500 word summary – Fatema Jannat

Mei

Here…

1-Shitty First Drafts (1)

Here it is.

1-Shitty First Drafts

      To:  Jackie Blain

From:   Andres Toscano

Date:   09/26/2017

Subject:   500-word summary on Congress joins the FCC to kill net neutrality

The article talks about an important topic that is not being mentioned too much in society due to lack of attention and what the average person understands about technology. The FCC trying to kill net neutrality is a horrible thing that is being discussed in the article and that can cost internet consumers a lot of money. The situation gets even tougher for people trying to restore net neutrality due to people sending a meme to congress on “Restore to Net neutrality”. The FCC chair Ajit Pai then decided to reveal his plan to gut out net neutrality which involved things that would end up being a huge problem in keeping neutrality alive specifically changing internet to a telecommunication service from an information service claiming that it will boost broadband speeds, give more jobs to Americans, and create competition between companies. Pai’s proposal hinges on revoking the designation of ISPs as a “telecommunications service” under Title II of the Communications Act and reclassifying them as an “information service.” That action would remove the FCC’s authority to regulate broadband providers. This is not good because what ultimately happens is that people that now can control the ISP can limit what people see and charge them extra fees for being able to see what they want on the internet. For example, an ISP allows you to see Netflix and Hulu but they also have their own streaming services you get for free since you pay for the service, now they can block you from accessing those sites unless you pay an extra $10 a month just to access them. Nine senators also proposed a bill to prohibit the Federal Communications Commission from reclassifying broadband Internet access service as a telecommunications service and from imposing certain regulations on providers of such service, this is also known as Restoring Internet Freedom Act. The name may sound good but this is extremely misleading because you cannot save what you are proposing to kill. Big companies are also trying to hide and some even trying to misinform their customers with the proposed bills. In May Verizon created a video that said that they cared about Net neutrality and then have Craig Silliman they General Counsel go and say that the FCC is not talking about killing Net neutrality and that not we nor any other ISP are asking them to kill the Open Internet rules. Verizon has been dealing with court cases over Net neutrality for over four years battling those same court rules to try and kill net neutrality same as the company Comcast and AT&T some of the largest giants of the Internet providing service.

Craig, C. (2017, May 05). Congress joins the FCC to kill net neutrality. Retrieved September 07, 2017, from infoworld.com

To:  Jackie Blain

From:   Gary Johnson

Date:   09/19/2017

Subject:   500-word summary on “Network Security”

Network Security Tutorial

Tutorials Point – https://www.tutorialspoint.com/network_security/index.htm

Executive Summary

Network Security identifies all viewpoints related to the security of sensitive information resources existing on the network. It covers different components created to provide essential security services for data communication.  From my research, there are a few types of network vulnerabilities and attacks that can affect many networks. With the millions of Internet users able to pass information from the network, the security of business networks is a major concern. The very nature of the Internet makes it vulnerable to attack. The hackers and virus writers try to attack the Internet and computers connected to the Internet. With the growth in business use of the Internet, network security is rapidly becoming crucial to the development of the Internet.

Networks and dispersed applications. As the world turns out to be more connected by networks, the essentialness of network security will unquestionably keep on growing. Security issues for network systems are unmistakable and essential; however, their analysis is similar to analysis done for different parts of security. That is, we ask questions regarding what we are protecting and for what good reason we are securing it. Specifically, we ask about

• What are the assets?
• What are the threats?
• Who are the threat agents?
• What are the controls?
• What is the residual, uncontrolled risk?

Network resources incorporate the network infrastructure, applications programs and, above all, data. Remember that threats are activities or circumstances that offer potential damage to or loss of confidentiality, integrity, or availability, in the form of interception (eavesdropping or passive wiretapping), modification (active wiretapping, falsification, and compromise of genuineness), and denial of services.  In stand-alone computing, most agents have a strong motive for an attack.  However, in networks, we see new threat agents; anyone can be a victim of essentially a random attack. The strongest network controls are solid authentication, access control, and encryption.

Networks for the most part utilize many copies of the same software, with a copy on each (or all) machines in the network. This similarity, combined with connectivity, implies that any fault in one copy of a program can make vulnerabilities spread across every machine. Mass-market software frequently has defects, and each defects can be studied and compromised by an aggressor. In huge networks, a large number of potential attackers can scan the software extensively; the result is that a network regularly incorporates many identified flaws and software patches to counter them.

In a sense, security in networks is the combination and blend of everything we know about security. A network’s security relies upon all the cryptographic tools available, good program development processes, operating system controls, trust and assessment and assurance strategies.

Networks and their security advise us that great software engineering practices can go far toward making software hard to attack. When a network and its components are structured, designed, and architected well, the resulting system presents strong defenses and prevents potential single points of failure. A well-engineered network is easy to change as it develops; because it is easier to understand, changes seldom presents unintentional flaws.

A significant number of controls that are useful for stand-alone systems are also useful in networks.  Nevertheless, three controls are specific to networks: firewalls, intrusion detection systems, and secure e-mail. These controls have advance from many years of research, both in security and in other computer science domains. They emphasize why we should know not only the history of security but also the importance of other computing research. For instance, firewalls are just an updated form of reference monitor. Similarly, intrusion detection benefits from more major research into pattern matching and expert systems.  What’s more, secure e-mail is really a carefully designed application of cryptography. You might think that controls such as these are the result of strokes of genius.  Nevertheless, they reflect the long-term nature of knowledge and engineering practice; new ways to provide security build on a growing base of understanding and experience.

In this summary I have been focusing more on technical controls, which can be very effective in securing computing assets. However, many security misfortunes originate from trusted insiders.  The three types of threats you should be concerned with are:

• Accidental: According to experts, accidents accounted for 30% of security incidents in 2015. However, many employees just might not be educated enough on cyber security best practices. Whether insiders open a phishing email or click on a malicious link, attackers are just waiting for your employees to make a mistake.
• Negligent: These are the inside threats where your employees try to get around the policies you’ve put in place to protect endpoints and valuable data. For example, if you have strict policies for external file sharing, employees might try to share work on public cloud applications so they can work at home. There’s no malice in these acts, but they can compromise the network to dangerous threats nonetheless.
• Malicious: This type of insider threat is often overlooked because you would rather look at malicious intent from a third-party person. However, there are times when employees within your organization are motivated by financial gain or espionage to make you vulnerable. For example, a disgruntled employee who was recently terminated might take sensitive data on his/her way out and either sell it or release it publicly.

In conclusion, the threats on wired or wireless networks has significantly increased due to advancement in modern technology with growing capacity of computer networks. The staggering use of the Internet currently for different business transactions has posed challenges of information theft and other attacks on business intellectual assets.  In the present era, the greater part of businesses is conducted via network application, and subsequently, all networks are at a risk of being attacked. Most common security threats to business network are data interception and theft, and identity theft.  Network security is a specialized field that deals with thwarting such threats and providing the protection of the usability, reliability, integrity, and safety of computer networking infrastructure of a business.

Click the link to see an example of the 500-word summary memo and the formatting for the Reference page.

memo example