Claim in relation to at least two ways of knowing

â€Å"We see and comprehend things not as they are yet as we may be. † Discuss this case corresponding to at any rate two different ways of knowing. Numerous things we see and comprehend can be influenced by the general public we live in, the convictions we have, and our impression of the world. What I am going to attempt to do in this article is talk about whether we see things and comprehend things not as they seem to be, however as we may be. In this exposition, I will examine a few outer variables which influence individuals and, subsequently, meddle with of method of seeing and comprehension. There are a few issues to be talked about which can influence the manner in which people comprehend and see hings.There are sociologists, similar to David †°mile Durkheim, who express that â€Å"society is preeminent over the individual†. By saying this he needs to show us the force the general public applies on the person. This may prompt an adjustment in observation, an d the manner in which the individual will see and get things. There are a few different ways of knowing, there is a transient P E A R L (Perception, Emotion, Reason, Language). In this way, the general public the individual lives on, the language he talks, and social propensities including religion, will influence the manner in which the individual comprehend things.We see a few issues in this advanced world which can demonstrate my announcement above. As some of you may know, Israel and Palestine have been in struggle for over one century now. The people living in the two social orders, despite the fact that they are extremely near one another (as far as separation), the manner in which they see and comprehend things are totally different, far away from one another. An individual raised inside Israel will most likely have similar convictions the others in the general public do, and along these lines would secure the reason for Israel against Palestine. As David †°mile Durkheim , renowned French humanist says, â€Å"society is preeminent over the individual†.This same circumstance occurring with the person in Israel will likewise occur, regardless of in an unexpected way, with the person in Palestine. This person in Palestine will presumably accept his god is Allah, and that the Israelis are interlopers into their region. This obviously gives us that because of their distinction in social foundations, and convictions, makes 2 exceptionally unmistakable methods of seeing and getting things, which for this situation wound up in a contention which have just brought about the passings of more than 110 000 individuals, which is a similar umber of individuals living in Charleston (US).In this circumstance the particular method of seeing and understanding things have produced this war, anyway there are others circumstance where individuals attempt to comprehend the others method of comprehension in concordance. It is additionally conceivable to have variou s methods of seeing and understanding things inside a similar nation. As should be obvious, in Brazil there are more than 67 clans, in which they communicate in their own language, and practice their own ceremonies. It is sure that most by far of these Indians don't have indistinguishable convictions from the individuals living in he enormous urban areas (e. g. Rio de Janeiro).The Brazilian culture in general acknowledge these ditterences, and there is no contlict in the middle of them, just in some different cases managing an area utility, or other explicit explanation. There are even a few sociologists, and a few hippies which take a stab at getting them, and their way of life, and furthermore secure their region so they can be empowered to proceed with their ordinary lifes. Anyway this relationship with the local Braszilian clans has not generally been this way, from 1500 to 1900 it is estipulated that more than 200 000 locals ave been killed.In early years there were little acce ss to methods of information, and correspondence was exceptionally troublesome. These could be one of the components deciding on this occupation. What I needed to appear by utilizing this Brazilian clans model, was that the distinction in methods of seeing and understanding things don't really cause strife. The locals share particular discernment from the world, they practice a very special strategy which changes from clan to clan, and in this way they would see certain things we see as ordinary, with other eyes.For model: when there is downpour, ome clans, similar to the Tupi's, trust it is a proposal from god so they can raise some more yields. In the interim and individual from the city would consider it to be an ordinary thing, as a characteristic component from the precipitation cycle. Culture and religion is known for misshaping our visual recognition. This is, seeing things not as they seem to be, yet as we may be. They influence straightforwardly on the arrangement of the pe ople, and develop them so as to have confidence in their own way.Plato, an exceptionally celebrated thinker, understudy of Socrates which was conceived in Greece, built up a moral story, known as The Cave. Plato envisioned people living in an underground cavern, with their legs and neck fastened so they couldn't move. Behind them was a fire, which would think about them the contrary mass of the cavern. Manikin players would play with their manikins on front of the fire, so the shadows made by it were thought about the wall.The individuals going through the cavern entrance talking would produce a reverberation which the people living on the cavern would accept were originating from the shadows on the divider. Until one day, one detainee is removed the cavern, and indicated this present reality, he hen understands that all the things he accepted were really hallucinations, and weren't accurate. At the point when the detainee who was sans set come back to the cavern to come clean with the other about, they didn't trusted him, and slaughtered him since they felt insulted. Plato's hypothesis of the cavern is an ideal case of people seeing things not as they are yet as we are.It shows the effect of the general public, which would indiscriminately accept those shadows were valid, and would decline to open their psyche, as though they were shaped by it. Presently a day, there are various caverns; maybe what we see as genuine, and would laim it is valid, could be just a deception. In this way, as an end we can see that by Joining up the three model given, we can say that the individual are very influenced by the general public they live on, the strict convictions they have, and hence the individual won't consider things to be they are however as they are.The development of the people is incredibly influenced by these outsides factors which will absolutely twist their picture of what is genuine and what isn't. As said previously, we all could be living inside a cavern, and we wear t approaches the genuine valid. Because of that, the case â€Å"we see nd comprehend things not as they are however as we are† could be supposed to be genuine despite the fact that many would conflict with it guaranteeing that their convictions are the correct ones, comparative circumstance to the detainees on the cavern.

Peer Reviewed Articles Essay Example | Topics and Well Written Essays - 500 words

Companion Reviewed Articles - Essay Example it of displaying bureaucratic component who are supported on the arranging spending plan of each money related year, controlling and sorting out the establishment the executives board. The division between the two has been upheld by hypotheses identified with the executives that are reliable with logical administration proposed by Fredric Taylor. Together the finding has a disclosure that current time isn't getting refreshed data on 21st century. Abraham Carmeli, Roy Gelbar &Roni Reiter-Palmon. Initiative, Creative Problem-Solving Capacity, and Creative Performance. Human Resource the executives 2013, Vol. 52, No. 1. Pp. 95â€122â © 2013 Wiley Periodicals, Inc. The article Leadership, Creative Problem-Solving Capacity, and Creative Performance: The Importance of Knowledge Sharing was composed by Abraham Carmeli in a joint effort with Roy Gelbard and Roni Reiter-Palmon who introduced a dyad of studies. They inspected the chance of pioneers that are strong of their conduct to upgrade information sharing and the representative inventive critical thinking limit could have an effect on improving innovative execution. The two audited contemplates had a disclosure that administration with ongoing steady conduct is legitimately and in a roundabout way related, nonetheless, both interior and outer information sharing to imaginative critical thinking limit. It was seen that innovative critical thinking was connected was identified with a couple measurement of imaginative execution that is familiarity and creativity. In general, the finding featured the intricacy of the procedure by which pioneers encourage both inner and outside information sharing a nd representative inventive critical thinking so as to expand the worker execution. The dependability of the two article was controlled by looking at the writers. They were specialists in the field of the origin introduced. Also, the article was explored by different writers in a similar field before the article was distributed. This makes the article dependable (Weller, 2001). Two rules

Cognitive Behavioral Therapy and Adult ADHD

Cognitive Behavioral Therapy and Adult ADHD ADHD Adult ADD/ADHD Print Cognitive Behavioral Therapy and the Treatment of ADHD Interview About CBT With Dr. J. Russell Ramsay By Keath Low Keath Low, MA, is a therapist and clinical scientist with the Carolina Institute for Developmental Disabilities at the University of North Carolina. She specializes in treatment of ADD/ADHD. Learn about our editorial policy Keath Low Medically reviewed by Medically reviewed by Steven Gans, MD on August 05, 2016 Steven Gans, MD is board-certified in psychiatry and is an active supervisor, teacher, and mentor at Massachusetts General Hospital. Learn about our Medical Review Board Steven Gans, MD Updated on January 13, 2020 ADHD Overview Symptoms Causes Diagnosis Treatment Living With In Children Gary Waters / Getty Images In This Article Table of Contents Expand The Role of CBT in Adult ADHD Treatment CBT in Daily Life Changing Behavior With CBT Finding a CBT Professional View All What sets cognitive-behavioral therapy (CBT) apart from other forms of psychotherapy is the emphasis it places on the interactive role of cognitionsâ€"automatic thoughts, images, belief systemsâ€"and behaviors. CBT certainly does not ignore emotions, but rather targets problematic thinking and behavior patterns as the entry point to understanding and addressing the difficulties for which people seek treatment. CBT was originally designed as a treatment for depression and research has consistently demonstrated that it is an effective therapeutic approach for mood problems. Subsequent studies have shown CBT to be helpful for other common problems, such as various types of anxiety, substance use, other mood problems, and some medical issues, such as dealing with sleep problems or headaches. The past decade has seen many clinical researchers who have worked on modifying CBT to address coping difficulties associated with adult ADHD. The Role of CBT in Adult ADHD Treatment Medications are considered the first line of treatment for ADHD in terms of treating the core symptoms of ADHD. There are a variety of medication treatments for ADHD whose benefits operate through their effects on brain functioning, generally producing improvements in sustained attention, managing distractions, and impulse control. For many people, these symptom improvements lead to functional improvements in their daily lives, such as being better able to keep track of items, experiencing less physical restlessness and greater impulse control, and being able to sustain focus on work or reading for reasonable lengths of time, to name a few. Beyond Medication Many individuals, however, may continue to struggle with the effects of ADHD despite adequate medication treatment. That is, individuals may continue to experience residual symptoms of ADHD and/or have ongoing difficulties with implementing the coping strategies that they know would be helpful. Moreover, individuals with ADHD may struggle with difficulties managing their emotions in daily life, an increasingly recognized feature of ADHD, or may experience problematic levels of depressed mood, anxiety, substance use, or low self-confidence. These adults with ADHD require additional help to experience improved well-being and functioning in their daily lives. Some adults with ADHD may continue to have symptoms and face emotional difficulties even after they start taking medication. Adding CBT to their treatment plan can help. CBT has been found to be a useful adjunctive treatment that directly addresses the sorts of impairments and coping issues associated with adult ADHD that were described above. While the coping solutions may seem simpleâ€"use a daily planner, start working on tasks well in advance of their deadline, break large tasks into smaller tasksâ€"they can be difficult to implement. Facing these longstanding challenges may also trigger negative thoughts, pessimism, self-criticism, and feelings of frustration that create additional barriers to follow-through. There also may be a minority of individuals with ADHD who cannot take medications due to medical contraindications, intolerable side effects, non-response, or who simply decline medications for whom CBT may be the central treatment approach. Hence, CBT may be recommended in cases in which medications alone are not sufficient to address problems associated with ADHD. CBT and Daily Life With ADHD A common example is a patient who arrives late for the first session citing that addressing poor time management is a goal for CBT. Such events are used to reverse engineer the various component parts of the problem in order to provide increased understanding of how ADHD (and other factors) may contribute to the development and maintenance of their functional problems, in this case, poor time management, and to provide some initial ideas for coping strategies. This sort of review also allows treatment to be personalized to the individuals circumstances, thereby making it a relevant and salient opportunity to strategize for the implementation of coping skills. To continue with the aforementioned example, the issue of time management related to being late for an appointment could have several causes, such as: Poor schedule-keeping (e.g., not having a daily planner with a record of the appointment)Disorganization (e.g., not being able to find the piece of paper with the appointment date and time)Poor problem-solving (e.g., not thinking through options for obtaining the appointment time, such as researching the number for the office and calling to confirm)Poor planning (e.g., not setting a realistic time frame for leaving for the appointment, factoring in travel, parking, etc.),Becoming over-focused on distracting tasks (e.g., working on the computer) There may also be issues related to anticipation of the appointment that creates barriers to follow-through. Feelings of anxiety can be distracting and lead to avoidant behaviors. Task-interfering cognitions, either negative (e.g., This doctor will not tell me anything I have not already heard) or positive (e.g., Im sure there will be plenty of parking or It wont matter much if Im late) can also affect follow-through. Each of these components of poor time management offers an opportunity for change. As the various difficulties associated with ADHD are identified, there will be recurring themes that emerge and the various coping skills discussed can be applied to various situations to improve overall functioning. CBT is not a quick fix and skills must be implemented in a consistent fashion, but the combination of increased recognition of the effects of ADHD and a plan for handling them provides a template for making sense of what had previously been experienced as factors beyond ones control. Changing Behaviors With CBT Procrastination is one of the most common problems reported by adults with ADHD. Although virtually every patient with ADHD  cites  procrastination as an issue, every individuals struggle is unique. After having defined procrastination as a target for treatment, the patient is encouraged to share specific examples, preferably recent ones, of procrastination in his or her daily life. We slowly and collaboratively review in specific terms the ultimate goal of the task, be it simple, such as organizing a shopping list, or more complex, such as writing a paper for a college class. We then review the individuals relationship with the task, either recent experiences of procrastination or the current anticipation of the task. We discuss the plan for the task, the component parts of the task in order to break it down into steps (also known as chunking), identifying any potential barriers or factors that could influence follow-through. An important aspect of this process also is to explicitly explore the individuals cognitive and emotional reactions at the prospect of this task. Questions we commonly ask include: What thoughts go through your mind about performing this task?What emotions do you notice when you think about this task?What is it like to be in your skin when you are facing this task? The purpose of these questions is to uncover the role of negative thoughts and emotions that may contribute to procrastination. We also want to identify the persons escape behaviors and rationalizations, such as Ill check my e-mail first and then Ill get right to work. The CBT interventions operate in the way executive functions are designed to operate, to help individuals to be able to plan, organize, and choreograph their time, energy, and effort in order to accomplish tasks that may not be immediately rewarding (although the small rewards of completing small steps is often minimized) but that are associated with larger, more rewarding outcomes. How to Get Through Your To-Do List if You Have ADHD Individuals identify the specific plan for implementing specific skills on a specific day and time on a specific task to increase the likelihood of follow-through (e.g., When you walk in the door after work, you may drift towards the television and rationalize that you need to veg out; what can you do differently to make sure that you get your mail before you sit down? Where can you sort through the mail for that day? What will you say back to those rationalizations for procrastination?). The goal of CBT is to make coping strategies stick so a person with ADHD can remember and use them in their daily lives. The process is not always an easy one and it is common that change occurs in a two steps forward, one step back manner, but these sorts of skills delivered in the context of a relationship with a therapist who understands adult ADHD can be helpful for many people. Being able to discuss your own observations about your ADHD as well as questions you may have with an experienced healthcare professional can be invaluable. Many people find these types of discussions with their doctors to be therapeutic and to affect change in their day-to-day lives. ADHD Discussion Guide Get our printable guide for your next doctors appointment to help you ask the right questions. Download PDF Finding a CBT Professional There are organizations devoted to the dissemination of CBT, such as the  Association of Behavioral and Cognitive Therapies  and the  Academy of Cognitive Therapy  that have therapist locator features on their websites. However, many practitioners who are quite skilled in CBT may not be familiar with issues faced by adults with ADHD. Likewise, there are organizations devoted to ADHD that have professional directories on their websites that include a variety of mental health professionals but these clinicians may not be familiar with CBT approaches. The  National Resource Center  (associated with Children and Adults with ADHD [CHADD]) has listings of adult ADHD providers and programs and the  Attention Deficit Disorder Association  (ADDA), which is an organization devoted to issues related to adult ADHD, also offers a listing of providers. Find Support With the 9 Best Online Therapy Programs There are a growing number of adult ADHD specialty clinics around the United States and the world, including many that provide CBT-oriented treatment approaches. Harvard University/Massachusetts General Hospital and Mt. Sinai School of Medicine, NYU all have active programs in the United States. There are excellent programs exploring psychosocial treatments for adult ADHD in Canada, Finland, and Germany. Very often people find out about good therapists in their area by contacting these resources or clinics in their region and finding out if there are qualified therapists nearby who can be consulted. Unfortunately, because CBT for adult ADHD is a clinical specialty to which all clinicians are not exposed, there may be some locations without experienced therapists. However, there are increasing numbers of published treatment manuals and clinically oriented professional books that can serve as useful resources to clinicians. 6 Places to Find Help for Adult ADHD

The Media s Influence On Black Children Essay - 1151 Words

The media has conditioned society into thinking that racial stereotypes are the norm. â€Å"Irish people are drunks† and â€Å"Asians are good at math† are all classic examples of common racial stereotypes. Author Michael Omi of â€Å"In Living Color: Race and American Culture† asserts how media presentation of minorities establishes people perspectives of â€Å"these groups†. But where do these racial stereotypes at the media fingertips originate from? It comes from the establishment of America oppressing others. Minorities has been feeling oppression from the â€Å"dominant race† for generations. However, it has gotten better? No, it has not. Minorities, more importantly blacks are being discriminated in institutions; in a multitude of southern states they cannot vote without being accused of voter fraud, and schools are inferential racist. As sserted in â€Å"Actin’ White† author Stuart Buck tackles the pros and cons of desegrega ting the school system. Buck expresses how the lack of representation in high level school officials can affect black children negatively. By highlighting stereotypes throughout the media, Omi addresses how â€Å"inferential racism† is seen throughout daily â€Å"intuitional life† which Buck strengthens in his article when he confronts the negative repercussions of desegregation. Omi argues that media alludes to racist stereotypes about minorities, which is reinforced by Buck when he asserts that â€Å"inferential racism† in institutions is what led to racist stereotypes in the media.Show MoreRelatedWhat Is Being Sold To The Youth Of The This Country Today?1185 Words   |  5 Pages What is being sold to the youth of the this country today? Looking specifically at media shown to children. I watched some kids TV ads to see what is actually being shown to the youth of the country. Children are exposed to systemic racism very early by the commercials they view when watching cartoons especially on Saturday mornings. I remember as a child I always wondered why being a young black boy there weren’t anyone that looked like me or if there was they didn t really have a part theyRead MoreThe Dangers Of Blaxploitation Films Essay1520 Words   |  7 PagesBlaxploitation Films Blaxploitation movies in American society were at an all time high in the 1970’s. They gained popularity during and after the civil rights movement due to the influence African Americans were having on society. The movie Coffy, directed by Jack Hill and release in 1973, is a great example of how Blaxploitation movies reinforced the stereotypes that already exist about black men and women. Young African American filmmakers, made lots of these types of movies in order to appealRead MoreA Brief Note On The Crimes Of The Past1706 Words   |  7 Pagesworld around us, and one of the most influential we see currently is the media. As kids grow up and develop, they are exposed to a lot of media from Nickelodeon to Cartoon Network, to one of the most impactful, Disney Channel. When it comes to the media we know that over the course of time things can be skewed to look a certain way and they typically may have subliminal messages. So what message are we showing our children? When it comes to Disney and their iconic princesses, we know that they typicallyRead MoreDue 11Th January.To What Extent Are We Influenced By The1537 Words   |  7 PagesDUE 11th January To what extent are we influenced by the media? Mass media can be defined as communication that transmits education, information, entertainment and news to mass audiences. Whether it be print media, such as newspapers and magazines, audio visual media, such as television, or cyber media, there has been debates on the impact and to what extent it can influence the populations behaviour, thoughts or actions. Print media, such as newspapers have an agenda. People trust newspapers asRead MoreMedia Effects Body Image1656 Words   |  7 PagesApril 6, 2014 The Effects of Mass Media on African American Women Body Images Over the past 10 years, mass media and the access to social networks has evolved substantially causing the effects of negative self-image and what is considered beautiful. Body image expectations for both African-American male and female share the battles of society’s expectations, yet African American women body images come with a stricter and more unhealthy stigma; growth of social media such as Facebook, Instagram andRead MoreThe Effects Of Media On The Media Influences Viewers1587 Words   |  7 PagesRacial Bias in the Media Influences Viewers Television reaches more consumers for more time than any other source of media. Its use for entertainment or news is overly influential, persuasive, and authoritative. Through these characteristics, any type of information or message influences its massive audience. Because of this, what Americans see – or fail to see- has a powerful impact on how they view other races. Young children are especially vulnerable to the information they are exposed to. TVRead MoreMedia s Effect On Black Children Essay1201 Words   |  5 PagesMedia has conditioned society into thinking racial stereotypes are the norm. â€Å"Irish people are drunks† and â€Å"Asians are good at math† are all classic examples of common racial stereotypes. Author Michael Omi of â€Å"In Living Color: Race and American Culture† asserts how media presentation of minorities establishes peoples perspectives of â€Å"these groups†. However, where do racial stereotypes media portray origina te from? It comes from the establishment of America oppressing others. Minorities haveRead MoreCool Rules : Anatomy Of Cool By Pountain And Robinson1732 Words   |  7 Pagesfacets of our lives, however it can only be seen through people’s reactions. In other words, you can see Cool in the eyes of others. According to Pountain and Robinson, â€Å"Cool has become a universal phenomena that has an important influence on all our institutions from the media to education to marketing and the economy as a whole†. The writers define Cool as not only an oppositional attitude that expresses defiance to authority, but also as a permanent state of private rebellion. What makes Cool distinctiveRead MoreThe Theory Of Resource Mobilization1490 Words   |  6 Pagessociologists and others prescribe to social movements and their functions. One of these theories is the Resource Mobilization Theory. This theory proclaims an ever present link between ‘resources’ and the potential success, failure, and overall influence of a social movement (Staggenborg, 2011, p. 17). The theory goes further to categorize and give examples of many of the types of ‘resources’ that may be considered under the Resource Mobilization Theory. These include tangible and intangible resourcesRead MoreMedia s Influence On Society1293 Words   |  6 PagesMedia is a major contributor of how social groups are perceived in today’s society. Mediais around us every day almost all day, and it constantly sends messages about the world’s environment. There are many indicators shown pertaining to how media really affects society. One of the most p rominent explanations of those questions is the way media influences stereotypes. There has been previous research linking media sources and biased attitudes. This research paper explores articles supporting media

Comparison of Two Films Essay - 1290 Words

In that paper, I will try to compare two films which are A Birth of a Nation directed by D.W.Griffith and The Bicycle Thieves directed by De Sica. After giving the story of the films, I will try to explain their technical features and their similarities. A Birth of a Nation by D. W. Griffith Griffith can be seen as the first modern director, his greatest achievements being the historical epics The Birth Of A Nation. When it was released, it was one of the longest films ever made, over three hours in length. The prologue depicts the introduction of slavery to America in the seventeenth century and the beginnings of the abolitionist movement. The major part of the film depicts the events before, during and after the Civil†¦show more content†¦The mainstream picture was probably the best advertisement that the KU KLUX KLAN could have had. The vilifying of blacks also led to the Jim Crow system. When it was portrayed in this movie as acceptable, people in the South felt much better about doing horrible deeds to black citizens, denying blacks their civil rights Though the portrayal of both blacks and the KU KLUX KLAN were extremely off track, the movie itself was an amazing work of cinema for its time. This was probably the first movie to use hundreds of extra in a battle scene. These scenes were well crafted by the filmmaker, and while not to the perfection of more modern films such as Braveheart, the technology and genius that the filmmaker used rival such films. To think that the movie was released only fifty years after the end of the Civil War makes the feat seem even more incredible. In seeing the huge battles, I did not need sound to hear the sounds of battleShow MoreRelated Comparison Of Two Films: Essay1268 Words   |  6 Pagestry to compare two films which are â€Å"A Birth of a Nation† directed by D.W.Griffith and â€Å"The Bicycle Thieves† directed by De Sica. After giving the story of the films, I will try to explain their technical features and their similarities. A Birth of a Nation by D. W. Griffith nbsp;nbsp;nbsp;nbsp;nbsp;Griffith can be seen as the first modern director, his greatest achievements being the historical epics The Birth Of A Nation. When it was released, it was one of the longest films ever made, overRead MoreA Comparison of the Two Film Versions of Romeo and Juliet1789 Words   |  8 PagesA Comparison of the Two Film Versions of Romeo and Juliet I have been studying the prologue to Romeo and Juliet written by the magnificent playwright, William Shakespeare sometime between 1594 and 1596. Still globally acknowledgedRead MoreA Comparison of Two Film Adaptations of Hamlet Essay741 Words   |  3 Pagesfeel the music has already given the film. The first scene gives a little comic relief when the guards become confused after seeing the ghost. When the camera enters the looming castle a celebration is being had and is abruptly interrupted by the mysterious Hamlet. The real life of the play starts to be seen upon Hamlets entrance; Hamlets costume and character are very bold and start to add to the impact of the setting, costume, and gestures throughout the film. Roger Ebert thinks alike: The cameraRead MoreComparison of Two Film Versions of Romeo and Juliet Essay733 Words   |  3 PagesComparison of Two Film Versions of Romeo and Juliet Shakespeare’s play ‘Romeo and Juliet’ was made into a film by two different directors. Baz Luhrmann’s to Franco Zeffirelli’s interpretation of Romeo and Juliet were very distinct and they both appeal to different age group audiences. Franco Zeffirelli’s version was the first film of Romeo and Juliet. It was produced in 1968 and it was quiet typical, exactly what the audience would have expected the film of ‘RomeoRead MoreA Comparison of Film Techniques of Two Film Versions of Mary Shelleys Frankenstein1861 Words   |  8 PagesA Comparison of Film Techniques of Two Film Versions of Mary Shelleys Frankenstein Mary Shelley wrote her novel Frankenstein when she was just a young girl of nineteen. She wrote it in 1816, when she went on holiday with her friend, Byron. Byron was already a famous poet, and it was him who suggested that whilst they were away, they should both write a ghost story. At the time it was just a way of passing time and having fun for Mary Shelley, but little did she know thatRead MoreA Comparison of the Establishment of Genre and Narrative in Two Crime Films2370 Words   |  10 PagesA Comparison of the Establishment of Genre and Narrative in Two Crime Films In this essay I will compare how genre and narrative are established in 2 crime films. The main iconography of this genre is fairly easy to identify; props such as guns, latex gloves, sirens, rain are used frequently in Hollywood crime films such as Se7en (1995). The conventions of this genre are also fairly easy to recognise: detectives with long trench coats, the killer being the least likely Read More Comparison of Two Films About King Arthur Essay3985 Words   |  16 Pagescountless interpretations and adaptations. Today, we not only have countless Arthurian books, but many movies on the subject as well. In this paper I hope to compare and contrast two such Arthurian movies, Excalibur and King Arthur, and discuss what each film adds to the treasury of Arthurian lore. It is hard to believe that two completely opposite movies are based on the same literature. The movie Excalibur is like a modern day Morte dArthur, while the more recent King Arthur differs greatly from allRead MoreEssay about A Comparison of Two Film Openings to Great Expectations1356 Words   |  6 PagesA Comparison of Two Film Openings to Great Expectations The story Great Expectations is based in Victorian times and was written by Charles Dickens in the 1860s. This novel which Charles Dickens wrote has been produced as a film one version by David Lean and another by B.B.C. The B.B.C version is the modern version and the version produced by David Lean is the traditional version. I will be comparing these two versions of the openings to Great Expectations. TheseRead MoreA Comparison of Two Film Trailers: Lord of the Rings Return of the King and The Gladiator1502 Words   |  7 PagesA Comparison of Two Film Trailers: Lord of the Rings Return of the King and The Gladiator In this coursework, I will be comparing two different film trailers, â€Å"Lord of the rings _ the return of the king† and the â€Å"Gladiator†. Film trailers are promos designed by the film industry to attract the viewer’s attention towards a specific film. They are usually compiled of interesting and short clips of the film, usually leaving the viewers with a cliffhanger. This increasesRead MoreThe Breakfast Club : A Perfect Source For The Study Of Communication Theory1657 Words   |  7 PagesThe film, â€Å"The Breakfast Club† is a perfect source for the study of communication theory. It possesses the potential for numerous conversations regarding theories that even the most basic scholar of communication could discuss. For example, there are countless displays of symbolic convergence, symbolic interactionism, relational dialectics, cathartic scenes, identification, and social comparison. When viewing this movie it is hard to ignore these theories being put into practice. They constitute

Children of Abraham Free Essays

Laura Laws, Nick Skinner, Sarah Swain INT – 244 Collaborative Learning Assignment Professor Anthony Colombo March 24, 2013 Children of Abraham The Exodus event laid an important foundation for God’s redemption plan for humanity and it is clearly recognized in Islam, Judaism and Christianity. The purpose of this essay will be to discuss the historical, social and spiritual metaphor for the Exodus experience for Judaism throughout the ages. We will also discuss the ways in which the Exodus experience might parallel the salvation, conversion and the sanctification experience in Christianity. We will write a custom essay sample on Children of Abraham or any similar topic only for you Order Now Finally we will discuss the way Islam views the Exodus experience different from that of Judaism and Christianity. By answering each of these questions effectively we hope to gain a new understanding of what God was doing for future generations through each belief. While researching the history of Judaism we see that God lays out the plan and purpose for His chosen people; we also see the people proving their lack of desire to live according to this purpose. Even though the people of Israel were God’s chosen people, they continually failed to meet His expectations and often did whatever they wanted because they could; this included worshipping other gods. As time went on the influence became stronger until the voice and purpose of God could only be heard by a few. The teachings of Judaism are often centered on ethical or ethical-historical monotheism; meaning that professing Jews, of various backgrounds, believe in the one and only God, the God of Israel (Baron, 2011). The Exodus can be seen as prophesy as far back as Abraham. God spoke to Abraham about the bondage of Israel in Egypt and said that after a time of servitude, there would be relief. God used the great darkness and the smoking furnace to let Abraham know that their servitude to Egypt would last four hundred years and then â€Å"they will come away with great wealth† (Genesis 15:14, NLT). God knew that there were many trials ahead under Pharaoh’s empire but in the end the Israelites would overcome (The Exodus, 2010). The social experiences began when the Israelites crossed the Red Sea. Through Moses, God commanded this large body of water to recede and let the people pass on dry land. Once they were through to safety God allowed the water to fall on their enemies and take them out. It was time for celebration; they were a free people with nothing else to fear but God; at this point the stopped to celebrate their first Passover. While leaving in such a hurry their bread had not had time to rise so every year when the Passover is celebrated we remember by not eating anything with yeast in it. When the Israelites began to travel they were led by a cloud during the day and a pillar of fire by night. Since food and water were not always available to them God provided them with Manna and spiritual water. These two things reminded them (and us) that God is always providing for us the things we need: physically and spiritually (Deem, 2008). The journey also brought them closer together as people. They were all suffering the same and so they were able to cling to one another and reach out for guidance. As God lead the Israelites out of Egypt and slavery He began to test them to see how faithful they would hold to Him. They were faced with a harsh and relentless environment that yielded little food and scarce water. They had to turn to God to provide for them because if not, they all would have perished in months. God provided daily manna for food and water from a rock; as long as the people relied on Him, He provided. The Exodus experience not only provided a historical, social and spiritual metaphor for Judaism but it also became the foundation for the salvation, sanctification, and conversion experience in Christianity. The Exodus experience shows us an interesting parallel with the metamorphosis of salvation in the Bible. The Old Testament story of redemption provides a pathway for the New Testament metaphor of spiritual deliverance (Ryken, 1998). God lead the Israelites out of slavery and guided them safely throughout the challenges that they faced as a nation. Now, by accepting Jesus, the Holy Spirit will lead us throughout the trials that face us. The prophecies throughout the Old Testament show how God sanctified the people of Israel after leaving Egypt. It starts in Genesis 12:1,2 â€Å" The Lord said to Abraham leave your country, your people, and your fathers household and go to the land I will show you. I will make you into a great nation and I will bless you; I will make your name great, and you will be blessed. This promise made by God sets the stage for the Israelites to be brought out of Egypt. I feel this experience can be compared to sanctification because God made Abraham and his decedents holy. Sanctification is to become holy. Exodus 31:33 tells us â€Å"You are to speak to the people of Israel and say, above all you shall keep my Sabbaths, and for this is a sign between me and you throughout your generation s that you may know that I, the Lord, sanctify you. † Exodus 26:2 says â€Å"Consecrate to me all the first born, whatever is the first to open the womb among the people of Israel, both of man and of beast it is mine. Also in Exodus 30:25 â€Å"You shall concrete them, that they may be most holy, whatever touches them will become holy. † I think the most important piece of scripture showing how the Exodus experience parallel’s sanctification can be found in Exodus 29:34: â€Å"There I will meet with the people of Israel, and it shall be sanctified by my glory. † The act of conversion is to accept God. In the time of the Exodus experience many in the land were pagans. God would use things like the bringing the Israelites out of Egypt to the people he is real, this was for anyone that did not believe in him. Exodus 11:3 tells us â€Å"and Jehovah gave the people favor in the sight of the Egyptians. † Ephesians 2:8 tells us â€Å"For by grace you have been saved, through faith, and this is not your own doing; it is the gift of God. † Mark 16:16 says â€Å"Whatever believes and is baptized will be saved, but whatever does not believe will be condemned. † God shows us his awesomeness over and over again thru different stories in the Bible. These stories in ancient times when they happened they showed others the power of God. In today’s society these stories still serve to show people God’s greatness and bring them to Christ. When it comes to the Exodus experience there are some significant differences in views between that of the Christian and Judaism faith compared to that of the Muslim faith. The Christians, Jews, and the Muslims agree that Pharaoh had enslaved and oppressed the Jews. They also agree that Moses was used to help gain their freedom and led the Jews out of Egypt. It is in the description of these events that these religions share different views on. These differences range from important details about some of the people found in Exodus as well as the omission of some very important events. Starting with some of the smaller differences for example, one of the first discrepancies is that of the caretaker of Moses. According to the Holy Bible, Moses was placed in a basket and then put into the river. He was later found by Pharaoh’s daughter who in turn paid Moses’ mother to nurse him. He was then later returned to Pharaoh’s daughter to be raised (Exodus 2:5-9). The Qur’an states that Moses was found by Pharaoh’s household and was raised by Pharaoh’s wife (The Exodus, n. d. ). These small differences continue in the fact that the Qur’an does not mention the city of Ramses when it describes the Jews Exodus from Egypt. Although these differences in views seem minor, they begin to add up when looking at the big picture. Some of the real different in views began with the description of the plagues. While the book of Exodus in the Holy Bible describes in great detail the ten plagues used by God to bring down divine chastisement on Pharaoh and his people, the Qur’an briefly mentions five plagues that can be an exaggeration of natural phenomena: flooding, locusts, lice, frogs and blood (The Exodus, 2010). The most important difference in views of the plagues would have to be the plague of Death of the Firstborn. While the Qur’an does not mention this, it can be found in (Exodus 11:4-5). It was this plague that the Jews sacrificed a lamb, using its blood to mark the door of their households so that the angel of death would pass over their house, sparing the life of the firstborn. This plague would lead to the celebration of Passover and be a foreshadowing of the Sacrifice that Jesus would make for the sins of man. While both Judaism and Islam fail to see Jesus Christ as the Son of God, both Judaism and Christians feel it is important to have a personable relationship with God. The religion of Islam is different in the fact that salvation does not come through a personable relationship with Allah and can only be found in abiding by the four pillars. That being said, for Christians and Jews Exodus is more about a God who saved them from slavery because He cares for His people and wants a personable relationship with them. While for the Muslims, Exodus is more about the persecution of Pharaoh who caused depravity among Allah’s people. The Exodus experience offered a new hope for the people of Israel and a foundation for Islam, Judaism, and Christianity. Even though several differences are seen between the religions, they all pulled from the same experience. From this we can learn that not everyone views an experience the same but what they take from it is equally important. It was an enlightening experience for all of Israel that can still be seen today. References The Exodus. (2010) Retreved March 18, 2013, from, http://jews-for-allah. org/israel/archaeology/exodus-moses-bible-quran. htm Ryken, L. , Wilhoit, J. , and Longman III, T. (ed. ’s), (1998), Dictionary of Biblical Imagery, USA:Intervarsity Press. Deem, R. (2008). Evidence for God, retrieved March 16, 2011 from http://www. godandscience. org/apologetics/christianity_is_too_old-fashioned. html Baron, S. (2011). The History of Judaism retrieved March 16, 2011 fromhttp://history-world. org/history_of_judaism. htm. How to cite Children of Abraham, Essay examples

Renaissance Dance Essay Example For Students

Renaissance Dance Essay Today we have many different types of Dance: hip-hop, jazz, Irish dance, Ballet, and many more. During the Renaissance time period witch is from the 1300s to the 1600s, they had different types of Dance too Most dances were very similar, and the music during this time had a lot to do with the Dance too. The two main types of dance during the Renaissance were Court dance, and Peasant dancing. Court dances were done for entertainment and more complex, the courtiers would hire dance masters to come up with some new dances. Peasant dancing was usually not for entertainment but just for the fun of dancing! These dances danced by the peasants were called Simple dances, were with lots of people and usually done in a circle or two lines. There are different types of dances came form Italy, France and England. There were different styles in different places; in Italy they had the Basse witch is a dance were the dancers stay low to the ground with no jumps and leaps. There are two main types of Basse, which are La Spagna and Reale. Another Italian Dance is the Balli; witch is more active and expressive. There were jumps and leaps in this dance and the most popular jumps were high in the air. It was more complicated and included steps from Bassadance, Salatarello, and the Piva. There were many tempo changes too. Then there are dances from England like the canary dance witch is one of the most complex dances. It originated in Spain. It is a native dance from the Canary Islands. The dance is usually done with couples and it is danced in a fast triple time. Another dance form England is the Allemande; witch shows the widest variation in their descriptions. Steps are basic and unique. It is a line dance, danced by many couples with the ladies standing to the right of the man in this type of dance. It is a dance done in double time. It usually has a forward movement. The steps consist of a series of double steps and one pair of single steps. Last but not least are the dances from France like the Branle, the word Branle comes from the French word Branler that means to swing side to side. They called it this because many of the steps go from side to side. This is one of the first dances that are taught because the steps are simple and easy. It is danced in 4/4 time. The Branle is usually danced in groups in the form of a circle or chain where the dancers hold hands and move together in a sideways motion. I have two other types of Dances, but I was not able to find out were they were from they were the Pave; witch is a well know dance. It is danced in 2/2 time. It consists of two simple steps and one double step forward and then two simple steps and one double step backward. It was a professional dance where the dancers walked in pairs with the lady on the right of the man. The other on is the Galliard witch is a solo dance that is very complex. It is full of variations of fast steps and high jumps. This can also be danced in couples using a series of sideway steps, turns and hops. It is a triple meter and a lively dance. P The most important part of all these dances was the footwork, because a lot of the people had bulky clothing on the upper part of the body so they could not move there upper part of there body as much. As I was watching some videos of Renaissance Dance I was able to notice it is very much like Irish Dancing, a lot of footwork and arms to the side. The only difference is some of the dances have a lot of jumps and leaps in the air. .u4f437e0879072d3f5b1afd71e2e8545c , .u4f437e0879072d3f5b1afd71e2e8545c .postImageUrl , .u4f437e0879072d3f5b1afd71e2e8545c .centered-text-area { min-height: 80px; position: relative; } .u4f437e0879072d3f5b1afd71e2e8545c , .u4f437e0879072d3f5b1afd71e2e8545c:hover , .u4f437e0879072d3f5b1afd71e2e8545c:visited , .u4f437e0879072d3f5b1afd71e2e8545c:active { border:0!important; } .u4f437e0879072d3f5b1afd71e2e8545c .clearfix:after { content: ""; display: table; clear: both; } .u4f437e0879072d3f5b1afd71e2e8545c { display: block; transition: background-color 250ms; webkit-transition: background-color 250ms; width: 100%; opacity: 1; transition: opacity 250ms; webkit-transition: opacity 250ms; background-color: #95A5A6; } .u4f437e0879072d3f5b1afd71e2e8545c:active , .u4f437e0879072d3f5b1afd71e2e8545c:hover { opacity: 1; transition: opacity 250ms; webkit-transition: opacity 250ms; background-color: #2C3E50; } .u4f437e0879072d3f5b1afd71e2e8545c .centered-text-area { width: 100%; position: relative ; } .u4f437e0879072d3f5b1afd71e2e8545c .ctaText { border-bottom: 0 solid #fff; color: #2980B9; font-size: 16px; font-weight: bold; margin: 0; padding: 0; text-decoration: underline; } .u4f437e0879072d3f5b1afd71e2e8545c .postTitle { color: #FFFFFF; font-size: 16px; font-weight: 600; margin: 0; padding: 0; width: 100%; } .u4f437e0879072d3f5b1afd71e2e8545c .ctaButton { background-color: #7F8C8D!important; color: #2980B9; border: none; border-radius: 3px; box-shadow: none; font-size: 14px; font-weight: bold; line-height: 26px; moz-border-radius: 3px; text-align: center; text-decoration: none; text-shadow: none; width: 80px; min-height: 80px; background: url(https://artscolumbia.org/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png)no-repeat; position: absolute; right: 0; top: 0; } .u4f437e0879072d3f5b1afd71e2e8545c:hover .ctaButton { background-color: #34495E!important; } .u4f437e0879072d3f5b1afd71e2e8545c .centered-text { display: table; height: 80px; padding-left : 18px; top: 0; } .u4f437e0879072d3f5b1afd71e2e8545c .u4f437e0879072d3f5b1afd71e2e8545c-content { display: table-cell; margin: 0; padding: 0; padding-right: 108px; position: relative; vertical-align: middle; width: 100%; } .u4f437e0879072d3f5b1afd71e2e8545c:after { content: ""; display: block; clear: both; } READ: Hobbit EssayDancing was widespread. Church officials suspected it. The negative views of the church prompted the non= body contact and formality of the form of dances practice at court. When the Renaissance came about it brought a new attitude towards the Body, the arts and dance. The courts of Italy and France became the center of new development in dance providing support for dance masters so they could create new dances for the courtiers. Dance was being developed in the Courts of Italy and France because the courtiers would pay dance masters to create dances for their celebrations and festivals. In the court of Catherine De Medici (1519-89) the first forms of Ballet were created by a Dance Master named Balthazar De Beauhoyleux. The dances told a story with a group of dancers in costumes. Later, King Louis XIV established the first Academie Royale de Dance. In the courts the couple dances of The Minuet and the Waltz began to show the freedom and expression of the Renascence times. In addition to the formal dances in the courts, the Renaissance saw an increase in country dancing outside of the fancy dances of the courts.

Ordinary Men by Christopher R. Browning

Chemicals That Could Make You Fail a TSA Swab Test

Chemicals That Could Make You Fail a TSA Swab Test If youre flying, you may get pulled aside by a TSA agent for a swab test. Also, your baggage may get swabbed. The purpose of the test is to check for chemicals that might be used as explosives. The test cant check for all the chemicals that might be used by terrorists, so it looks for two sets of compounds that can be used to make many types of bombs: nitrates and glycerin. The good news is the test is highly sensitive. The bad news is, nitrates and glycerin are found in some harmless everyday products, so you could test positive.   Getting swabbed doesnt seem to be particularly random. For example, some people get swabbed nearly every time they fly. This may be because theyve tested positive before (possibly related to a penchant for making smoke bombs and other small pyrotechnics) or because they meet some other criteria. Just expect to be swabbed and be prepared. Heres a list of common chemicals that may cause you to test positive. Avoid them or else be ready to explain the test result, because it can take a while for TSA to complete its evaluation of your belongings, which can translate into a missed flight. Common Products That Test Positive Hand soaps that contain glycerin (Rinse very thoroughly after washing your hands.)Lotions that contain glycerinCosmetics or hair products, which may contain glycerinBaby wipes, which may contain glycerinCertain medications (such as nitroglycerin and other nitrates)Lawn fertilizers (Nitrates: Wash your hands and especially your shoes.)MunitionsAccelerantsFireworks and other pyrotechnics What to Do If Youre Flagged Avoid becoming hostile and aggressive. It wont speed the process. Youre likely going to get patted down by an agent of the same gender who will also empty your bag for additional testing. Theres a chance your luggage may get pulled, although this rarely happens; its also unlikely that you will miss a flight because of the test. Be aware of chemicals in your environment and able to trace your steps to help TSA identify the source of the triggering compound. Sometimes you wont have any idea why you flagged the test. But, careful attention to hygiene may help you avoid the situation. The best advice is to arrive early enough before your flight to get through security. Try to avoid the problem, plan for it, and dont overreact if it happens to you.

Rhetorical Analysis Essay #3 Example | Topics and Well Written Essays - 250 words

Rhetorical Analysis #3 - Essay Example Due to it, readers are expected to trust the author, perceive him as reliable and informed. Moreover, appeal to pathos is mostly received by the choice of a language and the imagery used to describe the situation. Firstly, the author describes the situation in dark colors saying that workers are â€Å"forced to work making pennies per hour† and intimidated from expressing their will. (Ravisankar) Working extra hours and having no break is a norm for such people, including children. They work for pennies and their living conditions will continue to aggravate. Secondly, the choice of the emotionally –charged language, such as â€Å"oppression†, â€Å"abhorrent†, â€Å"extreme heat† helps to achieve the intended and cause empathy. (Ravisankar) Importantly, the topic itself touches upon such issues as poverty, unfair working conditions, and lack of justice that makes the rich become richer and the poor – poorer. Subsequently, readers are receptive to the message being sent as they sympathize with workers and feel sorry for them. In addition, the appeal to logos is also evident. The author states the problem is details, explaining what is wrong with sweatshops, who benefits from them, and what is their essence as a whole: â€Å"they are taking part in a phenomenon which has been described as â€Å"the race to the bottom†. (Ravisankar) Apart from that, Ravisankar suggests the possible solution that calls for participation of all the students eager to change the situation. As a whole, the argument looks credible and

Career Planning Assignment Essay Example | Topics and Well Written Essays - 1250 words

Career Planning Assignment - Essay Example In this paper, an attempt will be done right from class, internships as well as organizations of students. I like Loyola Marymount University based on the fact that it has a rich career development program. Loyola Marymount University Office of Career and Professional Development (CPD) in Von der Ahe 135 contain a number of career development opportunities. First, it has business school. The school has business specialization in various categories that fall within the Department of business administration, finance and Economics. The various departments avails a fundamental and culturally significant business concept that exposes students to the larger business world. The business concepts touch on economic aspects of any company in a given country. The business analysts collaborate with academicians across all fields through the lines of academic disciplines and business interactions with the surrounding Los Angeles communities. The business department also offers diverse learning opportunities in various business fields. In general, the business department encourages me to explore the b usiness world in a more visual and real way by availing experience in doing business. The other career development service available in the LMU’s Office of Career and Professional Development is the theater arts. The Theatre Arts program provides me with a strong inclusive course work schooling and experience in such fields as acting, design, directing, theatre technology, criticism, history and playwriting. Intimate classes give room for close working associations as pertains to the faculty. I am certain to get a unique experience in theater with standard, current multicultural networks, political as well as progressive. I can also have opportunities to undertake personal research and projects that are quite creative. Besides, I am

Security Forensics and Risk Management

Security Forensics and Risk Management Acknowledgement Foremost I would like say thanks to god for all support in all my life and secondly University of Greenwich to give this my life aim to complete my masters. Next my supervisor Professor Kevin Parrott to the supports he gave because without his support I wouldnt be able to complete my project with this quality. Especially the suggestions and appreciation given my supervisor make me feel better and gave positive thinking. Finally need to thank my family and friends for unbelievable supports and encouragements. Abstract As we are in the information era the world is changing to use electronic means for day to day use. The paper documents is gone and most of them are paper free because of so many reasons such as pollution, easy, fast, etc At the same time this digital media has availability, scalability, confidentiality and integrity which are required behaviour for secure communication. The risk is increased with the increase of computer and digital means usage and the single security lack may cause huge losses. There are some surveys says most of the crimes are happening through electronic means and the target is computer or computer peripherals. If the attacker found a single security lack that is enough to start and break the whole system and the security lack could be configuration mistake, firewall issue and basically problems in the protection mechanism. Because of these reasons testing become very important and this process called as Auditing. There are so many types in the auditing and this auditing requires technical knowledge to make these tests perfect and to give an audit report including suggestions. The auditing falls into two main categories such as Automatic and manual. The test will be efficient if it is automated using testing tools which are called as automated or computerised test. Even though there are some tests cannot be automated and need to test manually. This auditing covers network security test, physical or environment security test, computer security test which includes software and hardware tests. The computerised test will carry on with some security tools and the manual will use questioner to minimise human made errors mainly forgetting.   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Security audit is the technical assessment of the application or system. The assessment may be manual or systematic or both. In most case the auditing process uses manual and systematic/ automatic methods because there are some tests cannot be automatic such as review of the security policy, asset management, etc   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  This auditing has different types such as internal or external. This type is depends on the company size and the resource availability. Usually big companies have their own security auditor so they will perform the audit internally and the small and medium size companies mostly hire auditor form outside. Both types got pros and cons in security and financial manor. Chapter 1 Introduction This chapter largely contains non-technical information to give the understanding of high level objectives. Also describe the techniques and technologies used in the project and research to accomplish the project Objective Audit The audit is a systematic or manual security assessment of the network, infrastructure, system, etc The complete audit should be the combination of manual and automatic assessment because in every test target there will be some test cannot be automatic. The audit has so many categories and the following paragraph will explain about the categories and the functions or techniques behind that. There are 3 controls in the auditing process which are Preventive control The preventive controls are controls may in the form of software or hardware or ant configuration to prevent the error or vulnerabilities. This is an active type control always monitor the interface for any vulnerabilities and block such vulnerabilities or errors before it enter into the system or infrastructure. This is most effective control mechanism because not allows the vulnerabilities. Detective control The detectives are in placed to monitor the vulnerabilities in the form of software or hardware but the different between preventive and detective is the preventive wont allow the vulnerabilities into the system where detective allows entering everything and correcting the vulnerabilities after enter. The best example is for this control is fire alarm because fire alarm wont prevent the fire before but if any fire it will work. Corrective controls The corrective controls are the controls to correct the error or issue before it make any harm. This is very important control for all places even if they have other controls because there are some issues or vulnerabilities cannot detect by the controls if they will come and attack so there should be some control to correct those before loss occur. Addition to that the controls should up to date such as latest firmware or latest definition. Type of auditors   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  There are two basic types of auditors in the information era the internal and external auditors. This selection of the auditor will be done by the management with the use of financial status of the organisation. Size of the organisation and the policies defined in the company. Internal auditors Internal auditors are auditors belong to that particular company which is going to perform the audit. That means the auditor is an employee of the company. So the auditor is always available to do the auditing and data or information will keep within the organisation. This is the main advantage of having the internal auditor and the same time and the employee purposely recruited for auditing then is cost a lot for the company. So it is only possible for the big level companies because they have huge investments and revenue. The disadvantage of the internal auditor is they may be up-to-date and dont have current market or audit status such as new techniques and tools. External auditors The auditor recruited from other auditing firm for the auditing so it is very hard to find professional auditor because of the availability and as the auditor recruited from outside the company information may go out. At the same time the auditor needs some time to get and understand the company process. But the advantage of recruiting the external auditor is their knowledge and it is suitable for middle and small level companies. Types of Audit: Traditional Audit It is just like a manual auditing. It is useful when working with a large amount of data in a large company. Here auditor took some sample data from different place then provide a report. Advantage: Easy Cheaper Disadvantage: Always do not provide correct information. In IT sector it is not useful. Software audit: Software audit is a wide popular for any educational institute or organization. It is just like a review of the software and the system that can find all information of the system such as operating system, application software, processor, drives, controllers, bus adapters, multimedia, virus protection, system model, main circuit board, memory models, local drive volumes, network drives, printers information etc.. There are so many auditing tools in the market such as Belarc Advisor, E-Z audit that are very power full. KW116 is the main Lab for school of computing and mathematical science in University of Greenwich. CMS installed lots of software for students to continue study or research. According to Copy right, Design and Patents Act 1988, all Software must have a valid licences to continue the process. As Lab uses large amount of software and different software expire on different time so it is very difficult for Lab administrator to keep up to date all licence by manually checks. Only auditing by software can possible to give details report to administrator to keep up safe the system. Advantages: Correct Information: Machine always provide the correct information so it has less chance to provide the incorrect information. Save time: Software very quickly provides a report of the system so it saves time. Details description: It provide a details description of system including any warning or licences issues etc Minimise the cost: By implementing the software audit two peoples work may possible with one people so it reduce the extra cost. Disadvantages: Investment Costly: Software is very expensive so university need extra money to buy this software. Risk: Auditor knows the details information of the system. Work flow: Auditor needs part of the lab to check the system. So it discontinues the student workflow. The approach The typical audit has different approach to collect the data. The single audit will use multiple techniques to gather full information and it is necessary to use different technique for different level of people. These are common techniques here. Interview This technique uses to collect the information from outside people or top level people and the number should be limited. During the interview the auditor or interviewer will ask questions from other people and collect the information. So the person will be well prepared for the interview. This is very robust method because it will allow people to express fully and the method also simple as it is talking which is natural way to communicate. Another advantage is this bi directional communication, means both parties allows to ask questions for clarification or gather information. Observation This method uses in the place where real time process monitoring or behavioural change is required. This is a powerful way of do the changes throughout the audit because other techniques exist in currently not possible to get real time information. Inspection The technique required to do some action with collected data to collect audit related information. This is the form of observation with advance criteria expected. This is extended version of observation because if the auditor apply any advance criteria to gather the data which is necessary to the auditing. After collecting the data the next step is to identify the weakness and process it. The identifying is the key work in the audit and after that categorising. The identifying uses some techniques to make that easy, preface and professional. The techniques used here are Root cause analysis General technique for analyse and get the better solution for the vulnerability or weakness. Because this technique drilldowns to the issue and finds the root and fix the weakness. The basic technique behind this is if the root is fixed automatically it will fix all other problems related to that. So simply close all related issues at once. As mention the easy and robust way to stop the issues exist and the issues may come in the future. After root cause analysis the next step is to get the solution for the root of the issue. The important thing here is choosing better and effective solution for the issue. The selection depends on some external and internal restrictions. Organisation policy Cost per benefit Legal restrictions Availability Compatibility Vendor and citification Advantage of having Auditing: Satisfaction: It brings the confidence of the Lab administrator of the University of Greenwich to continue the business process. Owner always thinks is there any lack that breaks down the continuity of the business. Detection and prevention of errors: Human can made error in any times .on one can say there is no error in there company. By auditing people can find the error and suggestion to recover the error. Detection and prevention of fraud: It also just likes errors. Sometimes user intentionally or unintentionally does this thing. So after audit we can find out the fraud. Verification of the Licences: KW116 Lab installs lots of software for student. Here some software for 1 year some software for more than one year and some software has limitation (No. Of user can use) for use. So auditor can find all kind of licence issues. Independent opinion: Audit always done by the independent people .so this report always accepted by everyone. Safety form exploitation: Health and safety always is a big issue for any organization. KW116 Lab got lots of equipment that are connected with electricity. So always chances for short circuit or exploitation. Audit identifies the all lack point and advice for prevention. Disadvantage of having Auditing: It is expensive Sometimes slow or stop the work flow External people know the company information. Encryption Encryption is the simple technique in the different for to send the date securely through shared place like internet. The form of encryption may vary from each other but they all commonly use digital certificate to encrypt and decrypt the data. Encryption use keys to make cipher text from actual message. The cipher text is not readable and it is the encrypted version of the massage using some algorithm. Security roles/user roles The security roles are very important technique to make network administration easy. This is basically creating some groups with different permissions according to the organisation operation or policy. A user or staff can have multiple security roles according to their need. This roles use to authorise the user permission. Security policy Security policy is a document which has all rules and regulations documented and approved by management and align with laws and legislation. This policy is used to define all activities and this is used to make some decision. Business Continuity: There are three things always we have to mind to continue the business Essential: to running the business any customer order cannot be delay more than seven days. Tolerate delay: some application may delay to continue the business such as management pay. It is a midterm i.e. one to four weeks. Discretionary: some application is useful for business but it is not affected to continue the business operation such as management report. It is a long term i.e. 3 to 6 months. Business continuity planning Business continuity planning (BCP) is the most important for any organization to continue the business. BCP engages with only different kind of risk to continue the business process that might occur in the organization and it also creates the policies, plan and procedures to reduce the risk. BCP can continue the business process in disaster situation as well. The main goal of the BCP is to combine together all policies, procedures and process so that any disruptive situation business process can continue or it may impact very little. Here main important function of BCP is Maintaining the business operation Continue the business in emergency situation Reduce the risk If any situation BCP cannot take over then Disaster recovery planning (DRP) takes over. British Auditing Standard BS7799: It is a British standard called as BS7799 that developed by British standard institution where describes the security policy and standard procedures.BS7799 become the ISO IEC 17799 after accepting the ISO IEC technical committee for international use. Now a days information is a valuable asset for organization .So it is very important to protect the information like other corporate asset. Here BS7799 introduces how to protect the information from threats and suggest the three points to secure the information such as Integrity: it is assurance the completeness and accuracy of the information. Confidentiality: Information can only access by the authorise people Availability: Authorise people can access the information when needed. Attacks and prevention for the attacks Errors and Omissions: Errors and Omission is one of the most common and toughest vulnerabilities .It is a human made error because human interact with programming, controlling and enter data for computer. There are no countermeasures to protect the errors and omission. Fraud and theft: It is a one kind of criminal activities that may occur in the KW116 Lab. It includes computer component such as mouse, keyboard, router, switch, cables, CPU box etc. It was observed that security person always not in the access point. So it is harm to secure the lab from fraud and theft. By protecting the access control we can reduce the fraud and theft. Both internal and external people are responsible for that kind of activities. Prevention of Fraud and theft: Regular auditing and monitoring program will help to identify all kind of fraud and theft. Deploy all of the access control. CCTV in proper place. Virus: Virus is a malicious code that has ability to reproduce his code itself and spread one system to another system via e-mail, downloading, storage devices (CD, DVD, memory stick, removal hard drive) and destroy the computer system. It was observed that removal memory stick all most every user are using and it is the most change to spread the virus in the Lab computer system and also observed user are using their own laptop and connected to the university wireless network. If user laptop effected with virus then it also change to spread the lab network that can affect the internal network and attack the server and crash the hard drive. Prevention: Install the latest antivirus software. Regular update the antivirus software. Follow the backup procedures regularly. Scan the device when transfer data. Installing the NIDS (Network Intrusion detection system) and firewall Minimise the download from internet. Download only repudiated site web site. Scan before the download. Care full to open unknown e-mail attach. Scan all incoming file from the remote site. Aware the user about danger of the virus. Trap-doors: It is an undocumented command that might user can create to speed up the work flow. Unfortunately sometimes student might leave these trap-doors. Prevention of Trap-doors: Use latest antivirus software. Give permission to develop the code only authorise people. Check properly all coding before use it. Logic bombs: It work s like time bombs and affect the system in a particular event or day such as program launch, website logon. It changes the data and deletes the data from the system. Here student are accessing the lots software to do the course work or project. So they are strong enough to build the logic bombs. It is normally happen in company if employee leaves the job. Prevention: Audit regularly and monitoring Always back up the necessary file Allow authorise people to develop the code Need record of all modification or changes Trojan Horses: It is a software programming that contains the malicious code. Normally students are interested to download the music, free software from internet. It is the most change to affect the lab computer and destroy the data stored on lab computer system. Prevention: Avoid unwanted software and music download from internet. Aware the user about Trojan Horses. Worm: Warm also is a malicious code that can spread itself without any human involvement from one system to another system .It works only computer network system and does not need any devices to transport. Prevention: Use firewall Use update antivirus software Spyware: It is an unwanted software interface that monitors the activity of the user and transfers the important information like log in details or account details to the remote system that monitor the user activities. Adware: It is also similar to spyware but it does not intent to transfer the user details to a remote system. It works like advertisements on the internet. Some adware monitor the searching behaviour of the user and then redirect the related websites. Prevention of Adware /Spyware: Close the pop up window. Aware about the spyware/adware. Click only reputed link. Social Engineering: Most of the users are getting unknown mail and they are also chatting with unknown people. Social engineering is one of the most popular techniques that attackers use to access the system by sending the mail or chatting with people to know the password. So it is a major risk to the security of the password. Prevention: Not response the unknown mail. Not chatting with unknown people. Dont give any one personal information or login id. Proper training or aware the new user about social engineering. Ping of death: we have only permission to send the largest packet (65,536 bytes) on the server. Attackers know this amount of bytes from ICMP specification. So they try to send the packets more than 65,536 bytes (at least 65,537). If the server does not check the size of the packet and try to process then it hung or crashed the operating system. Dumpster diving: Every day Lab user printing there necessary document but sometimes by mistake they are printing unnecessary document and end of the day through all document in the bin. Hacker is very intelligence. They always look at the bin and find the necessary document to access the network. Prevention: Destroy all documents before put in a bin Natural disasters: If anything happen that is not under control of human it is called natural dusters such as earthquakes, volcano, floods, fires, storms, hurricanes etc It may occur in any time but most risk is the fire for KW116 lab. It may cause from heater, power supply, over heating the power box, short circuit etc. Natural disaster is less chance for lab but it affect is more than any threat .It may destroy the part of the building, loses the all information. Prevention: Follow the health and safety procedures. Clear the fire exit. Aware the user about possible disaster. Man-Made Disasters: If anything happen intentionally to destroy the business process or destroy the part of the business and it is control of human then it is called the Man-Made Disaster such as Fire, Act of Terrorism, Bombings/Explosions, and Power Outages etc. Prevention: Check always ID card Allow only authorise people Use metal detector CCTV Equipment failure: Students are always busy with their course work and other course related work so equipment failure may loss the all data. Prevention: Use extra UPS Back up all data Auditing Stages/Steps Scope and Pre-Audit survey Planning Field work Analysis Reporting Scope and Pre-Auditing The first step or stage of the audit is to understand the purpose of the audit and the areas need to cover during the audit. Understanding the audit purpose is basically get the idea why this audit needs to perform; means any special risk assessment or annual audit. If it is special risk assessment audit this will be more specific and the scope will be narrow and deep otherwise if it is annual audit it will be the general audit to cover as much as possible area. Pre-Auditing survey is to verify the audit areas using risk management techniques and some general techniques such are reading previous audit report, web browsing, background reading, etc This will reduce the chance of failure by correcting the plan by lesson learned. Planning and Preparation In this stage the scope is going to break into small areas to make auditing easier and clear. So the clarity will be more and purpose will be easy to understand. Usually this stage will involve the work breakdown plan and risk control matrix. The risk control matrix is just a check list contains questions to carry out during the audit. Field work Actual auditing will perform during this stage by different techniques or methods. Simply it starts with interviewing staff or students using questioner or oral interview to system or network test by auditing software tools. The result of this stage will be the evidence of the audit to get a conclusion or submit to the management with audit report. So this will be the most important stage in the audit process. This step may use several testing software tools depend on the scope of the audit and the software selection is another key event of the audit process because there are so many fake software applications available in the market. Actually those are virus and the reason of making virus in the form of auditing tools. The reason of spreading the virus in the form of auditing or testing tool is very easy and hart to detect. Analysis Using the evidences or any results collected in the previous stage are the input of this stage. This stage is fully analysis and decision making so it needs a lots of time to investigation and assessment. The most sensitive area of the audit process is analysis because this is the place going to take the decision to submit to the board so that should be perfect otherwise the audit is useless and it will lead to make some wrong decision. Reporting The stage is to present all audit findings in the form of report. This is the document contains all evidences, analysis results, suggestions recommendations, conclusion, etc This document will pass to the management or the higher level people to review approve and take necessary action if necessary. The report should be clearly written and easy to understand because this document need for future also to give some information to start next auditing or to take some strategic decision. Problem Domain Because of the increased use of university of Greenwich KW116 lab the chances of threats or issues are high and this is the responsibility of the student and the staff to make the lab secure in all aspects. The reason of this project based on KW116 is that is the lab used by the students largely and usually network related or any other lab sessions and happening in this lab so if the lab got any security hole or lack that may affect the student and the staffs. Easiest way to ensure the security level of the lab is auditing. This auditing needs to cover all areas from physical security to network security. Then only this will the perfect audit and the audit can use some standard checklist to make more efficient and to eliminate human made errors such as forgotten, typing mistakes, etc There are so many ways to make sure the security level such as penetration testing and vulnerability testing. These are more specific with attacks and threats and for the general purpose security audit is the suitable one as it will cover all areas of the security. According the reasons given above the general security audit is the most suitable technique to verify the security level of the lab. So the auditing will cover most of the areas of the lab with the aid of standard checklist which is approved by British Standard Institute. Test behind the auditing Physical test Network test Software Test Security Policy test Hardware/Peripherals test Access control test Objectives To evaluate the actual level of security that exists at The University of Greenwich Maritime campus KW116 Lab. Activities plan and schedule the audit Auditing with software tools Analysis audit result Deliverable Detailed audit report with suggestions and recommendation This is the main objective of the project and this will carry on with several tools like packet sniffer, port scanner software, etc There are three different tests using these tools to identify internal and external vulnerabilities. To evaluate various methods of implementing the security policy, determine the security weaknesses and implement risk management for the existing security weaknesses. University lab security policy review Analysis Deliverable Detailed security policy analysis report with changes/suggestions/recommendation. The reason of this objective is to stop the holes from policy level because this is the easy way to implement. Learn Audit and Audit process and practice auditing and Research auditing products available in the market and select appropriate. This task is fully learning about audit and audit related stuffs. This objective is the key or starter of this project because if project start without proper knowledge that will mislead to somewhere else not to project aim. To draft a new security policy that addresses the existing weakness to the management. According to the analysis draft a security policy to fix or overcome all existing security holes. Deliverable Draft security policy How the objectives will be achieved Third and fourth objectives will be achieved with books and internet. This objective will give the idea about auditing the outcome of this objective will be a documentation which contains all requirements which need to cover in this project. The research will give the details about tools which requires to perform the auditing the methods/process for the auditing. Internet is the main and basic mean for this research as it is easy to access and with wide range of data. Tools which identified from the research will used to perform the security auditing and this audit result will monitor in real-time and document instantly. Mostly these tools will be freeware and from well-known vendor. The auditing will perform in three different views to make sure the area is secured fully. The views are inside computer local network, outside computer local network, outside computer different network. Audit Methodology This project uses two different methodologies to accomplish the task such as checklist and questioner. The check list is an aid for the auditor to perform the audit and it is a manual to the audit. So the checklist will contains all tests need to perform during the auditing where questioner is to get the opinion or feedback for the staffs and students (generally this will be feedback from stockholders). The analysis also will carry in two different way using questioner and the checklist and finally compare both and get the conclusion. The questioner and checklist covers most of the areas and those are grouped separately to make the auditors life easy and more understandable. The areas coved in the documents are Physical Security/ E Security Forensics and Risk Management Security Forensics and Risk Management Acknowledgement Foremost I would like say thanks to god for all support in all my life and secondly University of Greenwich to give this my life aim to complete my masters. Next my supervisor Professor Kevin Parrott to the supports he gave because without his support I wouldnt be able to complete my project with this quality. Especially the suggestions and appreciation given my supervisor make me feel better and gave positive thinking. Finally need to thank my family and friends for unbelievable supports and encouragements. Abstract As we are in the information era the world is changing to use electronic means for day to day use. The paper documents is gone and most of them are paper free because of so many reasons such as pollution, easy, fast, etc At the same time this digital media has availability, scalability, confidentiality and integrity which are required behaviour for secure communication. The risk is increased with the increase of computer and digital means usage and the single security lack may cause huge losses. There are some surveys says most of the crimes are happening through electronic means and the target is computer or computer peripherals. If the attacker found a single security lack that is enough to start and break the whole system and the security lack could be configuration mistake, firewall issue and basically problems in the protection mechanism. Because of these reasons testing become very important and this process called as Auditing. There are so many types in the auditing and this auditing requires technical knowledge to make these tests perfect and to give an audit report including suggestions. The auditing falls into two main categories such as Automatic and manual. The test will be efficient if it is automated using testing tools which are called as automated or computerised test. Even though there are some tests cannot be automated and need to test manually. This auditing covers network security test, physical or environment security test, computer security test which includes software and hardware tests. The computerised test will carry on with some security tools and the manual will use questioner to minimise human made errors mainly forgetting.   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Security audit is the technical assessment of the application or system. The assessment may be manual or systematic or both. In most case the auditing process uses manual and systematic/ automatic methods because there are some tests cannot be automatic such as review of the security policy, asset management, etc   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  This auditing has different types such as internal or external. This type is depends on the company size and the resource availability. Usually big companies have their own security auditor so they will perform the audit internally and the small and medium size companies mostly hire auditor form outside. Both types got pros and cons in security and financial manor. Chapter 1 Introduction This chapter largely contains non-technical information to give the understanding of high level objectives. Also describe the techniques and technologies used in the project and research to accomplish the project Objective Audit The audit is a systematic or manual security assessment of the network, infrastructure, system, etc The complete audit should be the combination of manual and automatic assessment because in every test target there will be some test cannot be automatic. The audit has so many categories and the following paragraph will explain about the categories and the functions or techniques behind that. There are 3 controls in the auditing process which are Preventive control The preventive controls are controls may in the form of software or hardware or ant configuration to prevent the error or vulnerabilities. This is an active type control always monitor the interface for any vulnerabilities and block such vulnerabilities or errors before it enter into the system or infrastructure. This is most effective control mechanism because not allows the vulnerabilities. Detective control The detectives are in placed to monitor the vulnerabilities in the form of software or hardware but the different between preventive and detective is the preventive wont allow the vulnerabilities into the system where detective allows entering everything and correcting the vulnerabilities after enter. The best example is for this control is fire alarm because fire alarm wont prevent the fire before but if any fire it will work. Corrective controls The corrective controls are the controls to correct the error or issue before it make any harm. This is very important control for all places even if they have other controls because there are some issues or vulnerabilities cannot detect by the controls if they will come and attack so there should be some control to correct those before loss occur. Addition to that the controls should up to date such as latest firmware or latest definition. Type of auditors   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  There are two basic types of auditors in the information era the internal and external auditors. This selection of the auditor will be done by the management with the use of financial status of the organisation. Size of the organisation and the policies defined in the company. Internal auditors Internal auditors are auditors belong to that particular company which is going to perform the audit. That means the auditor is an employee of the company. So the auditor is always available to do the auditing and data or information will keep within the organisation. This is the main advantage of having the internal auditor and the same time and the employee purposely recruited for auditing then is cost a lot for the company. So it is only possible for the big level companies because they have huge investments and revenue. The disadvantage of the internal auditor is they may be up-to-date and dont have current market or audit status such as new techniques and tools. External auditors The auditor recruited from other auditing firm for the auditing so it is very hard to find professional auditor because of the availability and as the auditor recruited from outside the company information may go out. At the same time the auditor needs some time to get and understand the company process. But the advantage of recruiting the external auditor is their knowledge and it is suitable for middle and small level companies. Types of Audit: Traditional Audit It is just like a manual auditing. It is useful when working with a large amount of data in a large company. Here auditor took some sample data from different place then provide a report. Advantage: Easy Cheaper Disadvantage: Always do not provide correct information. In IT sector it is not useful. Software audit: Software audit is a wide popular for any educational institute or organization. It is just like a review of the software and the system that can find all information of the system such as operating system, application software, processor, drives, controllers, bus adapters, multimedia, virus protection, system model, main circuit board, memory models, local drive volumes, network drives, printers information etc.. There are so many auditing tools in the market such as Belarc Advisor, E-Z audit that are very power full. KW116 is the main Lab for school of computing and mathematical science in University of Greenwich. CMS installed lots of software for students to continue study or research. According to Copy right, Design and Patents Act 1988, all Software must have a valid licences to continue the process. As Lab uses large amount of software and different software expire on different time so it is very difficult for Lab administrator to keep up to date all licence by manually checks. Only auditing by software can possible to give details report to administrator to keep up safe the system. Advantages: Correct Information: Machine always provide the correct information so it has less chance to provide the incorrect information. Save time: Software very quickly provides a report of the system so it saves time. Details description: It provide a details description of system including any warning or licences issues etc Minimise the cost: By implementing the software audit two peoples work may possible with one people so it reduce the extra cost. Disadvantages: Investment Costly: Software is very expensive so university need extra money to buy this software. Risk: Auditor knows the details information of the system. Work flow: Auditor needs part of the lab to check the system. So it discontinues the student workflow. The approach The typical audit has different approach to collect the data. The single audit will use multiple techniques to gather full information and it is necessary to use different technique for different level of people. These are common techniques here. Interview This technique uses to collect the information from outside people or top level people and the number should be limited. During the interview the auditor or interviewer will ask questions from other people and collect the information. So the person will be well prepared for the interview. This is very robust method because it will allow people to express fully and the method also simple as it is talking which is natural way to communicate. Another advantage is this bi directional communication, means both parties allows to ask questions for clarification or gather information. Observation This method uses in the place where real time process monitoring or behavioural change is required. This is a powerful way of do the changes throughout the audit because other techniques exist in currently not possible to get real time information. Inspection The technique required to do some action with collected data to collect audit related information. This is the form of observation with advance criteria expected. This is extended version of observation because if the auditor apply any advance criteria to gather the data which is necessary to the auditing. After collecting the data the next step is to identify the weakness and process it. The identifying is the key work in the audit and after that categorising. The identifying uses some techniques to make that easy, preface and professional. The techniques used here are Root cause analysis General technique for analyse and get the better solution for the vulnerability or weakness. Because this technique drilldowns to the issue and finds the root and fix the weakness. The basic technique behind this is if the root is fixed automatically it will fix all other problems related to that. So simply close all related issues at once. As mention the easy and robust way to stop the issues exist and the issues may come in the future. After root cause analysis the next step is to get the solution for the root of the issue. The important thing here is choosing better and effective solution for the issue. The selection depends on some external and internal restrictions. Organisation policy Cost per benefit Legal restrictions Availability Compatibility Vendor and citification Advantage of having Auditing: Satisfaction: It brings the confidence of the Lab administrator of the University of Greenwich to continue the business process. Owner always thinks is there any lack that breaks down the continuity of the business. Detection and prevention of errors: Human can made error in any times .on one can say there is no error in there company. By auditing people can find the error and suggestion to recover the error. Detection and prevention of fraud: It also just likes errors. Sometimes user intentionally or unintentionally does this thing. So after audit we can find out the fraud. Verification of the Licences: KW116 Lab installs lots of software for student. Here some software for 1 year some software for more than one year and some software has limitation (No. Of user can use) for use. So auditor can find all kind of licence issues. Independent opinion: Audit always done by the independent people .so this report always accepted by everyone. Safety form exploitation: Health and safety always is a big issue for any organization. KW116 Lab got lots of equipment that are connected with electricity. So always chances for short circuit or exploitation. Audit identifies the all lack point and advice for prevention. Disadvantage of having Auditing: It is expensive Sometimes slow or stop the work flow External people know the company information. Encryption Encryption is the simple technique in the different for to send the date securely through shared place like internet. The form of encryption may vary from each other but they all commonly use digital certificate to encrypt and decrypt the data. Encryption use keys to make cipher text from actual message. The cipher text is not readable and it is the encrypted version of the massage using some algorithm. Security roles/user roles The security roles are very important technique to make network administration easy. This is basically creating some groups with different permissions according to the organisation operation or policy. A user or staff can have multiple security roles according to their need. This roles use to authorise the user permission. Security policy Security policy is a document which has all rules and regulations documented and approved by management and align with laws and legislation. This policy is used to define all activities and this is used to make some decision. Business Continuity: There are three things always we have to mind to continue the business Essential: to running the business any customer order cannot be delay more than seven days. Tolerate delay: some application may delay to continue the business such as management pay. It is a midterm i.e. one to four weeks. Discretionary: some application is useful for business but it is not affected to continue the business operation such as management report. It is a long term i.e. 3 to 6 months. Business continuity planning Business continuity planning (BCP) is the most important for any organization to continue the business. BCP engages with only different kind of risk to continue the business process that might occur in the organization and it also creates the policies, plan and procedures to reduce the risk. BCP can continue the business process in disaster situation as well. The main goal of the BCP is to combine together all policies, procedures and process so that any disruptive situation business process can continue or it may impact very little. Here main important function of BCP is Maintaining the business operation Continue the business in emergency situation Reduce the risk If any situation BCP cannot take over then Disaster recovery planning (DRP) takes over. British Auditing Standard BS7799: It is a British standard called as BS7799 that developed by British standard institution where describes the security policy and standard procedures.BS7799 become the ISO IEC 17799 after accepting the ISO IEC technical committee for international use. Now a days information is a valuable asset for organization .So it is very important to protect the information like other corporate asset. Here BS7799 introduces how to protect the information from threats and suggest the three points to secure the information such as Integrity: it is assurance the completeness and accuracy of the information. Confidentiality: Information can only access by the authorise people Availability: Authorise people can access the information when needed. Attacks and prevention for the attacks Errors and Omissions: Errors and Omission is one of the most common and toughest vulnerabilities .It is a human made error because human interact with programming, controlling and enter data for computer. There are no countermeasures to protect the errors and omission. Fraud and theft: It is a one kind of criminal activities that may occur in the KW116 Lab. It includes computer component such as mouse, keyboard, router, switch, cables, CPU box etc. It was observed that security person always not in the access point. So it is harm to secure the lab from fraud and theft. By protecting the access control we can reduce the fraud and theft. Both internal and external people are responsible for that kind of activities. Prevention of Fraud and theft: Regular auditing and monitoring program will help to identify all kind of fraud and theft. Deploy all of the access control. CCTV in proper place. Virus: Virus is a malicious code that has ability to reproduce his code itself and spread one system to another system via e-mail, downloading, storage devices (CD, DVD, memory stick, removal hard drive) and destroy the computer system. It was observed that removal memory stick all most every user are using and it is the most change to spread the virus in the Lab computer system and also observed user are using their own laptop and connected to the university wireless network. If user laptop effected with virus then it also change to spread the lab network that can affect the internal network and attack the server and crash the hard drive. Prevention: Install the latest antivirus software. Regular update the antivirus software. Follow the backup procedures regularly. Scan the device when transfer data. Installing the NIDS (Network Intrusion detection system) and firewall Minimise the download from internet. Download only repudiated site web site. Scan before the download. Care full to open unknown e-mail attach. Scan all incoming file from the remote site. Aware the user about danger of the virus. Trap-doors: It is an undocumented command that might user can create to speed up the work flow. Unfortunately sometimes student might leave these trap-doors. Prevention of Trap-doors: Use latest antivirus software. Give permission to develop the code only authorise people. Check properly all coding before use it. Logic bombs: It work s like time bombs and affect the system in a particular event or day such as program launch, website logon. It changes the data and deletes the data from the system. Here student are accessing the lots software to do the course work or project. So they are strong enough to build the logic bombs. It is normally happen in company if employee leaves the job. Prevention: Audit regularly and monitoring Always back up the necessary file Allow authorise people to develop the code Need record of all modification or changes Trojan Horses: It is a software programming that contains the malicious code. Normally students are interested to download the music, free software from internet. It is the most change to affect the lab computer and destroy the data stored on lab computer system. Prevention: Avoid unwanted software and music download from internet. Aware the user about Trojan Horses. Worm: Warm also is a malicious code that can spread itself without any human involvement from one system to another system .It works only computer network system and does not need any devices to transport. Prevention: Use firewall Use update antivirus software Spyware: It is an unwanted software interface that monitors the activity of the user and transfers the important information like log in details or account details to the remote system that monitor the user activities. Adware: It is also similar to spyware but it does not intent to transfer the user details to a remote system. It works like advertisements on the internet. Some adware monitor the searching behaviour of the user and then redirect the related websites. Prevention of Adware /Spyware: Close the pop up window. Aware about the spyware/adware. Click only reputed link. Social Engineering: Most of the users are getting unknown mail and they are also chatting with unknown people. Social engineering is one of the most popular techniques that attackers use to access the system by sending the mail or chatting with people to know the password. So it is a major risk to the security of the password. Prevention: Not response the unknown mail. Not chatting with unknown people. Dont give any one personal information or login id. Proper training or aware the new user about social engineering. Ping of death: we have only permission to send the largest packet (65,536 bytes) on the server. Attackers know this amount of bytes from ICMP specification. So they try to send the packets more than 65,536 bytes (at least 65,537). If the server does not check the size of the packet and try to process then it hung or crashed the operating system. Dumpster diving: Every day Lab user printing there necessary document but sometimes by mistake they are printing unnecessary document and end of the day through all document in the bin. Hacker is very intelligence. They always look at the bin and find the necessary document to access the network. Prevention: Destroy all documents before put in a bin Natural disasters: If anything happen that is not under control of human it is called natural dusters such as earthquakes, volcano, floods, fires, storms, hurricanes etc It may occur in any time but most risk is the fire for KW116 lab. It may cause from heater, power supply, over heating the power box, short circuit etc. Natural disaster is less chance for lab but it affect is more than any threat .It may destroy the part of the building, loses the all information. Prevention: Follow the health and safety procedures. Clear the fire exit. Aware the user about possible disaster. Man-Made Disasters: If anything happen intentionally to destroy the business process or destroy the part of the business and it is control of human then it is called the Man-Made Disaster such as Fire, Act of Terrorism, Bombings/Explosions, and Power Outages etc. Prevention: Check always ID card Allow only authorise people Use metal detector CCTV Equipment failure: Students are always busy with their course work and other course related work so equipment failure may loss the all data. Prevention: Use extra UPS Back up all data Auditing Stages/Steps Scope and Pre-Audit survey Planning Field work Analysis Reporting Scope and Pre-Auditing The first step or stage of the audit is to understand the purpose of the audit and the areas need to cover during the audit. Understanding the audit purpose is basically get the idea why this audit needs to perform; means any special risk assessment or annual audit. If it is special risk assessment audit this will be more specific and the scope will be narrow and deep otherwise if it is annual audit it will be the general audit to cover as much as possible area. Pre-Auditing survey is to verify the audit areas using risk management techniques and some general techniques such are reading previous audit report, web browsing, background reading, etc This will reduce the chance of failure by correcting the plan by lesson learned. Planning and Preparation In this stage the scope is going to break into small areas to make auditing easier and clear. So the clarity will be more and purpose will be easy to understand. Usually this stage will involve the work breakdown plan and risk control matrix. The risk control matrix is just a check list contains questions to carry out during the audit. Field work Actual auditing will perform during this stage by different techniques or methods. Simply it starts with interviewing staff or students using questioner or oral interview to system or network test by auditing software tools. The result of this stage will be the evidence of the audit to get a conclusion or submit to the management with audit report. So this will be the most important stage in the audit process. This step may use several testing software tools depend on the scope of the audit and the software selection is another key event of the audit process because there are so many fake software applications available in the market. Actually those are virus and the reason of making virus in the form of auditing tools. The reason of spreading the virus in the form of auditing or testing tool is very easy and hart to detect. Analysis Using the evidences or any results collected in the previous stage are the input of this stage. This stage is fully analysis and decision making so it needs a lots of time to investigation and assessment. The most sensitive area of the audit process is analysis because this is the place going to take the decision to submit to the board so that should be perfect otherwise the audit is useless and it will lead to make some wrong decision. Reporting The stage is to present all audit findings in the form of report. This is the document contains all evidences, analysis results, suggestions recommendations, conclusion, etc This document will pass to the management or the higher level people to review approve and take necessary action if necessary. The report should be clearly written and easy to understand because this document need for future also to give some information to start next auditing or to take some strategic decision. Problem Domain Because of the increased use of university of Greenwich KW116 lab the chances of threats or issues are high and this is the responsibility of the student and the staff to make the lab secure in all aspects. The reason of this project based on KW116 is that is the lab used by the students largely and usually network related or any other lab sessions and happening in this lab so if the lab got any security hole or lack that may affect the student and the staffs. Easiest way to ensure the security level of the lab is auditing. This auditing needs to cover all areas from physical security to network security. Then only this will the perfect audit and the audit can use some standard checklist to make more efficient and to eliminate human made errors such as forgotten, typing mistakes, etc There are so many ways to make sure the security level such as penetration testing and vulnerability testing. These are more specific with attacks and threats and for the general purpose security audit is the suitable one as it will cover all areas of the security. According the reasons given above the general security audit is the most suitable technique to verify the security level of the lab. So the auditing will cover most of the areas of the lab with the aid of standard checklist which is approved by British Standard Institute. Test behind the auditing Physical test Network test Software Test Security Policy test Hardware/Peripherals test Access control test Objectives To evaluate the actual level of security that exists at The University of Greenwich Maritime campus KW116 Lab. Activities plan and schedule the audit Auditing with software tools Analysis audit result Deliverable Detailed audit report with suggestions and recommendation This is the main objective of the project and this will carry on with several tools like packet sniffer, port scanner software, etc There are three different tests using these tools to identify internal and external vulnerabilities. To evaluate various methods of implementing the security policy, determine the security weaknesses and implement risk management for the existing security weaknesses. University lab security policy review Analysis Deliverable Detailed security policy analysis report with changes/suggestions/recommendation. The reason of this objective is to stop the holes from policy level because this is the easy way to implement. Learn Audit and Audit process and practice auditing and Research auditing products available in the market and select appropriate. This task is fully learning about audit and audit related stuffs. This objective is the key or starter of this project because if project start without proper knowledge that will mislead to somewhere else not to project aim. To draft a new security policy that addresses the existing weakness to the management. According to the analysis draft a security policy to fix or overcome all existing security holes. Deliverable Draft security policy How the objectives will be achieved Third and fourth objectives will be achieved with books and internet. This objective will give the idea about auditing the outcome of this objective will be a documentation which contains all requirements which need to cover in this project. The research will give the details about tools which requires to perform the auditing the methods/process for the auditing. Internet is the main and basic mean for this research as it is easy to access and with wide range of data. Tools which identified from the research will used to perform the security auditing and this audit result will monitor in real-time and document instantly. Mostly these tools will be freeware and from well-known vendor. The auditing will perform in three different views to make sure the area is secured fully. The views are inside computer local network, outside computer local network, outside computer different network. Audit Methodology This project uses two different methodologies to accomplish the task such as checklist and questioner. The check list is an aid for the auditor to perform the audit and it is a manual to the audit. So the checklist will contains all tests need to perform during the auditing where questioner is to get the opinion or feedback for the staffs and students (generally this will be feedback from stockholders). The analysis also will carry in two different way using questioner and the checklist and finally compare both and get the conclusion. The questioner and checklist covers most of the areas and those are grouped separately to make the auditors life easy and more understandable. The areas coved in the documents are Physical Security/ E