What are the main reasons why a VPN is the right solution for protecting the network perimeter? Do they also provide protection for mobile devices?

Compare and contrast two difference cloud computing services (Amazon Web Service and Microsoft Azure). Explain the differences and the similarities and select your choice of providers if you had to make the decision for your business. Write up a comparison on the services offered (2 pages maximum).  

Instructions 

Write a thread containing a thoughtful answer to 1 question.  Answer should  contain at least 400 words.  If necessary, you may list within your  thread any concepts on which you need further clarification as well.   Also, you must reply to at least 2 threads below.  Each reply  should contain at least 200 words.  Additionally, all posts  (thread and replies) should reflect professional writing, current APA  standards, include at least 1 scholarly reference (e.g., peer-reviewed  journal articles), and integration of at least 1 biblical principle.

Thread Question: (in 400 words at least)

Why should the IT department not be solely responsible for business continuity?

Replies(Reply to each thread in at least 200 words EACH)

Thread #1

  Business Continuity and Disaster Recovery Goal         

                Cybersecurity revolves around the CIA triad and  protecting the information by ensuring its confidentiality, integrity  and availability. The Triad’s purpose is to guide the information  security practitioner in creating policies and controls that protect  systems against outside and inside intrusion, as well as, natural  disaster. Business Continuity planning and Disaster recovery effort’s  number one goal is to protect the availability of information in the CIA  Triad. Business Continuity Plans a as well as Disaster Recovery plans  must be defined and understood, to understand the necessity of policies  that protect the availability of information, and their importance in  the overall goals of information security.

                Business continuity planning is the process of  identifying the potential losses from external threats and consequential  losses due to the loss of key business processes from an accident,  attack, disaster, or physical damage to essential hardware and software  (Pinata, 2011). Business continuity planning would identify all the  potential impacts from a disaster and would direct the upper level  management to identify specific targets for policies that would mitigate  the damage and ensure systems are available quickly.

                Disaster Recovery Planning restores the  operability of systems that support mission-critical processes as  quickly as possible (Bahan, 2003). Disaster recover planning occurs  before a disaster occurs, and addresses the targets identified during  the business continuity process. Disasters can be anything from natural  disaster to malware attacks, such as ransomware, that encrypt all data  in servers.

A business continuity plan should  address the acceptable amount of downtime and thus the Disaster recovery  policy should attempt to recover systems in that amount of time.  Systems should be backed up regularly and the backups should be tested  to ensure the availability of information in the case of a disaster  occurring. If systems are not tested regularly the plan would only be  theoretical and would not ensure the availability of information in an  emergency.

Ransomware attacks, as the one  recently seen in Baltimore, is becoming a common attack and  organizations must take business continuity and disaster recovery  planning serious to ensure that mission-critical systems are up and  running quickly and does not prevent normal operations for a long period  of time.

Thread #2

“As organizations and information systems (IS) increasingly  commingle, any incident with organization IS may cause significant  organizational damage.” (Niemimaa, 2015). That is why the notification  procedures must be clearly documented for a number of reasons ranging  from informing stakeholders to ensuring staffing requirements during a  disaster. In the event of a disaster or emergency situation, certain  individuals on multiple levels of an organization may need to be  informed or report to work to deal with these issues. This can range  from a first-line supervisor to the CEO of the organization, but the  contingency plan should have in place a definitive notification  procedure to ensure all personnel that need to be informed are informed.  According to Gregory, all parties involved with an organization that  may be affected by the disaster should be notified, to include:  employees, suppliers, customers, regulators, authorities and  stakeholders (2015). While the who of the notification procedure makes  up the bulk of the material, how those individuals are notified can be a  pressing matter as well. Depending on the type and severity of a  disaster, the responses can range from e-mail notifications to phone  calls to in-person visits. Depending on the cost, type and severity of a  disaster, it can dictate how individuals should be contacted, or it can  dictate if they would like to be contacted at all. 

In the organization I currently work in, our contingency plan is  based off the severity of the incident, the time/day of week and how  large the incident is. All of those factors dictate whether we call  anyone at all, whether we call just the administrators to fix the  issues, or whether we call the administrators and the organization’s  leaders. The contingency plan should lay the groundwork for notification  procedures, but it should also put into place the details around  different types of problems and disasters. As I mentioned above about my  organization, different people wish to be notified at different levels  or degrees that evolve over the lifetime of a problem or disaster. For  this reason, a corresponding list of notification instructions should be  kept and updated frequently to ensure that correct means of  communication are still accurate and when one of these individuals would  like to be notified in the event of a problem or disaster. On a side  note, ways of communicating to designated personnel should be closely  adhered. Notifying personnel to little or to much can de-simplify the  issue, or it can cause the issue to seem larger than it is prompting an  inaccurate response.

 Discussion question CIS – 498   (Half page each answer totally 3 question)  

1. “A Consultant’s Viewpoint and Relationships” Please respond to the following:

· Read and reflect upon the “Top Ten – Considerations for Evolving into the Role of a Consultant” in Chapter 5 of Roberts’ text. Propose three (3) actions that IT professionals should undertake in order to successfully achieve the Top Ten. Determine the single most paramount consideration and justify your selection.

· As an IT professional who may face differing and competing priorities from business units, suggest one (1) strategy for negotiating an achievable project scope without damaging the relationship with business units. Support your answer with the steps that you would take in order to implement your strategy.

2. “Project Management Skills and Formal and Informal Project Management” Please respond to the following:

· Speculate on the main reasons why the skills and training of project managers have changed over time. Give your opinion as to whether these changes have been good for business. Provide a rationale for your response.

· Suppose you are starting a Project Management Office (PMO) at an organization. Give your opinion as to what the key considerations would be for the endeavor to be successful. Speculate whether you would hire an experienced project manager or a consulting company to facilitate the starting of the PMO. Support your rationale with at least two (2) advantages of hiring your selection.

3. “Managing Projects and Requirements Gathering” Please respond to the following:

· According to Roberts, the industry deems only 25% of technology projects successful. Analyze why this statistic is so low. Suggest strategies that an IT department could use in order to increase the success rate of projects. Give your opinion on whether the structure of the PMO contributes to this statistic. Justify your response.

· Imagine that you are a senior business analyst with a multinational corporation. Examine the process of requirements gathering discussed in Chapter 9 of the Roberts text. Suggest your strategy for gathering requirements from across divisional lines. Determine at least two (2) obstacles that you may encounter and propose one (1) method for overcoming each. Provide a rationale for your response.

Bachelors Degrees:

Computer Programming and data structures

Computer programming lab

Computer Organization 

Operating Systems 

COMPUTER Networks 

Masters :

Network Security Fundamentals 

System Analysis and Simulations

Business Intelligence and CRM

Responsibilities:

· Developed and executed an automated scripts and frame works using Java.

· Implemented Automation process for Web services test cases using SOAPUI and Jenkins. 

· Developed BDD tests using Cucumber by writing behaviors and step definitions using IntelliJ.

· Used Jenkins for nightly build execution and sending status mail if build fails to QA team.

· Compared and written scripts in database from one environments to other.

· Maintain and running SQL scripts using MySQL Workbench as a means of performing data validation 

· Performed of spinning up the servers in AWS console and Oracle Cloud.

· Identify, track, and manage system bugs using the issue tracking tool JIRA  and Zepher.

· Work with off-shore and in-house Java and development teams 

· Develop test strategy, test cases and test suites based on wireframes and defined system requirements.

· Performed browser compatibility testing (Firefox, Chrome, Safari) of a web based application to ensure that functionality works fine.

· Perform integration, system, regression testing using automated testing tools. Providing estimates for planning, development and execution of automated test cases.

· worked closely with development and product owners team.

· Identify, track, and manage system bugs using the issue tracking tool JIRA  and Zepher.

· Use Confluence to store software QA documents and faster communication among the team

· Enhanced Test cases using Java programming features and TestNG Annotations.

· Execution of Selenium Test cases and Reporting defects.