Jacob Mannon
Forum Replies Created
-
Posts
-
I believe that the Bible is self-evident. It proves itself time and time again. I believe that the prophecies are true, and that Jesus was prophesied to come thousands of years before He showed up in the flesh. Adam and Eve were given a hint of His coming in Genesis 3:15, “And I will put enmity between you and the woman, and between your seed and her Seed; He shall bruise your head and you shall bruise His heel” (New King James Version, 2020). This statement seems self-contradicting out of context. Biblically, women do not have seed. Men are the carriers of seed. This statement from God insinuates a virgin birth. We are given the first hint at the plan of redemption while the fall of man is taking place. It is amazing how intricately woven the details of God’s plan are and that we are blessed enough to be able to see a bigger piece of the picture now with the Bible.
-Jacob.
Latoya,
I liked that you mentioned external hard drives. I think that most people have this as their first method of storage without realizing it. I remember when I first started college, I used an external hard drive to store all of my papers and projects. I also used a 4-terabyte hard drive to extend the storage capacity of my PS4. This method is an easy way to add storage that doesn’t take up much physical space.
-Jacob.
Latoya,
It has been a while since I looked at the most up to date technology regarding login credentials. In my experience, the best methods that I have personally used were the CAC (Common Access Card) that I used while on active duty, and SSO that I use currently. I like my current organizations single sign on method because we have regularly changing passwords that require us to make a new password each time. Both methods have been good due to nobody being able to login to any of my information without my CAC card, and those who don’t have my exact password are unable to access any of my data for my SSO.
-Jacob
There are several types of controls to protect data on the network. My personal favorite is the RAID setup. RAID comes in different variations such as RAID5, RAID1, RAID0, RAID10, and RAID6. The point of the RAID setup is to store copies of data across multiple disks either by pairs or stripes or both in the cases of RAID5 and 6. In the event of a disk becoming corrupt or crashes, the data that has been copied to another disk can be used to rebuild the crashed disk. This is a good method of data loss prevention. Another method is the iSCSI protocol. it has the benefit of appearing to be a local network but actually provides remote access.
-Jacob
One of the OWASP top 10 is security logging and monitoring failure. I found an updated article at OWASP.org that appears to have the most up to date information. These failures can occur in situations where logins are not properly recorded, alarms are not triggered during penetration testing, and applications are unable to detect attacks in real time. OWASP recommendations to correct these failures include the ability to log logins and access controls, have a recovery plan in the event of attacks, make sure data is properly coded, and have traceable trails for transactions.
Monitoring logins is incredibly important because we don’t want just anyone to have access to our data. We need to ensure that whoever is attempting to access data has proper permissions and need to know. When this fails, attackers can gain access to our data and use it for malicious purposes.
-Jacob
I say that Jesus is King of kings and Lord of lords. He is the Alpha and the Omega, the beginning and the end. He is my personal savior, and I have been learning and trying to walk with him since I was 19. He means everything to me. There are so many things that would be different in my life and guaranteed to be worse without Jesus’s presence in my life. I try to exercise the spiritual gifts as much as I can. I have the perspective that we have access to all of the spiritual gifts and that the Holy Spirit chooses how He will use each of us in the gifts. I have been able to pray in tongues a few times. I had an opportunity to pray for a man in a hospital where I was working and see the Lord miraculously heal him. I’ve been able to witness to coworkers and family members, and even had a few opportunities to teach some youth groups and bible studies. I am grateful for each opportunity the Lord puts me in to be useful in some way, and I always get excited when something turns out in such a way that I know it had to be God orchestrating the events before they unfolded before me.
-Jacob.
Amy,
Phishing emails have been an ongoing issue for years. I think the best way for us to mitigate this is to be mindful of how we interact with our email. I was almost phished a few times when I was looking for a new job on indeed. I was sending so many applications out that I didn’t properly check who was responding. I was getting emails about jobs that I had never even applied for. It was a good learning experience though and I learned a lot about phishing and spam emails.
-Jacob.
Braden,
I think you did a good job with your examples. I liked the password policy example. We shouldn’t make our passwords easy to figure out. Changing letters to characters like “S” to “$” can be a small but effective way to make a password harder to crack. My current company requires password changes every few months, and we are not allowed to reuse old passwords. This keeps our network access restricted to those who have proper need to get in for business purposes.
-Jacob.
Amy,
I like the examples you gave especially concerning backups and remote access. I knew a girl when I went to college my first time that did not back up anything on her computer. She had a major psychology paper due, and her computer crashed, and she lost all of her progress because she wouldn’t back anything up to the cloud or a flash drive. Backing up data for businesses is crucial. Losing important financial information because the data wasn’t backed up properly would be a huge problem. I also liked the remote access example. The ability to access a company network remotely is what allows many people to have successful remote careers.
-Jacob.
I would say that some of the risks associated with mobile devices would include the users themselves, and face lock technology. There are so many SPAM callers today that it is possible to gain personal information through deception. My grandparent got a SPAM call from someone claiming to work at a hospital claiming that I was in a horrific car accident, and they needed personal information from my grandparents. I was fine and it was just some attempt to get my grandparents personal information. The face lock technology could be problematic in that someone could gain access to your phone if they had a picture of you. Connecting to public wifi networks could also be risky. You never know whether or not someone with malicious intent is monitoring the network.
-Jacob Mannon
One of the most common vulnerabilities faced by companies today are that of phishing attempts. Phishing is when an attacker sends what appears to be a credible email in the attempt to gain personal information about you or your company. Vishing is similar but is through phone calls instead of email. My company has a warning that pops up for every email that doesn’t come from within the organization to give you a heads up so that we pay attention to whatever email we are reading. If the email does seem like it is a phishing email, we can mark it as phishing and the I.T. department takes it from there. Another big issue is that of hackers. Hackers are individuals with cyber security skills that will break into a company’s systems to attempt some type of damage to the organization. We can try to mitigate this with firewalls, proxy servers, and proper authentication for access to company computers. Even then, it is not always full proof.
-Jacob Mannon.
Some critical policies regarding a strong security program include but are not limited to Senior Management support, policy, budget, resources, and authority. From a business perspective we need support from all of these areas just to be able to make a security program happen in the first place. Once we have all of these areas covered, we can move on to the foundation of our security program. We should always be trying to lower risks to what policy deems an acceptable level. Our program should be cost effective and not hold up business production. Our program must always be measurable. If we come across data or some issue that we cannot measure in some way shape or form, then we have a security risk that needs addressed. Some ways we can mitigate our risks in security is to set up a RAID so that if one hard drive goes down, we can get the data from another drive. Cloud backups are another useful way to save data from being lost. Firewalls and encryption methods are also great ways to mitigate threats to security. The most important policy to implement is to have everyone be security minded. Knowing threats are there and having all members of the organization aware of simple things like two factor authentication and locking computers when not in use can go a long way.
-Jacob Mannon
PPE is definitely important no matter what field you work in. I’ve had various forms of PPE from time in the military and in healthcare. You never know what is in your environment that could cause you harm. Safety should always be a number one priority.
I agree that WPA2 creates the more secure environment. Standard 802.11ax is a relatively newer standard that wasn’t mentioned in the module. Released in 2019, this standard produces speeds up to 10 Gbps.
Two types of operational procedures are environmental and safety. Environmental procedures are valuable in that they are necessary to prevent hardware from malfunctioning. We need to make sure that hardware is climate controlled and has proper ventilation. Temperature should remain between 65-85 degrees. Humidity needs to be kept between 50%-60%. Failing to meet these standards could lead to condensation, overheating, or static electricity buildup. All of these could be detrimental to hardware. Safety procedures are also very necessary. What is probably the most important safety procedure when it comes to an I.T. environment is that of electrical safety. All electrical equipment should be properly grounded, and PPE should be used when handling electrical equipment. Failure to do so could lead to equipment malfunctions or harm to the user.
