WBS and Gantt Chart

EXERCISE

What is WBS?

It is stand for Work Breakdown Structure is a key project deliverable that organizes the team's work into manageable sections. Each level of the work breakdown structure provides further definition and detail.

• Describe its importance.

The WBS has a numbe of benefits in addition to defining and organizing the project work. A project budget can be allocated to the top levels of the work breakdown structure and department budgets can be quickly calculated based on the each project's work breakdown structure.

• Describe the steps in constructing a WBS.

1. the top level represents the final deliverable or project.
2. Sub-deliverable contain work packages that are assigned to a organization's department or unit.
3. All elements of the work breakdown structure don't need to be defined to the same level.
4. The work package defines the work, duration and costs for the tasks required to produce the sub-deliverable.

• Provide an example WBS.

What is a Gantt Chart?
It is commonly used in project management, is one of the most popular and useful ways of showing activities displayed against time. Each activity is represented by a bar, the position and length of the bar reflects the start date, duration and end date of the activity.

• Describe its importance.

It is useful for planning and scheduling projects, it help you to asses how long a project should take, determine the resources needed and plan the order in which you will complete tasks. it also helpful for managing the dependencies between tasks.

• Describe the steps in constructing  a Gantt Chart.

1. What the various activities are
2. When each activity begins and ends.
3. How long each activity is scheduled to last.
4. Where activities overlap with other activities and by how much.
5. The start and end date of the whole project.

• Provide an example Gantt Chart.

REFERENCES

What is a Work Breakdown Structure - Workbreakdownstructure.com

Workbreakdownstructure.com. (2018). What is a Work Breakdown Structure - Workbreakdownstructure.com. [online] Available at: http://www.workbreakdownstructure.com/ [Accessed 1 May 2018].

What is a Gantt Chart? Gantt Chart Software, Information, and History

Gantt.com. (2018). What is a Gantt Chart? Gantt Chart Software, Information, and History. [online] Available at: http://www.gantt.com/ [Accessed 1 May 2018].

Gantt Charts: Planning and Scheduling Team Projects

Mindtools.com. (2018). Gantt Charts: Planning and Scheduling Team Projects. [online] Available at: https://www.mindtools.com/pages/article/newPPM_03.htm [Accessed 1 May 2018].

Organizational Security

EXERCISE

Identify ONE (1) organizational security policy and describe its procedures.

Policy: 

At Mc'donald we have to pay first when we order the foods before we eat.

Procedure:

• As customer we have to confirm our order first before we pay.
• We have to wait for our foods to be prepare by the employee.
• We take our foods after the employee serve it to us.

What will happen?

Problem: 

When the customer only have a big amount of money, the employee have to find the change for the customer money.

EXERCISE (3 May 2018)

• Describe organisational security procedures. Discuss its importance.

Procedures is the step by step instruction given to the reception area on how to deal with. The benefit is to protect of personal data, property and equipment for the company.

• Discuss the different risk control practices.

1. Risk Evaluation - if it happen you need to access it first by evaluate the access and know how to solve. 
2. Technical Risk Control - It should be control to reduce the risk of security threats or to prevent them completely so that it wont happen, by using antivirus or firewalls.
3. Operational Risk Control - By train your trainer so that they will know what they gonna do and not to do before threats happen.

• Describe how business continuity helps organizations.

Even when disaster happen, it helps the business continuity to operate again.

• Discuss the importance of having an IT Business Continuity Plan.

1. Disaster Recovery: if disaster happen, follow the disaster recovery plan. At the beginning u have to back up all the data.
2. Backup Alternative: if one backup gone, still have another backup.
3. Recovery and Testing: when data is gone, the data have to be recover and testing it again.

Security

EXERCISE

• In what way can IT be used to detect unauthorized access - benefits and drawbacks?

By installing a security software such as anti-virus or anti-malware software.

Benefits:

1. To protect the computer from virus.
2. The data cannot be access and stolen from the hackers.

Drawbacks:

1. This software must be updated frequently.
2. It also consume large amounts of processing power and RAM during scans and updates.
3. False positives can lead to legitimate files being blocked or deleted.

• In what way can IT be used to detect and defend against damage to data and equipment?

Detect - The user will get a notification by email when someone trying to access the user's account.

Defend - The user have to make a strong password for his/her account.

• Discuss the importance of organisational security. Demonstrate how organisational security could affect business continuance.

It is important to protect company's assets of securing the computer and network security. The computer and network security is concerned with the integrity, protection and safe access of the confidential information. 

How it could affect business continuance?

By installing the security, it can help the business to protect the data from being stolen.

• Identify and provide THREE (3) example of security breaches.

1. Virus - It can be send to the user's computer system to stole the data.
2. Social engineering - they will pretend to be the one who fixed the network.
3. Internet Protocol (IP) spoofing - It is refer to network hijacking. When the user's and hacker's use the same network to access the user's information.

• Discuss how business operations could be affected by security breach.

Internet Protocol (IP) spoofing:

When the company are not using a strong password and the hacker can access the company's network. Then the hacker can access the company's computer system and stole the confidential company's data. The data can be leak and also the hacker can sell the company's data to other company.

• Make a scenario where a security breach has a major operational impact and create a solution to recover from the breach. 

An employee is at the airport waiting for his flight. The employee has the company's laptop for work purpose and logs in to an unknown free network while waiting. Behind the free network is a person who spoofs his network and monitors his every activity. Knowing that the employee logs in to his account using the unknown network, the person can steal every confidential data from the company from just spoofing his network. 

The solution: Make the company's account accessible only in the company, it is limited only to the company's zone. Do not connect to an unidentified network access. Use strong password for the company's account.

REFERENCES

The Advantages and Disadvantages of a Computer Security System | Techwalla.com

Techwalla. (2018). The Advantages and Disadvantages of a Computer Security System | Techwalla.com. [online] Available at: https://www.techwalla.com/articles/the-advantages-and-disadvantages-of-a-computer-security-system [Accessed 26 Apr. 2018].

Wireless, A.

Wireless, A. (2018). Importance Of Network Security For Business Organization. [online] Avalan.com. Available at: https://www.avalan.com/blog/bid/385189/Importance-Of-Network-Security-For-Business-Organization [Accessed 26 Apr. 2018].

Quality & Risk

EXERCISE

• Describe each management plan.

Quality: The quality management plan defines the acceptable level of quality, which is typically defined by the customer and describe how the project will ensure this level of quality in its deliverables and work processes.

Risk: The risk management plan is to identify the risk of the project that gonna happen and plan what we gonna do to help it recover quickly if an incident occurs.

• Discuss its importance.

Quality: It essential to building a successful business that delivers products that meet or exceed customer's expectations.

Risk: It can identify your project's strengths, weaknesses, opportunities and threats.

• Discuss how to construct the details on the each plan.

Quality

1. Identify the standard that will be used to evaluate the equality of project deliverable.
1. Identify the relevant deliverable quality Standard used to determine a successful outcome for a deliverable. 
2. Identify the completeness and correctness criteria.
1. Completeness and correctness criteria are defined from the customer's point of view.

Risk

1. Identify the risk
2. Analyze the risk
3. Evaluate of rank of risk
4. Treat the risk
5. Monitor and review the risk

• Provide an example details on each plan.

Quality:

Risk:

REFERENCES

PMA - 3.Plan - Develop Quality Management Plan

Pma.doit.wisc.edu. (2018). PMA - 3.Plan - Develop Quality Management Plan. [online] Available at: https://pma.doit.wisc.edu/plan/3-2/tools.html [Accessed 24 Apr. 2018].

Why Is Risk Management Important to Project Success?

Smallbusiness.chron.com. (2018). Why Is Risk Management Important to Project Success?. [online] Available at: http://smallbusiness.chron.com/risk-management-important-project-success-56920.html [Accessed 24 Apr. 2018].

Quality Management Definition & Example | InvestingAnswers

Investinganswers.com. (2018). Quality Management Definition & Example | InvestingAnswers. [online] Available at: http://www.investinganswers.com/financial-dictionary/businesses-corporations/quality-management-5664 [Accessed 24 Apr. 2018].

Security (24 April 2018)

EXERCISE

Describe the following threats, explain how it works and give an example:

Describe how to prevent such threats.

VIRUS:

• A computer virus, much like a flu virus, is designed to spread from host to host and has the ability to replicate itself. Similarly, in the same way that viruses cannot reproduce without a host cell, computer viruses cannot reproduce and spread without programming such as a file or document.

• How it works? 

Stealing passwords or data, logging keystrokes, corrupting files, spamming your email contacts and even taking over your machine are just some of the devastating irritating things a virus can do.

• How to prevent?

By downloading and always updating a security software to keeps you protected from existing, new and even yet to be invented threats.

• Example: File infects.

TROJAN HORSE:

• A trojan horse is a program that appears harmless but is in fact malicious. Unexpected changes to computer settings and unusual activity, even when the computer should be idle are strong indications that a Trojan is residing on a computer.

• How it works?

A Trojan horse is not able to replicate itself nor can it propagate without an end user's assistance. This attacker must use social engineering tactics to trick the end user into executing the Trojan.

• How to prevent?

Users should keep their antivirus software up to date and never click on links from untrusted sources or download files from unknown senders.

• Example: The victim receives an official-looking email with an attachment. The attachment contains malicious code that is executed as soon as the victim clicks on the attachment. Because nothing bad happens and the computer continues to work as expected, the victim does not suspect that the attachment is actually a Trojan horse and his computing device is now infected.

WORMS:

• A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining active on infected systems.

• How it work?

A computer worm infection spreads without user interaction, all that is necessary is for the computer worm to become active on an infected system.

• How to prevent?

Using firewalls will help reduce access to systems bu malicious software while using antivirus software will help in preventing malicious software from running.

• Example: Email worms spread by creating and sending outbound messages to all the addresses in a user's contacts list.

DOS ATTACK:

• A denial-of-service attack is a security event that occurs when an attacker takes action that prevents legitimate users from accessing targeted computer systems, devices or other network resources.

• How it work?

Preventing a particular individual from accessing a service.

• How to prevent?

By installing anti malware software.

• Example: Flooding the network to prevent legitimate network traffic.

REFERENCES:

What is virus (computer virus)? - Definition from WhatIs.com

SearchSecurity. (2018). What is virus (computer virus)? - Definition from WhatIs.com. [online] Available at: https://searchsecurity.techtarget.com/definition/virus [Accessed 24 Apr. 2018].

What is Trojan horse (computing)? - Definition from WhatIs.com

SearchSecurity. (2018). What is Trojan horse (computing)? - Definition from WhatIs.com. [online] Available at: https://searchsecurity.techtarget.com/definition/Trojan-horse [Accessed 24 Apr. 2018].

What is computer worm? - Definition from WhatIs.com

SearchSecurity. (2018). What is computer worm? - Definition from WhatIs.com. [online] Available at: https://searchsecurity.techtarget.com/definition/worm [Accessed 24 Apr. 2018].

What is denial-of-service attack? - Definition from WhatIs.com

SearchSecurity. (2018). What is denial-of-service attack? - Definition from WhatIs.com. [online] Available at: https://searchsecurity.techtarget.com/definition/denial-of-service [Accessed 24 Apr. 2018].

Unauthorized Systems

REFERENCES:

Collierville man to appeal hacking plea against Bartlett autism treatment center

The Commercial Appeal. (2018). Collierville man to appeal hacking plea against Bartlett autism treatment center. [online] Available at: https://www.commercialappeal.com/story/news/crime/2018/03/08/collierville-man-appeal-hacking-plea-against-bartlett-autism-treatment-center/404655002/ [Accessed 19 Apr. 2018].

Internet attacks: Unauthorised access

YouTube. (2018). Internet attacks: Unauthorised access. [online] Available at: https://www.youtube.com/watch?v=iyh852i0njc [Accessed 19 Apr. 2018].

Scoping A Project

Security Threats

EXERCISE

(1) Describe the following and explain how it works:

Sniffing/wiretapping/eavesdropping on network traffic:

• Wiretapping is achieved either through the placement of a monitoring device informally kown as a bug on the wire in question or through other communication technologies. Place a device or program to intercept or monitor packets that sent over the network. Sensitive information such as passwords and trade secrets can be captured.

Exploiting security weakness:

•  An exploit is the next step in a hacker's playbook after finding a vulnerability, gains access to your own gains to track user's financial information. 

Internet Protocol (IP) spoofing:

• It is refer to network hijacking. The hacker's can access the user's information when they use the same network.

Social engineering:

• It is the art of manipulating people so they give up confidential information. This attacker can trick the user's by giving them your passwords or bank information, so that they can access and controlling your computer  by installing an software. 

REFERENCES:

What is wiretapping? - Definition from WhatIs.com

WhatIs.com. (2018). What is wiretapping? - Definition from WhatIs.com. [online] Available at: https://whatis.techtarget.com/definition/wiretapping [Accessed 17 Apr. 2018].

Vulnerabilities, Exploits, and Threats: A Deep Dive | Rapid7

Rapid7. (2018). Vulnerabilities, Exploits, and Threats: A Deep Dive | Rapid7. [online] Available at: https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/ [Accessed 17 Apr. 2018].

What is IP Spoofing? - Definition from Techopedia

Techopedia.com. (2018). What is IP Spoofing? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/3993/ip-spoofing [Accessed 17 Apr. 2018].

What is Social Engineering? Examples and

Webroot.com. (2018). What is Social Engineering? Examples and. [online] Available at: https://www.webroot.com/us/en/resources/tips-articles/what-is-social-engineering [Accessed 17 Apr. 2018].

Project Management

EXERCISE

(1) Explain what project management is.

- Project is a group of milestones or phases, activities tasks that support an effort to accomplish something, while management is managing and organizing the project of management plan.

(2) Describe the five phases of the project management life cycle and identify the requirements within each stage:

a. Project conception and initiation - brainstorm about what product to sell in the website and target audiences. The identify its benefits or advantages.
b. Project definition and planning - plan about the budget, timeline and schedule for the website creation. Promoting about the website by doing an advertisement.
c. Project launch or execution - the launching for the website, hiring an employee and give responsible to each of the employee.
d. Project performance and control - checking the status of the project that been created, see the profit, control the budget if it over budget and then decide it.
e. Project close -  review and evaluate the project to make an improvement.

(3) Why is project management important?

• Enables us to map out a course of action or work plan.
• Helps us to think systematically and thoroughly (more organized).
• Unique Task.
• Specific objective.
• variety of resources.
• Time bound (can finish on time).

(4) Describe THREE (3) advantages of project management.

1. In built monitoring/sequencing.
2. Easy and early identification of bottlenecks.
3. Activity based costing.

IT Security Risks

By Qiqi & Mina

 Describe each security risk:

   (1)Unauthorized access:

•  Accessing private accounts, messages or files without a permission from the owner.
• Prevent: We can give a strong password to the account and the devices that we use.
• Example: Hacking someone account.

   (2) Unauthorized use of a system:

•  Use someone system without a permission from the owner.
• Prevent: We can use private IP addresses so that people cannot access the system, such as provide new strong VPN to protect the identity.
• Example: Reply people comments or messages using someone account.

   (3)Unauthorized removal or copying of data or code from a system:

•  Someone that illegally copy people data then remove the data without a permission from the owner of the data.
• Prevent: All the data must have copyright.
• Example: Copy someone works from the website, that called plagiarism and remove it all she/he want.

   (4)Damage to or destruction of physical system assets and environments:

• Someone that physically damage the systems assets and environments which can cause some devices can be stolen.
• Prevent: Provide a strong password for the systems, and make a back up of the system.
• Example: The computer of the office can be stolen .

   (5)Damage to or destruction of data or code inside or outside the system:

• Someone that illegally accessing , making damages to someones data inside and outside the systems.
• Prevent:Install quality anti virus and keep updating.
• Example: Viruses that can cause lost of data.

   (6) Naturally occurring risk .

• Natural disaster that can cause damages to the system.
• Prevent: Use leak and flood sensors.
• Example: Flood can cause damages to the computer system.

References:

MakeUseOf. (2017). Protect Your Electronics From Water With These 7 Steps. [online] Available at: https://www.makeuseof.com/tag/best-ways-protect-electronics-flooding/ [Accessed 10 Apr. 2018].

Canon.com. (2018). [online] Available at: http://www.canon.com/support/pdf/network-cameras.pdf [Accessed 10 Apr. 2018].