Free Essay

Hhomeland Security Exercise and Evaluation Project

In: Other Topics

Submitted By WanjiruK
Words 4022
Pages 17
| |
| |
| |
| |
|Daytona State College Cell phone Bomb Threat Seminar |

| |

Table of Contents
Introduction & Background 3
Mission 3
Exercise Design & Evaluation Plan 4
Capabilities 4
Embry-Riddle Aeronautical University 4
Demographics 5
Residential Campus Student Demographics (Fall 2013) 5
Exercise Overview 6
Exercise Design & Development Plan 6
Exercise Needs 6
Exercise Purpose 6
Exercise Scope 7
Exercise Objectives 7
Participants 7
Players 7
Moderator 7
Facilitator 8
Mediators 8
Scenario 8
Initial Scenario 8
Secondary Scenario 12
Exercise Development 13
Exercise Timeline 13
Milestones and Tasks 14
Evaluation Guides (EEGs) 14
Capability 14
Capability Outcome 14
Tasks 15
Public Education & Training 15
HSEEP Compliance 16
Planning & Organization 16
Observation & Data Collection 17
Analyze Data 17
Draft After-Action Report (AAR) 18
After Action Conference 19
Identify Improvements & Implementation 20
Finalize the AAR and IP 20
Track Implementation 20
Recruit/Assign/Train 21
Conclusion & Recommendations 21
Recommendations 23
References 24

Introduction & Background

Daytona State College Campus Safety team is a licensed security company that provides professional security services to the college. DSCCS team is based in Daytona Beach, FL. It has been serving the collage for the past five years. Our staff includes professionally trained and experienced personnel who are capable to address all types of cell phone bomb threat. Our team of professional provide Daytona State College with a discussion based exercise; a seminar/orientation covering preparedness for a possible cell phone bomb threat scenario. This exercise was developed solely for Daytona State College- Daytona Beach College. The information contained in this report shall be considered sensitive but unclassified (SBU) as weighted by the Homeland Security Act and regulations issued by the Department of Homeland Security. It is intended for the use by Daytona State College development of Emergency Preparedness Planning.

Interview Orientation
An overview or introduction- the purpose is to familiarize participants with roles, plans, procedures, and/or equipment. It can also be used to resolve questions of coordination and assignment of responsibilities. Orientations are led by a facilitator, who presents information and guides discussion. For this seminar to be effective and efficient the security department comes up with several reasons as to why security measures should be adhered to in the institution and this was informed to all members of the organization through posters and personal emails.


The mission of Daytona State College Campus Safety team is to provide the entire staff and students at the college with the knowledge, education, and capability to design, implement, and maintain security related issues whether through professional business environments or personal use mostly related with cell phone bomb threat. DSCC team promises to adhere to the guidelines of the emergency management process instituted by FEMA and all governing agencies encompassed in the United States of America.

Exercise Design & Evaluation Plan

Daytona State College Campus Safety team will provide The College with guidance concerning procedures and responsibilities for preparedness to cell phone bomb threat. Daytona State College Campus Safety team will clarify the exercise concept; establish the basis for the exercise, and the administrative structures that will be used to support cell phone bomb threat scenario.


The exercise will test specific functions relating to emergency preparedness capabilities through a discussion based seminar. The National Preparedness Guidelines (NPG) provides the FEMA Target Capabilities List (TCL) which set forth doctrine, priorities, and targets to guide capabilities-based preparedness for Federal, State, local, private sector, and nongovernmental jurisdictions and entities.

Daytona State College

Daytona State College Safety team is the world's largest and most prestigious college specializing in both Arts and Science courses. Daytona State College is an independent, nonprofit, nonsectarian, coeducational college serving culturally diverse students seeking careers in arts and science related fields. Daytona State College is composed of the Daytona Beach College.

Daytona State College has traditional, residential colleges in Daytona Beach, Deland College, New Smyrna College, Deltona Center and Advanced Technology College. In addition, degree programs can be pursued via the Internet through Worldwide Online.


| Dаytоnа Stаtе Соllеgе Students Demographics 2013 |
|Demographic |Admissions | | |
|Undergraduate enrollment |4,517 | | |
|Full-time |4,017 | | |
|Part-time |500 | | |
|Full-time equivalent (FTE) |4,395 | | |
|Average age of full-time students |20 | | |
|Percent living in college housing |37% | | |
|International students |19% | | |
|Female students |18% | | |
|First-Time Students | | | |
|Applied |4,001 | | |
|Accepted |3,209 | | |
|Enrolled |1,043 | | |
|Fall 2010 retention rate (after 1 year) |75% | | |
|Fall 2005 graduation rate (after 6 years) |59% | | |

Exercise Overview

Exercise Name: Daytona State College cell phone Bomb Threat Seminar
Type of Exercise: Orientation Seminar
Exercise Start Date: 11-28-2013
Exercise End Date: 11-28-2013
Duration: 60 Mins
Location: Daytona State College
Sponsor: This exercise was sponsored by Daytona State College Campus Safety team
Funding Recipient: The exercise was designed to test functionality addressed in the Daytona State College Emergency Management protocols.

Exercise Design & Development Plan

Exercise Needs

The increasing cell phone bomb threat on colleges requires prompt action and constant preparedness. Such a hazard can have serious ramifications if not addressed, and must be given proper attention. This exercise will address preparedness in the event of a cell phone bomb threat being called in to Daytona State College.

Exercise Purpose

The purpose of this exercise is to provide participants with an opportunity to evaluate current preparedness concepts, plans, and/or capabilities for preparing to cell phone bomb threat in Daytona State College. The exercise will focus on department heads and phone operators, and will discuss actions necessary to save lives of college students, faculty, and staff. This will in turn educate staff and faculty, and help ensure business continuity in light of the college’s mission.

Moreover, this discussion-based seminar is intended to take place in a relaxed atmosphere in which participants enhance their understanding of emergency management and readiness to this specific man-made hazard.

Exercise Scope

The Exercise objectives focus on improving understanding of the preparedness for cell bomb threat scenario by identifying opportunities or problems, and achieving a change in attitude. This exercise will focus on the following objectives:

Exercise Objectives

• Construct a common framework of understanding among all department heads and phone operators

• Identify training needs within Daytona State College staff

• Discuss cell phone bomb threat checklist

• Evaluate employee’s understanding of this specific cell phone bomb threat scenario



Players who will participate in the seminar are college safety staff, department heads, and phone operators who will receive the situation sequence presented by the mediator. The seminar will be played in a single phase where participants will receive training in the preparedness function in the event of cell phone bomb threat on the Daytona State College premises.


The moderator of the exercise will be Daytona State College Campus Safety team.


The exercise will be facilitated by the Daytona State College President office.


Daytona State College Campus Safety team will conduct the seminar.


A bomb threat is called into Daytona State College.(The scenario will be facilitated utilizing a voice recording of a potential “call-in” bomb threat). As the threat is revealed, the operator will note anything about the caller and the background noise of the call itself.

Initial Scenario

A call is received:

Operator: “Hello, thank you for calling Daytona State College. How may I direct your call?”

Caller: “…um, I’d like to report a bomb on your college.”

Operator: “Excuse me!?”

Caller: “I said- there is a bomb in your school- and it will detonate in 20 minutes!”

Operator: “A bomb? What do you mean a bomb? Where?

Caller: “On your college” (Train sound in the background) “If I were you I wouldn’t fuck around!” (The caller hangs up)

Operator: “Hello? Hello?”

Discussion 1

As stated in Daytona State College’s emergency management plan, if a bomb threat is received via telephone follows these steps:

1. Remain calm.

2. Listen carefully. Try to keep the caller talking so that you can gather more information.

3. Use the Explosive Device Data Record information to question the caller in a polite and non-interrogative manner. Use any means, even humor, to prolong the conversation. This will provide a better chance to identify the voice and hopefully obtain additional information about a device, the validity of the threat, or the identity of the caller.

4. Upon completion of the call, immediately notify College Safety (226-SAFE or 911) and complete the Explosive Device Data Record as soon as possible while the incident is fresh in your memory.

5. If a threat has been received by another individual and he/she is relaying this information to you, use the Explosive Device Data Record to get as much information from them as possible.

(Note everything- number of people delivering threat, repeated phraseology, etc.)

IMMEDIATELY CALL COLLEGE SAFETY AT 226-SAFE or 911, and be sure to include the date, your phone number, your name, and your position.

Explosive Device Data Record


• When is explosive device set to explode?

• Where is it right now?

• What does it look like?

• What kind of explosive device is it?

• What will cause it to explode?

• Did you place the explosive device?

• Why?

• What is your address?

• What is your name?


• Sex of caller

• Race/Nationality

• Age

• Length of call

• Number at which call was received

o Time & Date



• Calm

• Angry

• Excited

• Slow

• Rapid

• Soft

• Loud

• Laughter

• Crying

• Normal

• Distinct

• Slurred

• Nasal

• Stutter

• Lisp

• Raspy

• Deep

• Ragged

• Clearing throat

• Deep breathing

• Cracking voice

• Disguised

• Accent

• Familiar

• If voice is familiar, who did it sound like?


• Street noises

• House noises

• PA system

• Music

• Office machinery

• Factory machinery

• Animal noises

• Voices

• Static

• Clear

• Phone booth

• Other


• Well spoken

• Educated

• Foul

• Irrational

• Incoherent

• Taped

(Note everything- number of people delivering threat, repeated phraseology, etc.)

IMMEDIATELY CALL CAMPUS SAFETY AT 226-SAFE or 911, and be sure to include the date, your phone number, your name, and your position.

Secondary Scenario

Operator: “Hello, thank you for calling Daytona State College. How may I direct your call?”

Caller: “…um, I’d like to report a bomb on your campus.”

Operator: “I’m sorry- it sounded like you said there is a bomb on campus?”

Caller: “I did- there is a bomb in your school- and it will detonate in 20 minutes!”

Operator: “A bomb, huh? Ok- bomb on campus, check! Anything else, Kyzinski?”

Caller: “Do you think this is game” (Train sound in the background) “If I were you I wouldn’t fuck around!”

Operator: “I’m not- I’m actually making myself a cup of coffee. Where is this bomb you speak of? In a bathroom, the ICI, hopefully it’s not in the office I’m in right now- cuz that would thoroughly piss me off- actually, if you haven’t planted it yet- I got an office you can put it in!”

Caller: (Laughter) “You dumb capitalists – you think it is all fun and games…you will see soon enough…”

Operator: “OK, OK- you got my attention! What do you want?”

Caller: “I want to see you all run like dogs trying to find your tails- (airplane taking off runway noise)

Operator: “So you are watching us? Hello? Hello?”

Phone hangs up!

Discussion 2

Utilizing Daytona State College’s device record approach, explain the flaws and successes of the second scenario; furthermore, discuss implementation of Daytona State College’s existing protocols and how improvements can be addressed for both scenarios.

Exercise Development

Exercise Timeline

The seminar should take 45 minutes to 1 hour in time to complete. The session will be followed with an evaluation, which will review the effectiveness of the seminar and the current plans, programs, policies and procedures for Embry-Riddle Aeronautical University.
|Activity |Task |Task material |Relationship to Key Events in |
| | | |Workdays/Weeks |
|Exercise planning |Identify personnel for meetings |Personnel contacts |1 month before |
| |Finalize seminar materials and |Seminar materials |1 month before |
| |revisions | | |
|Exercise conduct |Conduct exercise |Exercise plan and controller |Exercise |
| | |manual | |
| |Conduct evaluation |Participants feedback and |After exercise |
| | |evaluation plan | |
|AAR/ Improvement plan |Develop AAR/IP |Final AAR/IP |1 week after exercise |
|Final AAR/IP |Final AAR/IP |Final AAR/IP |1 month after |
| |Lessons learned |Final AAR/IP |1 month after |

Milestones and Tasks

Tasks listed in the exercise are listed as follows: • Provide training for individuals on how to react to a phone call posing a bomb threat on Daytona State College. • Develop education programs to prepare phone operators for handling a bomb threat via a phone call. • Increase awareness of the issues and materials involved in dealing with a bomb threat situation. • Revise and maintain current checklist currently present at Daytona State College and its website. • Establish and maintain a process to evaluate preparedness for the scenario.

Evaluation Guides (EEGs)


The college provided tools online to educate its students, faculty, and staff on how to prevent, protect, mitigate, and prepare for a bomb threat. This requires a role for phone operators and personnel in charge in having situational awareness and knowledge in preparedness.

Capability Outcome

There is a structure and a process for ongoing collaboration between government and nongovernmental resources at all levels; volunteers and nongovernmental resources are incorporated in plans and exercises; the public is educated and trained in the four mission areas of preparedness; citizens participate in volunteer programs and provide surge capacity support; nongovernmental resources are managed effectively in disasters; and there is a process to evaluate progress: Activity: Prevent-Educate for awareness Activity Description: Develop plans and processes necessary to provide the foundation for programs that enhance reaction to cell phone bomb threat in terms of preparedness.


• Training the individuals assigned to be aware and how to react to a phone call posing a potential bomb threat on Daytona State College, and how to report suspicious items and behavior. • Develop education programs to prepare phone operators for handling a bomb threat via a phone call. • Increase awareness of the issues and materials involved in dealing with a bomb threat situation. • Revise and maintain current standard operating procedures (SOPs), and emergency management plans (EMP) present at Daytona State College. • Establish and maintain a process to evaluate preparedness for the scenario.

Public Education & Training

In order to have an effective preparedness during or after a cell phone bomb threat, there is a strong need to establish awareness among students, staff and faculty in the college. That said, it can be achieved through announcements during the classroom lectures and through the college website where all members of the college can easily access in both email and black board. In addition, training is provided in the following scheme:

• Training will be provided by college safety for heads of the departments who will be responsible in overseeing training for the faculty and staff under their administration in mitigating, preparing for a cell phone bomb threat on college.

• The topic and content of the training courses will be from the materials and the courses provided by FEMA available online.

• The training will take place in two phases starting with departments’ heads, and then followed by training faculty and staff in their respective departments accordingly.

• The following FEMA ISP courses are recommended for department heads:

o IS 700A, National Incident Management System (NIMS) o ICS 100.HE, Introduction to the Incident Command System for Higher Education o ICS 200, Basic Incident Command System o G367: Emergency Planning for College Executives (Non-virtual)

HSEEP Compliance

Planning & Organization
In order to conduct a successful seminar exercise, planning and organizing the exercise is an important step. The exercise team should appoint the participant such as emergency program managers, exercise officers, training officers, and department heads. The exercise planning team has six responsibilities: • Appoint a Lead Evaluator. • Develop evaluation requirements. • Draft evaluation documentation. • Recruit, assign, and train evaluators. • Finalize an Evaluation Plan. • Conduct a Controller/Evaluator (C/E) briefing.
The lead evaluator should be one of the team planning members. In this scenario, DSCS team will be the lead evaluator. The lead evaluator should have the knowledge of the emergency management phases (prevention, mitigation, response, and recovery). The lead evaluator should be familiar with Daytona emergency management plan.

Observation &Data Collection
During the seminar, the lead evaluator will collect data involving all key players. The data should consist of:

• Issues identified by players. • How players make decisions. • Player roles and responsibilities. • Player coordination and cooperation. • Recommendations from the group.

All data and information collected is to be focused on a higher-level of capability involving issues directly related to the Daytona State College’s emergency management plan. The evaluator should keep a low profile during the exercise unless needed. (This is to clarify a situation). Furthermore, the evaluator should use the EEG that is modified for this type of exercise. The head of the college’s security and safety should explain the college’s emergency management plans involving a bomb threat.

Analyze Data

After the exercise is over, the evaluator should start analyzing the collected data to evaluate the ability of exercised functions. This is to ensure that the exercise objectives are met. Therefore, there are two meetings that should be conducted: the hot-wash(the evaluator and the controller meet - it is to be conducted shortly after the exercise ends -the meeting will allow the evaluator to compare notes, improve evaluation documents, and develop an overall scheme of capability) and a debriefing(a formal meeting following the four steps of data analysis, which are to identify issues, determine root causes, develop recommendations for improvement, and identify lessons learned). These meetings will provide fully analyzed data of the exercise, and a foundation for the After-Action Report/Improvement Plan (AAR/IP).

Draft After-Action Report (AAR)

All discussion-based exercises result in the development of an After-Action Report/Improvement Plan (AAR/IP). As mentioned earlier, a fully analyzed data will provide the foundation for the After-Action Report by identifying issues, determining root causes, developing recommendations for improvement, and identifying lessons learned. The lead evaluator will draft the AAR using the exercise event timeline, narratives, and Exercise Evaluation Guide (EEG) Analysis sheets. The information from the debriefing and Daytona State College emergency plans and procedures can be used to draft the AAR. The After-Action Report format can include (as FEMA suggests):

• Executive Summary

• Exercise Overview

• Exercise Goals &Objectives

• Analysis of Capabilities

• Conclusion

• Improvement Plan (IP) Matrix

After Action Conference

After completing the AAR draft, the exercise planning team with the lead evaluator should meet to conduct a dry run. This should be done before the full After-Action Conference to review the AAR draft and to ensure the accomplishment of the exercise goals and objectives.

Following these initial steps of the After-Action Conference (AAC), the exercise planning team with the lead evaluator should meet again for the actual After-Action Conference (AAC). The purpose of this meeting is to review and improve the AAR draft. This meeting will take a full day after several weeks from the end of the exercise. This conference should be conducted where the exercise took place.

The Improvement Plan (IP) is an important part that should be completed during the After-Action Conference (AAC). The meeting should discuss how to apply recommendations for improvement. The Improvement Plan (IP) matrix could be applied as a guide for completing the Improvement Plan (IP). The Improvement Plan (IP) matrix consists of nine steps as FEMA suggested which are:

• Capability • Observation Title • Recommendation • Corrective Action Description • Capability Element • Primary Responsible Agency • Agency Point-of-Contact (POC) • Start Date • Completion Date

Identify Improvements &Implementation

In this step, corrective actions should be generated from the Improvement Plan (IP) matrix. The corrective actions will address the recommendations such as the responsibilities and what to be implemented within a time frame. These corrective actions should be detailed in order to be effective. Some corrective actions will be limited to resources; therefore, short and long-term solutions should be provided to improve capabilities.

Finalize the AAR and IP

The exercise planning team should finalize the After-Action Report/Improvement Plan (AAR/IP) by combining corrections and feedback provided by participants in the final plan. The exercise planning team should then confirm that the final AAR/IP has met the exercise objectives and goals. Once the exercise planning team validates the After-Action Report/Improvement Plan (AAR/IP), a helpful tool recommended by FEMA can be used as guidance to cover the following areas:

• Strategy development. • Exercise program planning. • Sharing of lessons learned with homeland security community partners. • Changes to plans, policies, and procedures. • Capability development and refinement. • Efforts to focus limited resources upon improvements in preparedness.

Track Implementation

Tracking the implementations and completion of corrective actions is the responsibility of the participants of the exercise. Participants should have points-of-contact (POC) for tracking these implementations.


All stakeholders and personnel that are involved in this exercise will be from Daytona State College staff. Responsibilities and duties are already listed at Daytona State College’s emergency preparedness.

Conclusion & Recommendations

According to Daytona State College’s emergency management plan, the purpose of a cell phone bomb threat plan is to establish the policy and procedures to be followed in the event of such a threat to the College. Whether this threat is received via telephone or through other means, quick, decisive action by all employees will help minimize potential loss of life, injury, destruction of college property, and disruption of scheduled activities.

Daytona State College clearly states that in the event this incident occurs, Daytona State College Safety Officers will work with Facility Management personnel to search and identify any suspicious packages or items construed to be of explosive nature. If an explosive device is found, the College Emergency Operations Team (U-EOT) will be activated and begin working towards facilitating and coordinating, updates and communication for all recovery plans related to the functional areas of the college.

In the event of a bomb threat the faculty, staff, and students should respond according to the information provided by any of the following:

• CodeRED

• Siren

• Emails

• College Website

• Verbal instructions

If an employee or student receives the actual bomb threat, they should respond as follows:

1. Call 386-226-7233(SAFE)or come to College Safety to report the incident

2. Evacuate the building when instructed by College Safety

3. Complete a bomb information report sheet that will be provided by College Safety

4. Await further orders from College Safety or the College Emergency Notification Systems

Emergency responders will have total control of the scene. If the situation dictates, the Incident Command System will be used as directed by the National Incident Management System. The college could also assemble the U-EOT if the situation escalates to make college related decisions.


1. DSCS team recommends emplacement of an alert system (i.e. intercom) that enables administration to quickly relay all information to the entire school at once. CodeRED, internet, and text messaging are not reliable in the event of a time sensitive situation.

2. DSCS team recommends better identification tracking devices (i.e. tracing devices) to monitor all telecommunication traffic coming in and from Daytona State College. This not only mitigates threats via telephone, it insures all phone operators are maintaining Daytona State College standards (voice recording and improvement plan evaluations).

3. DSCS team recommends all personnel responsible for answering telephones are first mandated to complete training in order to mitigate bomb threats and their adequate response.

Daytona State College (2013, september 12). Annual Security Report and Campus Safety Guide. Retrieved October 24rd , 2013, from Daytona State College Library :

Daytona State College (2013, June 10). Crime Reporting & Awareness. Retrieved October 24th, 2013, from Daytona state college library:

Daytona State College (2013, October 11). Daytona State's Drug Policy. Retrieved October 24th, 2013, from Daytona State College Library:

Daytona State College (2013, October 14). General Campus Safety and Security Policies. Retrieved October 24th, 2013, from Daytona state college library:

Daytona State College (2013, October 09). TO REPORT A CAMPUS EMERGENCY. Retrieved October 24th, 2013, from Daytona state college library:…...

Similar Documents

Premium Essay

Project Evaluation

...Abstract The following report will provide recommendations in regards to three separate project evaluations. Using three different rates for each of the three projects, the net present value, the internal rate of return, and the payback period will be evaluated in each case. It will also offer project selection recommendations for each scenario based on the net present value, as well as project selection recommendations based on the internal rate of return and the payback period. Project Evaluation The following three projects have been broken down and evaluated based on each of the provided scenarios. The net present value, payback period, and internal rate of return are included for each project. Project 1:   | Cash Flows | Year 0 | $ (30,000) | Year 1 | $ 11,000 | Year 2 | $ 11,000 | Year 3 | $ 11,000 | Year 4 | $ 11,000 | Year 5 | $ 11,000 | Scenario 1 – using 5% NPV Rate – Calculations are as follows: -$30,000+ $11,000(1+0.05)1+ $11,000(1+0.05)2+ $11,000(1+0.05)3+ $11,000(1+0.05)4+ $11,000(1+0.05)5 = -$30,000 + $10,476.1905 + $9,977.3243 + $9,502.2136 + $9,049.7272 + $8,618.7878 = $17,624.24 NPV Payback period = 2.727 years IRR = 24.32% Scenario 2 – using 5.5% NPV Rate – Calculations are as follows: -$30,000+ $11,000(1+0.055)1+ $11,000(1+0.055)2+ $11,000(1+0.055)3+ $11,000(1+0.055)4+ $11,000(1+0.055)5 = -$30,000 + $10,426.5403 + $9,882.9766 + $9,367...

Words: 1136 - Pages: 5

Premium Essay

Information Security Project 1

...Project: Information Security Project 1 Name: Ashiqul Abir Class: NT2580 Date: 02/28/2013 Information security best practice project: The information security best project was housed within the Oxford University computer emergency response team. The project sought build on the knowledge, commentary and information gathered during the 2009 self-assessment exercise. One of the main objectives of the project was to develop an information security toolkit, which includes the policies, guidelines, documentation and education and awareness programmers. Information security: In a devolved environment, such as a collegiate university, it is imperative that policy should not go into retail about how those objectives should be met. It also defines the scope of the policy and identifies roles and responsibilities for security. Information security toolkit: The example polies can be tailored to suit the individual needs of your department, college or hall. The toolkit focuses on some areas like, IT management Operations Network Management Physical Security Building on the 2009 self-Assessment: The 2009 Self-Assessment exercise asked unit within the collegiate university to assess their current approach to IT operations, management and security against recommended best practice guidelines. The information gathered helped the advisory group to understand where further attention, resource, and best......

Words: 280 - Pages: 2

Premium Essay

Information Security Article Evaluation

...Information Security Article Evaluation CMGT/441 July 10, 2013 Confidentiality As I was looking on the internet trying to locate a website to write my paper about, an article from got my attention. The article was about social media privacy. In June 2012, posted an article called “Facebook & your privacy: (Who sees the data you share on the biggest social network”), which attempts to explain and give several reasons how your privacy is being violated by social media. The article has some great points but also had many facts that made me question its validity. The article in talks a lot about how Facebook is sharing all of your information and how confusing its privacy controls are. For example, part of the article states that Facebook has many privacy controls, but good luck trying to understand them. A new study by (Siegel &Gale 2012), New York-based consultants, finds that Facebook’s and Google’s privacy policies are tougher to comprehend than the typical bank credit card agreement or government notice. There is some untruthfulness in that because I am an avid Facebook user. Finding the privacy controls are very easy but it does take a little time to decipher what you need to do to make your profile private. I think......

Words: 898 - Pages: 4

Premium Essay

Information Security Article Evaluation

...Information Security Article Evaluation CMGT 441 August 12th, 2013 Information Security Article Evaluation In today’s era where technology is always improving and moving forward faster than most people realize one thing stand consistent, company assets. Of these assets none seem more important in the era of “information highway” or “instant media” than information. Protecting information can be the key to a failure or success of a company. A group of security experts from government, industry, and academia put together a list of the 20 most critical security threats on the Internet. Released in 2001 by the Bethesda, Md.-based System Administration, Networking, and Security Institute (SANS), the list is to help network administrators steer clear of the most exploited Internet security flaws (Savage, June 2000). According to (Savage, June 2000) "The main message we're trying to deliver is that there are a few vulnerabilities that are comprising the vast majority of attacks and attempted attacks that we're seeing," said Jim Magdych, research manager at PGP Security, a division of Network Associates Inc., Santa Clara, Calif., and a project participant.” This list is for network administrators who are inundated with the security......

Words: 975 - Pages: 4

Premium Essay

Project Part 2 It Security of the three information security properties which are Confidentiality, Integrity, and Availability. Confidentiality is affected if the malicious software is successful at disclosing private information. Integrity is compromised if the malware can modify database records either immediately or over a period of time. Availability is affected if malware can erase or overwrite files or inflict considerable damage to storage media. SSCP® Domain Affected Malicious Code and Activity This domain examines the types of Malicious Code and Activities that can threaten the confidentiality, integrity, and availability of a system or information. The SSCP is expected to be familiar with the various types of Malicious Code and know how to implement effective countermeasures to prevent malicious code from operating. The SSCP should also know how to detect, respond and recover from malicious activity on a system whether perpetrated by an internal or external entity and take steps to mitigate the risk of malicious activity. Controls to Protect Against Malicious Code Typical controls to protect against malicious code use technology, policies and procedures, and training, all applied in a layered manner from perimeters inward to hosts and data. The controls are of the preventative and detective/corrective variety. Controls are applied at the host, network, and user levels: Host Level * Host hardening, including patch application and security-minded configurations of......

Words: 953 - Pages: 4

Premium Essay

Project Evaluation

...Project Evaluation Section I – Evaluation Theory in General The Minor Adjustment, new vision project is a 10 weeks program that motivates youth to succeed against all odds. In the conclusion of the project the evaluation will take place. The program evaluation is a systematic process of determining whether or not Minor Adjustment new vision project was successful (Babbie, 2007). Program evaluation is so important; it assesses the program’s effectiveness. The purpose of evaluation is to integrate planning, implementation, evaluation and reporting. In addition, the evaluation sees success and learns from it (Babbie, 2007). It also, recognizes failure and provides the opportunity to correct it. The Minor Adjustment, New Vision project evaluation will consist of two different types, formative and summative. Formative evaluation is generally any evaluation that takes place before or during a project’s implementation with the aim of improving the project’s design and performance. A formative evaluation strengthens or improves the program. Formative evaluation often lends itself to qualitative methods of inquiry. The questions asked in formative evaluation are generally more open and lead to exploration of processes, both from the viewpoint of participants, but also from that of project staff and investors (Kettner, Moroney, & Martin, 2008). The use of participatory evaluation is particularly relevant and appropriate to formative evaluation. Formative evaluation......

Words: 1616 - Pages: 7

Premium Essay

Project Security

...Project Part 1: Multi-Layered Security Plan when developing a multi-layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains. Increasing the security on each of those seven domains will increase the overall security of the system and create a multi-layered security plan. In the user domain, one of the easiest ways for the system to be compromised is through the users. Simplicity of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. In the workstation domain, we need to make sure that each of the workstations, whether desktop or laptop, has antivirus and malware protection installed on them. Laptops are very vulnerable for loss or theft, so all company laptops should have an encrypted hard drive so that if they are stolen, the data contained on them is not recovered by anyone but the owner. For the LAN domain, we need to have training about email scams. Most users know not to access suspicious emails when on our system but a quick training course will help. Also, adding spam filters will help gets rid of most of the junk email, so there is much less risk of employees opening emails containing malware. In the LAN-to-WAN domain, we need to shut......

Words: 338 - Pages: 2

Premium Essay

Final Project. Network Security, internal and external threats are also evolving to counter the security protocols you have in place. You will need to update and change with the times. By securing your network with software, appropriate adjustments to strengthen them and equipment is called is called "network hardening." True hardening must be done on the inside as well as the outside. Remember, many attacks occur internally so equal consideration must be given to that possibility. At the heart of the network hardening concept is the need to be consistent in evaluating your network layout and configuration. Consistency also implies staying ahead of the curve so to speak. Ensuring that you're never in a position where you're struggling to keep up with current security trends or technologies. Security threats thrive on exploiting the vulnerabilities of environments with out-of-date hardware, software, and security protocols. The proper evaluation of your current network requires detailed research and a sense of urgency. You must be purpose-driven and methodical as you determine which components and/or practices need to be "hardened." It would not be cost effective to use a shotgun approach and upgrade everything at once. This approach would not only be inefficient but extremely risky as proper testing is essential before you implement new components or practices into your environment. A botched upgrade could actually weaken security rather than harden it. Don't be hasty and skip the testing phase!......

Words: 401 - Pages: 2

Premium Essay

Unit 5. Exercise 1 Security

...Ramsarran July 18th, 2014 NT1230 Mr. Durniok Unit 5. Exercise 1 Security Re: Manager In response to your questions regarding if Windows 7 includes protection against some internet threats. Windows 7 comes with Microsoft Security Essentials which helps defend against viruses, trojans, worms and spyware. Windows Defender runs in the background and notifies you when you need to take specific action. However, you can use it anytime to scan for malware if your computer isn’t working properly or you clicked a suspicious link online or an email message. You also have Firewall protection on your computer, where you can access it from your “control panel” to make sure it is turned on. Not only does it protect you at home but in public places also. Your “advanced settings” on firewall shows you “incoming” and “outgoing” rules and also allows you to create your own rules. Microsoft Security Essentials uses green, yellow and red color codes to designate the security status of your PC and a color-coded icon in the taskbar tells you at a glance if your attention is needed. It’s simple—when you’re green, you’re good. However, if there’s a red or yellow threat, Microsoft Security Essentials will alert you and recommend what to do (you can act directly from the notification area without having to enter the application). In closing, Microsoft Security Essentials is designed for small business; it runs quietly in the background......

Words: 259 - Pages: 2

Premium Essay

Personal Project and Evaluation Methods

...Assignment: Personal Project and Evaluation Methods Garry R. Scott University of Phoenix AET/ 535 June 28, 2014 Instructor: Stephanie Krebs The fundamentals of Program Evaluation I advocate the principle of evaluation definition that asserts that it is a systematic process that is comprised of a collection of analyzed data enabling us make decisive solid decisions. Because evaluation is a systematic process that contributes to the determination as of what level of objectives has previously been realized, in addition to current objectives students are striving to attain; this idyllically empowers a person to make informed decisions. The process will consequently make certain that the established goals are achieved as required by the programs. It is vital to be aware that evaluations are important since it assists in making vital decisions concerning the impact, effectiveness, or efficiency of a certain program (Boulmetis & Dutwin, 2005). Then again, efficiency asserts that the extent to which a project or program has been productive in accordance to its resources while effectiveness establishes to the degree that particular stipulated objectives have been accomplished. Furthermore, impact refers to the degree to which a project or program has brought about various changes in which either could be advantageous or detrimental. Evaluation is essential in evaluating program implementation, fidelity, resource utilization, and to the value of the......

Words: 1196 - Pages: 5

Premium Essay

Security Evaluation Report

...Information Security Article Evaluation Nelson Okubasu CMGT/441 12/3/2014 MARJORIE MARQUE Can We Sniff WI-Fi?: Implications of Joffe v. Google Google collected information between 2007 and 2010 both in us and oversees. In 2010 a law suit was filed against google for violating the federal wiretap act. Among the first of the cases to rule on intercepting unsecured Wi-Fi communications. As of today our society has become so dependent on using Wi-Fi communications for various aspects of our lives, there is a parallel expectation of privacy. At the same time there are so many people or users out there who don’t understand how Wi-Fi technology works, if their information is secure, whether there privacy is violated or if the government has the right law in place to protect them. The fact that users do not fully understand Wi-Fi technology and the shortcomings of current security mechanisms is not a justification to violate their privacy, but instead to call on the government to enact or amend the Federal Wiretap Act (FWA) to reflect their reasonable expectations. Clear statutory protections will allow for the continued progression of Wi-Fi technology. Society’s dependency on Wi-Fi networks and public hotspots both economically and personally requires expansion of the FWA to ensure national uniformity. Essentially, the court found that even though Wi-Fi networks do transmit data using radio waves, the uses of Wi-Fi......

Words: 1058 - Pages: 5

Premium Essay

Information Security Evaluation

...Information Security Evaluation CMGT 441 June 16, 2014 Information Security Evaluation Introduction In today's age where technology is constantly developing and shifting faster than most individuals can recognize, one feature stand dependable is company resources. Of these resources, none seems more significant in the age of instant media than information. Safeguarding information can be crucial to a failure or achievement of the company. Around 2008 to 2009, a consortium of security specialists from the United States government, private industry, and international organizations generate a list of the 20 most critical security controls against threats on the Internet. Transferred in 2013 by SANS Institute the list is to assist network administrators with the most developed Internet security faults (SANS Institute, 2000-2014). This list was intended for network administrators who are flooded with the security threats that are revealed day by day and not known where to begin. Some software defenselessness is because most effective strikes on computer systems because attackers are opportunistic, and take the simplest path by utilizing the most weaknesses in the systems with extensively accessible attack tools. Hackers rely on individuals and organizations not correcting the faults and frequently attack unsystematically by scanning the cyberspace for defenseless systems. According to SANS Institute (2000-2014), "the present 20 Critical......

Words: 615 - Pages: 3

Premium Essay

Security Project

...SECURITY WEAKNESSES FOR QUALITY WEB DESIGN Contents Course........................................................................................................ Error! Bookmark not defined. Introduction ............................................................................................................................................ 3 Abstract .................................................................................................................................................. 4 Company Background.............................................................................................................................. 4 Software Weaknesses and Recommendations......................................................................................... 5 Hardware Weaknesses and Recommendations........................................................................................ 6 Network Security flaws and Recommendations ....................................................................................... 7 REFERENCES:........................................................................................................................................... 7 Introduction A company that deals with making web site and web business solutions is known as Quality web design. The company provides its customers to provide an opportunity so that they can spread their business through the internet. The other business solutions accompanied are......

Words: 1406 - Pages: 6

Premium Essay

Job Evaluation Exercise

... Job Evaluation Exercise 1. Evaluate the jobs and prepare a job structure based on its evaluation. Assign titles to each job, and show your structure and title and job letter. (This organization places a major emphasis on the important role of teams.) 2. Describe the process you went through to arrive at the job structure. You should also be prepared to discuss the job evaluation techniques and compensable factors used and the reasons for selecting them. 3. Evaluate the job descriptions. What parts of them were most useful? How could they be improved? 4. Questions: does the job evaluation method used appear to affect the results? Do the compensable factors chosen affect the results? Does the process affect the results? How? Job A Kind of Work Provide excellent customer service. Follow and comply with all applicable health and sanitation procedures. Prepare food items: sandwiches, slice deli meats and cheeses. Prepare items on station assignment list and as predetermined. Stock and rotate products, stock supplies and paper goods in a timely basis; keep all utensils stocked. Check dates on all products in stock to ensure freshness and rotate when necessary. Use waste sheets properly, as directed. Operate and sanitize all equipment in a safe and proper manner. Comply with and follow organizational safety procedures. Follow established Weights and Measures procedures. Answer the phone and pages to department quickly and with appropriate phone......

Words: 2011 - Pages: 9

Premium Essay

Evaluation of Planning Projects

...Evaluation of my performance in relation to planning the project Introduction: Planning is a key skill required throughout the life. The purpose of the planning is to find out how the project outcomes will be achieved successfully within both the required quality and timescale. Planning helps to work out the most effective way of reaching your target and prepare to overcome unexpected difficulties in advance. Planning develops the ability to prioritize the tasks. If I did not plan my project I would have not known what tasks I was required to do and what my time limit was, which could have lead ultimately to the failure of the project. The purpose of evaluating my performance in relation to planning is so that I can identify what I did well and what I did not do well. This will help me to carry out better planning in the future I hope that by improving my planning techniques. It will help me in all aspects of my life. Planning techniques used: I used five different techniques to enable me to produce final product. These techniques were action plan, summary action plan, mind maps, Gantt chart and critical path. These are techniques used by professional companies for their planning. The techniques I used were generally effective and helped me to a number of tasks and a final product by the final deadline with required quality. Action plan: To plan my project, first of all I and the other people in the group read the brief and identified the tasks that we would......

Words: 3162 - Pages: 13