Week 5 Discussion Board Chapter 9 Correlation
Given the vast amount of known threat indicators and level of network activity today, automation has become a necessity. It’s often difficult and time consuming for human analysts to efficiently manage large amounts of granular data and a wide range of cognitive biases. Therefore, manual threat correlation is often too slow to keep up with the amount of data generated, results include a high number of false negatives and positives, and outputs are not always reproducible.
However, performing manual threat correlation processes will remain crucial. The human brain’s ability to leverage well-formed biases and perform higher-order reasoning is essential for assessing the validity and value being provided by whatever solutions your organization uses as well as building your cyber threat management team’s knowledge base. Thus, even when automated methods are employed, the final tier of analysis typically uses these human abilities for sense-making before any actions are taken.
Conduct your own research and discuss with the group the following:
· Field Techniques of Comparison?
· Rules for Based Matching?
· What is Fuzzy Matching?
Bonus point
How threat actors can evade detection via threat correlation ?
To post in the discussion board you must do the following:
1) Using APA format create a new thread. Use guidelines indicated above to help you write your post,
2) Select AT LEAST 3 other students' threads and post substantive comments on those threads. Your comments should extend the conversation started with the thread.
ALL original posts and comments must be substantive. (I'm looking for about a paragraph - not just "I agree.")
References:
Reid, R.D., and Sanders, N. (2016). Operations management. 6th ed. Wiley. ISBN: 978-1118
Payroll DataMetropolitan ZooGift Shop DepartmentNameNo. of DependentsHourly WageHours WorkedRegular PayOvertime PayGross PayTaxable PayFederal Withholding TaxFICANet PayAbram2$9.9548Acosta1$9.5548Bordeaux3$11.7550Higinbotham1$11.7535Ianziti1$10.0040Jaussi1$9.5544Ling3$15.7540Munoz2$12.2520Riley3$13.3538Sabey2$10.0045Trujillo1$9.9515Weston2$11.7541TotalsAssumptionsTaxable PayTax RateSummary Statistics# of HoursGross PayNet PayBase Work Hours40$015%AverageOvertime rate1.5$25022%HighestFICA rate7.65%$30025%LowestDeduct per Depend$ 50.00$45028%$52531%Notes1. The base workweek is 40 hours. Regular pay is based on hourly wage and hours worked up to 40.2. Overtime pay is based on overtime hours, the hourly wage, and the overtime rate.3. The gross pay is the total of the regular pay and overtime pay.4. The taxable pay is the difference between the gross pay
and the product of the number of dependents and deduction per dependent.5. Federal withholding tax is calculated on the taxable pay based on the tax table.6. FICA is calculated on the employee's gross pay.7. The net pay is based on the gross pay, federal withholding tax, and FICA.
Grader - Instructions Excel 2016 Proje ...
Seal of Good Local Governance (SGLG) 2024Final.pptx
Week 5 Discussion Board Chapter 9 CorrelationGiven the vast amou.docx
1. Week 5 Discussion Board Chapter 9 Correlation
Given the vast amount of known threat indicators and level of
network activity today, automation has become a necessity. It’s
often difficult and time consuming for human analysts to
efficiently manage large amounts of granular data and a wide
range of cognitive biases. Therefore, manual threat correlation
is often too slow to keep up with the amount of data generated,
results include a high number of false negatives and positives,
and outputs are not always reproducible.
However, performing manual threat correlation processes will
remain crucial. The human brain’s ability to leverage well-
formed biases and perform higher-order reasoning is essential
for assessing the validity and value being provided by whatever
solutions your organization uses as well as building your cyber
threat management team’s knowledge base. Thus, even when
automated methods are employed, the final tier of analysis
typically uses these human abilities for sense-making before
any actions are taken.
Conduct your own research and discuss with the group the
following:
· Field Techniques of Comparison?
· Rules for Based Matching?
· What is Fuzzy Matching?
Bonus point
How threat actors can evade detection via threat correlation ?
To post in the discussion board you must do the following:
1) Using APA format create a new thread. Use guidelines
indicated above to help you write your post,
2) Select AT LEAST 3 other students' threads and post
substantive comments on those threads. Your comments should
extend the conversation started with the thread.
ALL original posts and comments must be substantive. (I'm
2. looking for about a paragraph - not just "I agree.")
References:
Reid, R.D., and Sanders, N. (2016). Operations management.
6th ed. Wiley. ISBN: 978-1118
Payroll DataMetropolitan ZooGift Shop DepartmentNameNo. of
DependentsHourly WageHours WorkedRegular PayOvertime
PayGross PayTaxable PayFederal Withholding TaxFICANet
PayAbram2$9.9548Acosta1$9.5548Bordeaux3$11.7550Higinbot
ham1$11.7535Ianziti1$10.0040Jaussi1$9.5544Ling3$15.7540M
unoz2$12.2520Riley3$13.3538Sabey2$10.0045Trujillo1$9.9515
Weston2$11.7541TotalsAssumptionsTaxable PayTax
RateSummary Statistics# of HoursGross PayNet PayBase Work
Hours40$015%AverageOvertime rate1.5$25022%HighestFICA
rate7.65%$30025%LowestDeduct per Depend$
50.00$45028%$52531%Notes1. The base workweek is 40 hours.
Regular pay is based on hourly wage and hours worked up to
40.2. Overtime pay is based on overtime hours, the hourly wage,
and the overtime rate.3. The gross pay is the total of the regular
pay and overtime pay.4. The taxable pay is the difference
between the gross pay
and the product of the number of dependents and deduction
per dependent.5. Federal withholding tax is calculated on the
taxable pay based on the tax table.6. FICA is calculated on the
employee's gross pay.7. The net pay is based on the gross pay,
federal withholding tax, and FICA.
Grader - Instructions Excel 2016
ProjectEX16_XL_CH02_GRADER_ML1_HW - Metropolitan
Zoo Gift Shop Weekly Payroll 1.3
Project Description:
As manager of the gift shop at the Metropolitan Zoo, you are
responsible for managing the weekly payroll. Your assistant
developed a partial worksheet, but you need to enter the
formulas to calculate the regular pay, overtime pay, gross pay,
3. taxable pay, withholding tax, FICA, and net pay. In addition,
you want to include total pay columns and calculate some basic
statistics. As you construct formulas, make sure you use
absolute and relative cell references correctly in formulas.
Steps to Perform:
Step
Instructions
Points Possible
1
Open the downloaded file exploring_e02_grader_h2.xlsx.
0
2
Use IF functions to calculate the regular pay and overtime pay
based on a regular 40-hour workweek in cells E5 and F5. Pay
overtime only for overtime hours. In cell G5, calculate the gross
pay based on the regular and overtime pay. Abram’s regular pay
is $398. With 8 overtime hours, Abram’s overtime pay is
$119.40.
20
3
Create a formula in cell H5 to calculate the taxable pay.
Multiply the number of dependents (column B) by the deduction
per dependent (B24) and subtract that from the gross pay. With
two dependents, Abram’s taxable pay is $417.40.
10
4
Use a VLOOKUP function in cell I5 to identify and calculate
the federal withholding tax. Use the tax rates from the range
D21:E25. The VLOOKUP function returns the applicable tax
rate, which you must then multiply by the taxable pay.
20
5
Calculate FICA in cell J5 based on gross pay and the FICA rate
(cell B23), and calculate the net pay in cell K5. Copy all
formulas down their respective columns to row 16.
10
4. 6
With the range E5:K16 selected, use Quick Analysis tools to
calculate the total regular pay, overtime pay, gross pay, taxable
pay, withholding tax, FICA, and net pay on row 17.
Note, Mac users, with the range selected, on the Home tab, in
the Editing group, click AutoSum.
10
7
ApplyAccounting Number Format to the range C5:C16. Apply
Accounting Number Format to the first row of monetary data
and to the total row. Apply the Comma style to the monetary
values for the other employees. Underline the last employee’s
monetary values and use the Format Cells dialog box to apply
Top and Double Bottom border for the totals.
5
8
Insert appropriate functions to calculate the average, highest,
and lowest values in the Summary Statistics area (the range
I21:K23) of the worksheet. Format the # of hours calculations
as General number format with one decimal and the remaining
calculations with Accounting number format.
15
9
Insert a footer with your name on the left side, the sheet name
code in the center, and the file name code on the right side of
the worksheet.
5
10
Save and close the workbook. Submit the file as directed.
0
Total Points
95
Created On: 07/05/2019 1
EX16_XL_CH02_GRADER_ML1_HW - Metropolitan Zoo
5. Gift Shop Weekly Payroll 1.3
Peer-1
Data correlation is something very important to identify threats
and make plans for countering such incidents to prevent.
Correlation is one of the most powerful analytic methods
available for threat investigation. In today’s world, Intrusion
detection systems are only useful when the alarm streams that
result from signature or profile-based processing can be
correlated with data from other areas. Data comparison
determines which is usual and which is unusual behavior. Data
comparison, especially from different areas, develops a clearer
picture of adversary activity.
There are different varieties of commercial firewalls including
intrusion detection schemes, provide this capacity now,
although the truth is that several system administrators do not
obtain control of this variety of security. This is normally due
to a loss of experience by the method, as well as a common need
of local information about the emergence and entry traffic
within business gateway or edge. The systems that are being
used these days by business organizations have become much
smarter than the ones in the previous generation. However, this
also means that the treats on the systems have become more
powerful and risky. The techniques to deal with those threats
have been discussed well in your post.
Correlation of domain based involves comparing data from one
domain with data collected in an entirely different context.
Relevant differences in the data collection environments include
computing environment, software architecture, networking
technology, application profiles, and type of business being
supported. In this approach, data aggregated from multiple
sources is correlated to identify patterns, trends, and
relationships. Other static information about a firewall, such as
its inbound and outbound policy, is also important for
correlation. The problem is that it is not always easy to
6. determine if something suspicious is truly malicious. Generally,
correlation with other data is required to make this
determination (Amoroso, 2010).
Peer-2
The modern phase of the system in day-to-day network
protection correlation in enduring national infrastructure
environments is based upon a system identified as threat
management. The data aggregated of various sources are
compared to recognize designs, courses, and links. The overall
strategy relies on a safety data and event administration (SIEM)
method toward the underlying models and collection of related
data (Amoroso, 2012).
A SIEM rule does the most useful it can under terms of
knowing correlation situations, utilizing the most suitable
possible algorithms for profile, signature, domain, including
time-based inquiry, directed to the sound limitations the initial
feeds into a conventional commercially possible SIEM device
for threat management remain placed in the case. The
interaction among the different security tools in a local threat
control method is sometimes sincere. If anintrusion detection
method produces an alert indicating some sort of difficulty
including a presented Internet protocol (IP) source address
including similar target port, also if the local conditions also
provides inbound traffic cover this target port, then the
correlation method could make a suggestion that the local
firewall check either this reference address instead this port
(Brown, 2006).
Various commercial firewalls including intrusion detection
schemes, provide this capacity now, although the truth is that
several system administrators do not obtain control of this
variety of security. This is normally due to a loss of experience
by the method, as well as a common need of local information
about the emergence and entry traffic within an business
7. gateway or edge.
Peer – 3
Hi,
The field of medicine often requires drawing inferences r e g a
r d i n g t h e a s s o c i a t i o n o r relationship between two or
more variables. In an earlier article on “Measures of
Association” we introduced the concept of finding associations
[relationships] b e t w e e n t w o v a r i a b l e s t h a t were
binary and categorical in nature. 1 Therein, we explored several
possible relationships between these binary variables and
understood metrics such as absolute risk, relative risk and odds
ratio .
The end result of a correlation analysis is a Correlation
coefficient whose values range from -1 to +1. A correlation
coefficient of +1 indicates that the two variables are perfectly
related in a positive [linear ] manner, a correlation coefficient
of -1 indicates that two variables are perfectly related in a
negative [linear ] manner, while a correlation coefficient of zero
indicates that there is no linear relationship between the two
variables being studied . The advantage of the scatter plot is
that it is simple to construct, is non-mathematical in nature and
is unaffected by any extreme values that may be present in the
data set. It also tells us immediately if there are outliers or if
the relationship i s a c t u a l l y n o n - l i n e a r o r n o t
entirely linear. A line is usually drawn through the points on a
scatter plot to identify linearity in the relationship. This line is
called the regression line or the least squares line, because it is
determined such that the sum of the squared distances of all the
data points from the line is the lowest possible. This will be
discussed in greater detail in the next article on regression
analysis. The disadvantage of a scatter plot is that it does not
give us one single value that will help us to understand whether
or not there is a correlation between the variables being studied
8. and hence we need to go a step ahead now to calculate a
correlation coefficient.
A c o r r e l a t i o n c o e f f i c i e n t is that single value or
number which establishes a relationship between the two
variables being studied. Two methods are used to calculate this
value, viz. the Karl Pearson’s product moment correlation
coefficient r or more simply Karl Pearson’s correlation
coefficient r and the Spearman’s rank correlation coefficient rho
(ρ) or Spearman’s rho (ρ) in short.