Assignment:Provide a reflection of at least 500 words (or 2 pages double spaced) of how the knowledge, skills, or theories of this course have been applied, or could be applied, in a practical manner to your current work environment. If you are not currently working, share times when you have or could observe these theories and knowledge could be applied to an employment opportunity in your field of study. Practical Connection
Assignment
A walkthrough
Start with an APA Template
Select APA Style Report
th
(6 edition is acceptable)
Click Create
Close Researcher region
Save as…
Remove unnecessary elements
Remove things like:
• Author Notes
• Abstract
• Footnotes
• Tables
• Figures
• Footnotes
• References if not needed (Such as in a personal connection
assignment)
Remove Unused References
Update Title Page
Structure outline
Identify topics to include
• Every paper should have
introduction (no header)
• Body
• Conclusion
Possible topics come from the
text.
Examples are:
CIA Triad, Threats, Vulnerabilities,
Active Directory, Security Groups,
Least Privilege, Encryption,
Malware, Administration, etc.
Rough outline
Write the body of the paper
Write the Conclusion
Write the Introduction
Running head: PRACTICAL CONNECTION
Practical Connection
Proffessor
University of the Cumberlands
1
PRACTICAL CONNECTION
2
Practical Connection
As an analytics architect at a Microsoft technology integration partner, many of the
concepts in Application Security can be applied to my daily work. While many topics are
relevant, I will explore three. I will explore the principle of least privilege, Active Directory
Groups, and the importance of audits. Lastly, I will present the conclusion.
Principle of Least Privilege
As discussed in this course, the idea of least privilege is that a group or individual should
only do things that their role within the organization requires them to do. As an analytics
architect, this concept is very relevant. Many organizations require that individuals can only see
data that they have a business purpose to see. When designing data-oriented solutions, I often
have to balance performance and other design constraints with competing concerns. This
tradeoff means that I often must use the priority of requirements to determine which
requirements should be met. Ensuring that individuals only see what they should is often a very
high priority.
Active Directory Groups
In this course, we also discussed the importance of Active Directory Groups. This is also
relevant to my work as an analytics architect in that we often need a way to determine who can
access what information or perform a given operation. As the organizations I typically work with
use Microsoft technologies, they often utilize Active Directory. Understanding of Active
Directory groups is critical to the success of many of my projects.
Importance of Audits and Logging
This course also covered the importance of audits and access logs. Audits are also
important in the design of analytics solutions. Often it is important to know what person is
PRACTICAL CONNECTION
3
accessing what data. Also, many of the organizations are governed by regulations which require
tracking all changes to data or process in an exhaustive fashion. This means that when someone
views a record, that fact must be recorded. Recording the information is the first step in the
process. After the data related to data access is captured, it must be processed so that governance
reports can be created. Also, the original data must be preserved so that an external auditor can
reproduce the same results.
Conclusion
The importance of the concept of least privilege, Active Directory Groups, and auditing
was presented. These concepts have relationships. For example, the principle of least privilege
is often made possible through the use of Active Directory Groups. Likewise, auditing is often
applied based on an individual’s membership in a group. For example, it may be important to
record when someone in the data operations group accessed records in the payroll-related
databases.
While the topic of application security is very large, it does have specific application to
the data analytics space. As an analytics architect, I find many of the topics to be a refresher of
existing knowledge combined with learning new things. While I do not plan to become an expert
in security, understanding the concepts makes me a better analytics architect.