+1 (208) 254-6996 essayswallet@gmail.com

Please see attachments 

Application: Ungoverned Areas and Safe Havens

Don't use plagiarized sources. Get Your Custom Essay on
JD Week3: Assignment
Just from $13/Page
Order Essay

Terrorist groups often thrive in ungoverned areas and safe havens, where the ability of states to extend the rule of law is weak or non-existent. Ungoverned areas and safe havens range in their geographic locations within state and government boundaries. They are not only remote locations like the Philippine Archipelago, an ungoverned area characterized by rugged terrain used by terrorist groups such as Moro Islamic Liberation Front (MILF). They can also be located in both urban and suburban areas such as Pakistan’s cities. In addition to these locations, there is evidence showing that terrorist groups also use cyberspace and the Internet to recruit and train terrorists and plan terrorist attacks. Ungoverned areas and safe havens provide terrorists groups with a location in which they can promote, train, and educate followers, protect their leaders, and plan future terrorist activities and movements.

To prepare for this assignment:

  • Review the Chapter 4 article “The Ultimate Organization” in the course text Terrorism in Perspective. Reflect on the potential use of ungoverned areas for terrorist recruitment and training.
  • Review online “Chapter 5: Fragile States and Ungoverned Spaces” from the Institute for National Strategies Studies. Consider how ungoverned areas are used to promote and sustain terrorism.
  • Review the PBS video segment The Challenge Just Over the Border. Think about the influence of Afghanistan tribal, ungoverned areas, and safe havens have in promoting terrorism.
  • Reflect on examples of ungoverned areas and safe havens.
  • Consider how ungoverned areas and safe havens might sustain and promote terrorism.

The assignment (1–2 pages):

  • Briefly describe and provide an example of an ungoverned area.
  • Briefly describe and provide an example of a safe haven.
  • Explain the roles of ungoverned areas and safe havens in sustaining and promoting terrorism. Be specific and use examples to illustrate your explanation.

3 Pages 3 References APA for mat



Type Your Title Here

Student’s Name

Colorado Technical University


An abstract is a single paragraph, without indentation, that summarizes the key points of the manuscript in 150 to 250 words. The purpose of the abstract is to provide the reader with a brief overview of the paper. This template is based on 6thed of the Publication manual of the American Psychological Association.

Note: an abstract is only required if the assignment calls for it. Consult with your instructor.

Type Your Title Here

Begin writing your paper with a .5” indent and continue the paper with an indent for each new paragraph.

Heading Level 1, Centered, Boldface

Heading Level 2, Flush left, Boldface, Uppercase and Lowercase

Heading level 3, indented, boldface, lowercase ends with period.

Heading Level 4, indented, boldface, lowercase, italicized, ends with period.
Heading level 5, italicized, lowercase, ends with a period

Note: Depending on the length and complexity of your paper you will use different levels of headings.


Encyclopedia, S. E. (1993). Article. In The new encyclopedia Britannica (vol. 38, pp. 745-758). Chicago, IL: Publisher.

Lastname, F. (2003). Book title: Subtitle. Sterling, VA: Publisher Name.

Newspaper article without an author. (1993, July 15). The Washington Post, p. A12.

Wittkopf, B., & Shaw, M. E. (2003, fall). Article title from the journal. Journal Name, 43(2), 18-22. doi:10:109.0932.9385.09



Citation Style Basics for CTU Students Updated December 1, 2016

Version 2.2.1



We created the CTU APA Writing Style Guide as a tool to help students understand and

apply the University’s citation method and writing expectations. CTU has adopted the American

Psychological Association (APA) citation style for all classes, graduate and undergraduate. APA

establishes a citation system that includes a set of rules and guidelines for manuscript preparation

and documentation of sources. When writing assignments of any type, you must document and

cite all sources properly using APA style. Citing and referencing sources correctly both

indicates your professional ability to include other voices in your work and prevents accusations

of plagiarism.

Our CTU APA Writing Style Guide answers some of the common questions CTU students

ask about using APA style for formatting documents, including in-text citations and constructing

references. However, if you have questions not answered in our guide, please consult either the

APA Style for CTU Students or The Publication Manual of the American Psychological

Association, 6th ed. (2010).

Along with our guide, use the APA Paper Template when composing essays or other

papers. This Microsoft Word document is already formatted for APA style using the

expectations outlined in our guide.

Refer to the Introductory APA Writing Style Guide if your assignment advises its use. The

introductory style guide emphasizes proper citation of sources and basic formatting but does not

require more advanced formatting, including title page, abstract, running head, or page numbers.http://careered.libguides.com/ctu/apahttp://careered.libguides.com/ld.php?content_id=13865713http://careered.libguides.com/loader.php?type=d&id=1222951


Assignment Style Format Checklist

The following checklist outlines the writing format requirements for all assignments unless the

assignment specifies different formatting requirements.

Discussion Board/Forum Post

If references are used or required for an assignment, include the following:

 In-text citations

 References list (at the end of the discussion post)

Essay/Paper/Individual Project

If you are submitting an assignment in essay format using Microsoft Word, include the


 Title page

 Running head and page numbers

 Double-spaced throughout without additional spacing between paragraphs

 Indent the first line of each new paragraph

 12 point Times New Roman black font

 1-inch margins

If references are used or required for an assignment, include the following:

 In-text citations

 References list as a separate page at the end of the document


If references are used or required for an assignment, include the following:

 In-text citations

 References slide at the end of the presentation


Why Do I Need to Understand and Utilize APA Style When Completing My Assignments?

1. To credit the outside sources you incorporate into your assignments, to avoid plagiarism,

and to situate yourself in the professional discussions occurring in your field.

2. To establish credibility as an author by demonstrating consistent application of a

comprehensive and industry-wide system of attribution.

3. To confirm for your audience (peers and faculty) where they can locate the information

you cite.

4. To create a uniform document acceptable for both academic and professional purposes

and audiences.

How Do I Include Resources in My Assignments to Avoid Plagiarizing?

 Review the requirements for your assignment. You must properly credit any sources you


Use in-text citations and references to acknowledge and cite your sources. Place in-text

citations in the body of the paper, usually immediately following information included

from outside sources.

 Include a references list on the last page of the paper that includes the complete

bibliographical information for each source, cited in APA format.

Citing Sources in the Text

When citing a resource in a piece of writing, the basic information is included in the body

of the paper and the full information in the reference list. The in-text citation is the author’s last

name(s), year of publication, and, if appropriate, the page number. Consult the APA Style for

CTU Students guide for more examples on how to use in-text citations.http://careered.libguides.com/content.php?pid=150200&sid=1280243http://careered.libguides.com/content.php?pid=150200&sid=1280243


Outside sources can be included in the text in multiple ways. Use the skills of Direct

Quotation, Paraphrase, and Summary as the primary methods to include outside sources.

Using Paraphrase

To paraphrase is to use information from one source and restate the information in your

own words. When you paraphrase, you credit your source because the ideas you used are not

your own. Paraphrasing allows you to include particular information from a piece of evidence

without quoting the language directly, while maintaining the original intent of the source. Below

are examples of how to cite a source you have paraphrased in your writing.

Example 1:

According to Booth, Colomb, and Williams (2003), plagiarism should be avoided.

Example 2:

Plagiarism should be avoided (Booth, Colomb, & Williams, 2003).

In both examples, you include the author’s last name(s) and the year of the publication only. Do

not include author’s initials unless there are two or more authors with the same last name.

Using Direct Quotations

A quotation is a statement or a portion of a statement taken from an original text. Direct

quotations should be recorded accurately and used rarely, primarily to emphasize your point. A

good rule of thumb is to use a quotation when a paraphrase does not represent the information

properly or a better way to state the information is not clear. The more experience you gain with

writing and using sources, the better you become at determining which is better: a quotation or

paraphrase of the information.


Below are examples of how you could cite a direct quotation within the text of your

assignment. Please note: Direct quotations that are 40 words or more should start on a new line

and be indented without quotation marks to create a block quote.

Example 1:

According to Booth, Colomb, and Williams (2003), “In all fields, you plagiarize when

you use a source’s words or ideas without citing that source” (p. 202).

Example 2:

Many authorities have commented on the topic, but this is one of the most effective

descriptions: “In all fields, you plagiarize when you use a source’s words or ideas without

citing that source” (Booth, Colomb, & Williams, 2003, p. 202).

Formatting Your Paper

CTU provides a template in Microsoft Word that is already in APA format, located on the

APA Style for CTU Students site. We recommend you use the template when writing papers so

you do not need to spend time unnecessarily putting a document into the format. See section

8.03 of the APA Publication Manual for more information on formatting your paper.

An APA formatted paper has:

 1 inch margins

 double spacing throughout without additional spacing between paragraphs

 12 point Times New Roman black font

Each page of the document has a running head at the top left in the header. The running

head is a shortened version of the title, around 50 characters including spaces, in ALL CAPS.

Each page has a page number at the top right in the header. The title page is page 1, and

pages are numbered consecutively from there.http://careered.libguides.com/loader.php?type=d&id=1222952http://careered.libguides.com/ctu/apa


The first line of each paragraph is indented ½ inch (one tab or 5-7 spaces).

If appropriate, use headings as described in section 3.03 of the APA Manual.

Title Page

The first page of your document is the title page. The title of your paper, your name, and

the name of the university are centered in the upper half of the page. APA recommends the title

“should be fully explanatory when standing alone” (“Publication Manual,” 2010, section 2.01)

and be a maximum of 12 words. See section 2.01 of the APA Publication Manual.

On the title page, the running head is preceded by the words “Running head:”—all

subsequent pages have only the running head; use Microsoft Word’s “Different First Page”

header option to maintain the difference.




Only include an abstract if the assignment or instructor specifies you should. The

abstract is placed on page 2 with the label Abstract centered at the top of the page. The abstract

is a short summary of the whole paper rather than a repeat of the introduction. See section 2.04

of the APA Manual for hints on how to write a good abstract.


Start the reference list on a new page at the end of your paper. Title the page with the

word References centered at the top. See section 2.11 of the APA Publication Manual.

All of the sources you cite in your assignment, and only those sources, must be compiled

to create a references list. The References Page is the second step to confirm you’ve cited and

documented your sources successfully and avoided plagiarism. You should not have a source


cited in your essay that is not listed on the references page, and you should not have an entry on

your references page that is not cited in the body of your essay.

 The references list starts on a new page at the end of the paper and includes the complete

reference/bibliographic information for each source cited in the paper or presentation.

 The references list is double spaced without additional spacing between entries.

 All references are listed in alphabetical order by the author’s last name or, if no author is

listed, by the title of the source. If you are using multiple works by the same author,

place them in order of publication date.

 Each entry is formatted as a “hanging indent,” which means that the first line of each

entry is justified to the left margin and the second and following lines are indented 5-7

spaces (one tab). You can format a hanging indent in Microsoft Word by opening the

paragraph dialogue box, and in the “Indentation” section under “Special,” selecting

“Hanging” from the drop-down menu and under “By” selecting “0.5″.”

The specific APA format for a reference depends on the type of source included in your

assignment. For more information on specific formatting details, see the reference examples on

pages 9-14 of our document or consult the APA Style Guide for CTU students.http://careered.libguides.com/ctu/apa


Reference Examples

Based on Publication Manual of the American Psychological Association, 6th ed. (2010):

Chapter 7, Reference examples, pp. 193-224

Consult the APA Style Guide for CTU Students for more reference examples.

Electronic/Internet Sources

Non-periodical Web document, Web page, or report.

Author’s Last Name, First and Second Initial or Name Corporate Author. (Date of Publication).

Title of document. Retrieved from http://Web address

Capital Community College. (2007, February). A guide for writing research papers based on the

styles recommended by the American Psychological Association. Retrieved from


Note: When creating references for Web documents and pages, writers frequently need to hunt

around for the required information. It is important to include as much of the required

information as possible in the reference.

If your source has no publication date:

Use “n.d.” in place of the date in both the references entry and the in-text citation: (Smith, n.d.)

Capital Community College. (n.d.). A guide for writing research papers based on the styles

recommended by the American Psychological Association. Retrieved from

http://www.ccc.commnet.edu /apa/http://careered.libguides.com/content.php?pid=150200&sid=2946374http://web/http://www.ccc.commnet.edu/http://www.ccc.commnet.edu/http://www.ccc.commnet.edu/http://www.ccc.commnet.edu/


Article from an online newspaper.

Author’s Last Name, First and Second Initial., & Author’s Last Name, First and Second initial.

(Year, Month Day). Title of article. Title of Newspaper. Retrieved from http://Web


Jackson, D., & Marx, G. (2009, October 12). State Senate hearing to examine nursing home

safety. Chicago Tribune. Retrieved from http://www.chicagotribune.com

Note: If the article is available through a search of the source’s website, give just the URL of the

home page. If the URL home page is not available by the search box, give the full URL to the


Journal article from an online source or library database.

Author’s Last Name, First and Second Initial. (Date of publication). Title of article. Title of

Newspaper, Magazine, or Journal, Volume(Issue number if known), page numbers. DOI

number or if no DOI is available use the following: Retrieved from the URL for the

journal’s home page

With DOI number.

Brewer, P. D. & Brewer, K. L. (2010, July/August). Knowledge management, human resource

management, and higher education: A theoretical model. Journal of Education for

Business, 84(6), 330-336. doi:10.1080/08832321003604938

Without DOI number.

Tomkiewicz, J., Bass, K., & Gribble, A. (2011, June). Potential pitfalls of ethnocentricism in a

globalizing world. College Student Journal, 45(2), 369-375. Retrieved from



Article from an online magazine.

Author’s Last Name, First and Second Initial. (Year, Month Day). Title of article. Title of

Magazine, Volume(Issue number if known). Retrieved from http://Web address

Crumley, B. (2009, October 12). Should students be paid to do well in school? Time. Retrieved

from http://www.time.com/time/world/article/0,8599,1929454,00.html

Corporate author, government report or document.

Name of Government Department or Agency. (Date of publication). Title of document (Report or

document number if given). Retrieved from http://Web address

United States Department of Education (2008, January 16). Secretary Spellings awards over $38

million to 20 states in school improvement grants. Retrieved from


Electronic book.

Author’s Last Name, First and Second Initial. (Year of Publication). Title of Book [Electronic

version, for example, DX Reader version]. doi number or Retrieved from http://Web


Urquhart, V., & McIver, M. (2005). Teaching writing in the content areas [Ebrary Reader

version]. Retrieved from http://site.ebrary.com/lib/cecybrary/docDetail.



Entry in an online reference work, no author or editor.

Title of entry. (Year of Publication). In Title of reference work (edition number if given).

Retrieved from http://Web address

Paraphrase. (2009). In Merriam-Webster online. Retrieved from http://www.merriam-


Personal Communication

Use the following method to cite your instructor’s lecture in the classroom or in private

communication. These include emails, interviews, letters, or any other communication. Your in-

text citation should include the communicator’s name, the fact that it was personal

communication, and the date of the communication.

“Those zombies, they would control the world, you know? If we allowed it, we would be

out of control” (A. Smith, personal communication, January 1, 2000).

A. Smith said zombies would take over the world if we let them (personal

communication, January 1, 2000).

Do not include personal communication in the references list.

Live chat session.

Instructor/author last name, first initial. (Date). Title [type of posting (chat)]. Retrieved from

online location, course number and section, course title: http://Web address

Danley, L. (2009, January 9). APA chat 1: Introduction to APA style [Chat]. Retrieved from

Colorado Technical University, Virtual Campus, APA Style Lab:



Course materials.

Author’s Last name, First Initial. (Date). Name of presentation or document [type of source

(Multimedia presentation)]. Retrieved from Colorado Technical University Virtual

Campus, Course Code-Quarter session: http://Web Address

Colorado Technical University. (2009). LTR215 Phase 1 activity: Getting accustomed to

literature [Multimedia presentation]. Retrieved from Colorado Technical University

Virtual Campus, LTR215-0802B-01: https://campus.ctuonline.edu

Blog post.

Author’s Last name, First Initial. (Date of blog post). Title of blog post [Web log message].

Retrieved from http://Web address

Catspaw. (2009, September 10). So what have you been up to at Google? [Weblog message].

Retrieved from http://www.insanecats.com/

Note: Use the log in/user name if the author’s name is not listed.

Message posted to an online forum, discussion group, or newsgroup.

Author’s Last name, First Initial. (Date of message/post). Title of message/post [Type of post, for

example, Discussion board post]. Retrieved from http://Web address

Anderson, L. (2009, October 19). Re: Writing is an important skill [Discussion board post].

Retrieved from Colorado Technical University, Virtual Campus, The Writing Center:

https://campus. ctuonline.eduhttp://web/http://web/http://www.insanecats.com/http://web/


Print Sources

Article from a scholarly/peer reviewed journal.

Author’s Last Name, First and Second Initial. (Year of Publication). Title of the article. Title of

the Journal, Volume(issue number if known), page numbers. doi number if one is


White, E. M. (2005). The scoring of writing portfolios: Phase 2. College Composition and

Communication, 56(4), 581-600.

Article from a newspaper (no author).

Title of the article. (Year, month day of publication). Title of the Newspaper, page numbers.

Boss defends trooper who used Taser on driver. (2007, December 2). Chicago Tribune, p. A3.

Book with two authors.

Author’s Last Name, First and Second Initial, & Author’s Last Name, First and Second Initial.

(Year of Publication). Title of book (Volume/Edition number). City, State of

Publication: Publisher.

Greenfield, S. B., & Calder, D. G. (1986). A new critical history of Old English literature. New

York, NY: New York University Press.

Chapter from a print book.

Author’s Last Name, First and Second Initial. (Year of Publication). Title of book

(Volume/Edition number, page numbers). Place of Publication: Publisher.

Hacker, D. (2008). A pocket style manual (5th ed., pp. 70-90). Boston, MA: Bedford/St. Martins.



American Psychological Association. (2010). Publication manual of the American Psychological

Association (6th ed.). Washington, DC: Author.

As part of the development of an information security plan, you need to develop a strategy for identifying and promptly remediating information security vulnerabilities to minimize information security breaches. For this assignment, you will continue the planning process by adding the Vulnerability Management section to the Information Security Assurance Implementation Plan. Based on the work from Weeks 2 and 3, you will select a solution strategy for the organization to implement information security quality assurance. As part of the solution strategy, you will make recommendations for prioritizing, budgeting, implementing, and maintaining risk-reducing countermeasures.

The project deliverables for Week 4 are as follows:

Update the Information Security Assurance Implementation Plan title page with the new date.

Update the previously completed sections based on the instructor’s feedback.

Vulnerability Management

Select and describe a solution strategy for the organization to implement information security quality assurance based on your previous work from Weeks 2 and 3.

Recommend and justify your recommendations for prioritizing, budgeting, implementing, and maintaining risk-reducing countermeasures.

Name the document “yourname_CS661_IP4.doc.”


Running head: Software Information

Software Information


Colorado Technical University

Table of Contents Introduction 3 The Nature of the Origination 3 The company’s size, location 3 Weak One: 4 Information Security Overview 4 An overview of the information security plan for DB Schenker 6 Week Two: 8 Risk Assessment 8 Week Three: 9 Security Standards for Development and Deployment 9 Week Four: 10 Vulnerability Management 10 The emerging technology driven applications 12 Week Five: 13 Assessment and Assurance 13 Conclusion 13 References 14


Security has become a fundamental and inescapable concern for programming structures. The earlier decade has seen a huge development in the sheer number of attacks just as the straightforwardness with which attacks can be performed on structures. We acknowledge that to guarantee an item or system against hurt (expected or not), thought ought to be given to its necessities. Like other structure properties and quality credits, security ought to be considered from inception, toward the day’s end starting with necessities planning.

The Nature of the Origination

The organization which the information security will be applied is the transport and forwarding organization that is it deals with the transportation of goods and services. the system will placed in DB Schenker to facilitate the organization forwarding system (Renata & John , 2012). The Security will be nonfunctional essential (NFR) that is logically fundamental in its importance, wonderful in its necessities, yet ought to regardless be composed with any excess pragmatic and non-valuable necessities and arranged into productive models, plans, and execution (Bilyana , Lillian , Quentin , & Adam , 2019). Like other nonfunctional essentials, the phenomenal nature and solicitations of security make it irksome and routinely unable to decide security concerns using “extensively valuable” necessities strategies, in this way security necessities planning is required. Under we explain all of these two thoughts, (for instance programming security, and security necessities planning).

The company’s size, location

The DB Schenker company is large and forwards goods and services to three quarters of USA. Security is interestingly perplexing and testing among non-practical necessities (NFRs); as Ian Alexander specifies, “security is not normal for any remaining regions in a detail, as somebody is intentionally and purposely attempting to break the framework. Security is a NFR that is progressively basic in its significance, extraordinary in its prerequisites, yet still should be coordinated with any remaining practical and non-useful necessities and planned into effective models, plans, and execution (Ariel , Shiliang , & Gilles , 2016).

Programming security will ensure that essential objectives three viewpoints (CIA), the safeguarding of the Confidentiality, Integrity, and Availability of the data resources and assets that the product makes, stores, measures, or communicates including the executing programs themselves (Lenin , Jitendra , & Sharad , 2012). In this sense, classification safeguarding alludes to the avoidance of unapproved divulgence; trustworthiness protection is tied in with forestalling unapproved modification; and accessibility conservation is tied in with forestalling unapproved annihilation or refusal of access or administration.

Weak One:

Information Security Overview

The DB Schenker security will involve basic unforeseen development, SQUARE was applied in a movement of client relevant examinations. Carnegie Mellon graduate understudies managed this Endeavor all through the pre-summer and fall of 2004 and the pre-summer of 2005. The relevant examination results were appropriated. Model gadgets were furthermore developed to help the collaboration. It involves 9 phases (Rohan , et al., 2014).

1. Yield to definitions: This movement serves to engage an undeniable correspondence between essentials engineers and accomplices.

2. Recognize security targets: Initially, the accomplices will state unmistakable security goals. In th (Lenin , Jitendra , & Sharad , 2012)is movement, the goals are changed, and conflicts are settled.

3. Make relics: The makers name the going with antiquated rarities that should be assembled: system designing blueprint, use case circumstances/diagrams, misuse case circumstances/graphs, attack trees, and standardized formats and constructions. These antiquated rarities structure the explanation behind the subsequent strides of the procedure.

4. Perform peril examination: In this movement, the shortcomings and risks related to the structure are recognized, similarly as the likelihood that the threats will incite attacks. The makers propose to apply existing threat evaluation procedures.

5. Select elicitation methodology: The technique picked in this movement will be applied in the ensuing stage to play out the veritable security requirements elicitation. Again, SQUARE recommends to apply a current methodology to be picked for the current Endeavor (Lenin , Jitendra , & Sharad , 2012).

6. Inspire security essentials: A basic point in this movement is to ensure that the necessities are verifiable and that they are not utilization or compositional restrictions as opposed to requirements.

7. Mastermind necessities: The evoked essentials are arranged (regardless) as demonstrated by the going with models: crucial, pointless, structure level, programming level structure restriction. Since the last are not considered as essentials, their unscripted TV dramas that the previous advances should be executed again.

8. Zero in on essentials: It is acknowledged that not all that necessities can be executed; therefore, the principal requirements ought to be perceived.

9. Requirements evaluation: In this last development, the necessities are checked for ambiguities, anomalies, stirred up assumptions, and such. Its result is the last security necessities chronicles for the accomplices.

The draft cycle was upgraded and base lined after the logical investigations were done; the base lined cooperation. On a fundamental level, Steps 1-4 are truly practicing that go before security requirements planning yet are imperative to ensure that it is productive. Brief depictions of every movement follow (Mead et al., 2005)

An overview of the information security plan for DB Schenker

The objective of the Multilateral Security Requirements Analysis (MSRA) procedure is to apply the principles of multilateral security during the necessities planning time of structures improvement (Federico , Ruggero , & Matteo , 2013). This is done by exploring security and assurance needs of the large number of accomplices of a structure to-be, recognizing conflicts, and joining the assorted accomplice sees. The strategy gets both from hypotheses on multilateral security and point of view arranged necessities planning. To express the particular security needs of the accomplices, MSRA customers grow security essentials from the perspectives of the different accomplices in regards to bundled functionalities of a system.

Security requirements result from the trade off of multilateral security destinations (Paul & David , 2013). Security targets are browsed a rich logical classification got from the CIA set of three, which in like manner consolidates properties, for instance, obligation and pseudonymity, etc Security destinations, and later essentials, contain the attributes accomplices who have a premium in the need, counter-accomplices towards whom an essential is communicated, and different various credits that are portrayed in the going with entries (Bilyana , Lillian , Quentin , & Adam , 2019).

An accomplice is portrayed as any individual or affiliation that has an interest in the structure to-be. Therewith, the elaboration of the security necessities isn’t limited to the utilitarian customers of the structure to-be, the last being suggested as performers (Federico , Ruggero , & Matteo , 2013). Or then again perhaps, a separation is made that allows the elaboration of both, the people who have a stake in the system security, and the people who will use the structure.

The variety Confidentiality Requirements Elicitation and Engineering of DB Schenker ponders just grouping necessities. Later work has focused in on the formalization of the protection necessities in CREE and the usage of defeasible reasoning to explore ambiguities and conflicts. Counter-accomplices insinuate those accomplices whom the security targets are focused on. These might actually be noxious aggressors or performers of the structure (Lenin , Jitendra , & Sharad , 2012). Further, MSRA works with an information model, the parts of which are the objects of the assorted security necessities. The information model is of a huger degree of reflection than a data model, as would be significant for a useful assurance of the system to-be.

Additional credits of a security need are: the owner of the security essential; the degree of comprehension among accomplices towards the security need; the goal of the essential. this is simply protection or consent); the information the essential areas; the seriousness, communicating if the security essential says something regarding the security of information that it isn’t unequivocally tending to; and the thinking, articulating why the information ought to be gotten. Further, transitory authenticity, portraying how long the security concern ought to be saved, is seen as a quality (Ariel , Shiliang , & Gilles , 2016).

Week Two:

Risk Assessment

Most of the software engineers are inadequately set up to inspire, separate, and demonstrate security necessities for instance the DB Schenker. Thusly, they much of the time botch security necessities for compositional security segments that are by and large used to fulfill essentials, and end up making designing and plan decisions. Charles Haley and his partners see a comparable issue. They show that couple of rules, (for instance, the Common Criteria and the US National Institute of Standards and Technology PC security handbook) propose portraying security necessities with respect to security instruments (Bilyana , Lillian , Quentin , & Adam , 2019). In any case, as they raise, “Portraying necessities to the extent limit leaves out key information: what things need getting and, even more fundamentally, why the articles need guaranteeing.”

The Comprehensive Lightweight Application Security Process (Clasp) communicates that all requirements will be Smart necessities: express, quantifiable, appropriate, reasonable, and recognizable. Affix gives no models, in any case, with respect to what an ordinary security essential should take after (Ariel , Shiliang , & Gilles , 2016). He describes a security essential as “a positive need that executes a supplanting security technique.” He suggests isolating security necessities into classes, such as recognizing confirmation, uprightness, and insurance requirements. For example, the essential “The application will perceive the aggregate of its client applications preceding allowing them to use its abilities” is a distinctive evidence need, however “The application won’t allow unapproved individuals or ventures permission to any correspondences” is a security essential.

When the Personnel Information just to people from Human Resources Dept.”. By conveying security essentials practically identical to unequivocal utilitarian necessities, they ensure that they can achieve adequate distinction to coordinate draftsmen and let them affirm that the requirements are truly fulfilled (Federico , Ruggero , & Matteo , 2013). These models in any case, we haven’t found an overall recognized importance of “security essential” in the

Week Three:

Security Standards for Development and Deployment

As much as organizations have moved so fast to adopt new technology, there is still frail understanding and compliance to information system standards and regulations. According to Ismail (2017), this has not only come due to ignorance to this standards and regulation or the hasty need to have competitive advantage with new technologies use but also due to slow formation of these standards, policies and framework in the pace of the developing technologies. Since information security entitles process and methods to protect data, storage, computer processes and transmission from risk and vulnerabilities, Information security standards and regulation designate the technical specifications or precise criteria harmonized and agreed upon to protect data, systems other computer hardware from potential risk and vulnerability (Ismail, 2017).

Regulations/ laws on the hand mean directives that any organization within the law jurisdiction should follow in implementation of information system. Standards and regulation in information security are very important. They not only set ground for efficiency and effectiveness of information security but also harmonize the different information security methods and process to promote innovation. Standardization also provides structured methods that make it not only easy to disseminate ground breaking ideas but also knowledge about the foremost strategies information security (Tirumala &Anjan, 2016)..


There are various standardization bodies for information security assurance, however, the International Standardization Organization (ISO) standards have become the must read standards for any information security engineer and standards to be complied by most organization IT security systems. ISO standards mostly referred as ISO 27001 and ISO 27002; the latest version of ISO 27001 is international standards that describe the best Information security management system (ISMS) practices (Rajkumar &Paralikar, 2019). In a nutshell ISO 27001 a standard among the ISO 2700 series that describes information security implementation process. Overviews of this standard require that for any information security implementation organization must:

i. assemble a project team that would initiate the project

ii. should conduct a gap analysis which means the reasons behind the information security implementation

iii. should develop the scope of the ISMS

iv. Should initiate a high level policy development for the ISMS

v. Perform a risk and vulnerability assessment

vi. Select and apply controls

vii. Develop a risk documentation

viii. To Conducts a staff awareness training programs

ix. Conduct an international audit to assess and review the implemented ISMS

x. Lastly the organization should opt for certification audit

ISO 27002 is the newest ISMS implementation standards that include a supplementary standard that focuses on information’s security controls that should be followed the implementation of ISMS (Rajkumar &Paralikar, 2019). The controls are listed as Annex A, ISO 27001. This section explains in details how each control works, the objective of the controls and how an organization can implement the controls.

The BS ISO/ IEC 27004: 2009 is also an important information security management system standard. This standard does not only provide requirement for maintaining and improving ISMS but also provide guidance in the development of measure to assess the effectiveness of ISMS implementation in organization. BS ISO/ IEC 27004: 2009 is designed to be applicable in all organization (Tirumala &Anjan, 2016). Though the standard mostly align to the ISO/IEC 27001 standardization is currently being updated to align to ISO 27002; the new version of ISO 27001.

BS ISO/IEC 27003:2010; is a standard that provides the core Information security management systems design recommendations. The standard provides vivid instructions to planning of ISMS projects in organization of all sizes. Though BS ISO/IEC 27003:2010 is still based on the ISO 27001 it also being updated to align to the new ISO 27002 principals (Rajkumar &Paralikar, 2019).

Other important standards are the ISO/ IEC 18043:2006; which as standards that provide a framework for improving data protection and maintaining compliance of the ISO 27002. These standard legislate the best practice to maintain ISO 27001 and 27002 compliance.

Law/ Regulations

In the United States, there various laws associated with information security. These laws include the controlledUnclassified Information (CUI) Found in the Federal Information Security Management Act 2002 (FISMA). This law requires complaint of an information security system to the security controls required in the ISO 27001/ 2 and the USA NIST SP 800-171r1 (Rajkumar &Paralikar, 2019). These laws also come to create a uniform set of requirement for information security controls for securing security civilian data and sensitive government information. another law is the digital millennium copy right Act 1998 (DMCA) which requires any institution or organization manage a digital copyright compliance ISMS that comprise of the following: annual disclosure, strategy or strategies to combat the distribution of unauthorized materials, have an alternative source of the authorized copies of the copyrighted digital materials and lastly have strategic plan review

Why These Standards Are Applicable In the Organization

These standards and laws are applicable in this organization because of the required installation of security systems to curb the various security risk and vulnerability detected during the risk and vulnerability assessment. Accordingly the standards would provide requirement for maintaining and improving ISMS and a guidance in the development of measure to assess the effectiveness of ISMS implementation in the organization. the federal information security management Act 2002 (FISMA) and digital millennium copy right Act 1998 (DMCA) will ensure uniformity in the set organization information security controls with other organizations’ security control and government information controls (Tirumala &Anjan, 2016).

Process That Would Be Affected By the Standards

These standards influence the organization’s ISMS process right from design, implementation and assessment. Accordingly, ISO 27001 a standard describes information security implementation process, ISO 27002 standards effect on information’s security controls, The BS ISO/ IEC 27004: 2009 provides requirement for maintaining and improving and guidance in the development of measure to assess the effectiveness of ISMS implementation in organization (Tirumala &Anjan, 2016).


I will start will with The BS ISO/ IEC 27004: 2009 which provides requirement for maintaining and improving and guidance in the development of measure to assess the effectiveness of ISMS implementation in organization. Then comply with ISO 27002 which starts the standards effect on information’s security controls and lastly follow the ISO 27002 that describes information’s security controls

Week Four:

Vulnerability Management

The emerging technology driven applications

Week Five:

Assessment and Assurance


References Ariel , E., Shiliang , H., & Gilles , P. (2016). Remix: online detection and repair of cache contention for the JVM. Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation, 251-265. Bilyana , L., Lillian , A., Quentin , E. H., & Adam , S. M. (2019). Applying Indications and Warning Frameworks to Cyber Incidents. International Conference on Cyber Conflict (CyCon), 900, 1-21. Federico , C., Ruggero , G., & Matteo , K. (2013). The effect of global supply chain configuration on the relationship between supply chain improvement programs and performance. International Journal of Production Economics, 143(2), 285-293. Jed , D. G., Paul , H., & Klara, K. P. (2017). Educating for the 21st-century health care system: an interdependent framework of basic, clinical, and systems sciences. Academic Medicine, 92(1), 35-39. Lenin , R., Jitendra , P., & Sharad , A. (2012). Appinsight: Mobile app performance monitoring in the wild. 10th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 12), 107-120. Paul , L. D., & David , C. C. (2013). Information technology and business-level strategy: Toward an integrated theoretical perspective. Mis Quarterly, 483-509. Renata , F. M., & John , F. E. (2012). The acquisition of an artificial logographic script and bilingual working memory: Evidence for L1-specific orthographic processing skills transfer in Chinese–English bilinguals. Writing Systems Research, 4(1), 8-29. Rohan , G., Hongqiang , H. L., Y , C. H., Jitendra , P., Lihua , Y., & Ming , Z. (2014). Duet: Cloud scale load balancing with hardware and software. ACM SIGCOMM Computer Communication Review, 44(4), 27-38.

Dima, A. M., &Maassen, M. A. (2018). From Waterfall to Agile software: Development models in the IT sector, 2006 to 2018. Impacts on company management. Journal of International Studies11(2), 315-326.

Ismail, U. (2017). Requirement Gathering for Open Source Software by Using SCRUM and Feature Driven Development (Doctoral dissertation).

ISMAIL, U., QADRI, S., & FAHAD, M. (2015). Requirement Elicitation for Open Source Software By using SCRUM and Feature Driven Development. International Journal of Natural & Engineering Sciences9(1).

Rajkumar, A., &Paralikar, A. (2019, December). Test Driven Development: Process for AUTOSAR Software Development. In INCOSE International Symposium (Vol. 29, pp. 99-108).

Tirumala, S., Ali, S., &Anjan, B. G. (2016). A Hybrid Agile model using SCRUM and Feature Driven Development. International Journal of Computer Applications156(5), 1-5.

Zima, D. (2015). Modern methods of software development. Task Quarterly19(4), 481-493.


Order your essay today and save 10% with the discount code ESSAYHELP