SecDevOps - Over the past 5–10 years there has been a shift in product and service development to use more agile methodologies to provide more continuous delivery.

QUESTION 1:

Considering the article below: Comment on at least two (2) security concerns with a DevOps model and how these concerns can be alleviated with a strong implementation of SecDevOps considerations.

-----------------------------------------------

Agility has become an unavoidable necessity in a fast-moving technology environment, but achieving it can be a challenge for organizations and their development teams. The DevOps philosophy provides a road map; following it is not always as easy.

Even more crucial than the need to transform the development process is the need to protect against ever more sophisticated threats and attacks. But some organizations are finding that agility and security can go hand in hand. SecDevOps is an approach to development that puts security right at the heart of DevOps by making it integral to the development cycle.

SecDevOps: Bridging the Gap Between Security and Agility

According to CIO Insight, organizations such as the endowment-based Dana Foundation have found the SecDevOps approach to be an effective way to bring security into DevOps. The result is faster development cycles and more robust security.

The Dana Foundation is primarily engaged in two fields: web activities related to grant management and publishing and outreach operations, including an annual brain awareness week. James Rutt, the company’s chief information officer (CIO), told CIO Insight that the organization was primarily concerned with “code quality and code security,” with a particular focus on protecting against known code vulnerabilities listed in the Open Web Application Security Project (OWASP) Top 10, such as cross-site scripting and forgery.

The SecDevOps approach helped the company speed up its development process while reducing code vulnerabilities by 40 to 50 percent. This impressive performance shows why and how security and agility can form a perfect partnership.

Building Security Into the DevOps Cycle

Experts have been preaching for years that security needs to be built in, not bolted on after the fact. But the combination of conventional, prolonged development cycles with a fluid security environment has made built-in security almost impossible to achieve. After all, if new versions of a software package were only released every couple of years, the security environment would be radically transformed between two successive versions. Developers had no choice but to bolt on new security features.

In the world of DevOps, the software development cycle has become dramatically faster — so much faster, in fact, that code development can now match the pace of new security challenges. Developers are no longer focused on fixing existing code to handle new security threats. Instead, they are constantly building new code as part of the DevOps cycle, which means that new security features can be built in as part of the overall development process. This is exactly what the security community has been preaching all along.

SecDevOps is not a magic trick, but a natural, organic way to approach new security needs in the context of ongoing code development. This is very good news for organizations that are shifting into the DevOps era.

Endangered Species

Imagine a world without rhinoceroses, or cheetahs, or elephants, or humpback whales, or whooping cranes, or passenger pigeons, or Carolina parakeets, or ivory-billed woodpeckers….

Actually, it is easy to imagine world without the last three on that list. They are already extinct. Extirpated. Gone forever.

As we enter the 21^st century, the human population continues to rise. Many of you may recall a time when there were only 4 or 5 billion people on the Earth. Now there are over 7 billion, and by 2020 there will be 8 billion. And we all need natural resources to survive—sources of food and water and raw materials. We all need land. We all need energy.

Because of those needs, we continue to encroach on other living creatures, different species that collectively form the biodiversity of life on Earth—the variety and richness of life.

This week, we are exploring efforts to restore and sustain that biodiversity in one place; Gorongosa National Park, Mozambique, Africa. Most large mammals were killed off across the region during 35 years of civil war. Now they are making a comeback, and scientists are documenting it. In fact, in this week’s Critical Thinking activity, you will be participating in that process, as a citizen scientist.  

For our discussion this week, let us each imagine an African savanna ecosystem without one of the animals currently living there. To do this, go to the Gorongosa National Park Field Guide (Links to an external site.) and select a mammal or bird pictured there. Click on its picture for a brief overview of the animal; you may want to supplement that information with additional online research. When you have completed your research, answer the following questions:

1. What animal did you choose?
2. What is its preferred habitat?
3. What food does it eat?
4. What animals prey on it?
5. What might be different about the savanna if your chosen animal were to go extinct? How might its extinction affect plants and animals of the savanna, and or the savanna landscape?
6. What arguments can you offer as to why this animal ought to be protected?

As you discuss the different animals that you have researched as a class, consider interrelationships between your animal and the animals your peers have chosen, along with the different reasons that students have identified for protecting the biodiversity of Gorongosa. Are some animals more valuable to the savanna than others? Are some reasons for preserving biodiversity more valid than others?

Your post must be formatted according to the CSU-Global Guide to Writing & APA (Links to an external site.).

Your initial posting should be 250-500 words and must be submitted by Thursday, midnight, of this week.

Assignment 1 Part A - Confidence Intervals and Hypothesis Testing
(One Population)
1. The shoulder height for a random sample of six (6) fawns (deer less than 5 months old) in a national park was , ? = 79.25 cm with population standard deviation ?= 5.33 cm. Compute an 80% confidence interval for the mean shoulder height of the population of all fawns (deer less than 5 months old) in this national park. Analyze the result to interpret its meaning. (10 points)

2. A random sample of 732 judges found that 405 were introverts. Construct a 95% confidence interval for the proportion. Interpret the meaning of the confidence interval. Justify your use of a confidence interval based on a normal distribution for data regarding proportions that are normally following a binomial distribution. (10 points)

3. It has been determined that 37 out of 100 adult Americans that did not attend college believe in extra-terrestrials. However, from a random sample of 100 adult Americans that did not attend college 43 claim that they believe in extra-terrestrials. Does this indicate that the proportion of people who did not attend college and who believe in extra-terrestrials has changed? Conduct a hypothesis test with a = 0.01 and interpret the results. (10 points)

Assignment 1 Part B – Inference (Two Populations), Chi-Squared Tests
1. In a study of brain waves during sleep, a sample of 29 college students were randomly separated into two groups. The first group had 15 people and each was given ½ liter of red wine before sleeping. The second group had 14 people and were given no alcohol before sleeping. All participants when to sleep at 11 PM and their brainwave activity was measured from 4-6 AM. The group drinking alcohol had a mean brainwave activity of 19.65 hertz and a standard deviation of 1.86 hertz. The group not drinking alcohol had a mean of 6.59 hertz and standard deviation of 1.91 hertz. Compute a 90% confidence interval for the difference in population means of groups drinking alcohol before sleeping and those not drinking alcohol before sleeping. Explain the meaning of the confidence interval. (10 points)
2. Discuss the following: (10 points)
 What type of data can be examined using the Chi-Squared Test?
 What is the only constraint in using Chi-Squared Tests?
 What problems can be caused by the way the data have been grouped?

2. Zulkifli, computer centre manager, reports that this computer system experienced three-component failure during the past 100 days. What is the probability of no failure?

Select one:

a. 0.004

b. 0.97

c. 0.996

d. 0.03

4. Suppose that women obtain 54% of all bachelor’s degrees in a particular country and that 20% of all bachelor’s degrees in business. Also, 8% of all bachelor’s degrees go to women majoring in business. The events “the bachelor’s degree holder is a woman” and the bachelor’s degree is in business” are _____________.

Select one:

A. statistically correlated

B. statistically independent

C. statistically not independent

D. statistically dependent

5. The variance for the data values “ 87, 85, 80, 78, 86, 90” is :

Select one:

A. 12

B. 4.1

C. 85

D. 17.1

6.

A company is hiring candidates for 4 key positions in the management of its new office. 5 candidates are from Malaysia and 3 are from United States. Assuming that every combination of Malaysian and American is equally likely to be selected, what is the probability that at least 1 American will be selected?

Select one:

A. 5/14

B. 1/14

C. 4/14

D. 13/14

7.

A researcher wants to investigate if there is a difference in the rates of hotel room in two cities. A sample of 50 were selected from each city, the average hotel room in the first city is RM88.42 and in the second city is RM80.61 and the standard deviation are RM5.62 and RM4. The null hypothesis for the difference between the means is

Select one:

A. µ1 - µ2 ≤ 0

B. µ1 - µ2 ≥ 0

C. µ1 - µ2 ≠ 0

D. µ1 - µ2 = 0

8.

The intercept of the regression equation for the following data:

Select one:

A. 87.3922

B. 85.3421

C. 89.3421

D. 83.3421

9.

The number of credits in business courses ten job applicants had is shown here. “ 2, 3, 5, 6, 8, 10, 12, 15, 18, 20”

What value corresponds to the 60th percentile?

Select one:

A. 12

B. 8

C. 11

D. 10

10.

Zulkifli, computer centre manager, reports that this computer system experienced three-component failure during the past 100 days. What is the probability of at least two failures in a 3-day period?

Select one:

A. 0.004

B. 0.91

C. 0.03

D. 0.08

Summarize in your own words the article below (300 words)

Trivago Ramps Up Finance Team After Material Weakness By Nina Trentmann Feb 8, 2018

Rolf Schroemgens, co-founder and chief executive officer of Trivago, center, cheers with employees during the company's initial public offering (IPO) in New York, U.S., Dec. 16, 2016. Rolf Schroemgens, co-founder and chief executive officer of Trivago, center, cheers with employees during the company's initial public offering (IPO) in New York, U.S., Dec. 16, 2016. PHOTO: BLOOMBERG NEWS Hotel-search company Trivago N.V. has expanded its financial reporting team as it prepares to file its next annual report, said Chief Financial Officer Axel Hefer. The German company, which listed on the Nasdaq in late 2016, disclosed that it found a material weakness in internal controls over financial reporting in the lead up to its initial public offering. At the time, Trivago was heavily reliant on outside consultants and advisors to meet U.S. reporting requirements. “We now have significantly more people that are experts on U.S. Generally Accepted Accounting Principles,” CFO Axel Hefer Wednesday said in an interview with CFO Journal. The expanded staff have helped overhaul Trivago’s reporting process, which is now “completely different,” Mr. Hefer said. The hotel-comparison company is still assessing whether the circumstances that resulted in the material weakness have been mitigated, Mr. Hefer said. Trivago plans on filing its annual report in the next couple of months, he added. The Securities and Exchange Commission requires foreign issuers that have listed equity shares on U.S. exchanges to submit an annual report within six months after the end of the company’s fiscal year. Mr. Hefer did not share how many people have been added to the company’s reporting team or the number of employees in the finance and accounting department. Mr. Hefer last year said the company would phase out reliance on external accounting help. Düsseldorf-based Trivago currently employs over 1,400 people. Trivago Wednesday swung to a wider-than-expected quarterly loss amid reduced spending from advertisers. The company reported a fourth-quarter net loss of €9.6 million ($11.8 million), compared with net income of €0.1 million for the same period last year.

Discussed persuasive messages and how they are meant to convince an audience to act or change beliefs.The following letter was written from a program chair to a well-known, and very hard to get, gourmet chef in Beverly Hills. The letter is meant to request for the chef to present to a local restaurant association but it is not very persuasive or professional.

Analyze the letter to determine how it could be more persuasive and professional. Consider all the components of effective persuasion discussed in the lesson. Answer the following questions.

What is your initial response to the the way the chair wrote the letter to the chef?

What are at least five weaknesses you identify in the letter, based on concepts learned in the lesson?

In what way could each of the components of AIDA (attention, interest, desire, action) be more effectively implemented in the letter? How would you specifically improve the letter using each component?

--------------------------------------

Dear Ms. Mazzetti:

We know you are a very busy hospitality professional as chef at the Beverly Hills Hotel, but we would like you to make a presentation to the San Diego chapter of the National Restaurant Association. I was asked to write you since I am program chair.

I heard that you made a really good presentation at your local chapter in Los Angeles recently. I think you gave a talk called “Avoiding the Seven Cardinal Sins in Food Service” or something like that. Whatever it was, I'm sure we would like to hear the same or a similar presentation. All restaurant operators are interested in doing what we can to avoid potential problems involving discrimination, safety at work, how we hire people, etc. As you well know, operating a fast-paced restaurant is frustrating—even on a good day. We are all in a gigantic rush from opening the door early in the morning to shutting it again after the last customer has gone. It's a rat race and easy to fall into the trap with food service faults that push a big operation into trouble.

Enclosed please find a list of questions that our members listed. We would like you to talk in the neighborhood of 45 minutes. Our June 10 meeting will be in the Oak Room of the Westin St. Francis Hotel in San Diego and dinner begins at 7 p.m.

How can we get you to come to San Diego? We can only offer you an honorarium of $200, but we would pay for any travel expenses. You can expect a large crowd of restaurateurs who are known for hooting and hollering when they hear good stuff! As you can see, we are a rather informal group. Hope you can join us!

Sincerely,

Featherbed Surf & Leisure Holidays Ltd. is a resort company based on Vancouver Island. Its operations include boating, surfing, diving, and other leisure activities; a backpackers’ hostel; a family hotel; and a five-star resort. Justin and Sarah Morris own the majority of the shares in the Morris Group, which controls Featherbed. Justin is the chair of the board of directors of both Featherbed and the Morris Group, and Sarah is a director of both companies as well as the CFO of Featherbed.

In February 2020, Justin Morris approached your audit firm, KFP Partners, to carry out the Featherbed audit for the year ended June 30, 2020. Featherbed has not been audited before but this year the audit has been requested by the company’s bank and a new private equity investor group that has just acquired a 20-percent share of Featherbed.

Featherbed employs 30 full-time staff. These workers are employed in administration, accounting, catering, cleaning, and hotel/restaurant duties. During peak periods, Featherbed also uses part-time and casual workers. These workers tend to be travellers visiting the West Coast who are looking for short- term employment to help pay their traveling expenses.

Justin and Sarah have a fairly laid-back management style. They trust their workers to work hard for the company and they reward them well. The accounting staff, in particular, are very loyal to the company. Justin tells you that some accounting staff enjoy their jobs so much they have never taken any holidays, and hardly any workers ever take sick leave.

There are three people currently employed as the accountants, the most senior of whom is Peter Pinn. Peter heads the accounting department and reports directly to Sarah. He is in his fifties and plans to retire in two or three years. Peter prides himself on his ability to delegate most of his work to his two accounting staff, Kristen and Julie. He claims he has to do this because he is very busy developing a policy and procedures manual for the accounting department. This delegated work includes opening mail, processing payments and receipts, banking funds received, performing reconciliations, posting journals, and performing the payroll function. Julie is a recently graduated Chartered Professional Accountant. Kristen works part-time—coming into the office on Mondays, Wednesdays, and Fridays. Kristen is responsible for posting all journal entries into the accounting system and the payroll function. Julie does the balance of the work, but they often help each other out in busy periods.

Required

Using the factors in the above scenario, assess audit risk.

Beige Book - April 18, 2018

The Federal Reserve released its regular "Beige Book." the April 18th release. Read and write a one page summarizing the details of the report. What’s happening in employment and wages, price and consumer spending, Manufacturing and Distribution, service and finance and banking in March.

Federal Reserve Bank of New York

Overall Economic Activity
Economic activity continued to expand at a modest to moderate pace across the 12 Federal Reserve Districts in March and early April. Outlooks remained positive, but contacts in various sectors including manufacturing, agriculture, and transportation expressed concern about the newly imposed and/or proposed tariffs. Consumer spending rose in most regions, with gains noted for nonauto retail sales and tourism, but mixed results for vehicle sales. Manufacturing activity grew moderately, and demand for nonfinancial services was mostly solid. Residential construction and real estate activity expanded further, although low home inventories continued to constrain sales in several Districts. Loan demand increased, and commercial real estate activity and construction improved since the last report. Transportation services activity expanded in over half of the reporting Districts, buoyed by increases in port traffic and/or air, rail and/or trucking shipments. Agricultural conditions were little changed or worsened on net, in part due to persistent drought conditions. Contacts in the energy sector cited a pickup in activity, except in the Richmond District, where coal production was flat and natural gas production dipped slightly.

Employment and Wages
The labor market has remained tight and hiring activity has been steady. One employment agency in upstate New York noted a seasonal pickup in hiring. A major New York City agency indicated that hiring has been robust and that it is taking longer to fill jobs, particularly those requiring technical skills. Businesses noted particular shortages of tech workers, truck drivers, and skilled tradespeople. A few contacts cited difficulties in attracting young job-seekers away from major urban centers.

Business contacts in the finance and information sectors reported fairly brisk hiring activity, while those in manufacturing, wholesale trade, education & health, and leisure & hospitality indicated modest hiring, on net. Retailers continued to report declining employment. Still, firms in most service industries, including retail, said they plan to expand hiring in the months ahead, while manufacturers have scaled back hiring plans.

Businesses across all major service industries reported ongoing wage pressures. Some contacts maintained that wages had accelerated over the past year, though plans to raise wages in the months ahead were little changed. A New York City agency reports that a new law prohibiting potential employers from asking about a candidate's salary history has led candidates to demand higher pay.

Prices
Input prices have continued to rise briskly but have not accelerated further, according to contacts in most industry sectors. Still, businesses generally anticipated further increases in the months ahead. A growing proportion of service-sector contacts indicated that they were raising their selling prices--most notably, wholesalers--but manufacturers noted only modest hikes in their prices.

Among retailers, some contacts indicated that they have held prices steady, while others reported price increases. Prices for New York City hotel rooms and Broadway theater tickets picked up noticeably in March. Looking ahead, a growing proportion of businesses in manufacturing and wholesale trade said that they planned to raise their prices, while most retailers did not foresee any significant price hikes.

Consumer Spending
Retail contacts reported that sales have picked up somewhat in recent weeks but are still considered lackluster, reflecting unseasonably cold and wet weather. Retailers in upstate New York indicated that sales have strengthened but remained fairly subdued, despite strong customer traffic. A major retail chain noted that sales advanced in March, running somewhat ahead of plan and up modestly from a year ago. Inventories were generally reported to be at satisfactory levels, and retailers were moderately optimistic about the near-term outlook.

New vehicle sales in upstate New York were reported to have weakened in February but there were some signs of a rebound in March. Sales of used cars were steady to up slightly. Vehicle inventories were said to be in fairly good shape. Dealers continued to characterize retail and wholesale credit conditions as favorable. Consumer confidence in the Middle Atlantic states (NY, NJ, PA) edged up to a new multi-year high in March.

Manufacturing and Distribution
Manufacturers reported some acceleration in growth since the last report. In contrast, wholesalers indicated a pause in growth, and transportation firms reported some decline in activity. Looking ahead, manufacturers have become substantially less optimistic about the near-term outlook, while contacts in wholesale distribution and transportation have remained moderately optimistic.

Services
Reports from service-sector firms were mixed but generally pointed to little growth in activity. Contacts in professional & business services and leisure & hospitality reported modest growth, while those in the information and health & education sectors reported flat activity. Service sector businesses have grown less optimistic about the near-term outlook, most notably in the health & education sector.

Tourism in New York City has picked up since the last report. Hotels reported an increase in both revenues and occupancy rates in March. Broadway theaters indicated that business was sluggish in February and early March but picked up noticeably in the second half of the month.

Banking and Finance
Small to medium size banks in the District reported higher demand for residential mortgages, commercial mortgages, and C&I loans, and steady demand for consumer loans. Banks reported lower loan spreads for consumer loans and residential mortgages, and no change in spreads across all other loan categories. Bankers reported that both credit standards and delinquency rates were unchanged across all loan categories.

For each of the following independent cases (A–E), compute the missing values in the table: