Matlab Command Clips

Some matlab command clips from the notebook. Most also work in R and Octave

datetick(‘x’,’HH:MM:SS’,’keepticks’)
Normalizes display of time stamps to hour minute second

hold all
allows keeping graphed numbers on an exsiting display while adding more

hold off
starts a fresh graph

axis square
makes the size of the x and y axes the same

clear all
clear screen, varibales ,etc

who
lists all variables in the workspace

CTRL-C
Breaks current process, stops runaway processes

clc
clear command window

Mgmt Info Sec Notes Week1

1. List and describe an organization’s three communities of interest that engage in efforts to solve InfoSec problems. Give two or three examples of who might be in each community.

The three defined communities are decision makers in Information security, Information technology and non-technical staff. Examples of Information security professionals could include a risk manager or the CISO. The information technology group could include the CIO or a systems administrator. Some examples of Non-technical members could be the CEO or the Director of Human Resources.

2. What is the definition of Information Security? What essential protections must be in place to protect information systems from danger?

From the lecture material: “The protection of information and its critical elements (confidentiality, integrity and availability), including the systems and hardware that use, store, and transmit that information” Essential protections that must be in place include physical security, operations security, communications security and network security.

3. What is the C.I.A. triangle? Define each of its component parts.

  •  Confidentiality -only those who are granted access can get in
  •  Integrity- data is true and uncorrupted
  •  Availability – if granted access, data is available without obstruction

4. Describe the CNSS security model. What are its three dimensions?

• The McCumber Cube is a comprehensive information security model that covers the three dimensions of information security – the CIA triangle, data states (storage, processing and transmission) and controls (policy education and technology).

5. What is the definition of privacy as it relates to information security? How is this definition of privacy different from the everyday definition? Why is this difference significant?

The text describes privacy as “Information that is collected, used and stored by an organization is intended only for the purposes stated by the data owner at the time it was collected” and a dictionary describes it as “the state of being free from intrusion or disturbance in one’s private life or affairs”. The expectation of privacy does not extend into the Information Security model; it does not guarantee freedom from observation, only that any data gathered will be used in an expected and declared manner.

6. Define the InfoSec processes of identification, authentication, authorization and accountability.

  • Identification –An individual user or process is named and unique
  •  Authentication – A control verifies that he user is who they say they are, usually possessing something they have (example a certificate) or something they know (example: a password)
  •  Authorization – Explicit permission to an identifiable and authenticated user has been granted to access a resource.
  •  Accountability- A user or processes’ actions can be logged or otherwise tied back to the originating account.

7. What is management and what is a manager? What roles do manager play as they execute their responsibilities?

From the lecture notes: Management is “The process of achieving objectives using a given set of resources “A manager is “Someone who works with and through other people by coordinating their work activities in order to accomplish organizational goals“. Managers use different roles to accomplish objectives. In an informational role, managers collect process and use information. In an interpersonal role, managers work with people to achieve goals. In a decisional role, managers make choices as to the best path to take and address issues that arise while using problem solving skills.

8. How are leadership and management similar? How are they different?

Good leadership and management are intertwined. Management focuses on the planning and strategic decisions, and leadership provides the motivation to implement the planning and organizing functions.

9. What are the characteristics of management based on the popular approach to management? Define each characteristic.

The popular approach to management includes

  •  Planning- Goals, objectives, strategizing and plans
  •  Organizing- Structure, Human resource allocation
  •  Leading- Motivation, leading, communication, group dynamics
  •  Controlling- Standards, measurement, comparisons, action

10. What are the three types of general planning? Define each.

  • Strategic Planning- Long term goals, 5 or more years
  • Tactical Planning- Production planning, one to five years, smaller scope then enterprise planning
  • Operational Planning – Day to day operations, short term goals.

Mgmt InfoSec Notes ch 3

1. What is an information security framework?

A framework is an outline of security controls that is part of creating or implementing a security model. The blueprint is based off of the framework, containing more detail on controls in place and controls that are needed.

3. What is a security model?

A security model is a generic blueprint that assists in creating a working security plan.

5. What is access control?

Access control enables an organization to define and regulate access to data, and is based on identification, authentication, authorization and accountability.

10. What is a data classification model? How is data classification different then clearance level?

Data classification attempts to categorize information based on the level of damage that would be done if the information is exposed. The more important the data, the higher the classification level.  Clearance level is a rating scheme that attempts to categorize a user’s role in an organization and access to information is granted to groups of users in each level.
11. Which international information security standards have evolved from the BS 7799 model? What do they include?
BS7799 was published by the British Standards
Institute. From this document, the ISO/IEC 27002 was released, and then later
renamed as ISO/IEC 27002. BS 7799’s second part became ISO/IEC 27001.These
purchasable standards include recommendations for information security
management for use by those who initiate, implement or maintain organizational
security.  The 2005 version includes the
Plan-Do-Check- Act cycle, also known as the Deming Quality assurance model.

13. What are the documents in the ISO/IEC 27000
series?

  • Risk Assessment and treatment
  • Security Policy
  • Organization of Information Security
  • Asset Management
  • Human Resource Security
  • Physical and Environmental security
  • Communications and Operations
  • Access Control
  • Information Systems Acquisition, Development and Management
  • Information Systems Incident Management
  • Business Continuity Management
  • Compliance

14. What is COBIT? Who is its sponsor? What does it accomplish?
COBIT stands for Control Objectives for Information and Related Technologies. It provides advice for implementation of sound controls and control objectives for Information Security.  COBIT provides a framework to support information security requirements and assessment needs, and breaks this into four domains: plan and organize, acquire and implement, deliver and support, and monitor and evaluate.
15. What are the two primary advantages of NIST
security models?

  • NIST documents are publicly available at no charge
  • Have been around for some time and are broadly reviewed, therefore close to proven.

Startech USB2DVIE2 USB display adapter

Adding an additional monitor with Startech USB2DVIE2 USB display adapter

Adding an additional display to an older machine can be expensive and complex. ATI’s multi monitor eyefinity solution requires a new card to be purchased and installed, which is simple enough if a card is available for the specific AGP, PCI or older spec PCIE slot on the motherboard. The cost can scale from 100.00 and up for a low end card.

startech_usb_dvi_monitor_adapter

The goal was to just prop up another old 19 inch flat panel in addition to two other existing monitors. The box was an older dell that had a 1st generation PCIE card in it, and getting a  cost- effective card to support eyefinity was out of the question. The goal was not to have 3D gaming on the display, rather to show financial and stock data. Because of the low cost, a Startech USB2DVIE2 adapter was purchased. Supporting a DVI monitor over USB, this cheap adapter allows adding up to 4 additional screens to a PC.
With 16MB of on board RAM, the adapter is listed as supporting up to a 1680×1050 resolution. Continue reading “Startech USB2DVIE2 USB display adapter”

Replacing batteries inside an Symmetra Battery Unit

The battery packs on an APC symmetra have a life span of around 5
years, and replacing all of them at once is an expensive proposition.
In an attempt to cut costs, I decided to replace the individual
batteries that make up each unit.
APCs SYBT4 part number refers to a 4 pack of the individual SYBTU1-PLP
part, which is a long chassis with a handle at one end and a connector
at the other. Each SYBTU1 contains eight individual batteries, and a
small circuit board.

The batteries found in my particular unit were Vision CP1270s, 12V and
7.0 AH rated. You can get these batteries from online vendors such as
osi battery. They are available with the F1 or F2 designator that
indicates the size of the terminal on the battery – for the APC
project, we wanted the f2 batteries with the 1/4 inch lug.

So, once you have gotten your eight batteries, you can get started.

Pop the case by removing 8 screws, and slide back the cover.

Continue reading “Replacing batteries inside an Symmetra Battery Unit”

Common Computer Attack Types

Common computer attack types defined

Access Attacks– the attacker’s goal is to gain unauthorized access to information or services.
Dumpster Diving Literally picking the corporate dumpster for information. Also called Information Diving
Eavesdropping Simply listening in in an effort to gain knowledge.
Snooping Peeking around for information.
Interception The attacker positions himself covertly, either physically or in a digital sense, in the middle of a transaction or conversation.
Modification Attacks The attacker’s goal is to alter information for gain.
Repudiation Attacks Modifying with the purpose of discrediting or invalidating information.
Back Doors by design or surreptiously inserted, allows the attacker a ‘back door’ into a system or application for purposes of control Continue reading “Common Computer Attack Types”

Norton Save And Restore Restoration Point On USB HDD Not Available

Norton Save And Restore is a retail package software applicaton that includes Disk Imaging technology. It differs from Norton Ghost corporate edition, but includes the old retail Norton Ghost 10. It allows a GUI backup to a selected location – in this case a USB hard drive.

Sometimes, an issue arises where during a recovery, and booting off the recovery CD, the backup restore point on a USB HDD is not seen by the program. Using the Browse For Recovery point shows no available points and the user cannot browse to the USB hard drive.

Continue reading “Norton Save And Restore Restoration Point On USB HDD Not Available”

Common Services And Ports Used

DNS Domain Name System 53
POP3 Post Office Protocol 110
SMTP Simple Mail Transfer Protocol 25
SNMP Simple Network Management Protocol 160,161
NNTP Network News Transfer Protocol 119
FTP File Transfer Protocol 20,21
SSL Secure Sockets Layer 443
TELNET 23
TACACS authentication 49
HTTP 80
HTTPS 443
NetBIOS 137,138,139
IMAP 143
LDAP 389
LDAP SSL 636
SSH Secure Shell 22
AH, ESP ports 50 and 51
BOOTP server 67 UDP
BOOTP Client 68 UDP
TFTP 69 UDP
NTP 123
BGP 179
SYSLOG 514
MSSQL 1433
RDP 3389
VNC 5500

CDIA+ CompTIA Document Imaging Exam Notes

CompTIA CDIA+ Exam: 225-030
85 questions
Conventional, linear format.
90 minutes alloted time.
Passing Score: 700 out of 900 possible.
 
 Strategy

Goals define activities
Activities define documents and data
Documents and data define technology requirements

A process metric is an indicator of the process, ex: how many, how fast. Metrics are taken before, during and after an implementation.

Continue reading “CDIA+ CompTIA Document Imaging Exam Notes”