Discussion Replies 1, 2 and 3

I’m working on a Computer Science question and need guidance to help me study.

I Need to write 3 seperate replies for each Discussion posts. and choose one question(There are 3 questions in each discussion) from each discussion and answer it. Each reply should be 75-100 words(minimum 75 words)

Please follow instructions:

The discussions in this class exist to simulate face-to-face discussions. To reach that goal, we will adhere to the 3CQ model. After posting each thread, you will post at least 3 comments on other students’ threads, and each comment must conform to the 3CQ model (Compliment, Comment, Connect, Question). This model encourages discussions that extend class learning and participation.

Here is a description of the 3CQ model:

1. Compliment – Start off positive. Compliment the person on something specific you have read or observed in the person’s blog post. For example:

  • Thanks for sharing your thoughts! I really liked …

2. Comment – Comment on something relevant and meaningful about what the person wrote. Be specific! Remember your comment might not always be agreement. You can “politely” disagree. For example:

  • I agree with you about …
  • I respect your opinion, but I think …

3. Connect – Connect with something the person wrote (Text-to-Self, Text-to-Text, Text-to-World). Explain your connection with details giving your audience a clear idea of what you’re talking about by using sensory details. For example:

  • I can connect with you about …
  • I once read a story about …
  • I had the same thing happen to me…

4. Question – Ask a specific question about something written or the writer. Keep the conversation going!

Remember that ALL discussions must use the 3CQ approach to interaction.

Discussion 1 Post:

Regulations

Currently, the organization that working at is a non- governmental organization that deals with helping less fortunate and those people living in venerable areas. The organization receives a lot of donations from various donors all over the world. Being a non- governmental organization receiving a lot of donations, the organization has been prone to a lot of cyber attacks (Solomon, 2019). My role in the organization is that am in charge of the information technology department. I am the one who manages and coordinates all the matters that pertain to information technology.

Some of the major regulations that have been imposed on the organization are; all the software should be from the genuine seller, all the software and applications should be updated, and both the wired network and wireless networks should be secured by the appropriate techniques. A good example of how the above regulations have impacted our organization is the reduction of cyber threats. Software updates and purchase of genuine software have reduced the number of threats facing the organization, thus the organization has been able to focus on helping the needy rather than combatting security threats in its systems.

The regulatory compliance requirements associated with the organization’s strategic goals (Branca, 2018), as the aim of the organization is to utilize as minimum resources in its operation to use the huge amount in helping the needy. The key obstacle of the “regulatory requirements” in attaining the organization’s goals is that purchase of the genuine applications and software costs a fortune to the organization, thus resulting in the organization to spend some of the donation money to secure its information systems.

Questions:

  • Do you think that most of the regulations that companies impose are always beneficial to them?
  • What are some of the factors that should be considered while imposing regulations in an organization?
  • Do you think that companies that have already imposed regulations perform better than those that do not?

Discussion 2 Post:

Compliance/Regulation

I work as a Technology Support Specialist for a large K-12 district. Essentially, I am responsible for maintaining, repairing, installing, configuring, and troubleshooting all of the devices in my three schools (one middle school and two elementary schools). The district must comply with HIPAA regulation in the case of student and staff health information, but the two most important regulations the district must comply with are FERPA and CIPA. FERPA enforces the protection of student information, and CIPA requires schools and libraries to limit children’s access to harmful online content.

FERPA impacts the district’s goal—to provide a quality education to all students—by limiting the staff that can access student records and placing restrictions on what information can be shared with other adults involved in a student’s life. For example, FERPA regulations require the district to maintain strict access controls and two-factor authentication to access a student’s records. In addition, the district must provide training on FERPA rules, password policies, and physical security to ensure staff compliance. FERPA aligns with the district’s goal because it is meant to protect and maintain the confidentiality of children’s personal information, but it also provides the obstacles of increased attention (administration) on ACLs and the process of securing data in motion and at rest.

CIPA impacts the district’s goal because it places strict requirements on the online content that can be accessed by district devices. CIPA also aligns with the district’s goal because it seeks to block harmful content that is not suitable for children and therefore not applicable to learning. CIPA is an obstacle because it requires the district to pay for and actively configure and monitor content filtering software for all devices. My district uses GoGuardian for this purpose. This software blocks harmful content, but often does the same to benign content that teachers need to share with students. Teachers are forced to create help tickets to unblock sites for education purposes, which creates a lot of administrative overhead and lost time.

Questions:

1. Anti-malware software is important for the protection of all three aspects of the C-I-A Triad. If a non-techy coworker asked you for a free anti-malware software recommendation for their personal computer, what would you recommend and why? Would you recommend that same software (or the paid version) for your organization?

2. One of the Common Security Administrator Tasks listed on page 208 is “Enforce physical security standards” (Solomon, 2019). Do you believe it is a Security Administrator’s job to actively manage physical security, such as ensuring server room doors are locked or that only authorized personnel are allowed in the IT Department offices?

3. The textbook mentions “periodically examine log files for suspicious behavior” as a best practice. What does “periodically” (in terms of best practices) mean to you? How often do you/someone in your organization examine log files?

Disussion Post 3:

The role I hold in this scenario is a Cloud Security Engineer at a medical device company in the healthcare business. Being a major, and multi-national medical device company, we are beholden to a number of regulations. The largest of which are GDPR, HIPPA, HITRUST, and FDA CFR Part 21.

FDA regulations for medical device companies impact strategic goals by introducing a lengthy approval process, and subsequently impacting our time-to-market with new products and features. GDPR imposes rules which make things like data analytics across the global footprint of devices and data streams very difficult, which impacts our company’s “data-driven strategy”.

While these regulations do have a seemingly negative impact, we do want to make sure that our products are first and foremost secure and properly governed. The regulations to which we are beholden give us a good baseline for aligning with industry standards. Additionally, without meeting these regulations we wouldn’t be able to sell our products, which makes meeting those regulations.

My three questions to my peers are as follows:

In the ever-growing world of data, do you think countries should be able to mandate data not leave its boarders?

In respect to data proximity, if a user of a service lives in the United States but travels to Europe should European laws be in affect when the service is being used from within Europe?

What are you thoughts on creating regulatory bodies that grant approval? In healthcare the FDA has to grant approval for products, do you think this would be better served if it were a private organization rather than government?

Order this or a similar paper and get 20% discount on your first order with us. Use coupon: GET20