Debate Winners Summary Essay

Over the past few weeks, my group and I have been in a constant debate about the pros and cons of legalizing guns in the United States. This has been a constant debate that has been going on for sometime now. My group and I had the opportunity to really explore both sides thoroughly. It was amazing to find out the citizens of America were truly divided on the decision for guns to be legalized. According to The Resnick articile (1999), In 2008, the United States Supreme Court in District of Columbia v. Heller, 554 U.S. 570 (2008), held that the Second Amendment to the United States Constitution protects an individual’s right to possess a firearm for private use within the home in federal enclaves. In 2010, in McDonald v. Chicago, 561 U.S. __ (2010), the Supreme Court held that the right of an individual to keep and bear arms protected by the Second Amendment is incorporated by the Due Process Clause of the Fourteenth Amendment and applies to the states. That American citizens have a right to own firearms is conclusive and irrefutable. Due to this argument, it’s only right for the people of America to embrace the right to protect your homes and family by having the right to purchase a weapon. People also value the right to have a gun for personal pleasure. There are men and women that enjoy the sport of hunting and those of us that love to go out to a range and shoot at target. According to The Pros & Cons (2014), if we opt not to legalize guns, we would potentially increase Black Market trade and ruin commercial trade, hinder evidence for prosecution, influence effects of socialism and totalitarianism to be seen upon a country’s social and government infrastructures. Some people view guns as not being safe at all. People feel there aren’t enough restrictions for guns. There are far too many people with criminal backgrounds that have direct access to guns. Guns have been viewed as being  an addition to violence. Over the years, we’ve seen children shooting children with their parent’s gun. Guns are easily accessible on the Black Market. Terrorists are utilizing guns to bully our citizens. According to Messerli (2012), Suicides and crimes of passion are higher with gun availability, as it’s much easier to act immediately on your impulses when a gun is available. As we can see, one could argue that we should ensure that guns remain legal in the U.S. and one could argue that we shouldn’t. Based on the information read, my team and I have come to the conclusion that the pros to legalizing guns should definitely win this argument. No one wants to violate the rights of the men and women of America. Reference Resnick, R. (1999). The Second Amendment Is Not Negotiable. Retrieved from http://www.frontpagemag.com/2012/ron-resnick/the-second-amendment-is-not-negotiable/ The Pros & Cons (2014, January 29). Pros and Cons: Gun Control. Retrieved March 16, 2015, from http://theproscons.com/pros-cons-of-gun-control. Messerli, J. (2012). BalancedPolitics.org. Retrieved from http://www.balancedpolitics.org/gun_control.htm

The use of online digital resources and educational digital libraries

This survey aimed to understand the usage of educational digital libraries by module members and teachers With respect to the usage, motives and barriers. Furthermore this survey investigates the find and usage of educational digital beginning sing the turning desire on the portion of module members and teachers to utilize them, and an increasing trouble in their ability to happen, entree and utilize them. It besides examines connote the hypotheses of the usage of the changeable type of on-line educational beginning would change based on figure of demographic variables, Most specifically, sort of establishment, sort of assignment or learning experience degree. The hypotheses is really specific due to the inquiries good be asked to faculty members and teachers such asThe importance of this survey is summarizedThis survey is really of import in term of bettering the digital educational beginning, therefore it is finishing the other attempts which were adapted by such as National Science Foundation ( NSF ) in US which has spent over 150 1000000s to this betterment [ 29 ] . Issues about the digital libraries ‘ users and about how do they utilize them hold became the highest cost in order to better and keep the educational digital libraries [ 23,37 ] . The justification of this investing, the existent usage and impact of educational digital libraries ‘ contents have become really important to stakeholders. Due to all of that some inquiries have risen: What do faculty members and teachers perform with the digital beginnings which they get from the educational digital libraries? Do module members tread these beginnings as a worthwhile beginning? How do the usage them in poke bettering their instruction? What are the obstructions which are confronting the module members when they use them?Methodology:In this paper, the writers report based on the Outcome of a national study of American module members and the teachers regard to the usage and non-use of on-line digital beginning. This survey looked profoundly into the obstructions of the usage for illustration the restrictions of clip and resource, the issues of accessing to high quality stuffs, deficiency of flexibleness of the stuffs themselves, and academic belongings [ 17,23 ] . Two groups were conducted at one research university, one at a community college, three were conducted at chiefly learning universities, one group each at two historically black colleges, one group at a broad humanistic disciplines college and two groups at theMERLOT International Conference2 whose participants represented awide assortment of institutions.We sought input from this scope of module members and teachers because we assumed that several factors would be critical to understanding their demand for on-line digital resources and their hunt and usage behaviours, such as, type of establishment, learning experience, learning burden, type of classs taught, etc. Analysis of the focal point group transcripts provided some grounds of the importance of these factors and the study was designed to further prove the value of these factors in foretelling user behaviour. Our focal point groups confirmed Harley et Al. ‘s [ 23 ] findings that faculty members did non cognize what educational digital libraries were. Furthermore, these module members and teachers did non separate between a curated aggregation, such as the BEN scientific discipline web ( hypertext transfer protocol: //www.bioscienet.org ) where merely those points that have been peer reviewed aremade available and that of a simple of list of URLs that might be found at a co-worker ‘s web site. These findings, in add-on to Harley ‘s, highlight how of import it is to utilize the linguistic communication that possible respondents understand when planing study instruments. So similar Harley, we avoided utilizing linguistic communication in the study questions3 associated with digital libraries, e.g. , aggregation, metadata, etc. Alternatively, in order to better the face cogency of the instruments, we carefully described the contents of aggregations, e.g. , scholarly articles , ocular images, historical paperss, etc. and asked respondents how they searched for and used these stuffs. The study instrument consisted of 105 points that included demographic information, inquiries about motives for usage of stuffs, barriers to utilize and descriptions of usage. To minimise study weariness, the study design employed skip logic so that respondents were asked inside informations about their usage of stuffs merely after bespeaking they used them. Questions covered how an single module member or teacher used peculiar sorts of on-line stuffs, e.g. , lifes, simulations, scholarly resources, images, etc. ( see Table 3 for a definition of thesematerials ) , if they modified thesematerials in any manner and their motives for the usage of these stuffs. Survey participants were asked to rank their likeliness of usage of a digital aggregation as compared to other hunt engines such as Google or Yahoo.com. Respondents were besides asked a series of demographic inquiries sing their instruction experience, type of establishment in which they work and so forth. External cogency was determined by pre-testing the study with about 20 module members from the different types of establishments represented in the sample.3.1 The study sampleTo make the survey Ã¢â‚¬Ë œs population, we approached establishments to help us in reaching their module members and teachers. Using the Carnegie Foundation 2000 list ofUS establishments of higher instruction, a wide invitation to take part was issued to the bulk of higher instruction establishments in the United States. A likely contact was identified at each establishment by sing the establishment ‘s web site. Contacts were by and large head bibliothecs, caputs of module development, or academic deans. Of the about 3,500 establishments contacted,4 more than 250 responded, and in the terminal, 119 establishments agreed to take part. Table 1 shows howthis study ‘s sample of establishments comparisons to the existent distribution of types of establishments in the Carnegie list. For the intents of the disposal of the study, the sample was non stratified with respects to institutional type because we felt that trying to make so would negatively impact institutional buy-in and execution of the study . United States at the full spectrum of establishments. However, because issues of usage are non alone to STEM subjects, we felt that restricting the study to merely those faculty members and teachers would do it excessively hard for establishments to take part in the research. Consequently, we encouraged establishments to include their full module in their invitation to take part in the study. The bulk of take parting establishments sent the study to their full module organic structure, though some sent it to a random sample of their module. By the terminal of the study period ( September 2006-January 2007 ) 4,678 persons from the 119 take parting establishments responded. Of those respondents, 4,439 instructed pupils ; the majority of the analysis was conducted on this group of teachers. The demographics of the study respondents can be found in Table 2. About a 3rd ( 30 % ) came from Masters allowing establishments, a 4th from biennial or associate grade allowing schools ( 26 % ) , followed by four-year Baccalaureate or Liberal Arts College or Universities ( 22 % ) and, Doctoral Granting Institutions ( 21 % ) . The respondents were besides chiefly tenured module ( 41 % ) with somewhat over 10 per centum describing that they held accessory position ( 13 % ) , or were chiefly teachers, lectors or held other non-tenure path places ( 12 % ) . The bulk by far, held full-time places ( 81 % ) and 40 % had term of office. It is likely that these module members were over-represented in the sample given that 46 % of all US module members hold parttime places [ 1 ] . Most of the participating establishments chose to administrate the study to their full module instead than insulating STEM merely module. When asked to bespeak in which subjects they taught, more than one tierce of the responses ( 38 % ) represented a traditional STEM field ( biological scientific disciplines, chemical science, computing machine scientific discipline, technology, geoscience, wellness scientific disciplines, mathematics, or natural philosophies ) . Approximately 45 % represented the humanistic disciplines, humanistic disciplines or the societal scientific disciplines while approximately 20 % represented the professional schools, e.g. , instruction, concern, etc. This dislocation may non reflect the teachers ‘ disciplinary preparation and respondents were allowed to choose multiple subjects. The sample was besides made up of module who were extremely experient teachers, with merely one 4th holding less than 7 old ages of learning experience. This approximates the age distribution of higher instruction teachers with about 65 % being older than 45 old ages old [ 25 ] . Slightly over half of the sample ( 54 % ) reported utilizing class direction systems or had a class web site. Almost all ( 95 % ) of the respondents reported learning face to face classs, though about a fifth ( 21 % ) reported learning distance instruction or online classs. Merely 12 % reported learning intercrossed classs, that is, classs that both fitting face to face and are conducted online. If a respondent noted he or she did non instruct pupils, they were skipped to the terminal of the study replying a inquiry on the services offered by aggregations of digital resources, and concluding demographics4.1 What sorts of on-line digital resources do module usage?To analyze the relationship between the value of digital resources and their usage more closely, we went back to our focal point group informations. For although these participants tended to value digital resources extremely, they besides failed to separate between the different types of online digital resources, e.g. , educational digital libraries, web pages, on-line diaries, and were non witting of utilizing a digital library specifically [ 38 ] . Focus group participants defined educational digital libraries and digital resources loosely doing few differentiations between for illustration, a loose aggregation of PowerPoint slides ( available from a well known or trusted co-worker ‘s web site ) and a aggregation of stuffs such as MERLOT. Rather than coerce a definition of digital library for the study onto a group of respondents who most likely non equate educational digital libraries or aggregations as beginnings for these extremely valued on-line digital resources, we alternatively used merely linguistic communication depicting the digital resources. We so sub-divided the resources into five classs as described in Table 3. To analyze how faculty members reported utilizing these stuffs on the study, we looked at the â€Å" top box † mark, i.e. , the resource which module indicated they â€Å" really often used † . Survey consequences indicated that themost popular types of stuffs used by module members and teachers included on-line scholarly resources ( 51 % ) and digital images/visual stuffs ( 43 % ) . About a one-fourth of the respondents ( 29 % ) reported frequent usage of instruction and acquisition activities or on-line datasets ( 23 % ) . On-line simulations and lifes were used the least with merely 11 % of the respondents describing frequent usage.

Different Types of Renewable Energy Systems Research Paper

Different Types of Renewable Energy Systems - Research Paper Example In recent years when threats of global warming and the significant contributory impact of oil and petroleum products to global warming has become a more imposing reality, the use and discovery of renewable sources of energy became even more imperative. Renewable sources of energy include sources of energy taken from resources which are generally and constantly being replenished within the human timescale. These sources mostly include sunlight, wind, rain, tides, waves, and geothermal heat. These sources also have a lesser impact on the environmental and ecological conditions of the planet. In Australia, renewable energy has gone through significant improvements since 2006 with about 30,000 gigawatt-hours of energy produced from the renewable energy which accounts for about 13.14% of energy production in the country. The expansion in solar and wind energy was observed more in the solar and wind generation with other sources also increasing. These sources include hydroelectricity, wind , bioenergy, large-scale solar and marine energy (The Climate Group, 2013). These renewable sources of energy shall be discussed in this paper, with a primary focus on solar, geothermal, wave, biofuel, and biomass energies. Wind energy and hydropower also comprise of the renewable energy mix, these bring a lot of economic, technical and environmental advantages both to the developed and developing nations. Energy policymakers all around the world are now paying great attention to harness the renewable energy.... Hydropower?............................................................................................... 32 5.1 Australia’s Hydropower Initiatives †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 34 5.2 Global Hydro Power Trends†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 38 5.3 Future Global Outlook for Hydropower†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 40 5.4 Australia’s Wind Energy Capabilities†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 41 6. Hydropower and Wind Energy Sectors of Bangladesh†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 45 6.1 Wind Energy of Bangladesh†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 48 6. Other Major Hydropower International Players†¦Ã¢â‚¬ ¦Ã¢ € ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 56 6.1 China’s Hydrocarbon Projects†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 56 6.2 Brazil’s Hydropower Projects†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 58 6.3 Venezuela Hydropower Competence†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 58 6.4 Hydropower Capacity of Russia†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 58 6.5 USA’s Hydropower Capacity†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 58 6.6 Canada’s Hydropower capabilities †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 59 7.1 China’s Wind Energy Capabilitiesâ € ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 60 7.2 USA’s Wind Energy Capabilities†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 60 7.3 Brazil Wind Energy†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 61 7.4 Russia’s Wind Energy†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 62 7.5 Canada’s Wind Energy Capabilities†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 63 8- Biomass†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 65 8.1 What is biomass

Will U.S. Be Overtaken by China Research Paper Example | Topics and Well Written Essays - 1000 words

Will U.S. Be Overtaken by China - Research Paper Example The assumption and expectation that China would one day become the world’s richest country is not a new one. The country has enjoyed massive economic growth and expansion of its global presence which have made it to economically surpass tens of countries within the last 20 years to sit at the second place. The current and future economic growth of China is as fast as it is diverse, while the US is facing a lot of financial challenges2. The fact that China’s economic and socio-political performance is only expected to be better while that of the US remains shaky makes China more likely than not to overtake the US in the next few years. Important Indicators for China’s Growing Superiority For the last thirty years, China has reported impressive economic growth3. The country has in fact been the fastest growing economy in that period of time. Economists have put the economic growth of China to be 17 times what it was in 1980. An interesting fact is that China was ra pidly growing while most of the rest of the world was not doing that well financially. About ten years ago, the United States’ economy was 10 times bigger than that of China. Today, China’s economic superiority cannot be refuted and its place as a world economic power was sealed after overtaking world’s number two spot from Japan. After a long time of what seemed to have been economic slumber, China finally woke up to its potential in the eighties. Other countries including the United States started to adopt and implement neo-modern policy changes. This included opening up to unrestricted capital flows and external trade. The countries also developed policies that enabled their central banks to be increasingly independent. They also adopted tighter cyclical monetary and fiscal policies and abandoned many of the development strategies that had previously been highly successful. China on the other hand, did not adopt these policies, many of which were promoted by world financial bodies such as the IMF, World Trade Organization and the World Bank whose decisions were heavily influenced by decision makers and economic planners based in Washington. China was not a member of the WTO up until 2002. Although China’s economic acceleration involved the expansion of foreign investment and trade, its financial decisions and management were carried differently from the rest of the world4. The most outstanding difference was that China’s economy was largely controlled by the state, unlike in the US where it was liberalized. State control was meant to ensure that trade and investment decisions were in line with the development goals of the government. One of these goals was to develop and make products intended for the external or international market. China’s policies also promoted the use of enhanced technology. The aim was to transfer high level technological competence from foreign investors to the local economy. The government w as also keen on hiring Chinese for jobs at the managerial and technical levels. This meant that foreign enterprises could not compete at the same level with many domestic businesses. The economy of China is still largely controlled by the government. The state controls a huge percentage of the exchange rate and other financial systems. A substantial amount of industrial assets are also under the control of the government. When other countries were struggling under the pressure of the recent worldwide recession, China’s economy was not affected. The state-led economic system can be and should be credited for this. The country enjoyed an enviable 9.8% GDP growth though this was a fall of 3.7% mainly due to the poor performance of the international mar

Reviews and Evaluations Essay Example | Topics and Well Written Essays - 750 words

Reviews and Evaluations - Essay Example cause of justice, the impact that the verdict will have on the safety of the society, the past record of the defendant and the extent to which the defendant poses a threat to the society. The first and foremost premise regarding the extension of death penalty in case of the insane murderers is that the term ‘insane’ is very broad and fluid in its scope and interpretation. To a great extent it would be right to claim that taking the life of a fellow human being or human beings in most cases is in a way an act of insanity. Perhaps, every murderer commits a murder in a very imbalanced and gruesome state of mind. So if one agrees with the logic that insane murderers should be pardoned, then there is no denying the fact that almost every murderer will seek pardon on the grounds of insanity or committing a murder in a state of mental imbalance. Convicts will resort to citing reasons like migraine, depression, rage, eating disorders, addictions, phobias, inability to manage anger, etc as an excuse for getting away with their crimes, as all these ailments qualify to be classified as forms of mental instability. This will give way to a wrong precedence in the soc iety and will exponentially dilute the deterrent effect of the justice system. The other big reason for supporting the death penalty in case of mentally ill murderers is that the justice is not driven by insubstantial emotions and allocates a definite punishment for all sorts of crimes. Claiming immunity by a murder convict on the grounds of insanity is irrational in the sense that in such cases the accused tends to exploit one’s mental illness as an excuse for the crime one committed. Insanity could definitely serve as an explanation for committing a crime. However, the absurdity of allowing an explanation to turn into an excuse for letting a murderer goes scot free trivializes the claims of justice and mocks the plight of innocent people murdered by that person, not to mention the agony of their family and

Discuss the ways of platelets storage Essay Example | Topics and Well Written Essays - 500 words

Discuss the ways of platelets storage - Essay Example The first and foremost step after the collection for separating platelets is to screen the blood for bacteria as well for other diseases which include hepatitis B, hepatitis C and HIV (Kaufman 2006). Also another step before the separation of platelets is to actually make all the preparations before the blood is drawn from the donor. This includes making all the necessary preparations so that the withdrawal procedure is made sterile from the point of blood drawing till the point of infusion to the patient (Tullis et al 1959). The blood is drawn from the patient in a container which contains ACD solution added to it. It is also ensured that blood is drawn in a clean method with no requirement for giving a second puncture as this is an important protocol of platelet collection that blood should be drawn from one puncture. This blood is circulated through a tube of plastic which is maintained at a temperature of 4 degrees centigrade. The blood flows in this chamber and the residue that is left flows into a separate pool and this residue is basically the plasma which is devoid of red and white blood cells and contain only platelets. This platelet containing plasma is then passed through another chamber such that 10 ml of the fluid flows in every one minute. The platelets flow into a collector where they are maintained at 250 x gravity.

A Larger Slice of the Value for Stakeholders Essay

A Larger Slice of the Value for Stakeholders - Essay Example The role of stakeholders is an important one here as they are trying their best to get the best deal out of the equation. What this suggests is that these stakeholders are persistently looking after the best possible returns and thus the value added fund should provide its best shot within the dynamics of a changing economic basis of the organization. The stakeholders are the saviors of a business and it goes without saying that their role is pertinent to the overall smooth running of the business. If they do not receive the benefits in the wake of the value-added fund and that too in good numbers, their work would not be given the attention that it deserves and hence their role would come down a bit. These are very significant pointers on the part of the stakeholders who are looking to bringing out the best within the resources of the organization and thus giving their best in terms of investments. The expectations of the stakeholders increase drastically and it would be correct to state that managing their expectations at times is a cumbersome process, and more so when the organizations are facing troubled times (Smith 1978). However, when these organizations are doing well within their financial realms, these stakeholders step up the gas and demand their share in a magnanimous way. Therefore expecting that they will be asking f or a reasonable sum is a mistake because every stakeholder likes to get his best return or the value that he is looking forward to. Mature product markets ask for resilience and doing the same thing on a consistent basis. If a market is not mature yet and is still lingering within the growth stage, it would be correct to state that the stakeholders exactly know what to ask of them in the value-added funds that the company is overseeing, and which has played its role in a huge capacity.  

Legal and Ethical Issues of Mason and Shepherd Case Study - 15

Legal and Ethical Issues of Mason and Shepherd - Case Study Example Sheila’s starting a business with this kind of products circumvents the Non-competition clause, and, inevitably, leads to the circumvention of the Non-solicitation of customers clause. This is normal, as such a product needs to be sold to the same range of customers with whom ATS works with. Moreover, a lot of the work that Sheila had done on developing the concept of Intelisoft was done by her using ATS’s property: her working laptop was connected to her home computer and her Palm, which, additionally to the above-mentioned, violates the clause referring to the company property usage. Another clause which is violated by Sheila is the Assignment of Developments clause, which stipulates that any development that â€Å"(i) relates to the business of the Company or any customer of or supplier to the Company or any of the products or services being developed, manufactured or sold by the Company or which may be used in relation therewith; or (ii) results from tasks assigned to me by the Company; or (iii) results from the use of premises or personal property (whether tangible or intangible) owned, leased or contracted for by the Company, then all such Developments and the benefits thereof are and shall immediately become the sole and absolute property of the Company and its assigns, as works made for hire or otherwise.† Her further actions may involuntarily lead to her violating the non-disclosure clause, too.

5 senses Essay Example | Topics and Well Written Essays - 250 words

5 senses - Essay Example When you wash your hair using touch, you can feel the shampoo on your hands. You can feel the warm water running down through your hair. You can feel the running of your fingers through your hair as you massage the lathered up shampoo in your hair. When you use the sense of smell while washing your hair, you can smell the aroma of the shampoo. Whether it be fruity or a subtle lavender smell, your nose will pick up on the scent and send signals to the brain telling you what that smell is. It is a nice clean smell and every product that you use on your hair whether it be shampoo, conditioner, detangler or some other kind, will have some sort of scent. When using the sense of hearing, we can hear a lot of different sounds. When washing the hair, you can hear the shampoo as it squirts into your hand as you squeeze the bottle. You can hear the water trickle down through your hair as it hits the floor of the shower or bath tub. As for the sense of sight, you can see the shampoo or conditioner when you are washing your hair. You see the steam rising up in the shower or bath tub. You can see everything around you and only when you get that shampoo in your eye and you try to rub it out, is your sense of sight kind of blurry. There are several ways that the senses can be used when washing your hair. When we take in what exactly we are feeling and being mindful of using our senses, only then do we get the full experience. Sometimes life is just too busy to recognize what it is our senses are doing but we do know that they are at work or otherwise we would not even know we were having our hair

Case Study Essay Example | Topics and Well Written Essays - 500 words - 4

Case Study - Essay Example Thorough assessment shall be made on the suicidal behavior of the child paying attention particularly on the following major areas: (1) risk for death and repetition, (2) underlying diagnoses – if had already been identified as existing, and (3) the promoting factors. The sources of information can be derived through conducting interviews and observations to the child and her immediate family. Teachers and classmates are good sources of information too knowing that the child mentioned as being teased in class. The necessary information that should be gathered to ascertain the probable risk factors that triggered the child’s suicidal behavior as listed in psychiatric-disorders.com website are the following: (1) a family history of suicide or mental health problems, (2) if the child have runaway from home, (3) physical, emotional, or sexual abuse experienced by the child at home, (4) a recognized psychiatric such as depression, (5) a relationship breakdown, (6) family disturbance such as divorce, (7) bullying in school, (8) poor exam results, and (9) being diagnosed to have a chronic illness. Also, immediate signs and symptoms of suicidal tendencies (e.g. reckless behavior, threats to harm self, becoming distant from friends and family, signs of anxiety and depression, use of alcohol or drugs, giving away possessions) shall be gathered. Information about the child’s background can also be derived from interviewing the child’s boyfriend, close friends, peers, and the family’s healthcare provider/consultant. Books, journals and other types of publications related to adolescent suicide can be a good source of information that will aid in further understanding and management of this case. In managing adolescent suicide, the child, being the major source of information, shall be assessed through therapeutic communication and proper observation. Direct questions of

Developmental perspective to bullying Essay Example for Free

Developmental perspective to bullying Essay Researches have found that the nature of bullying and victimisation changes with age and differs by gender as well. It is also found that previous experiences influence the likelihood that children will become bullies and/or victims. The type of aggression and the relationship context for the aggression change as the child grows and development occurs. A general guideline can be prepared for the type of aggression and the target of aggression that emerge in different stages of development of children. (Pepler, D. , 1999) Figure 3: Type of aggression by developmental stage (Pepler, D., 1999) A Social- Ecological Systems Perspective on Bullying Social –ecological system perspective looks at bullying in terms of influence from multiple environments. Figure 4: A social-ecological framework of bullying among youth (Espelage, D. L. et al 2004) This perspective is based on the understanding that bullying does not occur in isolation. According to this principle, bullying is a phenomenon that is encouraged or inhibited as a result of the complex relationship between the different entities, namely, the individual, family, peer group, school, community and the culture. As shown in figure-1, the individual is at the centre of the social ecology. The individual involved may be a victim, bully, bully-victim or bystander. Individual factors influence the participation in bullying through different actions or inaction. An example is how the individual gender mediates the engagement in bullying. The bully, bully-victim, or bystander, all could exist in a family. This points to how the family can influence bullying behaviours. The bullying behaviour between the siblings can influence the development of bullying or victimisation in the individual at school. The social ecology includes other entities such as peers and the school as well. The social environment at school also influences bullying and victimisation. If an individual attends a school where a bullying climate exists, it is likely to be involved in bullying either as a bully, victim or any other role. The peer group often influences how the individual is likely to behave in terms of bullying. If the individual’s peer group supports bullying, then the individual is more likely to engage in bullying behaviour. The community extends the environment of the school to other areas that the individual uses. The community consists of school, peer group, family, and the individual apart from other roles that the individual interacts in day-to-day life. The culture consists of the general norms, beliefs and practices that could either support or inhibit bullying of individuals. The ecological-systems theory is based on the principle that all individuals are part of an inter-related system that consists of several roles and entities, but keeps the individual at the centre and looks at how the other entities affect the individual from the perspective of bullying. This model was put forward by Bronfenbrenner (1979). It puts forth the nature of human interaction and behaviour and how it is inter-related to other systems. According to this theory, the child is an inseparable part of a social network that consists of inter-related systems. These systems can be categorised into four: micro system, meso system, exo system and macro system. These different systems are inter-related to each other and the child is at the centre of these systems and actively involved in the interplay of these systems. The micro system pertains to the child’s relationship with one system such as home, classroom or playground. It depicts the child’s interaction with others as well as other’s reaction to the bullying behaviours. It also includes the status of the child in the bully/ victim continuum at any point of time. The micro system takes into account the interaction between the bully, victim, bully-victim or the bystander and the social environment. This can either encourage the bullying behaviour or restrict it. The meso system involves the congruence of two or more environments that are relevant to the individual. An example of such environments is home and school. It includes the inter-relationship between these systems. The exo-system consists of influences from other contexts that are related to bullying. An example of this context is the effect of a school district’s anti-bully policy or even the involvement of parents in the school system. The macro system involves the influence of broader entities such as the society in general. It looks at the attitudes of the society towards the bullying behaviour. This theory provided framework for prevention and intervention techniques that can be derived from it. It also helps to measure the effectiveness of these programs by looking at it from different perspectives. It provides framework for collection of data from multiple informants who are in different sub-systems using different methods. The model also can be effectively used for assessment. This is because each individual or the school or the environment is different. Any intervention or prevention program need to take into account this peculiarity. It also provides a framework for different programs that are applicable to different sub-systems such as individual-focussed program, family-focussed program and system-focussed program. (Espelage, et al, 2004).

Football game Essay Example for Free

Football game Essay The crowd sat on the edge, waiting impatiently for the next pass, the next tackle. This intense game had both teams fighting for control of the ball, struggling to score the next touchdown. The crowd was alive with concentration, which was then immediately interrupted by deafening cheers as soon as their team scored. As a fan, football from my perspective has always been a phenomenal sport that creates an intense, fun, and lively social atmosphere. It gives a chance for friends and family to bond over cheering their team on, while jokingly trash talking others in a casual manner. At a particular Eagles vs. Cowboys game I attended last year, this experience is exactly what I received. The lights, the screams, and the smell of delicious food all served to create a fun event. The highlight of the night, however, was when quarterback Michael Vick got hit extremely hard in the back field. It should have been a late hit but no whistles were blown. The crowd was immediately silenced by the sudden knockout. No one had expected such a hard hit. We fans craned our neck desperately trying to get a better view of what was going on. I remember being completely in awe of the violent nature of football that was revealed to me that night. I was surprised to find that such a dangerous game was even being encouraged to play! But there was one thing that was undeniable for sure— that hit was one moment I would surely never forget. From that game on, I always continued to follow the events and highlights of football. The league put out a lot of new rules for the NFL, to ensure the safety of its players. One of these rules was that a defenseless player cannot be tackled. So for example, if a receiver goes up for the ball, he cannot be tackled in the air. Another rule is the helmet to helmet tackle. A defender is not allowed to make a hit on a player, making contact from his helmet to the defenders. This can result in a serious concussion, and for long time purposes, the players can develop brain damage. To also make the game safer, kickoffs are now issued on the 30 yard line opposed to the traditional 20 yard line. This makes the return possibility very low, because the kick usually ends up deep in the end zone. This new rule change enforced on the kickoffs also accounts of less injuries, because it is one less play being executed. Special rules for quarterbacks have also been placed. Quarterbacks are looked at as the captains of their team. They know the offense’s strengths and weaknesses the best so they can make the right calls in the right situation. These players cannot be injured whatsoever, because of their impact on the game. That is why new rules, such as late tackles, are being enforced on defenders that try to scare the quarterbacks. When the new rules first came out, I supported and respected the fact that they were concerned about the player’s safety. The scientific discoveries about head trauma and mental illness made sense to me, and protecting the players from it seemed like a great idea. Soon the rules were being strictly enforced in the pros. When my friend and I went to the Cowboys and Eagles game, one of the first things that happened was a foul called for hitting helmets with a player. I approved of the call, it seemed fair. But out of the corner of my eye, I saw my friend shaking his head and say under his breath, â€Å"Man, football just isn’t the same anymore. † I shrugged it off— it wasn’t my fault he wasn’t enjoying the game. But later that night, his words tossed around in my head. Something did seem different about that game. But what exactly did he mean by not being the same? This question led me to reminisce back to earlier that game, when Vick first got late hit in the back field. The one thing I was certain of was that the beauty of the sport was created by the suspense of the game.

Computer Network Security within Organisations

Computer Network Security within Organisations Networking and Management Introduction A computer network is a connection of two or more computers in order to share resources and data. These shared resources can include devices like printers and other resources like electronic mail, internet access, and file sharing. A computer network can also be seen as a collection of Personal computers and other related devices which are connected together, either with cables or wirelessly, so that they can share information and communicate with one another. Computer networks vary in size. Some networks are needed for areas within a single office, while others are vast or even span the globe. Network management has grown as a career that requires specialized training, and comes with management of important responsibilities, thus creating future opportunities for employment. The resulting expected increase in opportunities should be a determining and persuasive factor for graduates to consider going into network management. Computer networking is a discipline of engineering that involves communication between various computer devices and systems. In computer networking, protocols, routers, routing, and networking across the public internet have specifications that are defined in RFC documents. Computer networking can be seen as a sub-category of computer science, telecommunications, IT and/or computer engineering. Computer networks also depend largely upon the practical and theoretical applications of these engineering and scientific disciplines. In the vastly technological environment of today, most organisations have some kind of network that is used every day. It is essential that the day-to-day operations in such a company or organisation are carried out on a network that runs smoothly. Most companies employ a network administrator or manager to oversee this very important aspect of the company’s business. This is a significant position, as it comes with great responsibilities because an organisation will experience significant operational losses if problems arise within its network. Computer networking also involves the setting up of any set of computers or computer devices and enabling them to exchange information and data. Some examples of computer networks include: Local area networks (LANs) that are made up of small networks which are constrained to a relatively small geographic area. Wide area networks (WANs) which are usually bigger than local area networks, and cover a large geographic area. Wireless LANs and WANs (WLAN WWAN). These represent the wireless equivalent of the Local Area Network and Wide Area Networks Networks involve interconnection to allow communication with a variety of different kinds of media, including twisted-pair copper wire cable, coaxial cable, optical fiber, and various wireless technologies. The devices can be separated by a few meters (e.g. via Bluetooth) or nearly unlimited distances (e.g. via the interconnections of the Internet. (http://en.wikipedia.org/wiki/Computer_networking) TASK 1 TCP connection congestion control Every application, whether it is a small or large application, should perform adaptive congestion control because applications that perform congestion control use a network more efficiently and are generally of better performance. Congestion control algorithms prevent the network from entering Congestive Collapse. Congestive Collapse is a situation where, although the network links are being heavily utilized, very little useful work is being done. The network will soon begin to require applications to perform congestion control, and those applications which do not perform congestion control will be harshly penalized by the network, probably in the form of preferentially dropping their packets during times of congestion (http://www.psc.edu/networking/projects/tcpfriendly/) Principles of Congestion Control Informally, congestion entails that too many sources are sending too much data, and sending them too fast for the network to handle. TCP Congestion Control is not the same as flow control, as there are several differences between TCP Congestion Control and flow control. Other principles of congestion control include Global versus point-2-point, and orthogonal issues. Congestion manifests itself by causing loss of packets (buffer overflow at routers), and long delays (queuing in router buffers). Also, during congestion, there is no explicit feedback from network routers, and there is congestion inferred from end-system observed loss. In network-assisted congestion control, routers provide feedback to end systems, and the explicit rate sender sends at –Choke Packet. Below are some other characteristics and principles of congestion control: When CongWin is below Threshold, sender in slow-start phase, window grows exponentially. When CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold. When timeout occurs, Threshold set to CongWin/2 and CongWin is set to 1 MSS. Avoidance of Congestion It is necessary for the TCP sender to use congestion avoidance and slow start algorithms in controlling the amount of outstanding data that is injected into a network. In order to implement these algorithms, two variables are added to the TCP per-connection state. The congestion window (cwnd) is a sender-side limit on the amount of data the sender can transmit into the network before receiving an acknowledgment (ACK), while the receivers advertised window (rwnd) is a receiver-side limit on the amount of outstanding data. The minimum of cwnd and rwnd governs data transmission. (Stevens, W. and Allman, M. 1998) TCP Flow Control In TCP flow control, the receiving side of the TCP connection possesses a receive buffer, and a speed-matching service which matches the send rate to the receiving application’s drain rate. During flow control, Rcvr advertises any spare room by including value of RcvWindow in segments, and the sender limits unACKed data to RcvWindow. TCP flow control also ensures that there is no overflow of the receive buffer. Round-trip Time Estimation and Timeout TCP Round Trip Time and Timeout are usually longer than RTT, but RTT varies, and has a slow reaction to segment loss. SampleRTT is measured time from segment transmission until ACK receipt, ignore retransmissions, and will vary, want estimated RTT â€Å"smoother† Round-trip time samples arrive with new ACKs. The RTT sample is computed as the difference between the current time and a time echo field in the ACK packet. When the first sample is taken, its value is used as the initial value for srtt. Half the first sample is used as the initial value for rttvar. (Round-Trip Time Estimation and RTO Timeout Selection) There are often problems due to timeouts, including the restriction of the sender that is compelled to wait until a timeout, and is able to do nothing during this period. Also, the first segment in the sliding window is often not acked, and retransmission becomes necessary, waiting again one RTT before the segment flow continues. It should be noted that on receiving the later segments, the receiver sends back ACKs. Estimated RTT EstimatedRTT = 0.875 * EstimatedRTT + 0.125 * SampleRTT DevRTT DevRTT = (1 0.25) * DevRTT + | SampleRTT – EstimatedRTT Timeout interval TimeoutInterval = EstimatedRTT + 4 * DevRTT The integrated services (IntServ) and DiffServ (Differentiated Services) architecture are two architectures that have been proposed for the provision of and guaranteeing of quality of service (QoS) over the internet. Whereas the Intserv framework is developed within the IETF to provide individualized QoS guarantees to individual application sessions, Diffserv is geared towards enabling the handling of different classes of traffic in various ways on the internet. These two architectures represent the IETF’s current standards for provision of QoS guarantees, although neither Intserv nor Diffserv have taken off or found widespread acceptance on the web. (a) Integrated Service Architecture In computer networking, the integrated services (IntServ) architecture is an architecture that specifies the elements for the guaranteeing of quality of service (QoS) on the network. For instance, IntServ can be used to allow sound and video to be sent over a network to the receiver without getting interrupted. IntServ specifies a fine-grained Quality of service system, in contrast to DiffServs coarse-grained system of control. In the IntServ architecture, the idea is that each router inside a system implements IntServ, and applications which require various types of guarantees have to make individual reservations. Flow Specs are used to describe the purpose of the reservation, and the underlying mechanism that signals it across the network is called RSVP. TSPECs include token bucket algorithm parameters. The idea is that there is a token bucket which slowly fills up with tokens, arriving at a constant rate. Every packet which is sent requires a token, and if there are no tokens, then it cannot be sent. Thus, the rate at which tokens arrive dictates the average rate of traffic flow, while the depth of the bucket dictates how large the traffic is allowed to be. TSPECs typically just specify the token rate and the bucket depth. For example, a video with a refresh rate of 75 frames per second, with each frame taking 10 packets, might specify a token rate of 750Hz, and a bucket depth of only 10. The bucket depth would be sufficient to accommodate the burst associated with sending an entire frame all at once. On the other hand, a conversation would need a lower token rate, but a much higher bucket depth. This is because there are often pauses in conversations, so they can make do with fewer tokens by not sending the gaps between words and sentences. However, this means the bucket depth needs to be increased to compensate for the traffic being larger. (http://en.wikipedia.org/wiki/Integrated_services) (b) Differentiated Service Architecture The RFC 2475 (An Architecture for Differentiated Services) was published In 1998, by the IETF. Presently, DiffServ has widely replaced other Layer 3 Quality of Service mechanisms (such as IntServ), as the basic protocol that routers use to provide different service levels. DiffServ (Differentiated Services) architecture is a computer networking architecture which specifies a scalable, less complex, coarse-grained mechanism for the classification, management of network traffic and for provision of QoS (Quality of Service) guarantees on modern IP networks. For instance, DiffServ can be used for providing low-latency, guaranteed service (GS) to video, voice or other critical network traffic, while ensuring simple best-effort traffic guarantees to non-critical network services like file transfers and web traffic. Most of the proposed Quality of Service mechanisms which allowed these services to co-exist were complicated and did not adequately meet the demands Internet users because modern data networks carry various kinds of services like streaming music, video, voice, email and also web pages. It would probably be difficult to implement Intserv in the core of the internet because most of the communication between computers connected to the Internet is based on a client/server structural design. This Client/server describes a structure involving the connection of one computer to another for the purpose of giving work instructions or asking it questions. In an arrangement like this, the particular computer that questions and gives out instructions is the client, while the computer that provides answers to the asked questions and responds to the work instructions is the server. The same terms are used to describe the software programs that facilitate the asking and answering. A client application, for instance, presents an on-screen interface for the user to work with at the client computer; the server application welcomes the client and knows how to respond correctly to the clients commands. Any file server or PC can be adapted for use as an Internet server, however a dedicated computer should be chosen. Anyone with a computer and modem can join this network by using a standard phone. Dedicating the server that is, using a computer as a server only helps avoid some security and basic problems that result from sharing the functions of the server. To gain access to the Internet you will require an engineer to install the broadband modem. Then you will be able to use the server to network the Internet on all machines on a network. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) TASK 5 Network security These days, computers are used for everything from shopping and communication to banking and investment. Intruders into a network system (or hackers) do not care about the privacy or identity of network users. Their aim is to gain control of computers on the network so that they can use these systems to launch attacks on other computer systems. Therefore people who use the network for these purposes must be protected from unknown strangers who try to read their sensitive documents, or use their computer to attack other systems, and send forged email, or access their personal information (such as their bank or other financial statements) Security Clauses The International Organisation for Standardizations (ISOs) 17799: 2005 Standard is a code of practice for information security management which provides a broad, non-technical framework for establishing efficient IT controls. The ISO 17799 Standard consists of 11 clauses that are divided into one or more security categories for a total of 39 security categories The security clauses of the ISO standard 17799:2005- code of practice for Information Security Management include: The security Policy clause Organizing Information Security Asset Management. Human Resources Security. Physical and Environmental Security. Communications and Operations. Access Control. Information Systems Acquisition, Development, and Maintenance. Information Security Incident Management. Business Continuity Management. Compliance. (http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209) Here is a brief description of the more recent version of these security clauses: Security Policy: Security policies are the foundation of the security framework and provide direction and information on the companys security posture. This clause states that support for information security should be done in accordance with the companys security policy. Organizing Information Security: This clause addresses the establishment and organizational structure of the security program, including the appropriate management framework for security policy, how information assets should be secured from third parties, and how information security is maintained when processing is outsourced. Asset Management: This clause describes best practices for classifying and protecting assets, including data, software, hardware, and utilities. The clause also provides information on how to classify data, how data should be handled, and how to protect data assets adequately. Human Resources Security: This clause describes best practices for personnel management, including hiring practices, termination procedures, employee training on security controls, dissemination of security policies, and use of incident response procedures. Physical and Environmental Security: As the name implies, this clause addresses the different physical and environmental aspects of security, including best practices organizations can use to mitigate service interruptions, prevent unauthorized physical access, or minimize theft of corporate resources. Communications and Operations: This clause discusses the requirements pertaining to the management and operation of systems and electronic information. Examples of controls to audit in this area include system planning, network management, and e-mail and e-commerce security. Access Control: This security clause describes how access to corporate assets should be managed, including access to digital and nondigital information, as well as network resources. Information Systems Acquisitions, Development, and Maintenance: This section discusses the development of IT systems, including applications created by third-parties, and how security should be incorporated during the development phase. Information Security Incident Management: This clause identifies best practices for communicating information security issues and weaknesses, such as reporting and escalation procedures. Once established, auditors can review existing controls to determine if the company has adequate procedures in place to handle security incidents. Business Continuity Management: The 10th security clause provides information on disaster recovery and business continuity planning. Actions auditors should review include how plans are developed, maintained, tested, and validated, and whether or not the plans address critical business operation components. Compliance: The final clause provides valuable information auditors can use when identifying the compliance level of systems and controls with internal security policies, industry-specific regulations, and government legislation. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) The standard, which was updated in June 2005 to reflect changes in the field of information security, provides a high-level view of information security from different angles and a comprehensive set of information security best practices. More specifically, ISO 17799 is designed for companies that wish to develop effective information security management practices and enhance their IT security efforts. Control Objectives The ISO 17799 Standard contains 11 clauses which are split into security categories, with each category having a clear control objective. There are a total of 39 security categories in the standard. The control objectives in the clauses are designed to meet the risk assessment requirements and they can serve as a practical guideline or common basis for development of effective security management practices and organisational security standards. Therefore, if a company is compliant with the ISO/IEC 17799 Standard, it will most likely meet IT management requirements found in other laws and regulations. However, because different standards strive for different overall objectives, auditors should point out that compliance with 17799 alone will not meet all of the requirements needed for compliance with other laws and regulations. Establishing an ISO/IEC 17799 compliance program could enhance a companys information security controls and IT environment greatly. Conducting an audit evaluation of the standard provides organizations with a quick snapshot of the security infrastructure. Based on this snapshot, senior managers can obtain a high-level view of how well information security is being implemented across the IT environment. In fact, the evaluation can highlight gaps present in security controls and identify areas for improvement. In addition, organizations looking to enhance their IT and security controls could keep in mind other ISO standards, especially current and future standards from the 27000 series, which the ISO has set aside for guidance on security best practices. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) Tree Topology Tree topologies bind multiple star topologies together onto a bus. In its most simple form, only hub devices are directly connected to the tree bus and the hubs function as the root of the device tree. This bus/star hybrid approach supports future expandability of the network much better than a bus (limited in the number of devices due to the broadcast traffic it generates) or a star (limited by the number of hub ports) alone. Topologies remain an important part of network design theory. It is very simple to build a home or small business network without understanding the difference between a bus design and a star design, but understanding the concepts behind these gives you a deeper understanding of important elements like hubs, broadcasts, ports, and routes. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Use of the ring topology should be considered for use in medium sized companies, and the ring topology would also be the best topology for small companies because it is ensures ease of data transfer. Ring Topology In a ring network, there are two neighbors for each device, so as to enable communication. Messages are passed in the same direction, through a ring which is effectively either counterclockwise or clockwise. If any cable or device fails, this will break the loop and could disable the entire network. Bus Topology Bus networks utilize a common backbone to connect various devices. This backbone, which is a single cable, functions as a shared medium of communication which the devices tap into or attach to, with an interface connector. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Star Topology The star topology is used in a lot of home networks. A star network consists of a central connection point or hub that can be in the form of an actual hub, or a switch. Usually, devices will connect to the switch or hub by an Unshielded Twisted Pair (UTP) Ethernet. Compared to the bus topology, a star network generally requires more cable, but a failure in any star network cable will only take down one computers network access and not the entire LAN. If the hub fails, however, the entire network also fails. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Relating the security clauses and control objectives to an organisation In an organisation like the Nurht’s Institute of Information Technology (NIIT), the above mentioned security clauses and control objectives provide a high-level view of information security from different angles and a comprehensive set of information best security practices. Also, the ISO 17799 is designed for companies like NIIT, which aim to enhance their IT security, and to develop effective information security management practices. At NIIT, the local network relies to a considerable degree, on the correct implementation of these security practices and other algorithms so as to avoid congestion collapse, and preserve network stability. An attacker or hacker on the network can cause TCP endpoints to react in a more aggressive way in the face of congestion, by the forging of excessive data acknowledgments, or excess duplicate acknowledgments. Such an attack could possibly cause a portion of the network to go into congestion collapse. The Security Policy clause states that â€Å"support for information security should be done in accordance with the companys security policy.† (Edmead, M. T. 2006). This provides a foundation of the security framework at NIIT, and also provides information and direction on the organisation’s security posture. For instance, this clause helps the company auditors to determine whether the security policy of the company is properly maintained, and also if indeed it is to be disseminated to every employee. The Organizing Information Security clause stipulates that there should be appropriate management framework for the organisation’s security policy. This takes care of the organizational structure of NIIT’s security program, including the right security policy management framework, the securing of information assets from third parties, and the maintenance of information security during outsourced processing. At NIIT, the Security clauses and control objectives define the company’s stand on security and also help to identify the vital areas considered when implementing IT controls. The ISO/IEC 17799s 11 security clauses enable NIIT to accomplish its security objectives by providing a comprehensive set of information security best practices for the company to utilize for enhancement of its IT infrastructure. Conclusion Different businesses require different computer networks, because the type of network utilized in an organisation must be suitable for the organisation. It is advisable for smaller businesses to use the LAN type of network because it is more reliable. The WAN and MAN would be ideal for larger companies, but if an organisation decides to expand, they can then change the type of network they have in use. If an organisation decides to go international, then a Wireless Area Network can be very useful Also, small companies should endeavor to set up their network by using a client/server approach. This would help the company to be more secure and enable them to keep in touch with the activities of others are doing. The client/server would be much better than a peer-to-peer network, it would be more cost-effective. On the average, most organisations have to spend a good amount of money and resources to procure and maintain a reliable and successful network that will be and easy to maintain in the long run. For TCP Congestion Control, when CongWin is below Threshold, sender in slow-start phase, window grows exponentially. If CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold, and threshold set to CongWin/2 and CongWin is set to 1 MSS when a timeout occurs. For a Small Office/Home Office (SOHO), networks such as wireless networks are very suitable. In such a network, there won’t be any need to run wires through walls and under carpets for connectivity. The SOHO user need not worry about plugging their laptop into docking stations every time they come into the office or fumble for clumsy and unattractive network cabling. Wireless networking provides connectivity without the hassle and cost of wiring and expensive docking stations. Also, as the business or home office grows or shrinks, the need for wiring new computers to the network is nonexistent. If the business moves, the network is ready for use as soon as the computers are moved. For the wired impossible networks such as those that might be found in warehouses, wireless will always be the only attractive alternative. As wireless speeds increase, these users have only brighter days in their future. (http://www.nextstep.ir/network.shtml) It is essential to note that the computer network installed in an organisation represents more than just a simple change in the method by which employees communicate. The impact of a particular computer network may dramatically affect the way employees in an organisation work and also affect the way they think. Bibliography Business Editors High-Tech Writers. (2003, July 22). International VoIP Council Launches Fax-Over-IP Working Group. Business Wire. Retrieved July 28, 2003 from ProQuest database. Career Directions (2001 October). Tech Directions, 61(3), 28 Retrieved July 21, 2003 from EBSCOhost database Edmead, M. T. (2006) Are You Familiar with the Most Recent ISO/IEC 17799 Changes? (Retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) FitzGerald, J. (1999), Business Data Communications And Networking Pub: John Wiley Sons Forouzan, B. (1998), Introduction To Data Communications And Networking Pub: Mc- Graw Hill http://www.theiia.org/itaudit http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209 http://www.psc.edu/networking/projects/tcpfriendly/ ISO/IEC 17799:2000 – Code of practice for information security management Published by ISO and the British Standards Institute [http://www.iso.org/] ISO/IEC 17799:2005, Information technology – Security techniques – Code of practice for information security management. Published by ISO [http://www.iso.org/iso/en/prods-services/popstds/informationsecurity.html] Kurose, J. F. Ross, K. W. 2002. Computer Networking A Top-Down Approach Featuring the Internet, 2nd Edition, ISBN: 0-321-17644-8 (the international edition), ISBN: 0-201-97699-4, published by Addison-Wesley, 2002 www.awl.com/cs Ming, D. R. Sudama (1992) NETWORK MONITORING EXPLAINED: DESIGN AND APPLICATION Pub: Ellis Horwood Rigney, S. (1995) NETWORK PLANNING AND MANAGMENT YOUR PERSONAL CONSALTANT Round-Trip Time Estimation and RTO Timeout Selection (retrieved from http://netlab.cse.yzu.edu.tw/ns2/html/doc/node368.html) Shafer, M. (2001, June 11). Careers not so secure? Network Computing, 12(12), 130- Retrieved July 22, 2003 from EBSCOhost database Stevens, W. and Allman, M. (1998) TCP Implementation Working Group (retrieved from http://www.ietf.org/proceedings/98aug/I-D/draft-ietf-tcpimpl-cong-control-00.txt) Watson, S (2002). The Network Troubleshooters. Computerworld 36(38), 54. (Retrieved July 21, 2003 from EBSCOhost database) Wesley, A. (2000), Internet Users Guide to Network Resource Tools 1st Ed, Pub: Netskils www.microsoft.co.uk www.apple.com www.apple.co.uk www.bized.com http://www.nextstep.ir/network.shtml www.novell.com www.apple.com/business www.microsoft.com/networking/e-mails www.engin.umich.edu www.microsoft.com Computer Network Security within Organisations Computer Network Security within Organisations Networking and Management Introduction A computer network is a connection of two or more computers in order to share resources and data. These shared resources can include devices like printers and other resources like electronic mail, internet access, and file sharing. A computer network can also be seen as a collection of Personal computers and other related devices which are connected together, either with cables or wirelessly, so that they can share information and communicate with one another. Computer networks vary in size. Some networks are needed for areas within a single office, while others are vast or even span the globe. Network management has grown as a career that requires specialized training, and comes with management of important responsibilities, thus creating future opportunities for employment. The resulting expected increase in opportunities should be a determining and persuasive factor for graduates to consider going into network management. Computer networking is a discipline of engineering that involves communication between various computer devices and systems. In computer networking, protocols, routers, routing, and networking across the public internet have specifications that are defined in RFC documents. Computer networking can be seen as a sub-category of computer science, telecommunications, IT and/or computer engineering. Computer networks also depend largely upon the practical and theoretical applications of these engineering and scientific disciplines. In the vastly technological environment of today, most organisations have some kind of network that is used every day. It is essential that the day-to-day operations in such a company or organisation are carried out on a network that runs smoothly. Most companies employ a network administrator or manager to oversee this very important aspect of the company’s business. This is a significant position, as it comes with great responsibilities because an organisation will experience significant operational losses if problems arise within its network. Computer networking also involves the setting up of any set of computers or computer devices and enabling them to exchange information and data. Some examples of computer networks include: Local area networks (LANs) that are made up of small networks which are constrained to a relatively small geographic area. Wide area networks (WANs) which are usually bigger than local area networks, and cover a large geographic area. Wireless LANs and WANs (WLAN WWAN). These represent the wireless equivalent of the Local Area Network and Wide Area Networks Networks involve interconnection to allow communication with a variety of different kinds of media, including twisted-pair copper wire cable, coaxial cable, optical fiber, and various wireless technologies. The devices can be separated by a few meters (e.g. via Bluetooth) or nearly unlimited distances (e.g. via the interconnections of the Internet. (http://en.wikipedia.org/wiki/Computer_networking) TASK 1 TCP connection congestion control Every application, whether it is a small or large application, should perform adaptive congestion control because applications that perform congestion control use a network more efficiently and are generally of better performance. Congestion control algorithms prevent the network from entering Congestive Collapse. Congestive Collapse is a situation where, although the network links are being heavily utilized, very little useful work is being done. The network will soon begin to require applications to perform congestion control, and those applications which do not perform congestion control will be harshly penalized by the network, probably in the form of preferentially dropping their packets during times of congestion (http://www.psc.edu/networking/projects/tcpfriendly/) Principles of Congestion Control Informally, congestion entails that too many sources are sending too much data, and sending them too fast for the network to handle. TCP Congestion Control is not the same as flow control, as there are several differences between TCP Congestion Control and flow control. Other principles of congestion control include Global versus point-2-point, and orthogonal issues. Congestion manifests itself by causing loss of packets (buffer overflow at routers), and long delays (queuing in router buffers). Also, during congestion, there is no explicit feedback from network routers, and there is congestion inferred from end-system observed loss. In network-assisted congestion control, routers provide feedback to end systems, and the explicit rate sender sends at –Choke Packet. Below are some other characteristics and principles of congestion control: When CongWin is below Threshold, sender in slow-start phase, window grows exponentially. When CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold. When timeout occurs, Threshold set to CongWin/2 and CongWin is set to 1 MSS. Avoidance of Congestion It is necessary for the TCP sender to use congestion avoidance and slow start algorithms in controlling the amount of outstanding data that is injected into a network. In order to implement these algorithms, two variables are added to the TCP per-connection state. The congestion window (cwnd) is a sender-side limit on the amount of data the sender can transmit into the network before receiving an acknowledgment (ACK), while the receivers advertised window (rwnd) is a receiver-side limit on the amount of outstanding data. The minimum of cwnd and rwnd governs data transmission. (Stevens, W. and Allman, M. 1998) TCP Flow Control In TCP flow control, the receiving side of the TCP connection possesses a receive buffer, and a speed-matching service which matches the send rate to the receiving application’s drain rate. During flow control, Rcvr advertises any spare room by including value of RcvWindow in segments, and the sender limits unACKed data to RcvWindow. TCP flow control also ensures that there is no overflow of the receive buffer. Round-trip Time Estimation and Timeout TCP Round Trip Time and Timeout are usually longer than RTT, but RTT varies, and has a slow reaction to segment loss. SampleRTT is measured time from segment transmission until ACK receipt, ignore retransmissions, and will vary, want estimated RTT â€Å"smoother† Round-trip time samples arrive with new ACKs. The RTT sample is computed as the difference between the current time and a time echo field in the ACK packet. When the first sample is taken, its value is used as the initial value for srtt. Half the first sample is used as the initial value for rttvar. (Round-Trip Time Estimation and RTO Timeout Selection) There are often problems due to timeouts, including the restriction of the sender that is compelled to wait until a timeout, and is able to do nothing during this period. Also, the first segment in the sliding window is often not acked, and retransmission becomes necessary, waiting again one RTT before the segment flow continues. It should be noted that on receiving the later segments, the receiver sends back ACKs. Estimated RTT EstimatedRTT = 0.875 * EstimatedRTT + 0.125 * SampleRTT DevRTT DevRTT = (1 0.25) * DevRTT + | SampleRTT – EstimatedRTT Timeout interval TimeoutInterval = EstimatedRTT + 4 * DevRTT The integrated services (IntServ) and DiffServ (Differentiated Services) architecture are two architectures that have been proposed for the provision of and guaranteeing of quality of service (QoS) over the internet. Whereas the Intserv framework is developed within the IETF to provide individualized QoS guarantees to individual application sessions, Diffserv is geared towards enabling the handling of different classes of traffic in various ways on the internet. These two architectures represent the IETF’s current standards for provision of QoS guarantees, although neither Intserv nor Diffserv have taken off or found widespread acceptance on the web. (a) Integrated Service Architecture In computer networking, the integrated services (IntServ) architecture is an architecture that specifies the elements for the guaranteeing of quality of service (QoS) on the network. For instance, IntServ can be used to allow sound and video to be sent over a network to the receiver without getting interrupted. IntServ specifies a fine-grained Quality of service system, in contrast to DiffServs coarse-grained system of control. In the IntServ architecture, the idea is that each router inside a system implements IntServ, and applications which require various types of guarantees have to make individual reservations. Flow Specs are used to describe the purpose of the reservation, and the underlying mechanism that signals it across the network is called RSVP. TSPECs include token bucket algorithm parameters. The idea is that there is a token bucket which slowly fills up with tokens, arriving at a constant rate. Every packet which is sent requires a token, and if there are no tokens, then it cannot be sent. Thus, the rate at which tokens arrive dictates the average rate of traffic flow, while the depth of the bucket dictates how large the traffic is allowed to be. TSPECs typically just specify the token rate and the bucket depth. For example, a video with a refresh rate of 75 frames per second, with each frame taking 10 packets, might specify a token rate of 750Hz, and a bucket depth of only 10. The bucket depth would be sufficient to accommodate the burst associated with sending an entire frame all at once. On the other hand, a conversation would need a lower token rate, but a much higher bucket depth. This is because there are often pauses in conversations, so they can make do with fewer tokens by not sending the gaps between words and sentences. However, this means the bucket depth needs to be increased to compensate for the traffic being larger. (http://en.wikipedia.org/wiki/Integrated_services) (b) Differentiated Service Architecture The RFC 2475 (An Architecture for Differentiated Services) was published In 1998, by the IETF. Presently, DiffServ has widely replaced other Layer 3 Quality of Service mechanisms (such as IntServ), as the basic protocol that routers use to provide different service levels. DiffServ (Differentiated Services) architecture is a computer networking architecture which specifies a scalable, less complex, coarse-grained mechanism for the classification, management of network traffic and for provision of QoS (Quality of Service) guarantees on modern IP networks. For instance, DiffServ can be used for providing low-latency, guaranteed service (GS) to video, voice or other critical network traffic, while ensuring simple best-effort traffic guarantees to non-critical network services like file transfers and web traffic. Most of the proposed Quality of Service mechanisms which allowed these services to co-exist were complicated and did not adequately meet the demands Internet users because modern data networks carry various kinds of services like streaming music, video, voice, email and also web pages. It would probably be difficult to implement Intserv in the core of the internet because most of the communication between computers connected to the Internet is based on a client/server structural design. This Client/server describes a structure involving the connection of one computer to another for the purpose of giving work instructions or asking it questions. In an arrangement like this, the particular computer that questions and gives out instructions is the client, while the computer that provides answers to the asked questions and responds to the work instructions is the server. The same terms are used to describe the software programs that facilitate the asking and answering. A client application, for instance, presents an on-screen interface for the user to work with at the client computer; the server application welcomes the client and knows how to respond correctly to the clients commands. Any file server or PC can be adapted for use as an Internet server, however a dedicated computer should be chosen. Anyone with a computer and modem can join this network by using a standard phone. Dedicating the server that is, using a computer as a server only helps avoid some security and basic problems that result from sharing the functions of the server. To gain access to the Internet you will require an engineer to install the broadband modem. Then you will be able to use the server to network the Internet on all machines on a network. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) TASK 5 Network security These days, computers are used for everything from shopping and communication to banking and investment. Intruders into a network system (or hackers) do not care about the privacy or identity of network users. Their aim is to gain control of computers on the network so that they can use these systems to launch attacks on other computer systems. Therefore people who use the network for these purposes must be protected from unknown strangers who try to read their sensitive documents, or use their computer to attack other systems, and send forged email, or access their personal information (such as their bank or other financial statements) Security Clauses The International Organisation for Standardizations (ISOs) 17799: 2005 Standard is a code of practice for information security management which provides a broad, non-technical framework for establishing efficient IT controls. The ISO 17799 Standard consists of 11 clauses that are divided into one or more security categories for a total of 39 security categories The security clauses of the ISO standard 17799:2005- code of practice for Information Security Management include: The security Policy clause Organizing Information Security Asset Management. Human Resources Security. Physical and Environmental Security. Communications and Operations. Access Control. Information Systems Acquisition, Development, and Maintenance. Information Security Incident Management. Business Continuity Management. Compliance. (http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209) Here is a brief description of the more recent version of these security clauses: Security Policy: Security policies are the foundation of the security framework and provide direction and information on the companys security posture. This clause states that support for information security should be done in accordance with the companys security policy. Organizing Information Security: This clause addresses the establishment and organizational structure of the security program, including the appropriate management framework for security policy, how information assets should be secured from third parties, and how information security is maintained when processing is outsourced. Asset Management: This clause describes best practices for classifying and protecting assets, including data, software, hardware, and utilities. The clause also provides information on how to classify data, how data should be handled, and how to protect data assets adequately. Human Resources Security: This clause describes best practices for personnel management, including hiring practices, termination procedures, employee training on security controls, dissemination of security policies, and use of incident response procedures. Physical and Environmental Security: As the name implies, this clause addresses the different physical and environmental aspects of security, including best practices organizations can use to mitigate service interruptions, prevent unauthorized physical access, or minimize theft of corporate resources. Communications and Operations: This clause discusses the requirements pertaining to the management and operation of systems and electronic information. Examples of controls to audit in this area include system planning, network management, and e-mail and e-commerce security. Access Control: This security clause describes how access to corporate assets should be managed, including access to digital and nondigital information, as well as network resources. Information Systems Acquisitions, Development, and Maintenance: This section discusses the development of IT systems, including applications created by third-parties, and how security should be incorporated during the development phase. Information Security Incident Management: This clause identifies best practices for communicating information security issues and weaknesses, such as reporting and escalation procedures. Once established, auditors can review existing controls to determine if the company has adequate procedures in place to handle security incidents. Business Continuity Management: The 10th security clause provides information on disaster recovery and business continuity planning. Actions auditors should review include how plans are developed, maintained, tested, and validated, and whether or not the plans address critical business operation components. Compliance: The final clause provides valuable information auditors can use when identifying the compliance level of systems and controls with internal security policies, industry-specific regulations, and government legislation. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) The standard, which was updated in June 2005 to reflect changes in the field of information security, provides a high-level view of information security from different angles and a comprehensive set of information security best practices. More specifically, ISO 17799 is designed for companies that wish to develop effective information security management practices and enhance their IT security efforts. Control Objectives The ISO 17799 Standard contains 11 clauses which are split into security categories, with each category having a clear control objective. There are a total of 39 security categories in the standard. The control objectives in the clauses are designed to meet the risk assessment requirements and they can serve as a practical guideline or common basis for development of effective security management practices and organisational security standards. Therefore, if a company is compliant with the ISO/IEC 17799 Standard, it will most likely meet IT management requirements found in other laws and regulations. However, because different standards strive for different overall objectives, auditors should point out that compliance with 17799 alone will not meet all of the requirements needed for compliance with other laws and regulations. Establishing an ISO/IEC 17799 compliance program could enhance a companys information security controls and IT environment greatly. Conducting an audit evaluation of the standard provides organizations with a quick snapshot of the security infrastructure. Based on this snapshot, senior managers can obtain a high-level view of how well information security is being implemented across the IT environment. In fact, the evaluation can highlight gaps present in security controls and identify areas for improvement. In addition, organizations looking to enhance their IT and security controls could keep in mind other ISO standards, especially current and future standards from the 27000 series, which the ISO has set aside for guidance on security best practices. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) Tree Topology Tree topologies bind multiple star topologies together onto a bus. In its most simple form, only hub devices are directly connected to the tree bus and the hubs function as the root of the device tree. This bus/star hybrid approach supports future expandability of the network much better than a bus (limited in the number of devices due to the broadcast traffic it generates) or a star (limited by the number of hub ports) alone. Topologies remain an important part of network design theory. It is very simple to build a home or small business network without understanding the difference between a bus design and a star design, but understanding the concepts behind these gives you a deeper understanding of important elements like hubs, broadcasts, ports, and routes. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Use of the ring topology should be considered for use in medium sized companies, and the ring topology would also be the best topology for small companies because it is ensures ease of data transfer. Ring Topology In a ring network, there are two neighbors for each device, so as to enable communication. Messages are passed in the same direction, through a ring which is effectively either counterclockwise or clockwise. If any cable or device fails, this will break the loop and could disable the entire network. Bus Topology Bus networks utilize a common backbone to connect various devices. This backbone, which is a single cable, functions as a shared medium of communication which the devices tap into or attach to, with an interface connector. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Star Topology The star topology is used in a lot of home networks. A star network consists of a central connection point or hub that can be in the form of an actual hub, or a switch. Usually, devices will connect to the switch or hub by an Unshielded Twisted Pair (UTP) Ethernet. Compared to the bus topology, a star network generally requires more cable, but a failure in any star network cable will only take down one computers network access and not the entire LAN. If the hub fails, however, the entire network also fails. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Relating the security clauses and control objectives to an organisation In an organisation like the Nurht’s Institute of Information Technology (NIIT), the above mentioned security clauses and control objectives provide a high-level view of information security from different angles and a comprehensive set of information best security practices. Also, the ISO 17799 is designed for companies like NIIT, which aim to enhance their IT security, and to develop effective information security management practices. At NIIT, the local network relies to a considerable degree, on the correct implementation of these security practices and other algorithms so as to avoid congestion collapse, and preserve network stability. An attacker or hacker on the network can cause TCP endpoints to react in a more aggressive way in the face of congestion, by the forging of excessive data acknowledgments, or excess duplicate acknowledgments. Such an attack could possibly cause a portion of the network to go into congestion collapse. The Security Policy clause states that â€Å"support for information security should be done in accordance with the companys security policy.† (Edmead, M. T. 2006). This provides a foundation of the security framework at NIIT, and also provides information and direction on the organisation’s security posture. For instance, this clause helps the company auditors to determine whether the security policy of the company is properly maintained, and also if indeed it is to be disseminated to every employee. The Organizing Information Security clause stipulates that there should be appropriate management framework for the organisation’s security policy. This takes care of the organizational structure of NIIT’s security program, including the right security policy management framework, the securing of information assets from third parties, and the maintenance of information security during outsourced processing. At NIIT, the Security clauses and control objectives define the company’s stand on security and also help to identify the vital areas considered when implementing IT controls. The ISO/IEC 17799s 11 security clauses enable NIIT to accomplish its security objectives by providing a comprehensive set of information security best practices for the company to utilize for enhancement of its IT infrastructure. Conclusion Different businesses require different computer networks, because the type of network utilized in an organisation must be suitable for the organisation. It is advisable for smaller businesses to use the LAN type of network because it is more reliable. The WAN and MAN would be ideal for larger companies, but if an organisation decides to expand, they can then change the type of network they have in use. If an organisation decides to go international, then a Wireless Area Network can be very useful Also, small companies should endeavor to set up their network by using a client/server approach. This would help the company to be more secure and enable them to keep in touch with the activities of others are doing. The client/server would be much better than a peer-to-peer network, it would be more cost-effective. On the average, most organisations have to spend a good amount of money and resources to procure and maintain a reliable and successful network that will be and easy to maintain in the long run. For TCP Congestion Control, when CongWin is below Threshold, sender in slow-start phase, window grows exponentially. If CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold, and threshold set to CongWin/2 and CongWin is set to 1 MSS when a timeout occurs. For a Small Office/Home Office (SOHO), networks such as wireless networks are very suitable. In such a network, there won’t be any need to run wires through walls and under carpets for connectivity. The SOHO user need not worry about plugging their laptop into docking stations every time they come into the office or fumble for clumsy and unattractive network cabling. Wireless networking provides connectivity without the hassle and cost of wiring and expensive docking stations. Also, as the business or home office grows or shrinks, the need for wiring new computers to the network is nonexistent. If the business moves, the network is ready for use as soon as the computers are moved. For the wired impossible networks such as those that might be found in warehouses, wireless will always be the only attractive alternative. As wireless speeds increase, these users have only brighter days in their future. (http://www.nextstep.ir/network.shtml) It is essential to note that the computer network installed in an organisation represents more than just a simple change in the method by which employees communicate. The impact of a particular computer network may dramatically affect the way employees in an organisation work and also affect the way they think. Bibliography Business Editors High-Tech Writers. (2003, July 22). International VoIP Council Launches Fax-Over-IP Working Group. Business Wire. Retrieved July 28, 2003 from ProQuest database. Career Directions (2001 October). Tech Directions, 61(3), 28 Retrieved July 21, 2003 from EBSCOhost database Edmead, M. T. (2006) Are You Familiar with the Most Recent ISO/IEC 17799 Changes? (Retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) FitzGerald, J. (1999), Business Data Communications And Networking Pub: John Wiley Sons Forouzan, B. (1998), Introduction To Data Communications And Networking Pub: Mc- Graw Hill http://www.theiia.org/itaudit http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209 http://www.psc.edu/networking/projects/tcpfriendly/ ISO/IEC 17799:2000 – Code of practice for information security management Published by ISO and the British Standards Institute [http://www.iso.org/] ISO/IEC 17799:2005, Information technology – Security techniques – Code of practice for information security management. Published by ISO [http://www.iso.org/iso/en/prods-services/popstds/informationsecurity.html] Kurose, J. F. Ross, K. W. 2002. Computer Networking A Top-Down Approach Featuring the Internet, 2nd Edition, ISBN: 0-321-17644-8 (the international edition), ISBN: 0-201-97699-4, published by Addison-Wesley, 2002 www.awl.com/cs Ming, D. R. Sudama (1992) NETWORK MONITORING EXPLAINED: DESIGN AND APPLICATION Pub: Ellis Horwood Rigney, S. (1995) NETWORK PLANNING AND MANAGMENT YOUR PERSONAL CONSALTANT Round-Trip Time Estimation and RTO Timeout Selection (retrieved from http://netlab.cse.yzu.edu.tw/ns2/html/doc/node368.html) Shafer, M. (2001, June 11). Careers not so secure? Network Computing, 12(12), 130- Retrieved July 22, 2003 from EBSCOhost database Stevens, W. and Allman, M. (1998) TCP Implementation Working Group (retrieved from http://www.ietf.org/proceedings/98aug/I-D/draft-ietf-tcpimpl-cong-control-00.txt) Watson, S (2002). The Network Troubleshooters. Computerworld 36(38), 54. (Retrieved July 21, 2003 from EBSCOhost database) Wesley, A. (2000), Internet Users Guide to Network Resource Tools 1st Ed, Pub: Netskils www.microsoft.co.uk www.apple.com www.apple.co.uk www.bized.com http://www.nextstep.ir/network.shtml www.novell.com www.apple.com/business www.microsoft.com/networking/e-mails www.engin.umich.edu www.microsoft.com