Students are required to submit the assignment 2 to your instructor for grading. The assignments are on the assigned materials/textbook topics associated with the course modules. Please read the following instruction and complete it to post on schedule.

1. The following attributes are measured for members of a herd of Asian elephants: weight, height, tusk length, trunk length, and ear area. Based on these measurements, what sort of similarity measure from Section 2.4 (measure of similarity and dissimilarity) would you use to compare or group these elephants? Justify your answer and explain any special circumstances. (Chapter 2)

2. Consider the training examples shown in Table 3.5 (185 page) for a binary classification problem. (Chapter 3)

(a) Compute the Gini index for the overall collection of training examples.

(b) Compute the Gini index for the Customer ID attribute.

(c) Compute the Gini index for the Gender attribute.

(d) Compute the Gini index for the Car Type attribute using multiway split.

3. Consider the data set shown in Table 4.9 (348 page). (Chapter 4)

(a) Estimate the conditional probabilities for P(A|+), P(B|+), P(C|+), P(A|-), P(B|-), and P(C|-).

(b) Use the estimate of conditional probabilities given in the previous question to predict the class label for a test sample (A = 0, B = 1, C = 0) using the naıve Bayes approach.

(c) Estimate the conditional probabilities using the m-estimate approach, with p = 1/2 and m = 4.

 

What is a project, and what are its main attributes? How is a project different from what most people do in their day-to-day jobs? Discuss the importance of top management commitment and the development of standards for successful project management. Provide examples to illustrate the importance of these items based on your experience on any type of project. Discuss the unique challenges that an IT project presents.

In your peer responses, be sure discuss your thoughts on project management, your views on project’s attributes, and your thoughts on successful project management. You can take opposing/differing views than your peers but be sure to provide applicable resources as needed. Properly provide examples in your peer responses as well and any additional challenges you see with IT projects.

Introduction less than 50 words and analysis 300 words

Attached the requirement file along with PDF book. 

Chapter 3 and section 4.3 (98-102) page look

Risks and Challenges. Whole discussion should co related to this section. 

=====================================================

  

We are going to explore the Web regarding cloud service level agreements (SLA). 

Topic- cloud services and the SLA

A. Find an article on the Web that is no more than 4 years old that describes a poor experience with cloud services and SLAs.

B. Remember the article must contain two (2) elements to be considered in this assignment, e.g. cloud services and the SLA.  You must use your own words. Do not copy and paste any part of the article into the discussion.

C. Once you have found an appropriate article, tell the story IN YOUR OWN WORDS and correlate the pertinent elements to Erl, 2013, Chapter 3, Section 3.4.  Be selective in the article you choose to explain to the class. 

D. Finally, summarize and provide your own recommendation on how to mitigate the problem(s) you described.

Here are the topics in Erl, 2013 that you must correlate your article towards. 

· Reduced Operational Governance Control

· Limited Portability Between Cloud Providers

· Multi-Regional Compliance and Legal Issues

*Be sure to read Erl, 2013, Chapter 3, Section 3.4 before your Web search to avoid making a critical mistake in your discussion.

Keep your story as short as possible.  Do not exceed 450 words.  Provide a valid link (URL) to your article so that we may find and read it.

Chapter 3

Section 3.4 (Page no 98- 102)

3.4. Risks and Challenges

Several of the most critical cloud computing challenges pertaining mostly

to cloud consumers that use IT resources located in public clouds are

presented and examined.

Increased Security Vulnerabilities

The moving of business data to the cloud means that the responsibility

over data security becomes shared with the cloud provider. The remote

usage of IT resources requires an expansion of trust boundaries by the

cloud consumer to include the external cloud. It can be difficult to

establish a security architecture that spans such a trust boundary

without introducing vulnerabilities, unless cloud consumers and cloud

providers happen to support the same or compatible security

frameworks—which is unlikely with public clouds.

Another consequence of overlapping trust boundaries relates to the

cloud provider’s privileged access to cloud consumer data. The extent to

which the data is secure is now limited to the security controls and

policies applied by both the cloud consumer and cloud provider.

Furthermore, there can be overlapping trust boundaries from different

cloud consumers due to the fact that cloud-based IT resources are

commonly shared.

The overlapping of trust boundaries and the increased exposure of data

can provide malicious cloud consumers (human and automated) with

greater opportunities to attack IT resources and steal or damage business

data. Figure 3.9 illustrates a scenario whereby two organizations

accessing the same cloud service are required to extend their respective

trust boundaries to the cloud, resulting in overlapping trust boundaries.

It can be challenging for the cloud provider to offer security mechanisms

that accommodate the security requirements of both cloud service

consumers.

Figure 3.9. The shaded area with diagonal lines indicates the overlap of two organizations’

trust boundaries.

Overlapping trust boundaries is a security threat that is discussed in

more detail in Chapter 6.

Reduced Operational Governance Control

Cloud consumers are usually allotted a level of governance control that is

lower than that over on-premise IT resources. This can introduce risks

associated with how the cloud provider operates its cloud, as well as the

external connections that are required for communication between the

cloud and the cloud consumer.

Consider the following examples:

• An unreliable cloud provider may not maintain the guarantees it makes

in the SLAs that were published for its cloud services. This can

jeopardize the quality of the cloud consumer solutions that rely on these

cloud services.

• Longer geographic distances between the cloud consumer and cloud

provider can require additional network hops that introduce fluctuating

latency and potential bandwidth constraints.

The latter scenario is illustrated in Figure 3.10.

Figure 3.10. An unreliable network connection compromises the quality of

communication between cloud consumer and cloud provider environments.

Legal contracts, when combined with SLAs, technology inspections, and

monitoring, can mitigate governance risks and issues. A cloud

governance system is established through SLAs, given the “as-a-service”

nature of cloud computing. A cloud consumer must keep track of the

actual service level being offered and the other warranties that are made

by the cloud provider.

Note that different cloud delivery models offer varying degrees of

operational control granted to cloud consumers, as further explained

in Chapter 4.

Limited Portability Between Cloud Providers

Due to a lack of established industry standards within the cloud

computing industry, public clouds are commonly proprietary to various

extents. For cloud consumers that have custom-built solutions with

dependencies on these proprietary environments, it can be challenging

to move from one cloud provider to another.

Portability is a measure used to determine the impact of moving cloud

consumer IT resources and data between clouds (Figure 3.11).

Figure 3.11. A cloud consumer’s application has a decreased level of portability when

assessing a potential migration from Cloud A to Cloud B, because the cloud provider of

Cloud B does not support the same security technologies as Cloud A.

Multi-Regional Compliance and Legal Issues

Third-party cloud providers will frequently establish data centers in

affordable or convenient geographical locations. Cloud consumers will

often not be aware of the physical location of their IT resources and data

when hosted by public clouds. For some organizations, this can pose

serious legal concerns pertaining to industry or government regulations

that specify data privacy and storage policies. For example, some UK

laws require personal data belonging to UK citizens to be kept within the

United Kingdom.

Another potential legal issue pertains to the accessibility and disclosure

of data. Countries have laws that require some types of data to be

disclosed to certain government agencies or to the subject of the data.

For example, a European cloud consumer’s data that is located in the

U.S. can be more easily accessed by government agencies (due to the U.S.

Patriot Act) when compared to data located in many European Union

countries.

Most regulatory frameworks recognize that cloud consumer

organizations are ultimately responsible for the security, integrity, and

storage of their own data, even when it is held by an external cloud

provider.

Summary of Key Points

• Cloud environments can introduce distinct security challenges, some of which

pertain to overlapping trust boundaries imposed by a cloud provider sharing IT

resources with multiple cloud consumers.

• A cloud consumer’s operational governance can be limited within cloud

environments due to the control exercised by a cloud provider over its platforms.

• The portability of cloud-based IT resources can be inhibited by dependencies

upon proprietary characteristics imposed by a cloud.

• The geographical location of data and IT resources can be out of a cloud

consumer’s control when hosted by a third-party cloud provider. This can

introduce various legal and regulatory compliance concerns.

        

Discussion Questions 

1. What evidence is the CEO using to suggest that Genex is not using technology competitively?
    
2. Did Devlin need to hire Sandy, a “high-priced technology consultant,” to tell him that technology at Genex was a mess?
    
3. Devise a strategy to successfully implement enterprise-wide systems (such as SAP) at Genex.
     

“You have got yourselves into a terrible predicament,” said V. R. “Sandy” Sandhuramen, his soft Indian accent belying the gravity of his words. “You are incredibly lucky you have managed to do business as well as you have, but this situation cannot be allowed to carry on.” Sandy, a high-priced technology consultant, had been hired by Genex Fuel’s new CIO, Nick Devlin, to review the company’s technology portfolio and help him and his newly appointed IT architect, Chuck Yee, get a handle on the firm’s tech- nology needs. 

Genex, a major producer of crude oil and natural gas, is the largest marketer of petroleum and petroleum products in the region. It is structured into three distinct business divisions, each comprising a number of functional segments. Until recently, IT had been decentralized into the three divisions, each with its own director of IT who reported to the divisional executive vice presidents (EVPs). Devlin, formerly the direc- tor of the corporate division, had been appointed CIO and given the specific mandate to bring in SAP as the primary technology platform for all the divisions. 

“We have to start behaving like we’re one business,” said the CEO when he appointed Devlin. “I want a much more agile and responsive IT organization than we’ve had in the past. It seems to me that every time I ask IT to look into something I’ve heard or read about, they always come up with a thousand and one reasons why it won’t work. We need to be able to use technology competitively, and that won’t happen unless you can get ahead of the curve.” 

Devlin’s excitement about his new mandate had lasted just about a week, until the true scope of the challenge became clear. He had asked each divisional IT director for an inventory of hardware and software currently in place and to briefly outline the work that was in their plans for the coming year. “We must have one of every piece of hard- ware and software ever produced,” Devlin marveled as he scanned their reports. On the one hand, there was a new customer management system called COMC, which had been implemented to improve real-time information exchange between the company’s 135 bulk fuel sites and Genex headquarters. On the other hand, IT was still running an archaic DOS-based marketing system called MAAS to provide customer service and reports. “And they want to bring in SAP!” he groaned. “We need a plan, and we need it soon.” 

That was when Devlin had engaged Sandy to work with Yee. “First, I want a no-holds-barred assessment of our current situation,” he had said, and now they were in his office, outlining the “terrible predicament.”      

“The biggest problem you face at present,” said Sandy, “is the fact that you have absolutely no standards and no integration, as you discovered for yourself, Nick.” There was a lot of technology out there—both old and new—and it was a political hot potato. Almost every system had its group of advocates, some very senior in the company. All the EVPs had invested their individual technology budgets in the hardware and soft- ware that they felt could best support their work. The problem was that maintaining this mishmash was now costing an arm and a leg. And it was highly doubtful that the company was getting true value for its technology investment. 

“We should be able to leverage our existing investments so we can invest in new technology,” said Yee. “Instead, almost all our budget is taken up with holding these systems together with toothpicks and tape.” 

“One of the most challenging situations,” Sandy went on, “is Price One.” 

Obsolete but absolutely essential, Price One is the fuel-pricing system that stores the pricing algorithms for all fuels marketing functions, including aviation, marine, retail, branded associates, and industrial and wholesale. Although pricing is an integral part of marketing, Price One cannot communicate with COMC and is not easily adaptable to changes in the business environment. Price One perfectly reflected the business and technology that existed ten years ago, but this has now become a real drawback. To get around these limitations while continuing to use Price One, staff manually feed information from pricing requests in COMC to Price One to get approval because both systems use different terminology in coding products for dif- ferent pricing methods. 

Price One also lacks the ability to link information from different systems to ensure data integrity. As a result, Price One has accumulated some irrelevant data groups under pricing for products, and such corrupted data can be detected only by an experienced individual who has been dealing with that product group for decades and who would know at a glance the validity of the data. One of Price One’s critical flaws is its inability to link with other systems, such as COMC, and to pick up competitive market information in order to approve price. Previous plans to rewrite this system have been resisted strenuously by management because of the expense. Now the sys- tem is on its last legs. 

“And like most oil and gas companies,” Sandy observed, “you have automated very few of your information assets as other types of organizations have done.” Typically for the industry, Genex had grown by acquiring other, smaller firms and had inherited an enormous amount of physical data. It now has more than two million items of paper and microfilm. It has one hundred twenty thousand tapes of data. Some items date back to the 1940s and came from numerous sources. The company’s seismic assets, on which it bases many of its decisions and which has a replacement cost estimated at more than two billion dollars, are stored on a wide variety of media from analog tapes, magnetic reels, and cartridges to optical discs to paper, film, and microfilm. They are spread out across five conventional physical warehouses. 

This system of data management is problematic for two main reasons. First, with land sales occurring every two weeks, it is extremely difficult to make timely decisions based on all known information about a property. Clearly, the more seismic information a company can bring to bear on its decisions, the better it can decide where it wants to do further work. Second, the company’s data assets, on which its future depends, are extremely vulnerable. There is no backup. When needed, the only copy of the      

information requested is physically transported to Genex’s offices. The tapes on which the data reside deteriorate further with each reading. Furthermore, much information resides on obsolete forms of media and is getting increasingly difficult to access. 

“Finally, IT is getting a lot of pressure from the executive office,” reported Sandy. “These guys have seen what’s going on in other companies, and they want to see Genex move into the twenty-first century. Staff at Genex cover vast territory and must work from home, from local facilities, or on the road. Not only does Genex need to provide a virtual working environment for these workers, but it also needs to con- sider how they can work together as a team without having physical colocation for communication.” 

“Well, I guess we have it all,” said Devlin. “Integration problems, outdated hard- ware and software, inconsistent data, expensive workarounds, pressure to modernize, and substantial budget limitations.” Turning to Yee and Sandy, he smiled. “Now what are we going to do about it? Where do we start?” 

1. Use the Web to search for “incident response training” and identify one company that offers such training. Look at the course offerings then write a report that contains:
   • A description of the company (name, website, what kind of training they provide, other important information).
   • List of courses given regarding incident response training.
   • Pick and describe one course that can prepare you to be a member of CSIRT, describe this course and mention how many days it takes.