRuOPbrY/s1600/20070515-fat-lady-sings.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 267px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhw97_uaVp5Nn2QI5nOSynbxusogxp1fzBr4PS84O4Z5t2gCca7gF8gGot9tdCHFjq-53N2gWrE4dpRHthdMBPet_E-lfyuMXz1OliYxMFa_RYnJJabdMobfcq-ZKJNuFWJQEhwRuOPbrY/s400/20070515-fat-lady-sings.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5677242542134739202" /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC_l-e9KK98FxRXeDCYWYZKtON_Q9UL9Zjt9OAAnDNwMBt7jyj7zTjODCWd48-77wciDcrkNnzwELCEUBU_VV_AxEPnFWKPDXP77UifNi80Wc-NtY74Fh3ExQuxOuPj2BU8Y3p061UtKg/s1600/fat%252Blady%252Bsings.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 248px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC_l-e9KK98FxRXeDCYWYZKtON_Q9UL9Zjt9OAAnDNwMBt7jyj7zTjODCWd48-77wciDcrkNnzwELCEUBU_VV_AxEPnFWKPDXP77UifNi80Wc-NtY74Fh3ExQuxOuPj2BU8Y3p061UtKg/s400/fat%252Blady%252Bsings.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5677242541368135154" /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0e5-2NodZLHMzUavt7y71O2snl8u0Ix9G2pddqcAcmBotfscYCJSJ5SBLFkufL5cKRNGut8V6AQ2PGkN1pl7SXLl2bhxRL6f4VEyojtaufAmjyZTSByhE4gx5WCcRv6enDtWQjc87XF4/s1600/fat_lady_sings.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 366px; height: 232px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0e5-2NodZLHMzUavt7y71O2snl8u0Ix9G2pddqcAcmBotfscYCJSJ5SBLFkufL5cKRNGut8V6AQ2PGkN1pl7SXLl2bhxRL6f4VEyojtaufAmjyZTSByhE4gx5WCcRv6enDtWQjc87XF4/s400/fat_lady_sings.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5677242544549311874" /></a><br /></span><div style="text-align: center;"><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><b>The Fat Lady Has Sung, So This Blog Has Completed - Thanks for Reading!</b></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >It's over. The Fat Lady Has Sung, So This Blog has now completed. Thanks for reading, Folks!</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Do you want to hear the Fat Lady sing? <a href="http://www.youtube.com/watch?NR=1&feature=fvwp&v=tb8iH3F28LA">Click here!</a> (Turn it up!)</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >=================================</span></div><div><p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span class="Apple-style-span" style="font-family: 'trebuchet ms'; font-size: 12px; line-height: 14px; "><span class="Apple-style-span" >William Favre Slater, III, PMP</span></span></p><p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span class="Apple-style-span" ><span class="Apple-style-span" style="font-family: 'trebuchet ms'; font-size: 11px; line-height: 12px; ">MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br /></span><span class="Apple-style-span" style="font-family: 'trebuchet ms'; font-size: 11px; line-height: 12px; ">Project Manager / Program Manager<br /></span><span class="Apple-style-span" style="font-family: 'trebuchet ms'; font-size: 12px; line-height: 14px; ">Group 2<br /></span><span class="Apple-style-span" style="font-family: 'trebuchet ms'; font-size: 12px; line-height: 14px; ">CIS 608 Blog: </span><a href="http://cis608.blogspot.com/" style="font-family: 'trebuchet ms'; font-size: 12px; line-height: 14px; ">http://cis608.blogspot.com</a><br /><a href="http://billslater.com/career" style="font-family: 'trebuchet ms'; font-size: 12px; line-height: 14px; ">http://billslater.com/career</a><br /><span class="Apple-style-span" style="font-family: 'trebuchet ms'; font-size: 12px; line-height: 14px; ">Chicago, IL</span></span></p></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-81167481994561531892011-11-20T12:39:00.000-08:002011-11-21T22:56:55.963-08:00Post 067 - CIS 608<span class="Apple-style-span"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhN_XRr8zT6VDfyx-i5qLgANd_BYW1HTzalPH0dYcl_Nj_FotP0pbYJicf5Z02PYo2TeP-O8opxxiBl8EgOD9985zzWFefhR81Asna9tg90v0yK0JVCbKXj7LD7diSSaIhr9OOqxLnqur0/s1600/cis_608_blog_topic_analysis_by_William_F_Slater_III_2011_1120_.JPG" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 253px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhN_XRr8zT6VDfyx-i5qLgANd_BYW1HTzalPH0dYcl_Nj_FotP0pbYJicf5Z02PYo2TeP-O8opxxiBl8EgOD9985zzWFefhR81Asna9tg90v0yK0JVCbKXj7LD7diSSaIhr9OOqxLnqur0/s400/cis_608_blog_topic_analysis_by_William_F_Slater_III_2011_1120_.JPG" border="0" alt="" id="BLOGGER_PHOTO_ID_5677201831741132770" /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTjyGsKcrtqjch3AyZOZRqLS5EjUx5itBGwgha3vtPHTKKCikelgH__ESkVwULt7wVKoLcL6rbAZcVdK5mxm8AD3una3ngntLWa9tRXg6eYDpFWWjleSdFhRpLeT-gWo7ngVObz9KD0kc/s1600/cis_608_blog_topic_list_by_William_F_Slater_III_2011_1120_.JPG" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 367px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTjyGsKcrtqjch3AyZOZRqLS5EjUx5itBGwgha3vtPHTKKCikelgH__ESkVwULt7wVKoLcL6rbAZcVdK5mxm8AD3una3ngntLWa9tRXg6eYDpFWWjleSdFhRpLeT-gWo7ngVObz9KD0kc/s400/cis_608_blog_topic_list_by_William_F_Slater_III_2011_1120_.JPG" border="0" alt="" id="BLOGGER_PHOTO_ID_5677201825434251106" /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLUnlF6FiZrVktnIQ_5-W4EXEIDwNex5Ly5ZOR0UV2njToMgbG8GniadMCyehnWLAVbOcin0Vt0QJT1ccD2WD6Ak1gVX1FceB12lLfhJzpZKn1gUG6Zlyjs4628G3yASgq5aybwLoMep8/s1600/cis_608_blog_source_analysis_by_William_F_Slater_III_2011_1120_.JPG" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 335px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLUnlF6FiZrVktnIQ_5-W4EXEIDwNex5Ly5ZOR0UV2njToMgbG8GniadMCyehnWLAVbOcin0Vt0QJT1ccD2WD6Ak1gVX1FceB12lLfhJzpZKn1gUG6Zlyjs4628G3yASgq5aybwLoMep8/s400/cis_608_blog_source_analysis_by_William_F_Slater_III_2011_1120_.JPG" border="0" alt="" id="BLOGGER_PHOTO_ID_5677201827725109074" /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhE0SKk1OAO9SUMLSYcmpJwOt0V1d3yTqZ6JO55PgFHRLHYXGTvjHGu0SscXz-AUXdsVx8DFPi0PxmZ6rDPaOJW5zdTgcQSd0QAnaCyNUwQzZU0EOX-isyDaiWOdoxfGoBmOidPE7hAgzU/s1600/cis_608_blog_source_list_by_William_F_Slater_III_2011_1120_.JPG" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 280px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhE0SKk1OAO9SUMLSYcmpJwOt0V1d3yTqZ6JO55PgFHRLHYXGTvjHGu0SscXz-AUXdsVx8DFPi0PxmZ6rDPaOJW5zdTgcQSd0QAnaCyNUwQzZU0EOX-isyDaiWOdoxfGoBmOidPE7hAgzU/s400/cis_608_blog_source_list_by_William_F_Slater_III_2011_1120_.JPG" border="0" alt="" id="BLOGGER_PHOTO_ID_5677201825768362370" /></a><br /></span><div style="text-align: center;"><u><span class="Apple-style-span"><br /></span></u></div><span class="Apple-style-span"><br /></span><div><span class="Apple-style-span"><b>Analyzing and Summarizing this CIS 608 - Information Security Management Blog</b></span></div><div style="text-align: center;"><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Assignment 12.4 (Post to your Blog and to the Week 12 Forum)</span></div><div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">This assignment is worth 50 points.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Time to finish up your blog. This last assignment should be a retrospective look at your postings over the last 11 weeks. Time for a little analysis. Write up an entry that provides a summary of what you chose to write about.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">First, you need to categorize your topics of choice. Did you write primarily on operating system issues? User errors? Viruses? Or did you write about a variety of topics? Why did you choose those topics?</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Next, you need to include an analysis of where you got your material. Did you use the same source each week? A variety each week?</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">As the last part of this entry, include whether or not you thought this type of blog might be useful to an information security professional and provide a few lessons learned for the next group of students.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">To get credit for this assignment, the URL must be posted in this assignment.</span></div></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">============================== Answers ============================</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Part 1 - First, you need to categorize your topics of choice. Did you write primarily on operating system issues? User errors? Viruses? Or did you write about a variety of topics? Why did you choose those topics?</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">(See chart above)</span></div><div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Summary Topic with Count </span></div><div><span class="Apple-style-span"> CIS 608 - Week Assignment - Blog = 2 </span></div><div><span class="Apple-style-span"> CIS 608 - Week Assignments = 13 </span></div><div><span class="Apple-style-span"> Cloud Computing, Security and Certifications = 1 </span></div><div><span class="Apple-style-span"> Current Event in Information Security - Computer Crime = 9 </span></div><div><span class="Apple-style-span"> Current Events in Information Security - International Cyberwar Threats = 10 </span></div><div><span class="Apple-style-span"> Cybersecurity Policies = 1 </span></div><div><span class="Apple-style-span"> Discussion about Secret Message Communications from World War II = 1 </span></div><div><span class="Apple-style-span"> Domain Names related to Information Security = 1 </span></div><div><span class="Apple-style-span"> Electronic Health Records - The Need for Security and Privacy = 1 </span></div><div><span class="Apple-style-span"> Framework for Information Security Management = 1 </span></div><div><span class="Apple-style-span"> Freedom of Information Act (FOIA) Resources and Information Security = 1 </span></div><div><span class="Apple-style-span"> How the USA PATRIOT ACT Affects The Bill of Rights 1 Incident Response Plans = 2 Information Asset Classification = 1 </span></div><div><span class="Apple-style-span"> Information Security and Information Security Tools = 1 </span></div><div><span class="Apple-style-span"> Information Security Awareness Training = 3 </span></div><div><span class="Apple-style-span"> Internet History and Growth = 1 </span></div><div><span class="Apple-style-span"> IT Professional Certifications, Value and Relevance = 3 </span></div><div><span class="Apple-style-span"> Leadership as a Component of Information Security = 2 </span></div><div><span class="Apple-style-span"> News about an Information Security Blog = 1 </span></div><div><span class="Apple-style-span"> Resources for Information Security Topics = 5 </span></div><div><span class="Apple-style-span"> Return on Security Investment (RoSI) = 3 </span></div><div><span class="Apple-style-span"> Security Architecture and Design - CYBR 515 Assignment = 3 </span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">----------------------------------------------------------------------</span></div><div><span class="Apple-style-span"><span class="Apple-style-span">Part 2 - </span>Next, you need to include an analysis of where you got your material. Did you use the same source each week? A variety each week?</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">No. Different sources each week.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Yes - a variety of sources. See summary below and above.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">CIS 608 Assignment = 6 </span></div><div><span class="Apple-style-span">CIS 608 Material = 12 </span></div><div><span class="Apple-style-span">Course Text = 1 </span></div><div><span class="Apple-style-span">Current Event = 1 </span></div><div><span class="Apple-style-span">CYBR 515 Assignment = 1 </span></div><div><span class="Apple-style-span">CIS 608 Material = 3 </span></div><div><span class="Apple-style-span">Electronic Text Reference = 7 </span></div><div><span class="Apple-style-span">Industry Reference on Web = 1</span></div><div><span class="Apple-style-span">Information Security Blog = 1 </span></div><div><span class="Apple-style-span">Information Website = 4 </span></div><div><span class="Apple-style-span">Self = 4 </span></div><div><span class="Apple-style-span">Various Texts = 1 </span></div><div><span class="Apple-style-span">Various Web URLS = 8 </span></div><div><span class="Apple-style-span">Web Article = 14 </span></div><div><span class="Apple-style-span">Website for Tool = 2 </span></div><div><span class="Apple-style-span">White Paper = 2 </span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">----------------------------------------------------------------------</span></div><div><span class="Apple-style-span">Part 3 - As the last part of this entry, include whether or not you thought this type of blog might be useful to an information security professional and provide a few lessons learned for the next group of students.</span></div></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">As a certified Information Security who is also a graduate student, I found this blog exercise very useful because it forced me to regularly look for Information Security topics to analyze and blog about as part of this course requirement. I completed and analyzed 66 blog entries and learned a lot while doing it. It will remain here on the web as a snapshot of the Information Security landscape here at the end of 2011. </span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Besides the amazing things I learned and wrote about, I learned that I probably blogged too much. It took me about 10 to 12 hours to do this last assignment where I had to analyze and summarize my blog. With my busy schedule, that is just too much time. </span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Parting comments: I hope we will all be getting smarter about how we do things in cyberspace, because the consequences of slipping up and letting our guard down become more severe each day as more and more of our lives are enveloped by the world of the web and cyberspace.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><span class="Apple-style-span">Thank you for reading this blog (URL - </span><a href="http://cis608.blogspot.com/" style="line-height: 14px; ">http://cis608.blogspot.com</a>). </span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">================================</span></div><div><span class="Apple-style-span"><span class="Apple-style-span"><br /></span></span></div><div> <p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span>Bill<o:p></o:p></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="line-height: 115%; ">William Favre Slater, III, PMP<br /></span><span style="line-height: 115%; ">MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br />Project Manager / Program Manager<br /></span><span style="line-height: 115%; ">Group 2<br />CIS 608 Blog: <a href="http://cis608.blogspot.com/">http://cis608.blogspot.com</a><br /><a href="http://billslater.com/career">http://billslater.com/career</a><br />Chicago, IL</span></span></p></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-42768130182963516992011-11-20T12:01:00.000-08:002011-11-20T16:16:46.387-08:00Post 066 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKbNICB3NavLyPJ-H6j_uVQ0uJLZa2eg4yeVLAFnDilsq9rc3dKphtcKsrtyMvHAJKCo_DxgpoRX6r5HQQ5d4c_Y7srRdy70he_Dqqu8s8i9El1CO0v400sFCyaPk_rySu783igfBkFxY/s1600/800px-Downtown_Chicago_Illinois_Nov05_img_2612.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 300px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKbNICB3NavLyPJ-H6j_uVQ0uJLZa2eg4yeVLAFnDilsq9rc3dKphtcKsrtyMvHAJKCo_DxgpoRX6r5HQQ5d4c_Y7srRdy70he_Dqqu8s8i9El1CO0v400sFCyaPk_rySu783igfBkFxY/s400/800px-Downtown_Chicago_Illinois_Nov05_img_2612.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5677177160608023746" /></a><br /><div style="text-align: center;"><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><b><span class="Apple-style-span">"Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says"</span></b> </span></div><div><span class="Apple-style-span"><br /></span></div><div><a href="http://www.washingtonpost.com/blogs/checkpoint-washington/post/foreign-hackers-broke-into-illinois-water-plant-control-system-industry-expert-says/2011/11/18/gIQAgmTZYN_blog.html"><span class="Apple-style-span">Article by By Ellen Nakashima</span></a></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">This is an alarming news story and points out the vulnerability of infrastructure points in the U.S. It hits very close to home also because I think these hackers probably attacked the Jardine Water Treatment Plant (<a href="http://en.wikipedia.org/wiki/Jardine_Water_Purification_Plant">information here</a>)that is operated by the City of Chicago. This plant pumps over one billion gallons of water out of Lake Michigan every day, and I am one of nearly 8 million people who use this water from the Jardine Water Treatment Plant daily to cook, shower, etc.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Sadly, people have been aware of such vulnerabilities for some time and such attacks have been predicted as far back as 10 to 15 years ago.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Let's hope home our city and national authorities are paying attention to this news and that they will act before it is too late. </span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">===========================</span></div><div> <p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span class="Apple-style-span" style="font-family: Arial, sans-serif; font-size: 12px; line-height: 14px; "><span class="Apple-style-span">William Favre Slater, III, PMP</span></span></p><p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 8pt; line-height: 115%; font-family: Arial, sans-serif; ">MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br />Project Manager / Program Manager<br /></span><span style="font-size: 9pt; line-height: 115%; font-family: Arial, sans-serif; ">Group 2<br /><a href="mailto:wfslater@bellevue.edu">wfslater@bellevue.edu</a><br />CIS 608 Blog: <a href="http://cis608.blogspot.com/">http://cis608.blogspot.com</a><br /><a href="http://billslater.com/career">http://billslater.com/career</a><br />Chicago, IL</span></span></p></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-51244377520639737842011-11-18T18:59:00.000-08:002011-11-18T19:23:08.776-08:00Post 065 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgn-e9oZAe8EaGjcYLOAbjPilmWdbJstL1raqr_PfzfpAKgHfQ-j7UOWDyKtv1Le45TeG-N79uxpWi6pr263yWHIb-Y1Ds0H-NnmrfrOLp4kD1eDHp5DG0tCaHwQwdKEeycM7Zw09CiWxs/s1600/trojan_horse_virus_01.png" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><span class="Apple-style-span" ><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 300px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgn-e9oZAe8EaGjcYLOAbjPilmWdbJstL1raqr_PfzfpAKgHfQ-j7UOWDyKtv1Le45TeG-N79uxpWi6pr263yWHIb-Y1Ds0H-NnmrfrOLp4kD1eDHp5DG0tCaHwQwdKEeycM7Zw09CiWxs/s400/trojan_horse_virus_01.png" border="0" alt="" id="BLOGGER_PHOTO_ID_5676541350976653122" /></span></a><div style="text-align: center;"><span class="Apple-style-span" ><br /><span class="Apple-style-span" >Picture Source: <span class="Apple-style-span" style="line-height: 17px; "> </span><a href="http://withfriendship.com/images/b/8701/trojan-horse-virus.png" style="line-height: 17px; ">http://withfriendship.com/images/b/8701/trojan-horse-virus.png</a></span></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><b>EDF used Trojans to spy on Greenpeace</b></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Article Source: <a href="http://www.cfoworld.co.uk/news/risk/3317779/edf-used-trojans-to-spy-on-greenpeace/">http://www.cfoworld.co.uk/news/risk/3317779/edf-used-trojans-to-spy-on-greenpeace/</a></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >EDF is a giant French Energy company. The head of nuclear energy at EDF was fined 1.5 million euros for commissioning <a href="https://www.google.com/search?q=kargus+consultants&channel=linkdoctor#sclient=psy-ab&hl=en&source=hp&q=kargus+consultants+website&pbx=1&oq=kargus+consultants+website&aq=f&aqi=q-n1&aql=&gs_sm=s&gs_upl=2003l3540l0l5408l8l8l0l0l0l0l293l1906l0.1.7l8l0&bav=on.2,or.r_gc.r_pw.,cf.osb&fp=1bddd5520996bb0f&biw=1177&bih=715">Kargus Consultants</a> to use Trojans to attack Greenpeace's Yannick Jadot’s computer in 2006, stealing 1,400 documents relating to the organisation’s campaign against nuclear power. Jadot was then head of campaigns in France.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >This judicial ruling was extremely important because it was the largest of its kind that was ever awarded.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><div><span class="Apple-style-span" >From the article:</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >"The court in Nanterre handed EDF’s former security head, Pascal Durieux, a three-year jail sentence with one suspended, while his deputy Pierre-Paul François was given three years with 30 months suspended.</span></div><div><span class="Apple-style-span" ><br /></span></div><div> </div><div><span class="Apple-style-span" >"The head of Kargus, Thierry Lorho, was given three years in jail with two suspended and a 4,000 euro fine while his technical expert and former secret service man, Alain Quiros, was given two years suspended."</span></div><div><span class="Apple-style-span" ><br /></span></div><div> </div><div><span class="Apple-style-span" >"The evidence presented at the trial showed that the espionage undertaken by EDF in its efforts to discredit Greenpeace was both extensive and totally illegal. The company should now give a full account of the spying operation it mounted against its critics," said Greenpeace UK executive director, John Sauven.</span></div></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >What was especially astounding was that Pascal Durieux was a retired rear admiral from the French Navy and Pierre-Paul François had worked as a policeman.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com1tag:blogger.com,1999:blog-3354286364002529860.post-56470378817038362572011-11-17T17:52:00.000-08:002011-11-17T17:58:44.550-08:00Post 064 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfpKbIJZRZ8MKgONwnjKquO8DNc85DRF6yLQx9hxglzNd48TErNZf3bMYYdoR6rDW95Z1jS6XdRtgnGwg7zKliUL6EC0SMW4Tox4rIQLmWMD3vR8Au7cPgze9TsKKgghsq5g9gb0Ho8jQ/s1600/Roman_Numeral_Yellow_12.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 150px; height: 115px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfpKbIJZRZ8MKgONwnjKquO8DNc85DRF6yLQx9hxglzNd48TErNZf3bMYYdoR6rDW95Z1jS6XdRtgnGwg7zKliUL6EC0SMW4Tox4rIQLmWMD3vR8Au7cPgze9TsKKgghsq5g9gb0Ho8jQ/s400/Roman_Numeral_Yellow_12.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5676149369077552002" /></a><div><br /></div><div><div><span class="Apple-style-span" >Week Twelve Assignments- Maps to Course Obj. 6</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Read/Review</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >: Chapter 12, Management of Information Security, 3e.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >: Powerpoint Slides, Chapter 12, located in Course Documents, Lecture Notes</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Learning Objectives - Week 12</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Differentiate between law and ethics</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Understand the role of culture as it applies to ethics in information security</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Access current information on laws, regulations, and relevant professional organizations</span></div><div><span class="Apple-tab-span" style="white-space:pre"><span class="Apple-style-span" > </span></span></div><div><span class="Apple-style-span" > <span class="Apple-tab-span" style="white-space:pre"> </span>Assignment 12.1</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >Complete the peer evaluation form (top of page - PeerEval.xls) for your group members and post it to the assignment link.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" > <span class="Apple-tab-span" style="white-space:pre"> </span>Assignment 12.2</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >Provide background on the Communications Decency Act. Why was it enacted? When? Who sponsored it? Now provide information on the organization which led the effort to have this overturned... again, why? when? who? What was the outcome? Include any opinions you may have on this.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" > <span class="Apple-tab-span" style="white-space:pre"> </span>..</span></div><div><span class="Apple-style-span" >Assignment 12.3 (post to the Week 12 Forum)</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points; 25 points for your original posting, and 25 points for participation.</span></div><div><span class="Apple-style-span" >Using any resource at your disposal, find out what laws your state (or country) has passed to prosecute computer crime and provide a short description of them. Were you surprised at what you found? Disappointed in what you found?</span></div><div><span class="Apple-style-span" >Minimum Posting Requirements: You must post at least five messages to get credit for participation. The first message is your original posting, due no later than Wed. At least two of the other messages must be responses to other student original postings. This is a pass/fail type of grade. If you meet the minimum requirements you get the points. If you do not meet the minimum requirements, you'll get no points for participation. Messages must be posted on more than one day. Don't wait until the last minute!</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Group Assignment-Week 12 </span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >As a group, determine a best response to the Case Exercises for RWW, Inc. at the end of the chapter. Use your group forum area for discussion, located under the Groups button to the left...</span></div><div><span class="Apple-style-span" >Have one person in your group post the group consensus, labeled as "Week12 Post - Grade Me" to your group forum.<span class="Apple-tab-span" style="white-space:pre"> </span></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" > <span class="Apple-tab-span" style="white-space:pre"> </span>Assignment 12.4 (Post to your Blog and to the Week 12 Forum)</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >Time to finish up your blog. This last assignment should be a retrospective look at your postings over the last 11 weeks. Time for a little analysis. Write up an entry that provides a summary of what you chose to write about.</span></div><div><span class="Apple-style-span" >First, you need to categorize your topics of choice. Did you write primarily on operating system issues? User errors? Viruses? Or did you write about a variety of topics? Why did you choose those topics?</span></div><div><span class="Apple-style-span" >Next, you need to include an analysis of where you got your material. Did you use the same source each week? A variety each week?</span></div><div><span class="Apple-style-span" >As the last part of this entry, include whether or not you thought this type of blog might be useful to an information security professional and provide a few lessons learned for the next group of students.</span></div><div><span class="Apple-style-span" >To get credit for this assignment, the URL must be posted in this assignment.</span></div></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-46415408629990372322011-11-13T21:54:00.000-08:002011-11-18T21:08:49.263-08:00Post 063 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKRR2LvuI16I-iLGzq7jiI84l5xggIgv1L-FhCagEBdMKnDNnI23kDIs83H0fR7g4PgaKcKEhpDckRcP2Su0Nva5e6KX4qNMOTuQAl9EPCu0m1y0vRZC_pTNyHGnDahDVw566JRdigcLQ/s1600/cybersecurity_policy_.png" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 299px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKRR2LvuI16I-iLGzq7jiI84l5xggIgv1L-FhCagEBdMKnDNnI23kDIs83H0fR7g4PgaKcKEhpDckRcP2Su0Nva5e6KX4qNMOTuQAl9EPCu0m1y0vRZC_pTNyHGnDahDVw566JRdigcLQ/s400/cybersecurity_policy_.png" border="0" alt="" id="BLOGGER_PHOTO_ID_5674734830702540578" /></a><br /><div><span class="Apple-style-span"><br /></span></div><div><div style="text-align: center;"><a href="http://info.publicintelligence.net/cyberspace_policy_review_final.pdf"><span class="Apple-style-span">Cyberspace and Communication Policy Timeline Picture from the </span></a></div><span class="Apple-style-span"><div style="text-align: center;"><a href="http://info.publicintelligence.net/cyberspace_policy_review_final.pdf">National Cyberspace Policy Review, the White House - July 2009</a></div></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><b>Unresolved Questions Dog International Cybersecurity Policies</b></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><a href="http://www.bizjournals.com/washington/blog/fedbiz_daily/2011/11/unresolved-questions-dog-international.html">Unresolved questions dog international cybersecurity policies</a> This short article that was published on the web on November 9, 2011, highlights the difficult and legal complexities of a world that is waking up to the idea that we are now a globalized society that is very connected via the Internet. The concerns stem from the fact that internationally-directed data breaches are occurring and an increasing awareness that cyberspace (connected via the Internet) will be the new landscape of international confrontation, up to and including battles and wars fought in cyberspace. The dangerous realities we are now facing in cyberspace are something that only existed in the minds of famous cyberpunk science fiction writers such as <a href="http://www.williamgibsonbooks.com/">William Gibson</a> (who actually coined the term "cyberspace"), <a href="http://www.egs.edu/faculty/bruce-sterling/biography/">Bruce Sterling</a>, and <a href="http://www.nealstephenson.com/">Neal Stephenson</a> back in the early to mid-1990s.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Now we all are playing catch up, realizing that it is absolutely essential to have laws and international cooperation between the nation state stakeholders of cyberspace. Welcome to the brave new world in which our leaders are now having to understand and legislate cyberspace on a level that makes it safer for business and personal interactions.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Nevertheless, the answers to all these difficult issues may be right <a href="http://billslater.com/rk">here</a>.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">======================</span></div><div><span class="Apple-style-span"><br /></span></div><div><div><span class="Apple-style-span">William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585</span></div><div><span class="Apple-style-span">Project Manager / Program Manager</span></div><div><span class="Apple-style-span">Chicago, IL</span></div><div><span class="Apple-style-span">slater@billslater.com</span></div><div><span class="Apple-style-span">http://billslater.com/career</span></div></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-89126138744957088592011-11-10T18:36:00.000-08:002011-11-18T21:15:32.521-08:00Post 062 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4JpdPzTDmStV6x_NWm0krGAk5GHf2EzTQHqGegei96PQ2rkwlf9vD375E4O2gQj1LLlv0FVVxICLjQppqHaAX_IIoy1OiXbBT9Dns0mGpp0AkH-RSV0oSCUGx2PQFqNpU1C9fGAthT6U/s1600/sad_dude_after_scam_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 252px; height: 184px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4JpdPzTDmStV6x_NWm0krGAk5GHf2EzTQHqGegei96PQ2rkwlf9vD375E4O2gQj1LLlv0FVVxICLjQppqHaAX_IIoy1OiXbBT9Dns0mGpp0AkH-RSV0oSCUGx2PQFqNpU1C9fGAthT6U/s400/sad_dude_after_scam_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5674271334882503730" /></a><div><div><span class="Apple-style-span"><b><br /></b></span></div><div><span class="Apple-style-span"><b><br /></b></span></div><div><span class="Apple-style-span"><b>U.S. Charges 7 in Alleged Internet Ad Fraud Scam</b></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">November 9, 2011</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">For the first time, I believe, U.S. authorities Wednesday charged seven people living in Estonia and Russia with using malicious software to hijack millions of computers worldwide to redirect Internet searches toward online ads.</span></div><div><span class="Apple-style-span">Starting in 2007, the suspects created fake companies that contracted with legitimate advertiser websites to drive Internet traffic toward their Internet pages, according to a Manhattan federal court indictment.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">About 4 million computers in 100 countries including the United States were infected with malicious software designed by the defendants that would redirect an Internet user's browser toward the online advertisements, the indictment said. The defendants were paid about $14 million by advertisers based on the amount of "clicks" the ad pages would receive, it said.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Source: <a href="http://www.chicagotribune.com/business/breaking/chi-us-charges-7-in-alleged-internet-ad-fraud-scam-20111109,0,163719.story">Chicago Tribune</a></span></div><div><br /></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Note - these people could have installed spyware on your computer. Maybe you should ensure that your security software protects against such malware.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585</span></div><div><span class="Apple-style-span">Project Manager / Program Manager</span></div><div><span class="Apple-style-span">Chicago, IL</span></div><div><span class="Apple-style-span">slater@billslater.com</span></div><div><span class="Apple-style-span">http://billslater.com/career</span></div></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-89891320994155579452011-11-09T13:28:00.000-08:002011-11-09T13:33:26.808-08:00Post 061 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL-8OOYWfFeUqMWgauP85lECEuTPQmrNfW_yMSm8ybp3booqsDJ2hmgSibLDwLT6b8p8pvnfuSqBU9SIshyphenhyphenyP8nIO733iUU1DCxsIQmPNtZYg7XwImKc_ixa4NtbvKKKPhgRCFOzxroP4/s1600/Roman_Numeral_Yellow_11.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 116px; height: 115px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL-8OOYWfFeUqMWgauP85lECEuTPQmrNfW_yMSm8ybp3booqsDJ2hmgSibLDwLT6b8p8pvnfuSqBU9SIshyphenhyphenyP8nIO733iUU1DCxsIQmPNtZYg7XwImKc_ixa4NtbvKKKPhgRCFOzxroP4/s400/Roman_Numeral_Yellow_11.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5673112269813476178" /></a><br /><div><span class="Apple-style-span" ><br /></span></div><div><div><span class="Apple-style-span" ><b>Week Eleven Assignments- Maps to Course Obj. 8</b></span></div><div><span class="Apple-style-span" > </span></div><div><span class="Apple-style-span" >..</span></div><div><span class="Apple-style-span" >Read/Review</span></div><div><span class="Apple-style-span" >: Chapter 11, Management of Information Security, 3e.</span></div><div><span class="Apple-style-span" >: Powerpoint Slides, Chapter 11, located in Course Documents, Lecture Notes</span></div><div><span class="Apple-style-span" >Learning Objectives - Week 11</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Identify the skills, requirements, and certifications for information security positions</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Understand and implement information security constraints on the general hiring process</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Describe the security practices used to control employee behavior and prevent misuse of information<span class="Apple-tab-span" style="white-space:pre"> </span></span></div><div><span class="Apple-style-span" > </span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Assignment 11.1</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >Using the information in this text and any other resources you identify, write a job description of Iris's new position, described in the Case Exercise at the end of the chapter. What qualifications and responsibilities should be associated with this position?</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" > </span></div><div><span class="Apple-style-span" >..</span></div><div><span class="Apple-style-span" >Assignment 11.2 (post to the Week 11 Forum)</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points; 25 points for your original posting, and 25 points for participation.</span></div><div><span class="Apple-style-span" >List any certifications you currently hold, including type, date of creditation, etc. (If you don't currently hold any certifications, start from here). List any certifications you are planning on acquiring. Post your opinion on certifications in general. Was it worth the time and money to acquire your current certs? Would you recommend them to others? Which do you think has more credibility when looking at resumes, certifications or formal education or experience? If your answer depends upon the type of job, include that information.</span></div><div><span class="Apple-style-span" >Minimum Posting Requirements: You must post at least five messages to get credit for participation. The first message is your original posting, due no later than Wed. At least two of the other messages must be responses to other student original postings. This is a pass/fail type of grade. If you meet the minimum requirements you get the points. If you do not meet the minimum requirements, you'll get no points for participation. Messages must be posted on more than one day. Don't wait until the last minute!</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Group Assignment-Week 11 </span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >As a group, determine a best response to the Case Exercises for RWW, Inc. at the end of the chapter. Use your group forum area for discussion, located under the Groups button to the left...</span></div><div><span class="Apple-style-span" >Have one person in your group post the group consensus, labeled as "Week11 Post - Grade Me" to your group forum.<span class="Apple-tab-span" style="white-space:pre"> </span></span></div><div><span class="Apple-style-span" > </span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Assignment 11.3 (Post to your Blog)</span></div><div><span class="Apple-style-span" >This assignment is worth 20 points.</span></div><div><span class="Apple-style-span" >Time to start adding to that blog! If you are not sure what to include, you might want to re-read the assignment located at the top of the Week 1 Assignments.</span></div><div><span class="Apple-style-span" >To get credit for this assignment, the URL for the blog must be posted in this drop box.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><br /></div></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-54388644461138173872011-11-08T08:25:00.001-08:002011-11-08T09:56:54.791-08:00Post 060 - CIS 608<span class="Apple-style-span"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3yD7RqId8TN3MfVJpC_jxtwFmU-lnokdp3XLUusR0-MKiD7ERLOh2KbxBppsOVJLcVOiPTQ6HJDaJGNNhERIfnN-OsScpsBbNGieJMhCLkkncTI_rEBzYl4UUjsL6eIOavlcp4u50_Rs/s1600/wfs_cissp_2013_certificate_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 311px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3yD7RqId8TN3MfVJpC_jxtwFmU-lnokdp3XLUusR0-MKiD7ERLOh2KbxBppsOVJLcVOiPTQ6HJDaJGNNhERIfnN-OsScpsBbNGieJMhCLkkncTI_rEBzYl4UUjsL6eIOavlcp4u50_Rs/s400/wfs_cissp_2013_certificate_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5672666792778057378" /></a><br /></span><div style="text-align: center;"><span class="Apple-style-span"><u><br /></u></span></div><div><span class="Apple-style-span"><b>Week 11 Discussion Question - IT Professional Certifications, Value and Relevance</b></span></div><div><span class="Apple-style-span"><br /></span></div><div><b><u><span style="font-size: 9.5pt; ">Assignment 11.2 (post to the Week 11 Forum)</span></u></b></div><div><p class="MsoNormal"> <span class="Apple-style-span"><span>This assignment is worth 50 points; 25 points for your original posting, and 25 points for participation.</span></span></p><p class="MsoNormal"><span class="Apple-style-span"><span><br /></span><span class="Apple-style-span">List any certifications you currently hold, including type, date of creditation, etc. (If you don't currently hold any certifications, start from here). List any certifications you are planning on acquiring. Post your opinion on certifications in general. Was it worth the time and money to acquire your current certs? Would you recommend them to others? Which do you think has more credibility when looking at resumes, certifications or formal education or experience? If your answer depends upon the type of job, include that information.</span></span></p><p class="MsoNormal"><span style="font-size: 9.5pt; "><br /></span></p><p class="MsoNormal"></p><p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Professor Sparks, thanks for posting this question.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">These are my responses.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><b><span style="font-size: 9.5pt; line-height: 115%; ">--- > List any certifications you currently hold, including type, date of creditation, etc. <o:p></o:p></span></b></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">My certifications are listed at this link along with the name, abbreviation, certifying body, and the date I achieved them. <a href="http://billslater.com/certifications">http://billslater.com/certifications</a> . By the way, I am proud to tell all of you that I am the most certified individual in the entire Midwest.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><b><span style="font-size: 9.5pt; line-height: 115%; ">--- > List any certifications you are planning on acquiring. <o:p></o:p></span></b></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">These are certifications I plan to earn in the next 12 months:<o:p></o:p></span></p> <p class="MsoNormal" style="margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">·<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Data Center University by APC<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">·<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Oracle Certified Associate<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">·<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Certified Java Developer<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">·<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Cloud Computing Expert<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:1.0in;text-indent:-.25in;mso-list:l0 level2 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">o<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">This is the Cloud Computing Pathway program:<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:1.5in;text-indent:-.25in;mso-list:l0 level3 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">§<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Cloud Computing Foundation<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:1.5in;text-indent:-.25in;mso-list:l0 level3 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">§<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Cloud Computing Specialist - Virtualization<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:1.5in;text-indent:-.25in;mso-list:l0 level3 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">§<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Cloud Computing Specialist - SaaS and Web Applications<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:1.5in;text-indent:-.25in;mso-list:l0 level3 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">§<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Cloud Computing Specialist - PaaS and Storage Management<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:1.5in;text-indent:-.25in;mso-list:l0 level3 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">§<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Cloud Computing Specialist - Services Management<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:1.5in;text-indent:-.25in;mso-list:l0 level3 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">§<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Cloud Computing Specialist - Managing Services in the Cloud<o:p></o:p></span></span></p> <p class="MsoNormal" style="margin-left:1.5in;text-indent:-.25in;mso-list:l0 level3 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">§<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]--><span style="font-size: 9.5pt; line-height: 115%; ">Cloud Computing Expert - Master (when you pass the 6 above)<o:p></o:p></span></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><a href="http://store.theartofservice.com/all-products/cloud-computing-pathway-comple-elearning-bundle.html">http://store.theartofservice.com/all-products/cloud-computing-pathway-comple-elearning-bundle.html</a> <o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">I am doing this because:<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">a) I am a dedicated and seasoned IT professional who sees Cloud Computing as the next disruptive paradigm shift<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">b) I used to manage a Cloud Data Center so I know what happens and how it works and looks from the inside<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">c) I am ITIL Foundation v2 and v3 certified and I know what that is about<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">d) I ran an enormous ITIL Services migration project not long ago<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">e) I enjoy learning new stuff and getting certified in it, especially when it seems to be the next BIG THING in IT.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><b><span style="font-size: 9.5pt; line-height: 115%; ">--- > Post your opinion on certifications in general. <o:p></o:p></span></b></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">My opinion is expressed in a blog entry that I wrote on October 14, 2011, for my blog at IIT on this same topic:<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">In a Tough Economy, What Skills & Certifications Do You Really Need?<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">I get asked this question a lot. In fact, since this will be read by a lot of students and faculty, I will share some advice I gave someone about three weeks ago. This person, who actually has an M.S. in Information Technology, was proposing that IT certifications alone would suffice to help a person get the IT job of their dreams.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">I am with one of the world’s best companies at the moment, and I am very happy with my job and the people I work with, so I am planning on staying here as long as possible.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">But I laugh at the people that think they can move ahead in the IT field without a degree or multiple degrees in this field. They do not realize that despite what they sincerely believe about saving money and getting a few certifications, and skipping the formal education, they are doing themselves considerable career harm in the long run, because they cannot get back the years they wasted believing that poppycock. And actually, it’s good because it helps decrease the competition for guys like you and me. Also, they don’t realize that despite what they believe about being successful without formal education, they have peers and people younger than them who will get a clue and realize what it takes to succeed, and set their course and do it.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">When I was a young U.S. Air Force officer, we asked a USAF Colonel about the secret of advancing your career in the U.S. Air Force. Here’s what he said:<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">“Look around and see what your peers are doing. If they are getting master’s degrees and going to Squadron Officers School, you better be doing the same.”<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">In Houston, I lived through a severe economic downturn. There was a story about a guy who had a B.S. in Geophysics who went into a Burger King to find work because he had been laid off and out of work for three months. When he met with the manager, he explained that since he had B.S. in Geophysics he was probably over qualified. The manager said this: “Not so fast Buddy, all our hamburger flippers and cashiers have master’s degrees and PhDs.”<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">If you are a normal person like you or me, you will try to understand the laws of Supply and Demand and the Market and the Economy, and then do what it takes to succeed. if that means hard work, certifications, education, etc., we will do it. But if you are like the guy that asked the question, and you have an “inside scoop”, you can just pick up a few easy certifications, the ones that DON’T REQUIRE CPE credits, and you may be good to go, and then you can save all that money that people spend on formal education.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">However, my experience, knowledge, and time in the IT profession tell me that person that believes that certifications alone are sufficient may soon find out the hard way that he is totally wrong. The trouble is that there could be a lot of wasted time if and when he wakes up and realizes the truth.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Anyway, here’s something about education that all of you can print and put on your wall:<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><a href="http://www.billslater.com/if_you_think_education_is_expensive.jpg">http://www.billslater.com/if_you_think_education_is_expensive.jpg</a> <o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Finally, if you think that you are planning a career in Information Technology, where you can be the world’s greatest programmer, or world’s greatest database administrator, or the world’s greatest networking person, or the world’s greatest system administrator, or the world’s greatest security person, or the world’s greatest project manager, Good Luck! Here is a big surprise for you: A future employer may expect you to be all those things. Don’t believe me? Look what happened in the IT career field between 1997 and 2007.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><a href="http://www.authorstream.com/Presentation/billslater-158223-industry-2007-job-market-skills-business-finance-ppt-powerpoint/">http://www.authorstream.com/Presentation/billslater-158223-industry-2007-job-market-skills-business-finance-ppt-powerpoint/</a> <o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Almost forgot, most of those same employers also expect you to be polished and have strong communication skills in writing, speaking, and LISTENING. (Yes - Listening a form of communication also.)<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Your response? That’s not fair!!!<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">My response: Life’s not fair. So, do you want to work or be unemployed and live off your parents? If the answer to that question is, “No,” then you need to study hard and stay busy learning.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">So study hard. And stay thirsty for Knowledge and Skills my friends!<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Best regards,<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Bill<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, MCITP, MCSE, MCSD, CDCP<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Chicago, IL<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">slater@billslater.com<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><a href="http://billslater.com/career">http://billslater.com/career</a> <o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">=====================================<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">--- > Was it worth the time and money to acquire your current certs? <o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Yes. I never earned a certifications that wasn’t worth it.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><b><span style="font-size: 9.5pt; line-height: 115%; ">--- > Would you recommend them to others? <o:p></o:p></span></b></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "> If people are willing to put in the time, effort and money, yes, I would recommend certifications.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><b><span style="font-size: 9.5pt; line-height: 115%; ">--- > Which do you think has more credibility when looking at resumes, certifications or formal education or experience? <o:p></o:p></span></b></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "> I have 71 certifications and two master’s degrees and am 17% of the way through with my third master’s degree, this time an M.S. in Cybersecurity (which is why I am here).<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "> I believe that the solid IT professional will have certifications, formal education, and experience, and that they will also belong to and maintain membership in organizations that are related to their profession.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "> These are the organizations that I belong to:<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">PROFESSIONAL ORGANIZATIONS:<o:p></o:p></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Association for Computing Machinery<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Chicago Chapter of the Internet Society<o:p></o:p></span></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "> (President and Founder)<o:p></o:p></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Data Center Professionals Network<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> EC Council<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Electronic Frontier Foundation<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Federal IT Security Institute<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> IEEE Computer Society<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Institute for Data Center Professionals, Charter Member and Newsletter Editor<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> International Information Systems Security Certification Consortium, Inc., (ISC) <o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> International Society for Auditing and Control Association (ISACA) - Member<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Internet Society, Supporting Member <o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Microsoft Alumni Network<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Microsoft Partner Program<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Microsoft Developer Network<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> The Planetary Society<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Project Management Institute<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Triton College Advisory Board Member<o:p></o:p></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">�</span><span style="font-size: 9.5pt; line-height: 115%; "> Uptime Institute<o:p></o:p></span></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><b><span style="font-size: 9.5pt; line-height: 115%; ">--- > If your answer depends upon the type of job, include that information.<o:p></o:p></span></b></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "> If a person’s job demands one or more certifications, then that person certainly needs to get busy.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Final comments about certifications:<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">1) Thanks to a lot of respectable certifications and a good resume and education, I get about 15 to 20 job offers via education and e-mail, every Monday through Friday.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "> <o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">2) If you have a website or a LinkedIn.com profile, having certifications will definitely help your ranking in the search engines. To see what I mean, Search on these strings using Google :<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Pmp cissp Chicago<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Also check this page out and see the most popular pages at my website, BILLSLATER.com:<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "> <a href="http://billslater.com//webstats">http://billslater.com//webstats</a><o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">3) No one should pursue certifications that have additional requirements for continuing professional education (CPE) unless they are willing to put forth the time, energy, and money to actually pursue the CPEs to keep the certification(s) current. I have four current certifications that require these CPEs:</span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">CISSP<br /></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">SSCP<br /></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">PMP<br /></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">CISA</span></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">4) The most shocking thing to me about certifications is how much people have ridiculed me for pursuing certifications and how many jealous people will publicly and privately trash talk me for being driven to each these achievements. I really think that people should mind their own business and keep their negative opinions to themselves. I am not hurting anyone my pursuing endeavors that help my career (<a href="http://billslater.com/career">http://billslater.com/career</a> ). Maybe they need to get busy and get a life, some certifications and their own website.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">When I graduated from high school in May 1973, I had eight scholarships and I attended Memphis State University and earned a four year Bachelor of Science in Engineering Technology degree with a major in Computer Systems Technology in May 1977. I don’t think there is anything wrong with being achievement oriented and I think people who engage in negative behaviors toward me regarding my intelligence, certifications, and technical abilities are usually guilty of repeatedly breaking the 9th and 10th Commandments of the original Ten Commandments and that one day, in some way, they will have to answer to God for all the ways they have tried to hurt me. <o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">But until that day, I’ll just be getting more education and certifications, and they can pursue their own path, whatever that is.<o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">= = = = = = = = = = = = = = = = = = = = = = = = = = = = = =<o:p></o:p></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span class="Apple-style-span" style="line-height: 15px;"><br /></span></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; ">Best regards, <o:p></o:p></span></p> <p class="MsoNormal"><span style="font-size: 9.5pt; line-height: 115%; "><o:p> </o:p></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span style="font-size: 9.5pt; line-height: 115%; ">Bill<br /></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">William Favre Slater, III, PMP<br /></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br /></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">Project Manager / Program Manager<br /></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">Group 2<br /></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; "></span><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">CIS 608 Blog: </span><a href="http://cis608.blogspot.com/" style="font-size: 13px; line-height: 15px; ">http://cis608.blogspot.com</a><br /><a href="http://billslater.com/career" style="font-size: 13px; line-height: 15px; ">http://billslater.com/career</a><br /><span class="Apple-style-span" style="font-size: 13px; line-height: 15px; ">Chicago, IL</span></span></p><p></p><p class="MsoNormal"><span style="font-size: 9.5pt; font-family: Arial, sans-serif; "><br /></span></p></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-33349157680523606032011-11-07T11:41:00.000-08:002011-11-07T12:53:14.952-08:00Post 059 - CIS 608<span class="Apple-style-span" ><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCBGcjcyKwAK2zRAN560bLbWqIBxoK3LZGOi3y30cPsMY6xqRDpK3NrkCAyebzV2XqwBlh0D5bLp38r4RKVKeqdXkCCmqDuSbN0Zti6Y3pkHHft9foYXE0aOz52qeGhxgK-r3ln_jT4ec/s1600/prisoners_in_california_prison_01.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 266px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCBGcjcyKwAK2zRAN560bLbWqIBxoK3LZGOi3y30cPsMY6xqRDpK3NrkCAyebzV2XqwBlh0D5bLp38r4RKVKeqdXkCCmqDuSbN0Zti6Y3pkHHft9foYXE0aOz52qeGhxgK-r3ln_jT4ec/s400/prisoners_in_california_prison_01.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5672343152813228370" /></a><br /></span><div style="text-align: center;"><span class="Apple-style-span" >Prisoners from California Prisons</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><b>A Real Automation Integration Nightmare: Can Hackers Release Prisoners from California Prisons?</b></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >The articles below explains the probability of Hackers being able to break into the computer systems and networks that control the release mechanisms that lock the doors in California Prisons. This further highlights the need for strong leadership, policies, and efforts in sound Information Security Management.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><a href="http://www.washingtontimes.com/news/2011/nov/4/feds-concerned-about-hackers-opening-prison-doors/">Washington Times Article</a><br /><a href="http://www.wired.com/threatlevel/2011/07/prison-plc-vulnerabilities/">Wired.com Article</a> </span></div><div><span class="Apple-style-span" ><a href="http://www.chronicle.su/news/american-prisons-cant-hack-it/">Chronicle.su</a><br /><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >===========================================</span></div><div><span class="Apple-style-span" >William Favre Slater, III, MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ITIL v3, Cloud Computing Foundation<br />Project Manager / Program Manager<br /><a href="http://billslater.com/career">http://billslater.com/career</a><br />Chicago, IL<br />United States of America</span></div><div><div><p class="MsoNormal"><span class="Apple-style-span" ><o:p></o:p></span></p></div></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-29518199770615443772011-11-06T16:14:00.000-08:002011-12-23T21:50:21.338-08:00Post 058 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHsi-savEISZdZ-iiM9FIHfeGOfbVW9dRtYn2-456Fx5bKg5cFXxM7j7eNkF6A98cylRL6SmAf3lwJrDfa7KdTCNTkzO_0SETVSpUHFSK0lGeh-AHDSGtIdy0zpC2diVN7wDBXc_CMct4/s1600/140px-US-GreatSeal-Obverse.svg.png"><span class="Apple-style-span" style="color: #eeeeee;"><img alt="" border="0" id="BLOGGER_PHOTO_ID_5672043340447102546" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHsi-savEISZdZ-iiM9FIHfeGOfbVW9dRtYn2-456Fx5bKg5cFXxM7j7eNkF6A98cylRL6SmAf3lwJrDfa7KdTCNTkzO_0SETVSpUHFSK0lGeh-AHDSGtIdy0zpC2diVN7wDBXc_CMct4/s400/140px-US-GreatSeal-Obverse.svg.png" style="display: block; height: 140px; margin-bottom: 10px; margin-left: auto; margin-right: auto; margin-top: 0px; text-align: center; width: 140px;" /></span></a><br />
<div>
<span class="Apple-style-span" style="color: #eeeeee;"><br /></span></div>
<div>
<div style="text-align: center;">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: x-large;"><b>USA PATRIOT ACT <br />and Its Effect on the American People</b></span></div>
</div>
<div>
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div>
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Many of you may be unaware of the USA PATRIOT ACT that was passed in October 2001 as a quick response to the <a href="http://www.billslater.com/wfs_2001_0911.htm">terrorist attacks of September 11, 2001</a>. This post explains some facts that you need to know about the USA PATRIOT ACT and how it changed the freedoms that the Founding Fathers tried to provide for the citizens of this country when the first wrote and ratified the Constitution of the United States and the first 10 Ammedments, commonly known as the Bill of Rights.</span></div>
<div>
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">USA PATRIOT ACT essentially nullified 5 of the first 10 Amendments to the U.S. Constitution.</span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Many citizens feel strongly that the powers now granted to the Executive branch of government and its agents are in direct conflict with the 1st, 4th, 5th, 6th and 8th Amendments in the Bill of Rights to the U.S. Constitution (see Bill of Rights, below.). In other words, we now live in such times that many of the rights to privacy that we thought we were guaranteed under the U.S. Constitution, are now preempted, at least temporarily by the PATRIOT Act. In fact, the only way that the PATRIOT Act could be successfully passed in both chambers of Congress was to include a “Sunset Clause,” which caused many of the more far-reaching provisions of the Act to expire automatically, unless they were again reviewed and approved by both chambers of Congress. Though there was a “Sunset Clause" the PATRIOT Act has now been renewed TWICE, once under President Bush and once under President Obama.</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">= = = = = = = = = = = = = = = = = = = = = = = = = = = = </span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal" style="text-align: center;">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: large;"><b>Bill of Rights – First 10 Amendments to the U.S. Constitution</b></span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">ARTICLES IN ADDITION TO, AND AMENDMENTS OF, THE Amendments to the Constitution</span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">CONSTITUTION OF THE UNITED STATES OF AMERICA, PROPOSED BY CONGRESS, AND RATIFIED BY THE LEGISLATURES OF THE SEVERAL STATES, PURSUANT TO THE FIFTH ARTICLE OF THE ORIGINAL CONSTITUTION</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [I.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [II.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [III.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [IV.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [V.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [VI.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">In all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury of the State and district wherein the crime shall have been committed, which district shall have been previously ascertained by law, and to be informed of the nature and cause of the accusation; to be confronted with the witnesses against him; to have compulsory process for obtaining witnesses in his favor, and to have the Assistance of Counsel for his defence. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [VII.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">In Suits at common law, where the value in controversy shall exceed twenty dollars, the right of trial by jury shall be preserved, and no fact tried by a jury, shall be otherwise re-examined in any Court of the United States, than according to the rules of the common law. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [VIII.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [IX.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people. </span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Article [X.]</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">======================================</span></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
<span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">References:</span></div>
<div class="MsoNormal">
<o:p><span class="Apple-style-span" style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"> </span></o:p></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<br />
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">The Constitution of the U.S. (1791). U.S. Constitution.
Retrieved from the web at </span></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><a href="http://www.billslater.com/wfs_us_constitution.htm">http://www.billslater.com/wfs_us_constitution.htm</a>
on November 6, 2011.</span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">The Declaration of Independence. (1776). The Declaration of
Independence. Retrieved from the web at </span></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><a href="http://www.billslater.com/tj1776.htm">http://www.billslater.com/tj1776.htm</a>
on November 6, 2011.</span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Doyle, C. (2002). USA
PATRIOT Act: A sketch. Retrieved from
the web at </span></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><a href="http://www.fas.org/irp/crs/RS21203.pdf">http://www.fas.org/irp/crs/RS21203.pdf</a>
on December 24, 2011. </span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Doyle, C. (2010).
National Security Letters in Foreign Intelligence Investigations: A Glimpse
of the Legal Background and Recent Amendments - a CRS Report Dated December 27,
2010. Retrieved from the web at <a href="http://www.fas.org/sgp/crs/intel/RS22406.pdf">http://www.fas.org/sgp/crs/intel/RS22406.pdf</a>
on December 24, 2011. </span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Electronic Privacy and Information Center Resources about
the USA PATRIOT Act</span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><a href="http://epic.org/privacy/terrorism/usapatriot/">http://epic.org/privacy/terrorism/usapatriot/</a>
.</span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">U.S. Government (2001).
USA PATRIOT Act. Retrieved from
the web at <a href="http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ056.107.pdf">http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ056.107.pdf</a>
on December 24, 2011. </span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">U.S. Department of Justice (2004). USA PATRIOT Act at Work. Retrieved from the web at </span></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><a href="http://www.justice.gov/olp/pdf/patriot_report_from_the_field0704.pdf">http://www.justice.gov/olp/pdf/patriot_report_from_the_field0704.pdf</a>
on December 24, 2011.</span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">Wikipedia. (2011). USA PATRIOT Act. A Wikipedia article
retrieved from the web at </span></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><a href="http://en.wikipedia.org/wiki/Usa_patriot_act">http://en.wikipedia.org/wiki/Usa_patriot_act</a>
on November 6, 2011.</span></div>
<div class="MsoNormal">
<br /></div>
</div>
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span><br />
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">= = = = = = = = = = = = = = = = = = = = = = =</span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">William Favre Slater, III <o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002,
ISO 20000, ITIL v3, Cloud Computing Foundation <o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">Project Manager / Program Manager<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">M.S. in Cybersecurity Program at Bellevue
University<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://cybersecuritymsbellevue.blogspot.com/">http://cybersecuritymsbellevue.blogspot.com</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">CIS 537 Introduction to Cyber Ethics <o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://cis537-wfs.blogspot.com/">http://cis537-wfs.blogspot.com</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">CIS 608 Information Security Management<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://cis608.blogspot.com/">http://cis608.blogspot.com</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">CYBR 515 - Security Architecture and Design<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://cybr515.blogspot.com/">http://cybr515.blogspot.com</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">CYBR 510 Physical, Operations, and Personnel
Security<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://cybr510.blogspot.com/">http://cybr510.blogspot.com</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">Career<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://billslater.com/career">http://billslater.com/career</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">Certifications<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://billslater.com/certifications">http://billslater.com/certifications</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">Credentials<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://on.fb.me/fW3wH0">http://on.fb.me/fW3wH0</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">ISO 27001<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;"><a href="http://billslater.com/iso27001">http://billslater.com/iso27001</a><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif; font-size: 9pt;">Chicago, IL<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-size: 9pt;"><span style="color: #eeeeee; font-family: 'Trebuchet MS', sans-serif;">United States of America</span><span style="color: #002060; font-family: Arial, sans-serif;"><o:p></o:p></span></span></div>
</div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0Aleje Jerozolimskie 31, 01-001 Warsaw, Poland52.2296756 21.012228752.0740671 20.6963717 52.3852841 21.328085700000003tag:blogger.com,1999:blog-3354286364002529860.post-68316281592467530972011-11-03T22:08:00.000-07:002011-11-03T22:11:45.087-07:00Post 057 - CIS 608<div style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgT9nlvSDKyDg_sNpaiB4SsiGkdQ2qw9g6zBnzlF1xMNGeF0v8IYJJjiAZfNImtg1-lmNJytJrB5-aA2Ddl4gVzCUFDauG3CJRmEsz6411gSkh9GF5wpoawpIhRDNWGQkxL6y4zKSujKAc/s1600/Cover__Foreign_Spies_Stealing_US_Economic_Secrets_in_Cyberspace_2011_1103_.jpg" style="text-align: left; " onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgT9nlvSDKyDg_sNpaiB4SsiGkdQ2qw9g6zBnzlF1xMNGeF0v8IYJJjiAZfNImtg1-lmNJytJrB5-aA2Ddl4gVzCUFDauG3CJRmEsz6411gSkh9GF5wpoawpIhRDNWGQkxL6y4zKSujKAc/s400/Cover__Foreign_Spies_Stealing_US_Economic_Secrets_in_Cyberspace_2011_1103_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5671003340845376258" style="display: block; margin-top: 0px; margin-right: auto; margin-bottom: 10px; margin-left: auto; text-align: center; cursor: pointer; width: 309px; height: 400px; " /></a><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" ><b>Foreign Spies Stealing US Economic Secrets in Cyberspace</b></span></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" >Many of you may want to read this report and perhaps share it with your families, friends, and colleagues.</span></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" >Foreign Spies Stealing US Economic Secrets in Cyberspace<br /><a href="http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf">http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf</a></span></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" >It details the threats of China and Russia and how active they are in their respective efforts to steal secrets from U.S. Companies.</span></p><p class="MsoNormal" style="text-align: left; "><o:p><span class="Apple-style-span" ></span></o:p></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" >More about this report in this article from the web:</span></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" >In a world of cybertheft, U.S. names China, Russia as main culprits</span></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" ><a href="http://www.washingtonpost.com/world/national-security/us-cyber-espionage-report-names-china-and-russia-as-main-culprits/2011/11/02/gIQAF5fRiM_story.html?wprss">http://www.washingtonpost.com/world/national-security/us-cyber-espionage-report-names-china-and-russia-as-main-culprits/2011/11/02/gIQAF5fRiM_story.html?wprss</a>=</span></p><p class="MsoNormal" style="text-align: left; "><o:p><span class="Apple-style-span" ></span></o:p></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" >The threats described in these reports are some of the main reasons that I signed up for this 18 month program for an M.S. in Cybersecurity at Bellevue University in Bellevue, NE.</span></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" ><br /></span></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" >==========================================================</span></p><p class="MsoNormal" style="text-align: left; "><o:p><span class="Apple-style-span" ></span></o:p></p><p class="MsoNormal" style="text-align: left; "><span class="Apple-style-span" >William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585<br />Project Manager / Program Manager<br />Chicago, IL<br /><a href="mailto:slater@billslater.com">slater@billslater.com</a><br /><a href="http://billslater.com/career">http://billslater.com/career</a></span></p></div> <p class="MsoNormal"><o:p><span class="Apple-style-span" > </span></o:p></p> <p class="MsoNormal"><o:p><span class="Apple-style-span" > </span></o:p></p>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-11572621041157070352011-11-03T12:21:00.000-07:002011-11-03T12:32:41.084-07:00Post 056 - CIS 608<span class="Apple-style-span" ><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikk5-3sbKUTcrDQkvLCqlVqsCT_umBaOyF7ZgsxEA9fSUrVup3QFJFta7qA3Bxpjk1K6ajZS7edn9AZAKZ16DbcQMG8Er5MaMBAnPiDozEA7laAFZ8TFsxPRVtwhYkly7iGYJBINnLkvs/s1600/naked_security_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 168px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikk5-3sbKUTcrDQkvLCqlVqsCT_umBaOyF7ZgsxEA9fSUrVup3QFJFta7qA3Bxpjk1K6ajZS7edn9AZAKZ16DbcQMG8Er5MaMBAnPiDozEA7laAFZ8TFsxPRVtwhYkly7iGYJBINnLkvs/s400/naked_security_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5670854216095891634" /></a><br /></span><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" style="font-family: 'trebuchet ms'; "><span class="Apple-style-span" ><b>Time to Get Naked... Naked Security - An Award-winning IT Security Blog Worth Checking Out</b></span></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><span class="Apple-style-span" >Today, the good folks at Naked Security helped save me and my wife from a Facebook scam related to giving away two "free" Southwest Airlines tickets. This is the linkk that saved us from that scam: </span><a href="http://nakedsecurity.sophos.com/2011/10/03/freesouthwest-airlines-tickets/">http://nakedsecurity.sophos.com/2011/10/03/freesouthwest-airlines-tickets/</a></span></div><div><span class="Apple-style-span" >I found it using <a href="http://www.google.com/">Google</a>, then checked it out and this an award-winning IT Security Blog and it is definitely worth checking out.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><span class="Apple-style-span" >This is the link: </span><a href="http://nakedsecurity.sophos.com/">http://nakedsecurity.sophos.com/</a></span></div><p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span style="font-size: 12pt; " > <o:p></o:p></span></p><div><span class="Apple-style-span" ><span class="Apple-style-span" >Get Naked(Security) and </span><span class="Apple-style-span" style="font-family: 'trebuchet ms'; ">Enjoy!</span></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><div><span class="Apple-style-span" >William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585</span></div><div><span class="Apple-style-span" >Project Manager / Program Manager</span></div><div><span class="Apple-style-span" >Chicago, IL<br /><a href="mailto:slater@billslater.com">slater@billslater.com</a><br /><a href="http://billslater.com/career">http://billslater.com/career</a></span></div></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-78198420981621990022011-11-02T19:58:00.000-07:002011-11-02T20:02:16.071-07:00Post 055 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyGmNLin7Y2o8UnYq0aSVkaA3gUof7ISC1DuY-g5UQxj5IkJwsIKFzr8MGyQ-paAVb69rV4IdJn9u2H1i_oo-vNkKoqD9iDi4dQC8j4uZZJCBQoAsbGHBTB9Udy4Z8aWICH2edxuErwOQ/s1600/Roman_Numeral_Yellow_10.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><span class="Apple-style-span" ><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 82px; height: 115px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyGmNLin7Y2o8UnYq0aSVkaA3gUof7ISC1DuY-g5UQxj5IkJwsIKFzr8MGyQ-paAVb69rV4IdJn9u2H1i_oo-vNkKoqD9iDi4dQC8j4uZZJCBQoAsbGHBTB9Udy4Z8aWICH2edxuErwOQ/s400/Roman_Numeral_Yellow_10.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5670599280309851714" /></span></a><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><b> Week Ten Assignments- Maps to Course Objs. 2 & 7</b></span></div><div> </div><div><span class="Apple-style-span" >..</span></div><div><span class="Apple-style-span" >Read/Review</span></div><div><span class="Apple-style-span" >: Chapter 10, Management of Information Security, 3e.</span></div><div><span class="Apple-style-span" >: Powerpoint Slides, Chapter 10, located in Course Documents, Lecture Notes</span></div><div><span class="Apple-style-span" >Learning Objectives - Week 10</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Know and understand access controls approaches</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Identify and describe the types of intrusion detection systems and the two strategies on which they are based</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Understand the encryption process</span></div><div><span class="Apple-style-span" >This week will be a review of sorts for a number of topics presented in CIS606.<span class="Apple-tab-span" style="white-space:pre"> </span></span></div><div> </div><div><span class="Apple-style-span" >Assignment 10.1</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >Search for information regarding personal firewall applications. Examine at least three alternatives and document a comparison of their functionality, cost, support, and platform of use. Which would you recommend to a family member or a small business? Why? Provide justification to the owner/family member as well as a cost comparison. </span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >>> View/Complete Assignment: Assignment 10.1</span></div><div><span class="Apple-style-span" ><br /></span></div><div> </div><div><span class="Apple-style-span" >..</span></div><div><span class="Apple-style-span" >Assignment 10.2 (post to the Week 10 Forum)</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points; 25 points for your original posting, and 25 points for participation.</span></div><div> </div><div><span class="Apple-style-span" >1.<span class="Apple-tab-span" style="white-space:pre"> </span>Facial geometry</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >2.<span class="Apple-tab-span" style="white-space:pre"> </span>Fingerprint</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >3.<span class="Apple-tab-span" style="white-space:pre"> </span>Hand and palm print</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >4.<span class="Apple-tab-span" style="white-space:pre"> </span>Hand geometry</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >5.<span class="Apple-tab-span" style="white-space:pre"> </span>Iris recognition</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >6.<span class="Apple-tab-span" style="white-space:pre"> </span>Retinal recognition</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >7.<span class="Apple-tab-span" style="white-space:pre"> </span>Signature recognition</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >8.<span class="Apple-tab-span" style="white-space:pre"> </span>Voice recognition</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >For each of the above, locate a vendor that provides a product designed to examine that feature. Provide the name of the vendor, the name of the product, the URL, and the CER associated with the product (many vendors do not provide CERs, just report what you can find). Of those in the list, which do you believe is more acceptable to users and why? Which would be preferred by security administrators and why? Provide some guidance to the organization as to what can be done if what the security folks prefer is not acceptable to users.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >In your response, comment on whether you agree with the opinions stated.</span></div><div><span class="Apple-style-span" >Minimum Posting Requirements: You must post at least five messages to get credit for participation. The first message is your original posting, no later than Wed. At least two of the other messages must be responses to other student original postings. This is a pass/fail type of grade. If you meet the minimum requirements you get the points. If you do not meet the minimum requirements, you'll get no points for participation. Messages must be posted on more than one day. Don't wait until the last minute!</span></div><div><span class="Apple-style-span" >________________________________________</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Group Assignment-Week 10 </span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >As a group, determine a best response to the Case Exercises for RWW, Inc. at the end of the chapter. Use your group forum area for discussion, located under the Groups button to the left...</span></div><div><span class="Apple-style-span" >Have one person in your group post the group consensus, labeled as "Week10 Post - Grade Me" to your group forum.<span class="Apple-tab-span" style="white-space:pre"> </span></span></div><div> </div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Assignment 10.3 (Post to your Blog)</span></div><div><span class="Apple-style-span" >This assignment is worth 20 points.</span></div><div><span class="Apple-style-span" >Time to start adding to that blog! If you are not sure what to include, you might want to re-read the assignment located at the top of the Week 1 Assignments.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><br /></span></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-18489316621894553032011-10-31T08:37:00.000-07:002011-10-31T11:21:39.273-07:00Post 054 - CIS 608<span class="Apple-style-span"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq_aWIvR4sdnBGI7xpXzre0uF8TAkOMucZCSWlMo_8tuzCK2UQIVjQIyNAj3orHCF5c4EvFRk2yXEqArFIqyr28-7COnitDjVpWk062A3O-pTUrNzE88Aj4xD5a5f8Tc71KVYTRW5K2cE/s1600/cyber_attack_picture_01_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 271px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq_aWIvR4sdnBGI7xpXzre0uF8TAkOMucZCSWlMo_8tuzCK2UQIVjQIyNAj3orHCF5c4EvFRk2yXEqArFIqyr28-7COnitDjVpWk062A3O-pTUrNzE88Aj4xD5a5f8Tc71KVYTRW5K2cE/s400/cyber_attack_picture_01_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5669685885836161090" /></a><br /><br /></span><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><b>Important News Item: DHS: U.S. infrastructure faces a barrage of cyber-attacks</b></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Summary from CompTIA News Digest on October 30, 2011:</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><b><span style="font-size: 12pt; "><a href="http://r.smartbrief.com/resp/djvzDVirjweapcskfCzabQfCmxoL?format=standard" target="_blank"><span style="text-decoration: none; ">DHS: U.S. infrastructure faces a barrage of cyber-attacks</span></a><br /></span></b><span style="font-size: 10pt; ">Hackers have launched thousands of cyber-attacks against critical U.S. infrastructure such as financial and transportation assets and have nearly succeeded in crippling key systems, according to the Department of Homeland Security. DHS Secretary Janet Napolitano said officials responded to more than 100,000 cybersecurity incidents in fiscal 2011, and she urged Congress to draft stronger laws to protect the nation's most vital networks. </span></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><span style="font-size: 11pt; ">Source: </span><a href="http://www.eweek.com/c/a/Security/CyberAttackers-Already-Targeting-Critical-Infrastructure-DHS-573564/?kc=rss" style="font-size: 15px; ">http://www.eweek.com/c/a/Security/CyberAttackers-Already-Targeting-Critical-Infrastructure-DHS-573564/?kc=rss</a></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span" style="color: rgb(204, 204, 204); font-family: 'trebuchet ms'; font-size: 15px; ">========================================================</span></div><div><span class="Apple-style-span">My Comments:</span></div><div><p class="MsoNormal"><span style="font-size: 11pt; ">Looks like yet another reason to be in the Bellevue University M.S. in Cybersecurity Program:</span></p><p class="MsoNormal"><span class="Apple-style-span" style="font-size: 15px; ">I am resolved, more than ever, to do all the work and complete this important program.</span></p><p class="MsoNormal"> </p><p class="MsoNormal"><span style="font-size: 11pt; ">I am also keeping my (public) course blogs up to date and they are getting TONS of hits.</span></p> <p class="MsoNormal"><span style="font-size: 11pt; "><a href="http://cis608.blogspot.com/">http://cis608.blogspot.com</a> - CIS 608 - Information Security Management</span></p> <p class="MsoNormal"><span style="font-size: 11pt; "><a href="http://cybr515.blogspot.com">http://cybr515.blogspot.com</a> - Security Architecture and Design</span></p> <p class="MsoNormal"><span class="Apple-style-span"><span class="Apple-style-span" style="font-size: 15px; ">========================================================</span><br /><span class="Apple-style-span" style="font-size: 11px;"><br /></span></span></p> <p class="MsoNormal"><span class="Apple-style-span"><span class="Apple-style-span" style="font-size: 11px; ">William Favre Slater, III<br /></span><span class="Apple-style-span" style="font-size: 11px; ">MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br /></span><span class="Apple-style-span" style="font-size: 11px;">Project Manager / Program Manager</span><br /><a href="http://billslater.com/career" style="font-size: 11px; ">http://billslater.com/career</a><br /><span class="Apple-style-span" style="font-size: 11px; ">Chicago, IL<br /></span><span class="Apple-style-span" style="font-size: 11px; ">United States of America</span></span></p> <p class="MsoNormal"><span style="font-size: 11pt; "><o:p> </o:p></span></p><p></p></div><div><span class="Apple-style-span"><br /></span></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-54176030589234520362011-10-30T21:16:00.000-07:002011-10-30T21:20:00.784-07:00Post 053 - CIS 608<span class="Apple-style-span"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYPEpF5JYpqHI_-mKF4sg85leYYGLGq-cblaysjbbZAOSxPdC4NUQxWDEXVUJ-GsGUeaUOi3272dQu4FuwKBnhOGvctXWFHm4CgejEZV6bkhhsSU_R8Ha7km7R-vW0fNn2N7ME0Dwt_Bg/s1600/CYBR515_Assignment_9_3_Diagram_William_Slater_v1_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYPEpF5JYpqHI_-mKF4sg85leYYGLGq-cblaysjbbZAOSxPdC4NUQxWDEXVUJ-GsGUeaUOi3272dQu4FuwKBnhOGvctXWFHm4CgejEZV6bkhhsSU_R8Ha7km7R-vW0fNn2N7ME0Dwt_Bg/s400/CYBR515_Assignment_9_3_Diagram_William_Slater_v1_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5669482404355067570" style="display: block; margin-top: 0px; margin-right: auto; margin-bottom: 10px; margin-left: auto; text-align: center; cursor: pointer; width: 400px; height: 293px; " /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikQgy5AhmW5Ag_jzhSVXbLINOy0b3PCMpDcJDADoyzgHkZ_WvChwUIhWxlwPfruep8rdjS77obs2z9rnPso61CLhoYQwhAtFA4mGK7kgm2iIh2BJPkw6R1hGWrc21-Ipp94LscvkdcEd4/s1600/CYBR515_Assignment_9_3_Diagram_2_William_Slater_v1_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikQgy5AhmW5Ag_jzhSVXbLINOy0b3PCMpDcJDADoyzgHkZ_WvChwUIhWxlwPfruep8rdjS77obs2z9rnPso61CLhoYQwhAtFA4mGK7kgm2iIh2BJPkw6R1hGWrc21-Ipp94LscvkdcEd4/s400/CYBR515_Assignment_9_3_Diagram_2_William_Slater_v1_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5669482327034196418" style="display: block; margin-top: 0px; margin-right: auto; margin-bottom: 10px; margin-left: auto; text-align: center; cursor: pointer; width: 400px; height: 297px; " /></a></span><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><b>Designing and Implementing Enterprise Network Malware Prevention Solutions</b></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">(This was my Assignment 9-3 for my CYBR 515 - Security Architecture and Design Course. I thought many of you might like seeing it here in this blog.)</span></div><div>==============================================</div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Conclusion<span class="Apple-style-span"> (from the presentation)</span></span></div><div><span class="Apple-style-span"><br /></span></div><div><p style="margin-top: 4.8pt; margin-bottom: 0pt; margin-left: 0.5in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">This Enterprise Malware Protection Solution Implementation Project will:</span></p><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">1. Help provide protection from a wide range of threats</span></div><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">2. Enable excellence in protecting our client’s information</span></div><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">3. Help optimize return on investments</span></div><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">4. Help provide future business opportunities</span></div><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">5. Help protect the Slater Technologies, Inc. brand and reputation</span></div><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">6. Help ensure business continuity</span></div><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">7. Help reduce the risk of financial loss</span></div><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">8. Help reduce risk of litigation</span></div><div class="O1" style="margin-top: 4.32pt; margin-bottom: 0pt; margin-left: 0.94in; text-indent: -0.5in; direction: ltr; unicode-bidi: embed; vertical-align: baseline; "><span class="Apple-style-span">9. Help Slater Technologies to become famous for what we do and how we do it</span></div></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">==============================================</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">The diagrams above were part of the design and presentation I created as part of the assignment shown below.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span style="font-size: 9.5pt; line-height: 15px; "><span class="Apple-style-span">Companies like Symantec, McAffee, Trend Micro, Kaspersky, etc. provide enterprise-level malware protection. Choose a major anti-virus company and familiarize yourself with their product line. Using what you learned from your research and this week's reading assignment, create an executive presentation of 8-12 PowerPoint slides on the product and on how you would install an enterprise malware solution on a hypothetical network with 50 Windows servers and 2000 Windows 7 computers. Provide sufficient detail about hardware devices and software and where they would be installed. Create a high-level Visio diagram to accompany your proposal that shows the layout of your software. It is not necessary to diagram your complete network, just a high level representation of it. For example, you could represent the 2000 Windows 7 computers with one Icon labeled Windows 7 Workstations (2000). However, if you include a security appliance that provides malware protection, it should be included as a separate icon. Also, indicate location of software components (clients, servers, databases, management tools, etc) on your diagram, as well.</span></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">================</span></div><div><div><p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span class="Apple-style-span"><span style="font-size: 10pt; ">William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585<br /></span><span class="Apple-style-span" style="font-size: 14px; ">Project Manager / Program Manager<br /></span><span class="Apple-style-span" style="font-size: 14px; ">Chicago, IL<br /></span><a href="mailto:slater@billslater.com" style="font-size: 14px; ">slater@billslater.com</a><br /><a href="http://billslater.com/career" style="font-size: 14px; ">http://billslater.com/career</a></span></p></div></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com1tag:blogger.com,1999:blog-3354286364002529860.post-61970780270521039182011-10-30T21:06:00.000-07:002011-10-30T21:07:01.348-07:00Post 052 - CIS 608<span class="Apple-style-span" ><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHNnfDa-x3ntkrwjfYp0ULZe7E-bcBXaQdK7yknLc25b6z1AeI8c87K8UZMSSYL8YYeRDMG2cqUAXPaECiRnhozOA1whvuFU3WfNf8A33bl7j1h5GPuN-bNYbcm0_3QJ0E6-eTYrbG924/s1600/Satellite-attacks-from-china.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHNnfDa-x3ntkrwjfYp0ULZe7E-bcBXaQdK7yknLc25b6z1AeI8c87K8UZMSSYL8YYeRDMG2cqUAXPaECiRnhozOA1whvuFU3WfNf8A33bl7j1h5GPuN-bNYbcm0_3QJ0E6-eTYrbG924/s400/Satellite-attacks-from-china.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5669499004237412642" style="display: block; margin-top: 0px; margin-right: auto; margin-bottom: 10px; margin-left: auto; text-align: center; cursor: pointer; width: 400px; height: 312px; " /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjazeYN6G5F7wlBAWLA1Y-qivLK6URX7VTQ-VmttUZl_RaKVFXI_9yDMHu8RZcvf3Twb73uR5TLrZm0xNNflGZYdVGNWaLRQ5x5_htOyuyWHZ3o6u2XY8VAsiyK5TOQ5qCJ84TfGSEjfDc/s1600/chinese_hacker_01.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjazeYN6G5F7wlBAWLA1Y-qivLK6URX7VTQ-VmttUZl_RaKVFXI_9yDMHu8RZcvf3Twb73uR5TLrZm0xNNflGZYdVGNWaLRQ5x5_htOyuyWHZ3o6u2XY8VAsiyK5TOQ5qCJ84TfGSEjfDc/s400/chinese_hacker_01.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5669497482804860674" style="display: block; margin-top: 0px; margin-right: auto; margin-bottom: 10px; margin-left: auto; text-align: center; cursor: pointer; width: 259px; height: 194px; " /></a><br /></span><div><b style="color: rgb(204, 204, 204); font-family: 'trebuchet ms'; font-size: x-large; ">Newly Discovered Information: Chinese Hackers Attacked U.S. Satellites in 2007 and 2008</b></div><div><p class="MsoNormal"><span class="Apple-style-span" >This is amazing. Why would our friends do something like this to American satellites?</span></p><p class="MsoNormal"><span class="Apple-style-span" >Source: <a href="http://unionresourcecenter.com/wp/?p=9168">http://unionresourcecenter.com/wp/?p=9168</a></span></p></div><div><span class="Apple-style-span" >“Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,” according to the draft. “Access to a satellite‘s controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.”</span></div><div><span class="Apple-style-span" ><br /></span></div><div><p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span class="Apple-style-span" ><span style="font-size: 12pt; ">More Information is in this BBC article:<br /></span><a href="http://www.bbc.co.uk/news/business-15490687">http://www.bbc.co.uk/news/business-15490687</a></span></p><p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span class="Apple-style-span" ><span style="font-size: 12pt; ">More Information is also in this Bloomburg article:<br /></span><a href="http://www.bloomberg.com/news/2011-10-27/chinese-military-suspected-in-hacker-attacks-on-u-s-satellites.html">http://www.bloomberg.com/news/2011-10-27/chinese-military-suspected-in-hacker-attacks-on-u-s-satellites.html</a></span></p><p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span class="Apple-style-span" >==============================<br />William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585</span></p><p class="MsoNormal" style="margin-bottom: 0.0001pt; "><span class="Apple-style-span" >Project Manager / Program Manager<br />Chicago, IL<br /><a href="mailto:slater@billslater.com">slater@billslater.com</a><br /><a href="http://billslater.com/career">http://billslater.com/career</a></span></p></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-9043392179729922942011-10-29T14:31:00.000-07:002011-10-29T14:34:15.276-07:00Post 051 - CIS 608<span class="Apple-style-span"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYgBl_e7u6hIGDGp3kvqKKcqhQRU862-8-a2-X8s6irZ3SSrnTR5tPFxZHggMtkvCdnN-BTueAv-674r0RhY1aJiy6LRte2KQ4D1RN38St-bqF9SfeCKefsqqtmsJV1czcfoaE5dYTLak/s1600/navajo_codetalkers_from_ww_II_01_%2528source_web_version_2_via_Facebook%2529_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYgBl_e7u6hIGDGp3kvqKKcqhQRU862-8-a2-X8s6irZ3SSrnTR5tPFxZHggMtkvCdnN-BTueAv-674r0RhY1aJiy6LRte2KQ4D1RN38St-bqF9SfeCKefsqqtmsJV1czcfoaE5dYTLak/s400/navajo_codetalkers_from_ww_II_01_%2528source_web_version_2_via_Facebook%2529_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5668780482698235954" style="display: block; margin-top: 0px; margin-right: auto; margin-bottom: 10px; margin-left: auto; text-align: center; cursor: pointer; width: 400px; height: 249px; " /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyVVIZlVSOb7Bf-k3yRSlZNx7kOAV3RPp9zMUXkofljJITdr9KBgUhKegNnANhJ8O6ux-tVGIPxpwcHf2E7jXvFblMo02Dprm-sqqxiHis_sRbHTqpR8Gog8tcHw85AFCpyq6Lx7M1Hmg/s1600/navajo_codetalkers_from_ww_II_10_%2528source_web_version_2_via_Facebook%2529_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyVVIZlVSOb7Bf-k3yRSlZNx7kOAV3RPp9zMUXkofljJITdr9KBgUhKegNnANhJ8O6ux-tVGIPxpwcHf2E7jXvFblMo02Dprm-sqqxiHis_sRbHTqpR8Gog8tcHw85AFCpyq6Lx7M1Hmg/s400/navajo_codetalkers_from_ww_II_10_%2528source_web_version_2_via_Facebook%2529_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5668780321216389106" style="display: block; margin-top: 0px; margin-right: auto; margin-bottom: 10px; margin-left: auto; text-align: center; cursor: pointer; width: 400px; height: 267px; " /></a><br /></span><div><span class="Apple-style-span"><br /></span></div><div><b><span class="Apple-style-span">Navajo Codetalkers - Some True World War II American Heroes of the U.S. Marine Corps</span></b></div><div><span class="Apple-style-span"><br /></span></div><div><p class="MsoNormal"><b><span class="Apple-style-span">CYBR 515 - Week 9, Assignment 9_2 Trivia Question:<o:p></o:p></span></b></p><p class="MsoNormal"><span class="Apple-style-span">What is code talking and how was it used in World War 2?</span></p><p class="MsoNormal"><span class="Apple-style-span">During the early part of World War II, the U.S. Government allowed the United States Marine Corps to recruit Native Americans from the Navajo tribe to be able to quickly transmit messages via combat radio equipment using their native Navajo language in combat situations in the Pacific Theater while fighting the Japanese troops (Churchhouse, 2004).</span></p><p class="MsoNormal"><span class="Apple-style-span">Initially, this project with the Navajo codetalkers, as they were called, started with 29 Navajo Marines. The significance of the ability to use these these Navajo codetalkers was that it afforded the U.S. Marines the ability to transmit vitally important battlefield communications using their native Navajo language in a way that the Japanese could not possibly hope to crack. Reason: the Japanese had no familiarity with the Navajo language (Churchhouse, 2004).</span></p><p class="MsoNormal"><span class="Apple-style-span">What is remarkable is the patriotism and the heroism of these men. Depite the fact that, many native Americans still felt as if the Americans had stolen their land during the 1700s and the 1800s. These Navajo Codetalkers rose to the call to serve the U.S. cause in World War II, and placed themselves in harm’s way in battlefield situations to help further the cause of the U.S.’s tactical and strategic objectives in the Pacific Theatre.</span></p><p class="MsoNormal"><span class="Apple-style-span">I did some additional research and found 12 very interesting pictures of the surviving Navajo codetalkers and these pictures are attached (Facebook Navajo Codetalkers Forum, 2011).</span></p><p class="MsoNormal"><span class="Apple-style-span">Please check out these pictures. They will help you understand a lot about these magnificent Americans and their selfless service to the U.S.</span></p><p class="MsoNormal"><span class="Apple-style-span">Enjoy!</span></p><p class="MsoNormal"><span class="Apple-style-span">References:</span></p><p class="MsoNormal"><span class="Apple-style-span">Churchhouse, R. (2004). Code and Ciphers: Julius Caesar, the Enigma, and the Internet. Cambridge, U.K.: Cambridge University Press.</span></p><p class="MsoNormal"><span class="Apple-style-span">Facebook Navajo Codetalkers Forum. (2011). Facebook Navajo Codetalkers Forum Photo Album. Retrieved from the web at <a href="http://www.facebook.com/pages/Our-Navajo-Code-Talkers/119244804756?ref=ts&sk=wall">http://www.facebook.com/pages/Our-Navajo-Code-Talkers/119244804756?ref=ts&sk=wall</a> on October 28, 2011.</span></p><p class="MsoNormal"><span class="Apple-style-span">Best regards,</span></p><p class="MsoNormal"><span class="Apple-style-span">Bill<br />William Favre Slater, III<br />MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br />Project Manager / Program Manager<br />CIS 608 Blog: <a href="http://cybr515.blogspot.com/">http://cis608.blogspot.com</a><br />Chicago, IL<br />United States of America</span></p></div><div><span class="Apple-style-span"><br /></span></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-71285351616827493992011-10-27T20:04:00.001-07:002011-10-28T22:16:59.342-07:00Post 050 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiyu0XCX1qiREIRqv7lKDdBymxwOt0rCg4tvAXRvv9trCwfm6KGwDldHLPu6DGM2L2W1BjLVV56PEFFIIM5AIOic_XI6seaaLhzskUHpMNZxxoxQbTao6nqldFn7ywo2_HvSWy8r8mHqcs/s1600/inet_history_01.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 299px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiyu0XCX1qiREIRqv7lKDdBymxwOt0rCg4tvAXRvv9trCwfm6KGwDldHLPu6DGM2L2W1BjLVV56PEFFIIM5AIOic_XI6seaaLhzskUHpMNZxxoxQbTao6nqldFn7ywo2_HvSWy8r8mHqcs/s400/inet_history_01.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5668778728631297570" /></a><br /><div><br /></div><div><div><span class="Apple-style-span"><b>Internet History and Growth Presentation</b></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Tonight, I updated my Internet History and Growth presentation.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Visit this link: <a href="http://bit.ly/vLaEk5">Internet History and Growth presentation</a></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">I originally created this in 2002 and it was well received. Tonight I added slides about the impact of mobile technologies and Steve Jobs.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Enjoy!</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span"><div>William Favre Slater, III, MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ITIL v3, Cloud Computing Foundation</div><div>Project Manager / Program Manager<br />http://billslater.com/career</div><div>Chicago, IL</div><div>United States of America</div></span></div><div><span class="Apple-style-span"><br /></span></div></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-31847118284229353102011-10-27T17:16:00.001-07:002011-10-27T17:39:44.292-07:00Post 049 - CIS 608<span class="Apple-style-span" ><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfhUZmhi8_SA_zeREEzHyI_G1gf3EFg0lhzNCxKVsoy2bRgzKyjcoG9b1o_jJh0KhOjHp35JxpcmtFJyUDd4wAWZOAmBenmSwSdd4iwOHfd9mJg6e1Uch_0kBuiJ3Pzv8aV55xCNDvHa8/s1600/ROSI_02.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 368px; height: 400px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfhUZmhi8_SA_zeREEzHyI_G1gf3EFg0lhzNCxKVsoy2bRgzKyjcoG9b1o_jJh0KhOjHp35JxpcmtFJyUDd4wAWZOAmBenmSwSdd4iwOHfd9mJg6e1Uch_0kBuiJ3Pzv8aV55xCNDvHa8/s400/ROSI_02.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5668330633618867682" /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitUi-vJDLclL3mgLQoZI_MjdhoVq84xXjEwmbHMOg4dmgErj2lDKmnCR14u5ouwwXsqhGmeIo6nHjbhTh6-CsDF70euE6Yi6O7rpTQ1ycU1sp1I9Iq0ungor38WLxwGB-3oBP-B_Hi1QI/s1600/ROSI_03.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 375px; height: 400px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitUi-vJDLclL3mgLQoZI_MjdhoVq84xXjEwmbHMOg4dmgErj2lDKmnCR14u5ouwwXsqhGmeIo6nHjbhTh6-CsDF70euE6Yi6O7rpTQ1ycU1sp1I9Iq0ungor38WLxwGB-3oBP-B_Hi1QI/s400/ROSI_03.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5668330495961751298" /></a></span><div style="text-align: center;"><u><span class="Apple-style-span" ><br /></span></u></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" ><b>Measuring Return on IT Security Investments</b></span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" >The two diagrams above are part of an additional approach on measuring the return on IT security investment. These are from a white paper that was produced in December 2007 by Intel Corporation.</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" >As I stated in <a href="http://cis608.blogspot.com/2011/10/post-046-cis-608.html">Post 046 - CIS 608</a>, I really believe that an organization must consider additional factors when trying to uncover and quantify the real return on IT security investment. As I stated earlier, those factors that should be considered are:</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><div><ul><li><span class="Apple-style-span" >Business Revenues and Opportunities gained because the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span" ><br /></span><ul><li><span class="Apple-style-span" >Business Revenues and Opportunities that a company retained because of the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span" ><br /></span><ul><li><span class="Apple-style-span" >Awards achieved, such as Industry Recognition Awards because of the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span" ><br /></span><ul><li><span class="Apple-style-span" >Compliance penalties and/or regulatory penalties avoided because of the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span" ><br /></span><ul><li><span class="Apple-style-span" >People that kept their jobs because of the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span" ><br /></span><ul><li><span class="Apple-style-span" >PR campaigns and damage control campaigns that that were avoided because of the implementation of a solid Information Security Management Program</span></li></ul></div></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" >What is also interesting is that this week, per the directions in our 2010 text book, Whitman, M. E and Mattord, H. J. (2010). Management of Information Security, third edition. Indianapolis, IN: Course Technology, you see a business trend toward using this method to quantify the value of investment on controls to increase information security and reduce risk:</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >It is based on determining two sets of Annual Loss Expectancy (ALE).</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >The first ALE is before the application of information security controls.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >The second ALE is after the application of information security controls.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >ALE is based on this calculation:</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >SLE * ARO = ALE</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Where:</span></div><div><span class="Apple-style-span" >SLE is the Single Loss Expectancy for an incident</span></div><div><span class="Apple-style-span" >ARO is the Annualized Rate of Occurrence (Example 1 incident per month would be an ARO of 12.)</span></div><div style="text-align: left;"><span class="Apple-style-span" >ALE = Annual Loss Expectancy</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" >=======================================================</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" >I think the important lessons here are that:</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" >1) Management is looking for ways to quantify and justify the amount of money spent on IT security management controls</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" >2) Risk must be reduced, but only to the degree that management can cost justify it and also is willing to accept the residual risk that remains</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><span class="Apple-style-span" >3) Even though the 2007 model and the 2010 model for measuring the effectiveness of money spent on information security controls are similar, the models for justifying and quantifying the money spent on information security may still be in a state of flux if they can change that much between December 2007 and when our book was published in 2010.</span></div><div style="text-align: left;"><span class="Apple-style-span" ><br /></span></div><div style="text-align: left;"><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-35981132790260249952011-10-27T07:36:00.000-07:002011-11-20T09:18:22.764-08:00Post 048 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_vhpSDq0AFNxsgyf9ZAJfFmiravVIayXW6eNHPLPnrtF7T9a5y4NqX_iUtsiTMqBGmP6mOBH7Q7r_KsVDVl58PbsebFT8tsBVDt5fiToS1KhHa_yjyn97r5dvE5PG1Va1X-55P1km3UU/s1600/medusa_by_glogster.com_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><span class="Apple-style-span"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 347px; height: 347px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_vhpSDq0AFNxsgyf9ZAJfFmiravVIayXW6eNHPLPnrtF7T9a5y4NqX_iUtsiTMqBGmP6mOBH7Q7r_KsVDVl58PbsebFT8tsBVDt5fiToS1KhHa_yjyn97r5dvE5PG1Va1X-55P1km3UU/s400/medusa_by_glogster.com_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5668182113874023762" /></span></a><div><div style="text-align: center;"><a href="http://davidsna.glogster.com/medusa/" style="font-size: small; "><span class="Apple-style-span">Image from Glogster.com</span></a></div><span class="Apple-style-span"><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3CX7FbmL9LCFm1ttIRZkTc73NH-7o7MBH-aR9-62dBf5v-kqUYRvNdo0wSWKqec6VBOZ_t8M8dB1Qh5VC5E1lmDypqANAtIypBZzfZr1ygZmNycTvj7iPSQsM44gvaBCjd9Hah9g4OLw/s1600/BU_CIS_608_Week_09_Assignment_9.2_Image_from_W_F_Slater_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 256px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3CX7FbmL9LCFm1ttIRZkTc73NH-7o7MBH-aR9-62dBf5v-kqUYRvNdo0wSWKqec6VBOZ_t8M8dB1Qh5VC5E1lmDypqANAtIypBZzfZr1ygZmNycTvj7iPSQsM44gvaBCjd9Hah9g4OLw/s400/BU_CIS_608_Week_09_Assignment_9.2_Image_from_W_F_Slater_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5668181993288383698" /></a><br /></span><div style="text-align: center;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span"><b>Assignment 9.2 - Calculating the Cost Benefit Analysis after Applying Information Security Controls</b></span></div><div style="text-align: left;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span">The table image above shows the exercise we did to calculate the Cost Benefit Analysis after applying Information Security.</span></div><div style="text-align: left;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span">It is based on determining two sets of Annual Loss Expectancy (ALE).</span></div><div style="text-align: left;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span">The first ALE is before the application of information security controls.</span></div><div style="text-align: left;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span">The second ALE is after the application of information security controls.<br /><br />ALE is based on this calculation:</span></div><div style="text-align: left;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span">SLE * ARO = ALE</span></div><div style="text-align: left;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span">Where:</span></div><div style="text-align: left;"><span class="Apple-style-span">SLE is the Single Loss Expectancy for an incident</span></div><div style="text-align: left;"><span class="Apple-style-span">ARO is the Annualized Rate of Occurrence (Example 1 incident per month would be an ARO of 12.)</span></div><div style="text-align: left;"><span class="Apple-style-span">ALE = Annual Loss Expectancy</span></div><div style="text-align: center;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span">Reference:</span></div><div style="text-align: left;"><span class="Apple-style-span"><br /></span></div><div style="text-align: left;"><span class="Apple-style-span">Whitman, M. E and Mattord, H. J. (2010). Management of Information Security, third edition. Indianapolis, IN: Course Technology.</span></div><div style="text-align: center;"><br /></div></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-19816067781232164812011-10-27T06:59:00.000-07:002011-10-27T07:02:36.336-07:00Post 047 - CIS 608<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtf7A-y4G7CipwjHDJlNGV8VIbrK5WB6vxzog2zGOTLTkTcCQTh0MEjruRoRWyLk-OCpHyfNnlfr_AEA0x16YRKsLQOpJN-rXtnJXZGGSD0Rs6i29pm24b8wbz4pdhS00-qtnr899_1ho/s1600/Roman_Numeral_Yellow_09.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><span class="Apple-style-span" ><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 116px; height: 115px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtf7A-y4G7CipwjHDJlNGV8VIbrK5WB6vxzog2zGOTLTkTcCQTh0MEjruRoRWyLk-OCpHyfNnlfr_AEA0x16YRKsLQOpJN-rXtnJXZGGSD0Rs6i29pm24b8wbz4pdhS00-qtnr899_1ho/s400/Roman_Numeral_Yellow_09.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5668171589245200674" /></span></a><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" ><b>Week Nine Assignments- Maps to Course Obj. 7</b></span></div><div><span class="Apple-style-span" > </span></div><div><span class="Apple-style-span" >MesusaControls.xls (19.5 Kb) </span></div><div><span class="Apple-style-span" >Read/Review</span></div><div><span class="Apple-style-span" >: Chapter 9, Management of Information Security, 3e.</span></div><div><span class="Apple-style-span" >: Powerpoint Slides, Chapter 9, located in Course Documents, Lecture Notes</span></div><div><span class="Apple-style-span" >Learning Objectives - Week 9</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Understand and select from risk mitigation strategy options to control risk</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Identify risk control classification categories</span></div><div><span class="Apple-style-span" >•<span class="Apple-tab-span" style="white-space:pre"> </span>Use existing conceptual frameworks to evaluate risk controls, and formulate a cost-benefit analysis<span class="Apple-tab-span" style="white-space:pre"> </span></span></div><div><span class="Apple-style-span" > </span></div><div><span class="Apple-style-span" >Assignment 9.1</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >One year ago, the Mesusa Corporation conducted a threat evaluation and created a list of threats, the cost per incident and the projected frequency of occurrence. During the year, Mesusa decided to implement controls designed to reduce the cost per incidence and the number of threats. The attached spreadsheet (top of page - MesusaControls.xls) indicates the pre-control cost and frequency of occurrence, the cost of controls for each type of threat, and the post-control cost and frequency of occurrence. Calculate the AROs, the ALEs and the CBA for this initiative, and return the completed spreadsheet.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Assignment 9.2 (post to the Week 9 Forum)</span></div><div><span class="Apple-style-span" >This assignment is worth 50 points; 25 points for your original posting, and 25 points for participation.</span></div><div><span class="Apple-style-span" >Once you have finished 9.1, present only your CBA totals to the forum. Describe which controls were worth the cost, which were not, and why. For those that were not, determine what alternative controls are available.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >In your response, comment on whether you agree with the analysis and the recommended alternate controls.</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Minimum Posting Requirements: You must post at least five messages to get credit for participation. The first message is your original posting, due no later than Wed. At least two of the other messages must be responses to other student original postings. This is a pass/fail type of grade. If you meet the minimum requirements you get the points. If you do not meet the minimum requirements, you'll get no points for participation. Messages must be posted on more than one day. Don't wait until the last minute!</span></div><div><span class="Apple-style-span" ><br /></span></div><div><span class="Apple-style-span" >Group Assignment-Week 9 </span></div><div><span class="Apple-style-span" >This assignment is worth 50 points.</span></div><div><span class="Apple-style-span" >As a group, determine a best response to the Case Exercises for RWW, Inc. at the end of the chapter. Use your group forum area for discussion, located under the Groups button to the left...</span></div><div><span class="Apple-style-span" >Have one person in your group post the group consensus, labeled as "Week9 Post - Grade Me" to your group forum.<span class="Apple-tab-span" style="white-space:pre"> </span></span></div><div><span class="Apple-style-span" > </span></div><div><span class="Apple-style-span" >Assignment 9.3 (Post to your Blog)</span></div><div><span class="Apple-style-span" >This assignment is worth 20 points.</span></div><div><span class="Apple-style-span" >Time to start adding to that blog! If you are not sure what to include, you might want to re-read the assignment located at the top of the Week 1 Assignments.</span></div><div><span class="Apple-style-span" >Post your link to your blog in this drop box. If the link is not posted, the assignment is not considered to be submitted and will get a grade of zero.</span></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-84362578705233530002011-10-24T08:12:00.000-07:002011-10-24T11:09:56.590-07:00Post 046 - CIS 608<span class="Apple-style-span"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidB8u7zqBp_9tSxa-n7LELTmE53JMc4s0phLl687uaRknoUBleFni2HMAdMiJ_XNG7HMaSvv2D_tGDXa6Povl-JyjQGOWAlDAdUS09JCCaExP44xjBzcKjXbbvm-kPFu6G30pSVmPlZZM/s1600/ROSI_01.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 285px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidB8u7zqBp_9tSxa-n7LELTmE53JMc4s0phLl687uaRknoUBleFni2HMAdMiJ_XNG7HMaSvv2D_tGDXa6Povl-JyjQGOWAlDAdUS09JCCaExP44xjBzcKjXbbvm-kPFu6G30pSVmPlZZM/s400/ROSI_01.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5667114156319920114" /></a><br /><span class="Apple-style-span"><b>ROSI - Return on Security Investment</b></span></span><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">This week in our CIS 608 class, we are dealing with measuring Information Security Management in terms of quantitative ideas such as ROSI, ALE, and SLE. (see diagram above)</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">ROSI = Return on Security Investment</span></div><div><span class="Apple-style-span">ALE = Annual Loss Expectancy</span></div><div><span class="Apple-style-span">SLE = Single Loss Expectancy</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">I believe that these are ideas that are outdated throwbacks to the Insurance Industry and calculations related to damage claims, investments, and loss payouts.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">I might also add to the mix here that these are measurements for which people will be tested and measured when they take exams like the CISSP and the CRISC. </span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">But despite their longevity as standard ways to define the effectiveness of Information Security, I believe that ROSI, ALE, and SLE are now obsolete I will would like to add my own thoughts here about measuring ROSI.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">I think that here in the second decade of the 21st century, we need something better to help measure the effectiveness of Information Security Management programs. In my opinion, a better idea on measuring the effectiveness of an Information Security Management program would be to measure and quantify benefits like these:</span></div><div><span class="Apple-style-span"><br /></span></div><div><ul><li><span class="Apple-style-span">Business Revenues and Opportunities gained because the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span"><br /></span><ul><li><span class="Apple-style-span">Business Revenues and Opportunities that a company retained because of the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span"><br /></span><ul><li><span class="Apple-style-span">Awards achieved, such as Industry Recognition Awards because of the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span"><br /></span><ul><li><span class="Apple-style-span">Compliance penalties and/or regulatory penalties avoided because of the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span"><br /></span><ul><li><span class="Apple-style-span">People that kept their jobs because of the implementation of a solid Information Security Management Program</span></li></ul><span class="Apple-style-span"><br /></span><ul><li><span class="Apple-style-span">PR campaigns and damage control campaigns that that were avoided because of the implementation of a solid Information Security Management Program</span></li></ul></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">These are just a few ideas about how to create a better set of metrics with which to measure the effectiveness of your Information Security Management Program. I will be writing a lot more about this in the very near future.</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Feel free to comment below or better yet, e-mail me with your ideas: slater@billslater.com</span></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">Thanks.</span></div><div><span class="Apple-style-span"><br /></span></div><div><p class="MsoNormal"><a name="_MailAutoSig"><span style="font-size: 8pt; "><span class="Apple-style-span">Best regards,</span></span></a></p> <p class="MsoNormal"><span><span style="font-size: 8pt; "><span class="Apple-style-span">William Favre Slater, III<br />MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br />Project Manager / Program Manager<br />Chicago, IL<br />United States of America</span></span></span></p></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0tag:blogger.com,1999:blog-3354286364002529860.post-80235911636984776762011-10-22T21:45:00.001-07:002011-10-22T22:08:51.955-07:00Post 045 - CIS 608<span class="Apple-style-span"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhti1PLAswtam-CNkro_WRTjM5wc9-MD2j3Oaol6ojqU8rO-G_pxjNGkUKXVe3ufT4OkEJO3xgOizJW1GGGIIBjtcRg96STNFlmZnQhvm-PhtvAOdsISKvMmS66wgWANSLozex2_Hziaq0/s1600/information_category_classification_processes_01_.jpg" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 200px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhti1PLAswtam-CNkro_WRTjM5wc9-MD2j3Oaol6ojqU8rO-G_pxjNGkUKXVe3ufT4OkEJO3xgOizJW1GGGIIBjtcRg96STNFlmZnQhvm-PhtvAOdsISKvMmS66wgWANSLozex2_Hziaq0/s400/information_category_classification_processes_01_.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5666544374558071746" /></a><br /></span><div><b><span class="Apple-style-span">Information Asset Classification - A Key Step in Risk Management and Information Security Management</span></b></div><div><span class="Apple-style-span"><br /></span></div><div><span class="Apple-style-span">This week, we covered classification of Information Assets as a key step in risk management and Information Security Management. The diagram above was adapted from a diagram in a Data Classification white paper I downloaded from the <a href="http://www.isaca.org/">ISACA website</a>.</span></div><div><span class="Apple-style-span"><br /></span></div><div><p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span">Data Classification and Information Classification and labeling is required under these areas of <a href="http://www.billslater.com/iso27001/iso27001_controls.html">ISO 27001 Annex A Domains, Control Objectives and Controls</a>:</span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span">A.7 Asset Management<br />A.7.2 Information Classification<br /><span> </span>A.7.2.1 Classification Guidelines<br /><span> </span>A.7.2.2 Information labeling and handling</span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span">There was quite a bit of discussion on whether we were going to have a three-tier data classification system or a four-tier data classification system.</span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span">It’s really important to get this right as early as possible.<span> </span>What surprised me was <o:p></o:p></span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><o:p><span class="Apple-style-span"> </span></o:p></p> <p class="MsoNormal" style="margin-top:0in;margin-right:0in;margin-bottom:0in; margin-left:.75in;margin-bottom:.0001pt;text-indent:-.25in;line-height:normal; mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span>1)<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]-->Just how political it was<o:p></o:p></span></p> <p class="MsoNormal" style="margin-top:0in;margin-right:0in;margin-bottom:0in; margin-left:.75in;margin-bottom:.0001pt;text-indent:-.25in;line-height:normal; mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span>2)<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]-->How difficult it was to explain to the stakeholders<o:p></o:p></span></p> <p class="MsoNormal" style="margin-top:0in;margin-right:0in;margin-bottom:0in; margin-left:.75in;margin-bottom:.0001pt;text-indent:-.25in;line-height:normal; mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span class="Apple-style-span"><span>3)<span style="font:7.0pt "Times New Roman""> </span></span><!--[endif]-->How difficult it was to get senior management to make a decision and support it</span></p><p class="MsoNormal" style="margin-top:0in;margin-right:0in;margin-bottom:0in; margin-left:.75in;margin-bottom:.0001pt;text-indent:-.25in;line-height:normal; mso-list:l0 level1 lfo1"><span class="Apple-style-span"><br /></span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span"><span class="Apple-style-span" ><b><u>The proposed possible three-tier classification system:</u></b></span><o:p></o:p></span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><o:p><span class="Apple-style-span"> </span></o:p></p> <table class="MsoNormalTable" border="1" cellspacing="0" cellpadding="0" style="border-collapse:collapse;border:none;mso-border-alt:solid windowtext .5pt; mso-yfti-tbllook:1184;mso-padding-alt:0in 5.4pt 0in 5.4pt;mso-border-insideh: .5pt solid windowtext;mso-border-insidev:.5pt solid windowtext"> <tbody><tr> <td width="193" valign="top" style="width:144.85pt;border:solid windowtext 1.0pt; mso-border-alt:solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" ><span class="Apple-style-span" >Unclassified</span><o:p></o:p></span></b></p> </td> <td width="140" valign="top" style="width:105.35pt;border:solid windowtext 1.0pt; border-left:none;mso-border-left-alt:solid windowtext .5pt;mso-border-alt: solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Marketing and promotion literature; Annual Financial Reports for Shareholders<o:p></o:p></span></b></p> </td> </tr> <tr> <td width="193" valign="top" style="width:144.85pt;border:solid windowtext 1.0pt; border-top:none;mso-border-top-alt:solid windowtext .5pt;mso-border-alt:solid windowtext .5pt; padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" ><span class="Apple-style-span" >Protected</span><o:p></o:p></span></b></p> </td> <td width="140" valign="top" style="width:105.35pt;border-top:none;border-left: none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; mso-border-top-alt:solid windowtext .5pt;mso-border-left-alt:solid windowtext .5pt; mso-border-alt:solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Personally Identifiable Information<o:p></o:p></span></b></p> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Names with Social Security Numbers, Phone numbers, addresses<o:p></o:p></span></b></p> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Client related;<o:p></o:p></span></b></p> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Business-related<o:p></o:p></span></b></p> </td> </tr> <tr> <td width="193" valign="top" style="width:144.85pt;border:solid windowtext 1.0pt; border-top:none;mso-border-top-alt:solid windowtext .5pt;mso-border-alt:solid windowtext .5pt; padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" ><span class="Apple-style-span" >Restricted</span><o:p></o:p></span></b></p> </td> <td width="140" valign="top" style="width:105.35pt;border-top:none;border-left: none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; mso-border-top-alt:solid windowtext .5pt;mso-border-left-alt:solid windowtext .5pt; mso-border-alt:solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span"><span class="Apple-style-span" >Company Strategy, Privileged Data Related to How the Company is Managed; etc.</span><o:p></o:p></span></b></p> </td> </tr> </tbody></table> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><o:p><span class="Apple-style-span"> </span></o:p></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><o:p><span class="Apple-style-span"> </span></o:p></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span"><span class="Apple-style-span" ><b><u><br /></u></b></span></span></p><p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span"><span class="Apple-style-span" ><b><u>The proposed possible four-tier classification system:</u></b></span><o:p></o:p></span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><o:p><span class="Apple-style-span"> </span></o:p></p> <table class="MsoNormalTable" border="1" cellspacing="0" cellpadding="0" width="337" style="width:252.9pt;border-collapse:collapse;border:none;mso-border-alt:solid windowtext .5pt; mso-yfti-tbllook:1184;mso-padding-alt:0in 5.4pt 0in 5.4pt;mso-border-insideh: .5pt solid windowtext;mso-border-insidev:.5pt solid windowtext"> <tbody><tr> <td width="193" valign="top" style="width:144.9pt;border:solid windowtext 1.0pt; mso-border-alt:solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" ><span class="Apple-style-span" >Unclassified</span><o:p></o:p></span></b></p> </td> <td width="144" valign="top" style="width:1.5in;border:solid windowtext 1.0pt; border-left:none;mso-border-left-alt:solid windowtext .5pt;mso-border-alt: solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Marketing and promotion literature; Annual Financial Reports for Shareholders<o:p></o:p></span></b></p> </td> </tr> <tr> <td width="193" valign="top" style="width:144.9pt;border:solid windowtext 1.0pt; border-top:none;mso-border-top-alt:solid windowtext .5pt;mso-border-alt:solid windowtext .5pt; padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" ><span class="Apple-style-span" >Private</span><o:p></o:p></span></b></p> </td> <td width="144" valign="top" style="width:1.5in;border-top:none;border-left:none; border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; mso-border-top-alt:solid windowtext .5pt;mso-border-left-alt:solid windowtext .5pt; mso-border-alt:solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Business-related<o:p></o:p></span></b></p> </td> </tr> <tr> <td width="193" valign="top" style="width:144.9pt;border:solid windowtext 1.0pt; border-top:none;mso-border-top-alt:solid windowtext .5pt;mso-border-alt:solid windowtext .5pt; padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" ><span class="Apple-style-span" >Confidential</span><o:p></o:p></span></b></p> </td> <td width="144" valign="top" style="width:1.5in;border-top:none;border-left:none; border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; mso-border-top-alt:solid windowtext .5pt;mso-border-left-alt:solid windowtext .5pt; mso-border-alt:solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Personally Identifiable Information<o:p></o:p></span></b></p> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" >Names with Social Security Numbers, Phone numbers, addresses<o:p></o:p></span></b></p> </td> </tr> <tr> <td width="193" valign="top" style="width:144.9pt;border:solid windowtext 1.0pt; border-top:none;mso-border-top-alt:solid windowtext .5pt;mso-border-alt:solid windowtext .5pt; padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span" ><span class="Apple-style-span" >Secret</span><o:p></o:p></span></b></p> </td> <td width="144" valign="top" style="width:1.5in;border-top:none;border-left:none; border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; mso-border-top-alt:solid windowtext .5pt;mso-border-left-alt:solid windowtext .5pt; mso-border-alt:solid windowtext .5pt;padding:0in 5.4pt 0in 5.4pt"> <p class="MsoNormal" style="margin-top:3.0pt;margin-right:0in;margin-bottom: 3.0pt;margin-left:0in;line-height:normal"><b><span class="Apple-style-span"><span class="Apple-style-span" >Company Strategy, Privileged Data Related to How the Company is Managed; etc. </span><o:p></o:p></span></b></p> </td> </tr> </tbody></table> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><o:p><span class="Apple-style-span"> </span></o:p></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span">You may want to study this because it shows how much work, thought, time and diplomacy can be expended to arrive at a business decision regarding classification of information assets and data assets.</span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span" >Which one did I favor?<span> </span>The four-tier classification system.</span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span" >Best regards,</span></p> <p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height: normal"><span class="Apple-style-span" >Bill<br /><span class="Apple-style-span" style="line-height: 11px; ">William Favre Slater, III, PMP<br />MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation<br />Project Manager / Program Manager<br /><a href="http://billslater.com/career">http://billslater.com/career</a><br />Chicago, IL</span></span></p></div><div><br /></div>William Favre Slater, IIIhttp://www.blogger.com/profile/05247248094266294971noreply@blogger.com0