201S Journals

Posted by sfoul001 on

Journal 1

Prompt: Review the NICE Workforce Framework.  Rank the categories based on how much they interest you. Write about why your top three categories interest you. In addition, write about your lowest ranked category and why you think it would interest you the least?

The NICE Framework consists of six main categories that provide a variety of different cybersecurity related functions. These categories include Collection and Operation, Investigation, Operation and Maintenance, Oversee and Governance, Protect and Defend, and Securely Provision. Out of these six categories, I would rank Collection and Operation, Operation and Maintenance, and Protect and Defend as my most favored categories, in that order, along with Oversee and Govern, Investigation, and Securely Provision as my lowest ranked and least favored.

I favor my top three picks the way that I do because of what they involve and lead up to. I have always been the type of person that enjoys figuring out a solution while also being on the handy side of things as it is what I do best. Collection and Operation, Operation and Maintenance, and Protect and Defend allow me to do just that.

 I find Oversee and Govern, Investigation, and Securely Provision to be my lowest favor because of the way that it operates. I feel as if this is a position fit for an individual that is more of a leader, and the governing body compared to the others wear working on the problem is top priority. From my understanding my least favored three feel as though they are governing/investigative positions.

The six main categories that the NICE Framework consists of are crucial for its continuity and longevity. Whether it be Collection and Operation, Operation and Maintenance, and Protect and Defend which mostly deal with problem and solution, or Oversee and Govern, Investigation, and Securely Provision which mostly involve investigation and reconnaissance, all six categories are sound in their own unique way.

Journal 2

For this Journal Entry, I am asked to give my personal definition of the scientific principles and their relation to cybersecurity. As we know there are six main principles which include relativism, determinism, objectivity, ethical neutrality, parsimony, and skepticism.

Starting off with relativism it has to do with the relation or relevance of the information, individual, or object at hand. As an example, relativism could be used when discussing information between higher powers on whether a piece of information is useful towards the cause.   

 Moving onto determinism, it is best defined as your motivation or reasoning behind the actions towards which you are tending. A perfect example for this would be a red hat hackers cause behind hacking a banking or currency foundation whether it be that they are determined to do it for the money or a deeper meaning.

Thirdly we find ourselves with objectivity which has to do with going into a cause open mindedly without any form of bias that could alter your opinion. This could be useful in cybersecurity when discussing two different yet important situations that must be addressed or argued with both sides in mind.

Fourthly we have skepticism which has to do with the uncertainty of your belief or acceptance of something without truly seeing it for what it is. This is a perfect case for cybersecurity in upper management positions as someone who is fundamentally talented in the position would easily be able to point out something that looks sketchy whereas a manager or boss might not be able to since everything is fine on their computer leading them to want a better understanding of the problem. 

As a fifth principle we have, ethical neutrality which has to do with similar means to objectivity in the since that it is best to be open minded to principles, factors, interests, or even preferences that other individuals have in order diversify the environment and workplace. This is useful and relates to cybersecurity in many positions and is often preferred since individuals in different positional forms will be able to apply their background and knowledge from a unique perspective towards the solution of the problem.

Finally, we have, parsimony which has to do with atoning your sense of definition and talk to appear as clear and concise as possible. This is necessary in cybersecurity as others often find it hard to understand the concepts, principles, and factors at play which shows that being as concise as possible is preferred when you are trying to get your point across.

Journal 3

               For this week’s prompt, I am reviewing a website by the name of Privacy Rights to verify its information on top of forming a conclusion. The question has to do with figuring out how researchers might be able to use this information to study the breaches at hand. Researchers will find that this is a useful sight when it comes to reporting, discovering, and researching breaches due to it records. By using the map on the left-hand side, researchers can pinpoint the locations that contain the greatest number of breached entities. By doing so they will be able to investigate said area to figure out why the number is so great. The graph on the right is also useful since it will allow them to research the trend growth overtime based on the information that was submitted for unique breaches. As far as social science branches that could relate to the topic at hand, I find objectivity and ethical neutrality as a perfect fit. Firstly, I find objectivity to be a good fit since it involves studying with the use of a value free manner meaning that the information can be studied and perceived by any and everyone in their own unique way. Secondly, I find ethical neutrality to be a good fit since it involves a deeper understanding of the information while upholding ethical standards. The information presented from the site is beneficial towards researchers in the Cybersecurity department and provides an interesting view as to how breaches have grown and fallen overtime.

Journal 4

Prompt: Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need. 

For this prompt I will be discussing my relationship with Maslow’s Hierarchy and the way that they relate to my technological needs. Starting off with physiological needs which includes sub needs of food, water, warmth, and rest I find this to relate most to my health, relaxation, and comfort when it comes to my needs. There are areas of warmth with technology when it comes to psychological needs like television for entertainment or computers for gaming with friends. Moving onto Safety needs I also find this useful in situations of emergency. In a situation where a fire is present or in case of a medical emergency, a cell phone could be used to contact firefighter to deal with the situation. If I were ever in a situation of need then I would be able to use the SOS feature on my iPhone to be found. Moving onto belongingness and love needs I find this useful when interacting and meeting new friends online. Due to the vast number of social media apps like discord, twitter, Instagram, Facebook, reddit, and so on, interacting and getting to meet new people is far from difficult. It allows me to meet new people based on a shared interest or informational needs. Next, we have Esteem needs which include prestige or a feeling of accomplishment. When using technology, I fulfill esteem needs through gaming when beating a difficult part of a level in a game. I also fulfill such needs when securing a job using an online application. Finally, we have self-actualization which has to do with achieving one’s full potential which includes creative activities. I would say that technology allows me to do this as well since I can heighten my drawing skills using an iPad with the unique number of tools that are available for my needs while also strengthen my coding skills with the use of python, C++, and Java. Maslow’s Hierarchy of needs provides a structure of needs which suggest that humans have a statue of needs that exist on a pyramid structured hierarchy. I would find this claim to be true given my engagement with technology.

Journal 5

Prompt: Review the articles linked with each individual motive. Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7). Explain why you rank each motive the way you rank it.

For this prompt I ranked the seven unique motives that lead individuals into doing cybercrime. At number one I have Political reasons. I put political reasons at number one based one documentary, movies, television shows like Mr. Robot, and other sources of social media where there is an end goal against people in a higher power for the benefit of the lower class. In second, I would put recognition as a solid second since this is also what leads others into doing such acts like the creators of Stuxnet. Thirdly I would put revenge, due to the countless number of times where people were fired, misrepresented, or done dirty by the company, or etc. based on the actions of the company. Fourthly I think that Boredom would be solid. Boredom is usually what leads people to go snooping and searching into things that they should not since they are looking for a form of entertainment which brings me to my fifth. Entertainment fits after boredom since it is the effect of boredom as a cause. Someone with the intentions of cyber crime might turn to such acts based on an increase in boredom that would lead them into a search for entertainment. Sixthly we have money as since it has been the lowest means of a factor that I have noticed. While it is the lowest form that I have noticed, money would still and has been a useful motive to provide for others by criminally removing money from one’s account to others for financial gains. Lastly, we have multiple reasons which is an odd ball. Multiple reasons represents the rest of the motives as a whole since it could be any of them but for an example it could be due to getting involved with the wrong crowd, personal reasons, or fraudulent accidental reasons where you were set up into thinking that you were doing one thing when instead you were doing another. 

Journal 6

Prompt: We have many misconceptions about cybersecurity. Here, hackers tell you about some of our misconceptions. What personal misconceptions did you have before you started to study cybersecurity? Have those been proven right or wrong?

When first going into Cybersecurity as a major, there were a great deal of things that I thought I knew which later turned out to be partially false. My conception of the practice as a whole and that of the people and criminals that were involved were far from what I had believed before joining the practice. For example, one of my first misconceptions had to do with the cyber criminals that we fight against within Cybersecurity and what their true motives really were. Before coming into this practice, it was my belief that cyber criminals were in it for the money and that most of the crime was used against banks and crypto schemes. It was not until later with courses, articles, journals, and secondary sources that I realized just how wrong I was. It turns out that there is more so of a political and social favor for why they tend to do what they do. A second misconception of Cybersecurity would be my underestimation of its vast and diverse nature. While I knew that the practice involved coding, which I favor the most about it, I thought that this would be the focus but there is much more involved. For example, you have penetration testers that are hired to infiltrate a company’s security and personal teams to find flaws in how they act in accordance with strangers and threats. You also have public speakers that inform others about the best practices that would be useful when dealing with cyber threats in the field. Finally, there are also a diverse list of jobs including network engineering, coding, sales analyst, public informant, and more. These misconceptions do not pertain to Cybersecurity alone as it is an often occurrence with many professions, but I was stooped when learning about the intricacies and enthusiastic when learning about the profession whole fully.

Journal 8

Prompt: After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity. Has this understanding changed over time? What is different in the older pieces of media vs more current media?

            How do I believe the media has influenced my understanding and others understanding of hackers and the way that they run when infiltrating a system. When it comes to movies, media, and about any online entertainment in today’s time, you find that a lot of it has fictional information that just is not true. This pertains to other subjects besides our current prompt which has to do with hackers as movies, YouTube videos, and even information media tends to bend the truth. As far as the way that hackers are portrayed in movies, its usually done at the expense of realism. I mean this to say that there is a focus on exaggerating up the scene without much context to making it feel organic and what not. The first video is a perfect example of my explanation with the movie Skyfall where they show the code portrayed as a map of intricate lines and details that add up to show a picture. As was mentioned in the video this is unlikely and not usually seen in the field. In movies they often have scripts running to make it appear as if something is happening when really it might just be searching for an IP address or searching for a password unlock scheme with John the Ripper. Hackers are far more concealed and structured with the way that they run as seen by a multitude of earlier cases on the matter. I would say that the understanding has changed due to the advancements in technology and what not but as far as the movies are concerned, they are still focused on bringing an appeal to the scene which is not a bad thing; but it could be a bit more realistic.  The older pieces of media focused on older technology and older backdoor techniques while the newer pieces of media use up to date technology with a better emphasis on how attacks occur.

Journal 9

Prompt: Watch the Following Video. Then, complete the Social Media Disorder Scale Links to an external site. How did you score? What do you think about the items in the scale? Why do you think that different patterns are found across the world?

The video was quite interesting and informative about the topics that it presented. As far as the Social Media Disorder Scale, I scored a three which I find to be in line with my amount of usage and time that has been spent on the internet as a collective. I find and feel as if the items on the scale are especially important and that they should be managed professionally because of where they could lead if not taken seriously. Most have to do with negative connotations that end up bringing the worse out of people due to addiction. In my experience I haven’t found this to be the case, especially in my older years, where I constantly need a device in order to function.  Besides from my hobbies and entertainment I usually only turn to my phone when I’m bored and in search of something to do or when I need to contact someone.  As far as why there are different patterns across the world, it has to do with the way that we live and the differences in technology that we have compared to others. In America it would be natural to notice adults and children with mobile devices active while somewhere east in rural Asia it might be different due to the ecosystem and way of life. Most eastern areas do not require technological advancements and often make do with what they have since they are more traditional. Developing countries and evolving nature or presences can also play a huge role when talking about the differences in patterns.

Journal 10-1

Prompt: think about how the description of the cybersecurity analyst job relates to social behaviors. Write a journal entry describing social themes that arise in the presentation.

            The video gave an informatively detailed description of what can be expected out of the job title Cybersecurity Analyst. The profession tends to vary from job to job but the main premise has to do with maintained protection and configuration to prevent the infiltration of cyber criminals that intend to do harm. This brings me to my second point which has to do with the social themes that were noticed and those that arise within the cyber criminals themselves. From the video and occupational opportunities that were listed critical thinking skills, teamwork, and communication skills are key to getting far in an area of such profession. These social themes are important and come up more often in the presentation due to their necessity. When a company at a career fair finds someone that can problem solve at a unique level it will pique their interest since this person will be able to run profusely in conflictual areas of concern. The same goes with the communication and teamworking skills that were noticed since this will allow the individual to relay concerns and problems that come up while being able to work out such issues effectively with the team members that are present. A final social theme that is highly regarded among the profession would be public speaking or verbal skills which fit similarly in line with communication skills. With verbal skills you can articulate your word choice that is easy for employees, team members, managers, and consumers to understand to get your point across. This will also make you a competitive employee as your manager might look for more verbal roles that will help to strengthen your current career choice.

Journal 10-2

Prompt: Read the following and write a journal entry summarizing your response to the article on social cybersecurity

For this journal prompt, I am tasked with reading an article to give my summarization of its details for a clear and concise reflection. The article discusses the need for advanced technologies to uphold confidential security among governmental figures and the citizens that they dutifully protect. The article mentions informational strengthening and strategy viewpoints that inform the reader of the sense of urgency that the problem consists of. They also mention how it is possible for technology to allow state and nonstate actors to extend their level of power. They do this in the information domain, which was previously thought to be impossible but due to the advancements in technology, it is now possible. There is also mention of cyber threats that have been enabled for the worsening of the technological space as we know it. The first has to do with the waived requirement of physical proximity and the second has to do with the decentralization of information which has made it easier to get into. As far as my summary of it all is concerned, the article has done an exceptional job of listing a general mass of all known security concerns and threats that stand in the way of confidential security. It also outlines different tactics that will be useful when combatting such forms of security concerns. It is fully detailed and informative about what the current threat is and how it plans to neutralize said threat for the benefit of security. I find this article to be informative and explanatorily sound when it comes to what they hope to conduct and how they intend to do it. If anything, I would list more vulnerabilities and flaws that have been found to present the reader with something more informative but other than that I find this article to be sound and concise.

Journal 11-1

Prompt: Read this sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different social sciences theories relate to the letter. 

I am tasked with coming up with two different economic theories and two different social science theories that relate to the letter at hand.  Based on the information that was provided from the website, glass washer parts experienced an intrusion that had to do with a partnering company that failed at securing their systems from the threat. Since they were unable to keep their systems secure, glass washer parts fell victim to the attacks. I would say that Marxian economic theory works in this situation since the thief is able to intrude on the third-party company to invade glass washer parts business foundation while also stealing from the loyal customers of the company that are helpless against such threats which relate to the theory. A social science theory that fits in this situation has to do with rational choice which is shown by the company in the beginning section of the letter where they outline the incident, what was involved, what they are doing, and what the third-party company can be due to avoid such situations in the future.  Another economic theory that fits in this situation is that of Laissez-fares economic theory since the government was not involved until the risk of confidential information leaking became an issue in which case a higher power had to be called to deal with the situation as indicated by what are we doing section in the letter.  Finally, a second social theory that relates to the letter is Crisis communication theory which fits well and similarly to the last economic theory since both involve the communication of a higher power in the sense that a crisis surfaces that could endanger others. Crisis communication fits since they reached out and offered their cooperation with federal law enforcement to deal with the situation which shows their communication with a higher power.

Journal 11-2

Prompt: A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals to identify vulnerabilities in a company’s cyber infrastructure. To identify the vulnerabilities, ethical hackers are invited to try exploring the cyber infrastructure using their penetration testing skills. The policies relate to economics in that they are based on cost/benefits principles. Read this article and write a summary of the reaction to the use of the policies in your journal. Focus primarily on the literature review and the discussion of the findings.

            The article on bug bounty policies titled, “Hacking for good: Leveraging Hacker One data to develop an economic model of bug bounties” was highly informative and detailed in such a way that I found it easy to understand and comprehend. The article discusses the study that they ran and whether it was true that bug bounties were in fact cost effective for their situation. When browsing over the literature review, there was a descriptive explanation of the background development of policies that are used to figure out vulnerabilities within a company’s technological area. The article review also discusses the policies and information while giving their opinion on whether it was held up or not. I found it very thrilling to learn that giant tech companies like Apple, Google, Microsoft, and others are using bug bounty programs within their individual departments as a finding. I find this to be a positive as even they are looking to full proof their systems to guarantee the greatest amount of protection for their end users. After pursuing the literature review further, it provided information that the bug bounty policies do in fact help with increasing cybersecurity and protective like services. If big companies, like the ones that were previously mentioned like Apple, Microsoft, and Google, use such policies while maintaining themselves for such a longtime, then I believe that it is safe to assume that this is a just practice that will do nothing but help the company at hand.  The article concludes with an emphasis on the importance of further research towards identifying and measuring more of the variables which determine hacker supply. I found this article to be quite informative and engaging with the reader based on its content and study.

Journal 12

Prompt: Andriy Slynchuk has described eleven things Internet users do that may be illegal. Review what the author says and write a journal.

Today I am tasked with reading an article by Andriy Slynchuk to find the purpose and contents of the article. The article is based on eleven things that are done unknowingly and that are illegal. For instance, using copyrighted images is a big one. Youtubers and influencers are notorious for this simple action due to how easy it is to access images from the web and use them for video source or a thumbnail. It seems light of heart at the beginning but most times then it ends up being stolen without the authorization of the original creator. Another example would be illegal searches on the internet whether it be through the black web or other adult related searches. Such actions could lead to other harmful actions on top of being illegal in the general search. A third example would be faking your identity online. This is done by more kids than adults nowadays from what I’ve noticed and usually occurs in the gaming space and areas where there is an age restriction on websites.  Fourthly we have the collection of information about children. This is wrong fur a multitude of reasons with the main ones being pedophilia and non-consent. Pedophilia is easily understood but in the instance of non-consent an example like schools having to gain permission is a perfect example. Schools must ask the parents for permission when collecting and posting information about the child at hand, whether it be photos for an Instagram page or confidential information necessary for a field trip. The final thing that caught my eye in the article was sharing passwords, addresses, and photos of others. Sharing information like so is viewed as a security risk and can be detrimental to the person whose information is being used. Often events like so happen when sharing streaming site passwords, game passwords, or Wi-Fi information. The article does an excellent job at outlining the eleven things that are often overlooked when using the internet. I found it to be descriptive in nature and informative to the reader and highly recommend it for others to see to prevent unlawful acts online.

Journal 14

Prompt: Watch this video and think about how the career of digital forensics investigators relate to the social sciences. Write a journal entry describing what you think about the speaker’s pathway to his career.

Today’s Ted Talk had to do with Davin Teo who is a digital forensics investigator who informed us about what he does, how he does it, and why it is necessary. As far as the profession is concerned, people in the digital forensic investigator profession are high skilled technologically inclined individuals that know their way around electronic devices, the collection and analyzation of data, as well as the use of digital tools that help them when providing help and solving cases. As far as the topic is concerned, digital forensics is heavily reliant on social science principles and the ideologies that it has to offer when it comes to problem solving. The reason social science is an important topic towards the problem solving of digital forensics has to do with the fact that it allows the career professional to think like the criminal or rather understand the crime through the psychological presence of the criminal. I find this especially interesting and graciously explained by David Teo whose pathway to success in this career has been rather different yet supported.  Before this career, he was an accountant. He later explains his interest in computer science and his finding of this current job as well as some experience with work in law and other companies. I especially admire David’s come up into this career since it shows that you do not need a lot to excel and grow in a position like digital forensics since he was an accountant beforehand. This is not to say that the profession is not difficult but rather to show the diversity that the career choice upholds for others if they are willing to join. I found the video to be very insightful and interesting and I am curious to learn more about digital forensics with the possibility of pursuing it myself.

Leave a Reply

Your email address will not be published. Required fields are marked *