Saturday, August 24, 2019
Poster & powerpoint for business environment - Essay Example Interestingly, gold is among the few elements that cannot lose its lustre due to exposure to moisture or air. An element that tarnishes becomes less valuable. Additionally, in can conduct electricity and can also be modified into different shapes (Kettell, 2002). Gold has been used as jewellery for a very long time. A large quantity of gold mined is as for decoration purposes. It is that 78% of the gold that is mined in the world is used produce personal ornaments such as bracelets, rings and necklaces. One of the attributes that make gold an ideal element to manufacture ornaments is lustre. Gold is yellow in colour something that makes it more attractive for decorations. Consequently, is used to create durable ornaments. In addition, some communities have adopted the use of gold ornaments as part of their culture (Howard, 2009). Given that gold is highly valued, financial institutions use it as collateral. Banks and other financial institutions use gold a medium of exchange. The concept of using gold as a medium of exchange started more than 6000 years ago. In the ancient days, snippets of gold and silver were used as means of transaction (Hill, 1999). Additionally, gold is widely used in the manufacture of electronic equipment. It helps prevent electronic equipment from developing malfunctions that arises from corrosion of components used to produce electronic equipment (Uhaj, 2009).It has been established that electronic devices made from gold lasts longer than those designed using other elements. However, one of the challenges of using gold in the production of electronic devices is that the part is rapidly becoming depleted (Friedberg et al., 2009). Australia is among the largest gold producers in the whole world. In the year 2008, the country was ranked as the second largest gold producer globally. More than 75% of the gold produced from Australia comes from the Western side of the country. The 75% of gold from the region accounts for 4,500 tonnes
Suppose you were selected for special position - Essay Example This take however may be challenged, especially when a not sought for assignment is offered, and there are no chances of refusal. If I get myself in such a fix, then it would be required that I apply my course and every single thing I have learnt in the process in dealing with the issue at hand. For me, my course and especially physics would play a central role. Ethics Moral responsibility plays a central role in any given assignment. Regardless of the specific field of training, this is a fundamental component of one self, not only in the field of employment, but also in any given context of human interactions. The various education fields have different ethics applicable to them (Perl 213). This encompasses physics among all other identifiable fields of study. In this regard, taking into account the codes of ethics applicable to me, given the course I have taken, I am morally responsible to take on assignments offered to me. This does not only imply personal benefit, but also the w elfare of the entire society; the entire company included. Training The education system in place takes care of individual interests, not only in academic terms, but also in every identifiable aspect of life. Training that makes me handle not sought for assignments encompass class work, related practical work as well as outside-class exposure. This is an input factor that has been realized along the line of study, such that it becomes integral to whatever goals and objectives pursued during and after successful completion of studies. Personal diversity and dynamism Personal growth and development is neither rigid nor fixed to specific grounds of capability. Physics is a unique subject that captures changes in a very specific way (Perl 288). Most of the worldwide development, innovativeness and inventions borrow heavily from physics and related subjects. The diversity and dynamism characteristic of this subject and the course in general should be manifested through the learners. Succ essful completion of this course implied that all requirements prior to this course have been met. In this regard, applying the concepts, theories and models presented in the course should not amount to any difficulty. The important thing to note is that the specific theories and concepts presented in the course are not likely to be the same as those that will be encountered in the actual line of work. Experiencing a different scenario from that I am already used to is a challenge. However, I take challenge as a factor of determination, where personal diversity and dynamism is based upon. This means that even if I land on a not sought for assignment, there are no regrets nor are there doubts that I can actually handle it. Being open and broad minded is the crucial factor that determines personal diversity and change over time. Fixing my career to the specifics of the course does not imply learning for me. This course has taught me that knowledge is a procedural attainment through wh ich a known phenomenon leads to an unknown, and that unknown, another phenomenon of knowing is created. In this regard, the new technology meant to produce electricity may not be known to any employees of the company, but it is known to some other party not present in the company. This brings in the fundamental point to consider. That is, there exists information about this technology and how it works to achieve the desired purpose. As a Lead
Friday, August 23, 2019
North America Geography - Research Paper Example The Northern half of North America remains sparingly populated and covered largely by Canada, except by North East part occupied by Alaska. The central and southern sections of the North America continent are represented by Mexico, United States, as well as several states situated in Caribbean and Central America. Canada, Mexico, and the United States constitute most of North AmericaÃ¢â¬â¢s land mass and share the continent with 34 other island countries in the Caribbean south of Mexico. The paper explores the physical, economic, cultural, and historical geography of North America. The physical geography of North America Physical features frequently impact on the manner in which people select to settle areas and utilize the land. Physical geography can be categorized into three core areas of emphasis, namely: climatology (weather patterns and climates); geomorphology (physiography and landforms); and, biogeography (fauna and flora). The surface physiography of any region draws huge influences by the underlying rock structure. Geologic evidence demonstrates that, from 200 million years, the continent of North America altered its course and started drifting away from Pangaea. The earliest recorded history of any civilization dates back 5,000 years ago (Meinig, 1989). The physical features of North America entail Northern section of the American Cordillera comprising of the geologically new Rocky Mountains (located in the west) and older Appalachian Mountains to the east. The North features several glacial lakes formed within the last glacial period such as the Great Lakes. North AmericaÃ¢â¬â¢s prominent continental divide (the Great Divide) runs north and south via Rocky Mountains. The prominent watershed largely drains to the east including the Mississippi/Missouri, St. Lawrence that drains into the Atlantic, and Rio Grande, which drain into the Gulf of Mexico (Meinig, 1989). North America can be categorized into five major physiographic regions, namely: Can adian Shield; Appalachian Mountains; Atlantic Coastal Plain; North American Cordillera; and, Interior Lowlands. The Coastal Plain and the principal North American Cordillera belts largely extend to the south in Mexico to join the Transverse Volcanic Range (a region comprising of active volcanic peaks south of Mexico City. The biggest portion of North America rests on the North American Plate anchored on the Laurentia craton. Some sections of California and Western Mexico form the partial edge of the Pacific Plate, which meet along the San Andreas Fault while sections in the southern portion of the Caribbean and sections of the Central America constitute relatively small Caribbean Plate (Brescia & Super, 2009). Mexico equally manifests highly varied topography that comprises of rugged mountains with high elevations, high plateaus, low coastal plains, and deserts. MexicoÃ¢â¬â¢s climate can also be regarded as variable mainly dominated by tropical or desert climate (Colby, 2011). Nor th America Climate The core factors that impact on climate include continentality, latitude, surface physiography, and air masse possess huge impacts on the climate of North America, which in turn, possess direct influences the bio-geographic distribution of the natural vegetation across the region. The core factors that influence vegetation patterns entail temperature and humidity (precipitation). The climate that manifest in North America is
Thursday, August 22, 2019
Identity of African American Men Essay Ã¢â¬Å"No metaphor can capture completely the complexity of ethnic dynamics in the U. S. Ã¢â¬ËMelting potÃ¢â¬â¢ ignores the persistence and reconfiguration of the ethnicity over the generations. Ã¢â¬ËMosaic,Ã¢â¬â¢ much more apt for pluralistic societies such as Kenya or India, is too static a metaphor; it fails to take in to account the easy penetration of many ethnic boundaries. Nor is Ã¢â¬Ësalad bowlÃ¢â¬â¢ appropriate; the ingredients of a salad bowl are mixed but do not change. Ã¢â¬ËRainbowÃ¢â¬â¢ is a tantalizing metaphor, but rainbows disappear. Ã¢â¬ËSymphony,Ã¢â¬â¢ like Ã¢â¬Ërainbow,Ã¢â¬â¢ implies near perfect harmony; both fail to take into account the variety and range of ethnic conflict in the United States. The most accurately descriptive metaphor, the one that best explains the dynamics of ethnicity, is Ã¢â¬Ëkaleidoscope. Ã¢â¬â¢ American ethnicity is kaleidoscopic, i. e. Ã¢â¬Ëcomplex and varied, changing form, pattern, colorÃ¢â¬ ¦ continually shifting from one set of relations to another; rapidly changing. Ã¢â¬â¢ When a kaleidoscope is in motion, the parts give the appearance of relationships. The viewer sees and endless variety of variegated patterns, just as takes place on the American ethnic landscape. Ã¢â¬ - Lawrence Fuchs (Literature for Composition 1032) Ã¢â¬Å"Identity in AmericaÃ¢â¬ was the theme chosen by my English 201 study group. This theme was taken from chapter twenty two of the Literature for composition: Reading and Writing Argument text book. However, I focused the broad theme of Ã¢â¬Å"Identity in AmericaÃ¢â¬ to the more narrowed theme of Ã¢â¬Å"The Display of African American men in the media. Ã¢â¬ I chose this theme or topic because I felt that I can relate to it and as a matter of fact, it was also interesting to me. But in order to conduct my research on the particular topic, I came up with the following question, Ã¢â¬Å"How has the identity of African American men been displayed by the media: negatively or positively? Ã¢â¬ This question was chosen in order to provoke an argument for discussion. I conducted several interviews in order to acquire information about my selected topic. The mediaÃ¢â¬â¢s display of the identity of African American men can be discussed or looked at from two angles: negatively or positively. First, from my experience I can say that the media displays African American men in both lights, negatively and positively. But after conducting interviews with several individuals, my opinion has somewhat changed. I was always aware of the negative images of African/black men in the media. But I was not aware that this display had evolved overtime. My first interview was conducted with April T. Glasgow, a communications major at the University of the Virgin Islands on Wednesday 20th February 2008, at approximately ten oÃ¢â¬â¢clock in the morning. We conducted the interview at her dormÃ¢â¬â¢s lobby. I had explained the topic prior to meeting with her, so she already had an idea about what issue the discussion would be addressing. Generally, her opinion was that black men were being exploited and portrayed negatively by the media. She also stated strongly that black men were too often portrayed or given the roles of thugs, gangsters, and pimps in films and magazines. In addition, a suggestion she made on how we could resolve this stereotype was that black people must unite and stand up against these negative portrayals especially those in rap music videos. The second interview was carried out that same day with Professor Alex Randall. His general statements were that the media has changed over the years. Ã¢â¬Å"The negative portrayals of the 1960Ã¢â¬â¢s and 1970Ã¢â¬â¢s have changed,Ã¢â¬ Randall stated. Randall felt that in modern times, people of color were treated more fairly and given a more positive portrayal in the media. Randall stated that there were many positive images in the media of African Americans, such as Denzel Washington, Barack Obama, Michael Jordan, and Bill Cosby. In addition, Randall said that in previous years no such image could have been seen in the media. Ã¢â¬Å"We are rational human beings and itÃ¢â¬â¢s our choice to choose what part of the spectrum of negative and positive images we would want to emulate,Ã¢â¬ said Randall. This statement impacted me and slightly changed my opinion on the topic. At that point in conducting my primary research for the paper, my position on the topic has somewhat been altered. After conducting the interviews with April T. Glasgow and Professor Alexander Randall I have become more open minded to the issue. I would admit that I was initially a bit biased and reserved on the topic prior to evaluating the topic from both sides; negatively and positively. In order to decide which position I was going to take I would have to do more secondary research on the topic. Since I started this research paper my observation and assessment of the media have taken a different turn. I now compare and contrast men of other races in the media to African American men. My secondary research was, for the most part, completed using internet sources. The articles that I discovered on the web were very useful and contributed greatly to my research. Three internet articles were analyzed to achieve the secondary data for my paper. The first article I examined was Ã¢â¬Å"The MediaÃ¢â¬â¢s Bias against black men in America. Ã¢â¬ The article was basically a discussion of a piece written in the New York Times about the plight of American black men. The author, Armstrong Williams, stated that the New York Times article was another example of major media outlets using negative statistics to consistently cast black men as the scourge of this country. Williams made several strong and interesting statements throughout the article that I thought was beneficial to this research paper. For example, according to Williams, Ã¢â¬Å"The continual coverage of the black mans plight instead of his progress only hinders his growth, holds back our country from true equality, and hides the truth about the opportunities and challenges that we all faceÃ¢â¬ (Williams Ã ¶4). Williams also suggested that the American public should challenge the lack of coverage of American black progress in this country (Williams Ã ¶5). Ã¢â¬Å"In the last century black men have literally gone from being slaves to business owners, government leaders, lawyers, doctors, firemen, generals, entertainers, and educators. No other oppressed class of people anywhere else in the world has advanced its standing in a society this quicklyÃ¢â¬ (Williams Ã ¶6). I was really impressed by the way Armstrong used this statement to present his argument. In addition, Williams stated that the incidence of drug use, crime, scandal, divorce, and other social ills have increased dramatically for white men, but these statistics are not reported as problems about Ã¢â¬Ëwhite men in America (Williams Ã ¶6). Ã¢â¬Å"Approximately 9 out of 10 serial killers are white males between the ages of twenty and thirty five. Yet we never hear these statistics repeated over and over again in the mainstream press, making these crimes synonymous with one particular race as in this case with blacksÃ¢â¬ (Williams Ã ¶9). Later in the article Williams explained the image the media is creating internationally. The overseas media continuously places black men in negative positions such as school dropouts, irresponsible fathers, and victims of perpetual racism. The manner in which these stories are constructed and then, displayed to listeners and readers eliminates the possibility of believing that black men do not have positive roles (Williams Ã ¶10). Therefore, I agree with Williams that the repetitive negative articles can create a vicious cycle of harmful images and low expectations of black men. Ã¢â¬Å"The Black Image in the White MindÃ¢â¬ is the title of the second internet article that I examined. The article was useful in constructing my opinion on the topic of how African American men are displayed in the media whether negatively or positively. The article presented some useful statistical data that was quite interesting and yet shocking to me. In this article by Robert M. Entman, he stated that a mug shot of a Black defendant is four times more likely to appear in a local television news report than of a White defendant (Entman Ã ¶2). He went on to say that the accused is two times more likely to be shown physically restrained in a local television news report than when the accused is a white man (Entman Ã ¶2). According to Entman, Ã¢â¬Å"The name of the accused is two times more likely to be shown on screen in a local TV news report if the defendant is black, rather than whiteÃ¢â¬ (Entman Ã ¶2). In addition, he stated that while black actors are now more visible in media, it is an open question as to how well they are being represented (Entman Ã ¶2). The Third article that I examined was Ã¢â¬Å"Black youth and mass media: current research and emerging questionsÃ¢â¬ and I found it to be the most interesting of the three. This article was written by Craig Watkins, an Associate Professor of Sociology and Radio-Television- Film at the University of Texas at Austin. The article was basically an outline of some of the important research findings and emergent issues that examine the changing relationship between black American youth and the mass media industry (Watkins Ã ¶5). Watkins stated that for most of its history the mass media industry has produced images that distort and misrepresent the complexities of the African American experience (Watkins Ã ¶9). He stated that contemporary media representations of African Americans can be best described as paradoxical because blacks are simultaneously underrepresented and overrepresented in American media culture (Watkins Ã ¶9). According to Watkins, Ã¢â¬Å"blacks are underrepresented in many areas of mass media they are over represented in television sports broadcasts and crime and violence related portrayalsÃ¢â¬ (Watkins Ã ¶13). Watkins said that images of blacks in magazines have increased but they are predominantly portrayed in athletic roles. According to Watkins, African American men are more likely to appear as athletes or musicians (Watkins Ã ¶14). The strongest statement throughout the article was when Watkins stated that the Ã¢â¬ËathleticizationÃ¢â¬â¢ of the black men in the media reproduces and popularizes long-standing myths about biological and intellectual differences between blacks and whites (Watkins Ã ¶15). Further analysis of WatkinsÃ¢â¬â¢ article indicated that when African Americans are portrayed in television news it is generally in aggressive, violent, or criminal roles. Also, a recent analysis of the film industry asserts that blacks tend to be restricted to low budget features that focus disproportionately on crime, violence, and youth delinquency. The repetitious display of blacks in athletic roles creates a limited range of adult and professional role models for young black males being that they are faced with only few media images of successful African American men. The internet articles that I examined clearly showed that there is strong evidence to prove that African American men are negatively and unfairly displayed in the media. After examining these internet articles, I felt that even though they were some positive images of African American men in the media the majority of images are in some way biased or negative. After evaluating and examining my internet sources, I turned back my attention to my English 201 text book, Literature for Composition: Reading and Writing Arguments to get some more insight on the matter. While reading through chapter twenty-three, I came up on a quote from Lawrence Fuchs that I found to be tied in well with my overall all theme of identity in America. I decided to place this quote at the beginning of the research paper a sort of introduction to the overall theme. I chose this quote because it describes the complexity and internal conflicts of identity in America. Speaking of conflicts between identities, Hotel Rwanda is a film that displays such conflict to the extreme. This film was shown in class by my English professor because she said that it was in some way related to our theme and that it could also be used as a part of our secondary research. I did not really understand the connection with our theme until I saw the film. Hotel Rwanda is a historical drama about the hotel manager Paul Rusesabagina played by Don Cheadle during the Rwandan genocide and was directed by Terry George in 2004. The movie is actually based on the Rwandan genocide that occurred in 1994 where almost one million of both Tutsi and Hutu individuals were killed. In the movie which is a reflection of what actually took place, the media was used to instigate conflicts between the Tutsi and Hutu. Throughout the actual conflict the media was used as a tool to falsely display TutsiÃ¢â¬â¢s as the scourge of Rwanda. For example, the radio station, RTLM was used to spread negative and hate messages about the Tutsis such as Ã¢â¬Å"Why do we hate the Tutsis? They are cockroachesÃ¢â¬ ¦Rwanda is Hutu land. Ã¢â¬ (United Arts. Dir. Terry George. United States, 2004) All in all, it is quite evident from the primary and secondary research that there are both negative and positive displays of African American men in the media. Since the interviews I am more aware that the display of African Americans has changed over time for the better. However, from the Internet articles I have discovered that there are still a lot of negative images of African American men in the media. In addition, I learned that there are still many biases when presenting African American men in media whether on radio, television, or magazines. Overall, the research was very interesting and informative. April T. Glasgow and Professor Alexander Randall were very helpful in making my research paper a success. From carrying out this research paper I was able to conduct some interesting interviews, especially with Professor Randall. I was truly able to critically interpret and analyze the investigation in addition to improving my overall research skills. The research process was a learning experience that I will never forget. Works Cited Barnet, Sylvan, Burto William and Cain E. William. Literature for Composition. New York: Longman, 2007. Entman, Robert and Rojecki, Andrew. Ã¢â¬Å"Media and its Portrayal of Black Americans. Ã¢â¬ racerelations. about. com. New York. 2008. . Glasgow, April T. Personal Interview. 20 Feb. 2008. Hotel Rwanda. Dir. Terry George. Lions Gate Films and United Artists, 2004. Randall, Alexander. Personal Interview. 20 Feb. 2008. Watkins, S. Craig, Ã¢â¬Å"Black Youth and Mass Media: Current Research and Emerging Questions. Ã¢â¬ http://www. rcgd. isr. umich. edu/prba/perspectives/winter2000/cwatkins. pdf. Williams, Armstrong. Ã¢â¬Å"The MediaÃ¢â¬â¢s Bias Against Black Men in America. Ã¢â¬ 31 March 2006. .
Wednesday, August 21, 2019
Research The Interpretivism Philosophy Management Essay Firstly, it is the research philosophy. There are two main types of philosophy and they are positivism and interpretivism. In this research the interpretivism philosophy will be applied to adopt the nature of theories on the factors influencing the project management performance. Secondly, it is the research approach that includes deduction and induction. In this research, the induction approach is considered the appropriate approach for the project management when the researcher examines three factors influencing the project management performance at BORDA Vietnam. Thirdly, it is the research strategy. There are three categories of research strategy such as exploratory, descriptive and explanatory. To pursue the purpose of this research is to explore the understanding of the concepts of project management and the impacts of factors on the project management performance at BORDA Vietnam, the exploratory strategy is selected to use. Fourthly, it is research methodology. There are two methods when conducting the research generally. They are quantitative and qualitative. With each method there are advantages and disadvantages duing application. In this research, the qualitative method is chosen to apply due to its appropriateness for the topic of factors influencing the project management performance at BORDA Vietnam. Fifthly, it is the data collection and data processing that describes how the primary and secondary data will be collected and how the collected data will be analysed to have findings for the next chapters. Last but not least, it is ethical issues of the research. 3.1 Research philosophy Sauders at al. (2009) emphasises that the research philosophy relates to the development of knowledge and its nature. It will reflect the researchers view of the world and underpin the research strategy. There are different philosophies of the research such as positivism, realism, interpretivism and pragmatism and these belong to the research philosophy which is the first layer of the research onion (Sauder et al., 2009). Depending on the type of research topic which philosophy will be adopted in the research? 3.1.1 Positivism Positivism reflects the philosophical stance of the nature scientist (Sauder et al., 2009). The positivism philosophy is applied to the research for generating the existing theories to develop the hypotheses and these hypotheses will be tested with highly structured and large samples relating to the observation and numeric data. However, when observing the social reality (Sauder et al., 2009), the researcher is independent from which is observed. 3.1.2 Interpretivism In the management research, the interpretivism refers to the understanding difference between the human as social actors (Sauder at al., 2009:16) and the objects. It focuses on the subjective meanings and the interpretation of the meanings behind the social phenomena. By applying the interpretivism philosophy for the research, the qualitative methodology is more appropriate to help the researcher conduct the small sample with in-depth interview and focus group interview. Project management performance plays an important role in the success of the project. However, there are many factors but the research focusing on three key factors influencing the project management performance. The factors are leadership style, teamwork and staff motivation. For conducting the research, the interpretivism philosophy is selected to help the researcher interpret the meanings of contextual observations and collected information from interview. 3.2 Research approach Research approach relates to the theory of the research. It explicit the concerned questionnaires for survey or guidelines for interview. There are two different kinds of research approaches, deduction and induction. Sauder et al. (2009) pointed out that the deductive approach is when to develop the theory and hypotheses and the research strategy is designed to test those hypotheses. The deductive approach is believed to be more appropriate with the positivist philosophy. Other way round, it is inductive approach in which the data is collected and theory is developed as the results of data analysis. The inductive approach is considered more appropriate with the interpretivist philosophy. 3.2.1 Deductive approach Deductive approach involves in the development of theory and hypothesis. The data or findings from questionnaire survey, guideline interview and secondary sources are the results to be tested to confirm or reject the hypotheses (Gill and Johnson, 2010). This approach is suitable with large sample from the quantitative method. 3.2.2 Inductive approach Inductive approach allows the researcher to develop the theory base on analysis of the phenomena. The theory is developed based on the result of data analysis. Sauder et al (2009) suggested that the small sample conducted for the research is suitable with the inductive approach. The research on factors that influence the project management at BORDA is to pursue the purpose of identifying and analysing three burning factors really affecting the performance of project management at BORDA Vietnam. The small sample of interview with the managers and staffs of BORDA office and involved partners will be conducted. Therefore, the inductive approach is considered more appropriate to conduct this research. 3.3 Research strategy Research strategy plays an important role during conducting the research. According to Sauders at al. (2009:141) the research strategy helps to guide the research questions, objectives, the extent of existing knowledge, the amount of time, other available resources and to underpin the research philosophy. There are three categories of research strategy such as (1) exploratory, (2) descriptive and (3) explanatory (Yin, 2003, cited in Sauderset al.2009:141). Each category is valuable with different research purposes. However, it is pointed out that the purpose of enquiry may change over time (Robson, 2002, cited in Sauders et al, 2009:139). 3.3.1 Exploratory The exploratory strategy is useful to clarify the understanding of the phenomena by finding out what is happening, to seek new insights, to ask questions and to assess phenomena in a new light (Robson, 2002: 59, cited in Sauders et al., 2009:139). There are three principal ways of conducting the exploratory research: A research of the literature Interviewing experts in the subject Conducting focus group interviews (Sauders et al. 2009:140) 3.3.2 Descriptive The object of descriptive research is to portray an accurate profile of persons, events or situations (Robson, 2002:59, cited in Sauderset al.2009:140). It means that before the data is collected, it should be a clear picture of which data should be collected. However, the descriptive research is as one piece of exploratory research and also the explanatory research. 3.3.3 Explanatory Explanatory research focuses on explaining the relationship between variables (Sauderset al.2009:140) of a situation or a phenomena. This strategy is more quantitative in the research methodology. In addition, it can be a combination between the quantitative and qualitative methods in the research methodology by collecting the qualitative data for explanation of the reason to the phenomena or problem. The purpose of the research is to gain the understanding about the concept of project management and impacts of factors influencing the project management performance in BORDA Vietnam. In view of the foreging, the exploratory strategy is chosen to use in this research that helps the researcher to interpret the findings to the meanings of this research. 3.4 Research methodology There are two main types of research methods: (1) qualitative and (2) quantitative. Each method will be selected to use depending on specific research topic and analysis sample. 3.4.1 Qualitative method According to Sauders et al.,(2009:480) the qualitative data refers to all non-numeric data or data that have not been quantified and can be a product of all research strategies. There are many things in human life which may not be quantitative. They are no worse for that. If they are of non-quantitative nature, they can be investigated in terms of their own categories and such investigation is no less scientific than measurement (Michell, 1999:14, cited in Giorgi A, 2005:80). When conducting the qualitative research, the purpose is to understand the meanings expressed through words (Sauderset al.2009:482) of the problem or phenomena from real world settings (Golafshani N, 2003:600). The qualitative research means such methods like interviews and observations are dominant in the naturalist (interpretive) paradigm and supplementary in the positive paradigm ((Golafshani N, 2003:600). The qualitative data after being collected is inputed into the analysis process through three main types: Summarising (consideration) of meanings; Categorisation (grouping) of meanings; Structuring (ordering) of meanings using narrative. (Sauderset al.2009:490). 3.4.2 Quantitative method According to Ponterotto J.(2005:128), the quantitative method focuses on the strict quantification of observations (data) and on careful control of empirical variables. This method needs the large sample and uses of statistical procedures to examine the meanings and variables (Ponterotto and Grieger, 1999, cited in Ponterotto, 2005:128). The quantitative research helps the researcher familiarize with the problem or phenomena to be studied and develop the hypotheses to be tested through the quantitative techniques. The categories of quantitative method include (1) the emphasis is on facts and causes of behaviour (Bogdan and Biklen, 1998, cited in Golafshani N, 2003:597); (2) the information is in the form of numbers that can be quantified and summarised; (3) the mathematical process is the norm for analysing the numeric data and (4) the final result is expressed in statistical terminologies (Charles, 1995, cited in Golafshani N, 2005:598). From the different above definitions and concepts of research methods, the researcher select the qualitative method that is considered the most suitable and conceptual analysis shall be applied via observation of daily management work at BORDA Vietnam and the in depth interview to all staffs and managers of BORDA office and partners involving in the project. It is small sample. The qualitative method will help the researcher find out the key crucial factors affecting the performance of the project management. The qualitative method will be described through the research process in the figure below: Research objectives Theories relating to the project management Qualitative method, data collection: + Primary data: in-depth and group focus interview, daily observations + Secondary data: desk research Discussion and analysis of findings Identification of weaknesses corresponding causes in PM Recommendations solutions for improving PM performance Figure 3.1: Research process (Source: Authors design) 3.5 Data collection The data used for this research comes from both primary and secondary sources. 3.5.1 Secondary source Secondary data collection: the data will be collected from the books, articles, journals publication, reports, annual working plans, desk research, evaluations. These resources provide the information and data on the activities and project implementation at BORDA Vietnam. 3.5.2 Primary data In-depth interview: the in-depth interviews will be conducted with 15 staffs of BORDA office and involved partners, 2 focus group interviews for staffs and managers to collect their opinions, comments and assessments on current project management performance and the factors influencing the project management performance at BORDA Vietnam. The contents of the in-depth interview guideline shall be flexible and subject to the persons interviewed to be able to get the best results for analysis, summarising and consolidation. The tentative duration for the interviews shall last from 15 October to 31 October 2012. The primary data collected through the interviews is used to give insights into the main factors influencing the project management performance within the implementation progress. Observation from daily management work: The researcher is a part of this team, so that the daily management work at BORDA Vietnam will be observed. 3.6 Data processing The information and data from the interviews shall be collected, summarised, consolidated and analysed to see the problems of project management and examined whether the factors such as leadership style, team work and staff motivation have an effect on the performance of the project management at BORDA Vietnam or not. The feedback from the interviewees is also considered the useful inputs for the recommendations and solutions of the researcher. 3.7 Research ethics In the scope of this research, the researcher focus on examining the practices of financial and human resource management to the project management performance at BORDA Vietnam in the period of 2011 2013. Because of time limits, the research cannot be conducted for other factors such as the role of management of quality, information system, knowledge, relationship, etc. to the project management performance. The research will use both the secondary and primary data, especially the in-depth interview questions for information collection. Before interviewing, the researcher will ask the potential interviewees directly or through emails and telephones for their convenience and agreement of spending time and providing the information, opinions. Without agreement, the researcher will not provide the name of interviewees in the research or any sensitive information will be kept confidentially for the researcher only. Moreover, this is an independent study from the point of view of the researcher. The findings and recommendations will be proposed to the high management level of BORDA to help improve the project management performance of project implementation in Vietnam. Chapter summary Through this chapter, the researcher describes the picture of how the research will be conducted and how data is collected and analysed. After studying about the different types of research philosophy, approach, strategy, method the researcher select: Research philosophy: interpretivism Research approach: inductive Research strategy: exploratory Research method: qualitative The findings from the in depth interviews with individuals of 15 interviewees and two focus group interviews for staffs and managers of BORDA Vietnam and involved partner VAWR/ CTIC and from the daily observation of the management work as well as from the desk research of the secondary data, the meanings shall be summarised, categorised ans structured (Sauders et al., 2009:490) The research ethics are mentioned at the end of this chapter. The researcher will ask for acceptance of using the personal information from the interviewees. Without the agreement, it will be considered the confidential information and will not be displayed in the research.
Tuesday, August 20, 2019
Ethical Hackers And Ethical Hacking Information Technology Essay The Internet and the other information systems are acting a vital role in organizations today. More and more organizations have become depend on network services completely of partially. So, a single failure of the network can cause severe losses to the organization. However, due to this huge demand of Internet and network services, computer security and the serious threats of computer criminals have comes to the foreground. Computers around the world are systematically being victimized by hacking attacks every day. Most of the attacks are very organized attacks and the attackers are very well understood about the general system vulnerabilities. So if they found any of those vulnerabilities in a system, they might be able to steal everything they want from the system and completely ease their tracks within even in less than 20 minutes. That might be a huge loss for the company in term of money and reputation. Thus to avoid these kind of attacks companies should have to employ a mechanism to Identify vulnerabilities in networks, applications and systems before they can be exploited. Generally, this is the job of an ethical hacker. Ethical Hacking and Phases Ethical Hackers and Ethical Hacking An ethical hacker is a security professional who helps organization to take defensive measures against malicious attacks and usually the process he doing to find those vulnerable point is called Ethical Hacking. Sometimes this is also known as Penetration Testing or Intuition Testing. In this case, the ethical hackers are getting into the minds of computer criminals; think like them to find about innovative ways the hackers may use to get into the systems. Then organizations can take required actions to avoid those vulnerabilities. It has identified that the almost all computer systems have vulnerabilities that can be exploited by a hacker to come to do damages. This can be due to an unpatched application, a misconfigured router or a rough network device and it will be not able to detect unless penetrate the networks and assess the security posture for vulnerabilities and exposures regular basis. As the hacking is a felony in most of the countries, ethical hackers should only operate having required permission and knowledge of the organization that they are trying to defend. In some cases, to check the effectiveness of their security teams, an organization will not inform their teams of the ethical hackers activities. This situation is referred to as operating in a double blind environment. To perform productive penetration testing, the ethical hackers who are going to conduct the testing must have to have variety of in-depth computer skills. They should know how to look for the weaknesses and vulnerabilities in target systems and need to have the knowledge of the tools a malicious hackers use on system hacking. However, because not everyone can be an expert in all the required fields that an organization uses, such as UNIX, Windows, Linux, and Macintosh systems; usually ethical hacking is conducted by teams whose members skills complement each other. Generally, there are three types of ethical hacker classes. This classification is done based on the hacking purpose of the hacker. Black-Hat Hackers Are the individuals who has the necessary computing expertise to carry out harmful attacks on information systems. They generally use their extraordinary knowledge and skills for personal gains. The black-hat hackers are also known as crackers. Gray-Hat Hackers Are the individuals with a split personality. At times, this individual will not break the law and, in fact, might help to defend a network. At other times, the gray hat hacker reverts to black hat activities. Thus we cannot predict their behaviour. White-Hat Hackers Are the individuals who usually have exceptional computer skills and use their abilities to increase the security posture of information systems and defend them from malicious attacks. These individuals probably are an information security consultant or security analyst. Why Ethical Hacking is need to perform Although many people know hacking as a horrible thing, most of them not think that they would not be hacked. But this is not the real situation. Almost every computer system has security breach that the haceks could come in and for security purposes these vulnerabilities need to avoid. One of the most important reasons for ethical hacking is to find those security leaks in an organization network. To do this, companies can hire security experts who have great knowledge on cyber security and trained as ethical hackers. So they can use their knowledge to hack into the systems to find insecure areas. Then the company can take necessary actions to secure their networks easily. There are two kinds of security leaks that an ethical hacker can identify. Hacking in to systems to steel data If a company compromised with this sort of attack they will lose not only the information or money, they will lose their reputation as well. So that might be cause to lose their customers as they not feel their personal information and data are completely safe. Leaks allows to compromise to Viruses If the company network compromised into viruses, it will allow shutting down entire network in just minutes. More than that, some viruses are able to perform harmful activities like data deletions. So the company may lost important data. Thus to improve overall security posture and avoid intellectual property thefts, regular ethical hacking practise is very critical in an IT company. More importantly, that will help save company money in millions and will build the reputation as well. Also as this system penetration is performing, thinking with a mindset of a hacker who tries to get in to the system, the companies can completely rely on professional ethical hackers reports to adjust the company security posture. Framework of Ethical Hacking In order to complete ethical hacking processes successfully, ethical hacking professionals have introduced several phases to follow up. In the there, they have break down the complete process in to several phases and generally both malicious and genuine users following that methodology. Following diagram illustrates those steps and it has described in detailed below. Anatomy of hacking Source: http://www.twincling.org/twincling/slides/ethicalhacking.pdf Reconnaissance This is the first step of any hacking attempt and generally the attacker tries to gather enough information as much a possible about the target system. This process also knows as foot-printing. In may gather information on areas such as determining the network range, identifying active machine, finding open ports, detecting operating systems. There are two ways reconnaissance is performing. Active reconnaissance: Is the process of live exploration of the system to find about the information such as running operating systems and services, open ports, routers and hosts. Passive reconnaissance: This involves monitoring and finding information or clues on the network using network sniffers or other mechanisms. The information can be domain names, locations, contact numbers etc. Sometimes this involves mechanisms such as searching through organizations or persons discarded materials. Following are some of clever ways or the tool, that reconnaissance can be perform against a target network. Using Google This is the most common and efficient way of finding information about a company. As the Google is the most common search engine using in the Internet, Google can be use to find publicly available information about target system. Sometimes, even though the company has removed the data from their web sites Google will be able to provide information from its caches. Thus Google can be use to begin the reconnaissance process. DNS Information tools The next best way to get information about a company is their domain name. If you know the domain of a company rest of the information such as their IP address, contact information and locations can be find easy using DNS tools. For this purpose, most common command line tools are whois and dig and they will show above DNS information in text. But the web sites like www.dnsstuff.com, www.samspade.org, www.geektools.com and www.easywhois.com will provide same information in more user friendly way. Those tools have various options and can provide information quarrying by the IP address or domain name. Also the command nslookup will map the domain name to the IP address or vice-versa. Arin Arin is a very well known web based tool to find network ranges which a company holding. Just entering a single IP address of the range ARIN can give the whole network range the company owns. Social Engineering After knowing the basic information about a company, the best way to get know more information about the company is performing social engineering. In here, hackers trick people into revel information by themselves. The common way is calling or meeting employees and tricks them to get more information. Scanning This is the second phase of hacking framework and involves acquiring more detailed information based on the data collected in early phase. This is very similar to the active reconnaissance and in this phase it tries to dig into little deep. Generally this phase includes activities such as indentifying live hosts, discovering running services and their ports, detecting the running OS. Main target in this phase is to build the blue print of the target network including the live host IP addresses, opened service ports. The hackers use various scanners in this case and few of their techniques listed below. Ping To identify the active hosts in a networks Ping is the best tool. It can provide the information such as status of the host, host name and their TTL details. It is a very simple utility uses ICMP packets to scanning. Ping send ICMP packets to a target host and if it receives the acknowledgment we can make out the system is active. There are few handy tools that can be used to automate this ping process to check the availability of range of IP address. Few examples of them are Hping, icmpenum, NetScan Tools. Traceroute Traceroute is a tool that can use to mapping the location of a targeted host. It uses same technology as Ping and shows the exact path to the target host. NMap NMap is the most popular port scanning tool and it is a free and open source utility. Both malicious and genuine users use to identify vulnerabilities on computer systems. It has many options and it is able to perform almost every type of scan like connect scan, half open scans, SYN scan etc on a targeted host. Also it is a very useful tool for task such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. NMap can scan host in a network range straight away and it is able to detect the versions of the operating system that running on the targeted system too. WAR Dialling This is a tool widely used earlier time to detect active modems in the networks. This was a common hacking tool as there were many deal-in modems available in the network to enable their employees to login into the network. The program can automatically dials a defined range of phone numbers and logs the success full attempts in to its database. But as the modem technology is getting obsolete very fast this is not using very much. Banner grabbing Another useful technique to find about running service ports is called banner grabbing. In this case the hackers tries to connect to well know port such as 80, 8080, 25, 110, 23, 22 etc using telnet. So if the trying service is running on the target server it will display the service banner including the type of the software and running version. Thus the hackers can grab that information to their building blue-print. Enumeration (OS / Application Attacks) This is the hacking technique of convincing some target servers to provide them some information about the system which are vital to precede the attack. The information the attackers normally target are resources and shares available in the system, valid users and user groups and about running applications etc. The common way of enumeration is by use of the null sessions, the sessions which usually have no username or password. Once the hacker gets into the system the he starts enumeration by using some tools to find out the data he wants. There are several tools available that uses to do these queries. NBTscan and Netbios Auditing tools are few commonly using tools. Hackers also enumerate the systems using the SNMP protocol too. Enumerating the SNMP protocol hackers can get the information they want easily. This is an easy way than using null session. But as SNMP v3 sends data after encrypting it, that data need to be decrypt before use it. SNMPutils, IP Network Browser, SNMP Informant, Getif are some of tool use for SNMP enumeration. Gaining Access As all above phases are only hacking preparation phases, this is the phase the actual attack is executing. The hacker will use the blue-print he created during previous phases. During this phase the attacker tries to launch attacks targeting the applications, operating system and the network. To do that, hackers may launches DoS attack, buffer flow attacks, application attacks and even they may insert viruses and Trojan horses to get access to the network. Another goal of the hackers is to gain the highest level privileges he can get. If so, he will able to delete all the tracks and evidence of his activities without any issue. Also if the NetBIOS TCP 139 port is open and accessible the easistt way to login to the system is guessing the password. Thus the first attempt of the attacker will be guessing the system passwords to enter with the highest level of privileges to the system. Most of the times, this step will be an easy task, because most of the users keep their password to an easy-to-remember one. Also if any information available about the user like family members names, childrens name, birthday, there is a great potential to be the password one of them. Also there are lists of commonly using password and the hackers can try those passwords to login to the system. If they were unable to guess the password, the next step is to crack the password using an automated tool. There are several strategies used by the hackers to crack passwords. Social Engineering The easiest and the common method to crack password and the hacker calls or meet the user get the password from him tricking by some fraud. Dictionary cracking In here the cracking is performing using some collected words related to the user and list of commonly using password. The list is checking one by one and usually this is an automated process doing by a tool such as Legion. Brute force cracking This is an automated password cracking mechanism and this will just use combination different characters, letter and symbols to guess the password instead of dictionary words. Hybrid cracking This is a mixed mechanism of both dictionary and hybrid password guessing mechanisms. It will first try the dictionary passwords and then tries the letter combinations. Some automated password-guessing tools are Legion and NetBIOS Auditing Tool. However, the tools like L0phtCrack,ScoopLM, KerbCrack will allows the system administrators to audit there users password and let them know if anyone using such password which can be compromised to a password cracking tool. Other than above mentioned password cracking methods, hackers use keystroke loggers to intercept the uses key strokes to find their passwords. Those keystroke loggers are able to save into files or send all the user key stokes to a remote destination. There are two types of keystroke loggers. It can be either software based or hardware based. The hardware keystroke loggers must physically be installed into the system and the software keystroke loggers can be a action of a Trojan-horse. Few examples for keystroke loggers are ISpyNow , PC Activity Monitor , Remote Spy and following figure shows an example of a hardware keystroke logger. If the hackers could not able to track down the user password the hacker will try to get access to the systems using network attacks. There are several methods hackers will use to attack the networks. Following listed are few of them. Sniffing Attacks Sniffing id the process of capturing data from a network as they pass and storeing them to process offline. To this process hackers use various sniffing tools with different capabilities. Some sniffers can only work with TCP/IP while more sophisticated sniffers works with many other protocols including data link layer protocols. Also sniffing attacks can be use to grab user logins and passwords too. As the telnet, http, POP, SMB sends password data in plain text and travel around the network using sniffing attack they can be easily grabbed out. Sniffing can be either active or passive. Passive sniffing is performing at Hub networks and the speciality in there is that the all the machines in the networks sees all the traffic of the other machines. So the hackers can capture almost every data packet travels through the network. As the hub networks are not in real environments passive sniffing is very unlikely to happen. Active sniffing is takes place in switch networks and thus the hackers will not able to see other users traffics except the broadcast data. Thus the only possible attack is the man-in-the-middle attacks. In here an attacker is positioned in the middle of communications between two legitimate entities in order to capture data that passes between the two parties. As mentioned earlier, there are several sniffing tools available with different capabilities. The most popular sniffing tool is the Wireshark and it was formally known as Ethereal. It is a free network protocol analyzer and supports for both Windows and Linux operating systems. It is a very sophisticated tool and it is capable of capture traffic on the network and save it on disk, filter traffic according to the requirement and showing summery and detailed information for each packet. Few of other sniffing tools are Packetyzer, Dsniff, TCPDump, and Snort. Dos Attacks A DoS attack is a network attack that results in some sort of interruption of service to users, devices, or applications. Hackers use several mechanisms to generate a DoS attack. The simplest method is to generate large amounts data appearing as a valid network traffic. This type of network DoS attack saturates the network so that valid user traffic cannot get through. A DoS attack takes advantage of the fact that target systems such as servers must maintain state information. Applications may rely on expected buffer sizes and specific content of network packets. A DoS attack can exploit this by sending packet sizes or data values that are not expected by the receiving application. These attacks attempt to compromise the availability of a network, host, or application. They are considered a major risk because they can easily interrupt a business process and cause significant loss. These attacks are relatively simple to conduct, even by unskilled hackers. Maintaining Access By entering to this step the hacker has to be getting in to the system by any mean and this phase it is focus on to the established session maintaining. Thus the hacker is able to perform any file upload/download or any software tool inserting. In this stage hackers are trying to establish a hidden path to enter to the system next time easily. So to do that, they will insert some malicious software like Trojan-horses, sniffers keystroke loggers etc. Trojan-horses are malwares that carries out malicious operations under the appearance of a desired function. A virus or worm could carry a Trojan-horse. A Trojan-horse contains hidden, malicious code that exploits the privileges of the user that runs it. Games can often have a Trojan-horse attached to them. When running the game, the game works, but in the background, the Trojan-horse has been installed on the users system and continues running after the game has been closed. The Trojan-horse concept is flexible. It can cause immediate damage, provide a back door to a system, or perform actions, such as password capturing, keystroke capturing, executing DoS attacks. Some advance hackers writes custom Trojan-horses according to the requirement and those are very hard to detect. There are many examples of Trojan-horses like Tini, netcat, subseven, backoffice etc. Clearing Tracks This is the final step of the hacking framework and in here the hackers delete all the evidence and track of their access. Generally, in any operating system it keeps a record about the user logins, file deletes, file inserting, installing etc. So once hacker loges into a system his attempts and actions are logged in to operating system log files. So the hackers have to delete these logs. Although this is a very hard task to perform in reality, there are some tools do alternative actions such as disabling the operating system auditing, deleting all the log records, delete temporary log files etc. So executing tools like that they can delete their tracks, usually with all the other log files. There for system administrator may know that system has been compromised. The software tool auditpol.exe is a such tool that able to disable OS logging. Also attackers need to hide the files they uploaded in to the systems and to do this there are few techniques available call wrappers. These wrapper tools are able to hide the uploaded data as picture file. Design an Evidence Gathering Prototype Importance of a Evidence Gathering Prototype As shown above, the possibilities and opportunities are limitless a company can be targeted by a malicious attack. Although implementing correct firewall and security policies can minimize the exposure of many systems to the hackers, it is very unrealistic to completely avoid security breaches in a comport system. Therefore, it is very important to detect intrusion activities and limit as much as possible the damage they can produce. Installing well planed and configured Evidence Gathering Prototype with intrusion detection and honeypot capabilities will do that. In generally, intruder detection systems are able to record all the system activities on a given host or a network. Thus if the monitoring system is compromised or targeted to attack, all the useful information to track the attacker, are recording in the IDS system. Sometimes they can alert the system administrators about the attacks as well. One of another feature of such kind of system is that they are able recognize violations of an organisations security and acceptable use policies such as transfers of inappropriate material throughout the companys network, or downloads of authorizes data files, accessing restricted contents, use of unauthorized application, etc. Also, some systems are able to identify reconnaissance activities which may followed by hacking attacks. As these systems are able to keep log on every said incidence, the systems administrators can use those data in there ethical hacking exercises. Furthermore, they can get idea about the techniques attackers use, attack launching periods, times and frequencies, common types of attacks they get and about the locations of the attackers and etc. One of the side advantage can have installing a IDS system is that the deterring of hacking attempts, because being aware that their activities are being monitored the hacker might be less prone launch attacks. Thus installing a system in purpose of evidence gathering is very crucial and rest of this document will focus on designing a better prototype for that purpose. For example, a hacker can identify whether an IDS is present in the system if present that attacker may first attack the IDS to bring it offline. Architecture of the prototype The general idea of this prototype is to provide new defence mechanism to networks from huge varieties of behavioural network attacks. Especially rootkit attacks, buffer overflows, DOS / DDOS attacks, SQL injections and many other types of hacking in to a network. Keeping records of malicious behaviours and providing tracking down the intruders, this system will be a whole new protection concept for current networking intrusion threats. Techniques like Intrusion Prevention Systems, Honeypot and network Sniffers can be used as first line of defence to fights again unauthorized access to networks and network resources. But it is hard to use each of them separately in a network to prevent malicious attacks. So a good system should use all those techniques in a single system. Also only one technique will not suit either, as they may have some tribulations on it. Thus, the designing prototype uses all the techniques mentioned above. It will work as a choke point between the WAN and LAN so all the network traffic should flow through it and the traffic will inspect from there. About architecture, the prototype is consisting of three Intrusion Detection Systems, Honeypot and a monitoring console. Three IDSs will be Signature based, Anomaly based and Stateful-protocol analysis IDSs. All the incoming network traffic will be inspected by these IDSs before enter in to the LAN. If IDSs are detected any suspicious behaviours, they will send an alarm message to the Honeypot. Then the malicious traffic will start to circulate among the IDSs without the intruders knowledge. Therefore an intruder will not be able to perform continuous actions because the IP addresses of the traffic are keeping changing. The Honeypot monitor all the network traffic which will be forwarded by the IDSs and keep records of all behaviours. Allowing or denying the network traff ic to enter in to the LAN will be decided by monitoring the behaviour of the incoming traffic to the Honeypot. A separate monitoring console is connected to the Honeypot which also has an online monitoring and log making system so that the sources of any malicious traffic can be identified. Following figure show the overview of the system. Major components Signature based IDSs has a predefined database of attack signatures. It compares all the network packets against the attack signatures in the database. Anomaly based IDSs compares the network traffic against a profile build by previous trainings of network traffic behaviours and continually sampling all activities occurring within the system. Therefore it can react to new zero-day attacks. Stateful-protocol analysis IDs relies on vendor-developed universal profiles that specify how particular protocols should and should not be used, on decision taking. Core of the system is the Honeypot which will monitor all the network traffic flow through it. Monitoring console with a real time log making and tracking system implemented on it. This console provides a real time monitoring and online tracking system to track down and locate the intruders source. Network traffic database will store all the information about the traffic flow the Honeypot encountered, signature database and IP addresses of all the malicious / suspicious traffic flows. Capabilities of the prototype Signature based Intrusion Detection System Knowledge is accumulated by the IDS vendors about specific attacks and how they are carried out. Models of how the attacks are carried out are developed and called signatures. Each identified attack has a signature, which is used to detect an attack in progress or determine if one has occurred within the network. Any action that is not recognized as an attack is considered acceptable. Anomaly based Intrusion Detection System These are behavior based products that do not contain databases of attack signatures. They first go through a learning mode to build a profile of normal behaviour of a system or a network by continually sampling all activities occurring within the system. These IDSs will be configured to detect the Zero-day attacks which means configured to detect new and unknown threats. All anomaly based IDSs will be trained by using accepted penetration tools such as GFILanguard, Nesses, Nmap, Retina, NetCat and Enstealth. After the profile built all the activities are compared against it. If anything which does not match the profile occurs an alarm is triggered and packets will be tagged. Stateful-protocol analysis Intrusion Detection System This is little similar to anomaly-based detection technique. But it relies on profiles that provided by the device vendors. Those profiles enable IDPS to understand and track the state of network, transport and application protocols that have a notion of state. It can thus identify unexpected sequences of commands, such as issuing the same command repeatedly or issuing a command without first issuing another command upon which it is dependent. Honeypot Honeypot is an essentially decoy network-accessible resource, could be deployed in a network as surveillance and early-warning tools. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis could be used to further tighten security of the actual network being protected by the Honeypot. All traffic entering and leaving the Honeypot is logged. Honeypot can carry risks to a network, and must be handled with care. If they are not properly walled off, an attacker can use them to break into a system. Monitoring Console This machine is to examine the intrusion methods / traffic flow used by the intruder. This analyze will be done synchronizing with the Honeypot. Those details will be used to create complete reports about the encounters. The tracking system which is installed on the console will provide a complete track of the intruder. Other Features The prototype can analyze the behaviours of the incoming traffic since all the traffic should go through the system. Any intrusions which will match to the signatures, the Signature Based IDSs will alarm immediately to the Honeypot. By recording and tracking the traffic pattern, a decision can be taken whether to drop the identified traffic or track back the source of the intruder. The detected or suspicious traffic will be redirected to the Honeypot as the final action. Make use of the online tracking and log making system, the prototype can record all the behaviours in real time and provide a tracking system to catch the intruders. Commercially available Intrusion Detection Systems Snort Snort is a free and open-source network-based IDS system and it is the most commonly using intrusion detection system. It is a software-based NIDPS and able to perform both protocol analysing and content searching. Snort has intrusion prevent capabilities as well. So it is use to both actively block and passively detect a variety of attacks and probes. It uses signature, protocol and anomaly-based inspection to intruder detection. CISCO Secure IDS This
Monday, August 19, 2019
COLD MOUNTAIN Since Cold Mountain does not heavily rely on dialogue to tell the story, the point of view Frazier uses to narrate the story is important: He must create the effect of being enveloped in two separate worlds, and give insight into characters who have no one to discuss their thoughts with. The only way to accomplish this is by using the omniscient point of view, which is when the author has unlimited knowledge about the characters and their thoughts. A romantic story is especially suited for this type of narration, because romances revolve not around events, but emotions, which are difficult to describe objectively. To fully appreciate the depth of the love between Ada and Inman, the reader must be able to peer into the deepest thoughts of the characters. Isolation, however, prevents Ada and Inman from revealing these thoughts to each other or to another character. We instead must learn from introspections like the one on pg. 393, when Inman reflects, Ã¢â¬Å"Ã¢â¬ ¦he intended to eat nothing until he found Ada. If she would not have him he would go on to the heights and see if the portals on Shining Rocks would open to himÃ¢â¬ ¦He doubted there was a man in the world more empty than he at the moment.Ã¢â¬ Intimate insights such as this one are frequent in the novel, and reveal the most information about Ada and InmanÃ¢â¬â¢s feelings for each other. This unlimited power to inform is used also to directly characterize Inman and especially Ada; due to the relative calm of her ...