I need TWO different documents for both the questions - Programming
Question-1 : In no less than 250 words, explain what is meant by an IDS and an IPS. How are they different? How are they connected to a network? List a few examples of IDS/IPS tools that are currently on the market. Respond to two other learners by the end of the week.Question-2 : 11.1 List and briefly define three classes of intruders.11.2 What are two common techniques used to protect a password file?11.3 What are three benefits that can be provided by an intrusion detection system?11.4 What is the difference between statistical anomaly detection and rule-based intrusion detection?11.5 What metrics are useful for profile-based intrusion detection?11.6 What is the difference between rule-based anomaly detection and rule-based penetration identification?11.7 What is a honeypot?11.8 What is a salt in the context of UNIX password management?11.9 List and briefly define four techniques used to avoid guessable passwords.Complete your answers on a WORD Document Reference : Attached PPT ch11_netsec6e_accessibleppt.pptx Unformatted Attachment Preview Network Security Essentials: Applications and Standards Sixth Edition Chapter 11 Intruders Copyright © 2017 Pearson Education, Inc. All Rights Reserved Intruders • Three classes of intruders: – Masquerader ▪ An individual who is not authorized to use the computer and who penetrates a system’s access controls to exploit a legitimate user’s account – Misfeasor ▪ A legitimate user who accesses data, programs, or resources for which such access is not authorized, or who is authorized for such access but misuses his or her privileges – Clandestine user ▪ An individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection Copyright © 2017 Pearson Education, Inc. All Rights Reserved Examples of Intrusion (1 of 2) • Performing a remote root compromise of an e-mail server • Defacing a Web server • Guessing and cracking passwords • Copying a database containing credit card numbers • Viewing sensitive data, including payroll records and medical information, without authorization • Running a packet sniffer on a workstation to capture usernames and passwords Copyright © 2017 Pearson Education, Inc. All Rights Reserved Examples of Intrusion (2 of 2) • Using a permission error on an anonymous FTP server to distribute pirated software and music files • Dialing into an unsecured modem and gaining internal network access • Posing as an executive, calling the help desk, resetting the executive’s e-mail password, and learning the new password • Using an unattended, logged-in workstation without permission Copyright © 2017 Pearson Education, Inc. All Rights Reserved Hackers (1 of 2) • Traditionally, those who hack into computers do so for the thrill of it or for status • Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) are designed to counter hacker threats − In addition to using such systems, organizations can consider restricting remote logons to specific IP addresses and/or use virtual private network technology Copyright © 2017 Pearson Education, Inc. All Rights Reserved Hackers (2 of 2) • CERTs – Computer emergency response teams – These cooperative ventures collect information about system vulnerabilities and disseminate it to systems managers – Hackers also routinely read CERT reports – It is important for system administrators to quickly insert all software patches to discovered vulnerabilities Copyright © 2017 Pearson Education, Inc. All Rights Reserved Criminal Hackers • Organized groups of hackers • Usually have specific targets, or at least classes of targets in mind • Once a site is penetrated, the attacker acts quickly, scooping up as much valuable information as possible and exiting • IDSs and IPSs can be used for these types of attackers, but may be less effective because of the quick in-and-out nature of the attack Copyright © 2017 Pearson Education, Inc. All Rights Reserved Insider Attacks • Among the most difficult to detect and prevent • Can be motivated by revenge or simply a feeling of entitlement • Countermeasures: – Enforce least privilege, only allowing access to the resources employees need to do their job – Set logs to see what users access and what commands they are entering – Protect sensitive resources with strong authentication – Upon termination, delete employee’s computer and network access – Upon termination, make a mirror image of employee’s hard drive before reissuing it (used as evidence if your company information turns up at a competitor Copyright © 2017 Pearson Education, Inc. All Rights Reserved Intrusion Techniques • Objective of the intruder is to gain access to a system or to increase the range of privileges accessible on a system • Most initial attacks use system or software vulnerabilities that allow a user to execute code that opens a backdoor into the system • Ways to protect a password file: – One-way functioning ▪ The system stores only the value of a function based on the user’s password – Access control ▪ Access to the password file is limited to one or a very few accounts Copyright © 2017 Pearson Education, Inc. All Rights Reserved Password Guessing (1 of 2) 1. Try default passwords used with standard accounts that are shipped with the system. Many administrators do not bother to change these defaults. 2. Exhaustively try all short passwords (those of one to three characters). 3. Try words in the system’s online dictionary or a list of likely passwords. Examples of the latter are readily available on hacker bulletin boards. 4. Collect information about users, such as their full names, the names of their spouse and children, pictures in their office, and books in their office that are related to hobbies. Copyright © 2017 Pearson Education, Inc. All Rights Reserved Password Guessing (2 of 2) 5. Try users’ phone numbers, Social Security numbers, and room numbers. 6. Try all legitimate license plate numbers for this state. 7. Use a Trojan horse to bypass restrictions on access. 8. Tap the line between a remote user and the host system. Copyright © 2017 Pearson Education, Inc. All Rights Reserved Intrusion Detection • A system’s second line of defense • Is based on the assumption that the behaviour of the intruder differs from that of a legitimate user in ways that can be quantified • Considerations: – If an intrusion is detected quickly enough, the intruder can be identified and ejected from the system before any damage is done or any data are compromised – An effective intrusion detection system can serve as a deterrent, so acting to prevent intrusions – Intrusion detection enables the collection of information about intrusion techniques that can be used to strengthen the intrusion prevention facility Copyright © 2017 Pearson Education, Inc. All Rights Reserved Figure 11.1 Profiles of Behavior of Intruders and Authorized Users Copyright © 2017 Pearson Education, Inc. All Rights Reserved Approaches to Intrusion Detection (1 of 2) • Statistical anomaly detection – Involves the collection of data relating to the behavior of legitimate users over a period of time – Then statistical tests are applied to observed behavior to determine whether that behavior is not legitimate user behavior – Threshold detection ▪ This approach involves defining thresholds, independent of user, for the frequency of occurrence of various events Copyright © 2017 Pearson Education, Inc. All Rights Reserved Approaches to Intrusion Detection (2 of 2) – Profile based ▪ A profile of the activity of each user is developed and used to detect changes in the behavior of individual accounts • Rule-based detection – Involves an attempt to define a set of rules or attack patterns that can be used to decide that a given behavior is that of an intruder – Often referred to as signature detection Copyright © 2017 Pearson Education, Inc. All Rights Reserved Audit Records (1 of 2) • Fundamental tool for intrusion detection – Native audit records ▪ Virtually all multiuser operating systems include accounting software that collects information on user activity ▪ The advantage of using this information is that no additional collection software is needed ▪ The disadvantage is that the native audit records may not contain the needed information or may not contain it in a convenient form Copyright © 2017 Pearson Education, Inc. All Rights Reserved Audit Records (2 of 2) – Detection-specific audit records ▪ A collection facility can be implemented that generates audit records containing only that information required by the intrusion detection system ▪ One advantage of such an approach is that it could be made vendor independent and ported to a variety of systems ▪ The disadvantage is the extra overhead involved in having two accounting packages running on a machine Copyright © 2017 Pearson Education, Inc. All Rights Reserved Statistical Anomaly Detection • Threshold detection • Profile-based – Involves counting the number of occurrences of a specific event type over an interval of time – If the count surpasses what is considered a reasonable number that one might expect to occur, then intrusion is assumed – By itself is a crude and ineffective detector of even moderately sophisticated attacks – Focuses on characterizing the past behavior of individual users or related groups of users and then detecting significant deviations – A profile may consist of a set of parameters, so that deviation on just a single parameter may not be sufficient in itself to signal an alert Copyright © 2017 Pearson Education, Inc. All Rights Reserved Table 11.1 Measures that May be Used for Intrusion Detection (1 of 3) Login and Session Activity Measure Model Type of Intrusion Detected Login frequency by day and time Mean and standard deviation Intruders may be likely to log in during offhours. Frequency of login at different locations Mean and standard deviation Intruders may login from a location that a particular user rarely or never uses. Time since last login Operational Break-in on a “dead” account. Elapsed time per session Mean and standard deviation Significant deviations might indicate masquerader. Quantity of output to location Mean and standard deviation Excessive amounts of data transmitted to remote locations could signify leakage of sensitive data. Session resource utilization Mean and standard deviation Unusual processor or I/O levels could signal an intruder. Password failures at login Operational Attempted break-in by password guessing. Failures to login from specified terminals Operational Attempted break-in. Copyright © 2017 Pearson Education, Inc. All Rights Reserved Table 11.1 Measures that May be Used for Intrusion Detection (2 of 3) Command or Program Execution Activity Measure Model Type of Intrusion Detected Execution Frequency Mean and standard deviation May detect intruders, who are likely to use different commands or a successful penetration by a legitimate user, who has gained access to privileged commands. Program resource utilization Mean and standard deviation An abnormal value might suggest injection of a virus or Trojan horse, which performs side effects that increase I/O or processor utilization. Execution denials Operational model May detect penetration attempt by individual user who seeks higher privileges. Copyright © 2017 Pearson Education, Inc. All Rights Reserved Table 11.1 Measures that May be Used for Intrusion Detection (3 of 3) File Access Activity Measure Model Type of Intrusion Detected Read, write, create, delete frequency Mean and standard deviation Abnormalities for read and write access for individual users may signify masquerading or browsing. Records read, written Mean and standard deviation Abnormality could signify an attempt to obtain sensitive data by inference and aggregation. Failure count for read, write, create, delete Operational May detect users who persistently attempt to access. Copyright © 2017 Pearson Education, Inc. All Rights Reserved Rule-Based Intrusion Detection (1 of 2) • Techniques detect intrusion by observing events in the system and applying a set of rules that lead to a decision regarding whether a given pattern of activity is or is not suspicious • Rule-based anomaly detection – Is similar in terms of its approach and strengths to statistical anomaly detection – Historical audit records are analyzed to identify usage patterns and to automatically generate rules that describe those patterns – Current behavior is then observed, and each transaction is matched against the set of rules to determine if it conforms to any historically observed pattern of behavior – In order for this approach to be effective, a rather large database of rules will be needed Copyright © 2017 Pearson Education, Inc. All Rights Reserved Rule-Based Intrusion Detection (2 of 2) • Rule-based penetration identification – Typically, the rules used in these systems are specific to the machine and operating system – The most fruitful approach to developing such rules is to analyze attack tools and scripts collected on the Internet – These rules can be supplemented with rules generated by knowledgeable security personnel • USTAT – A model independent of specific audit records – Deals in general actions rather than the detailed specific actions recorded by the UNIX auditing mechanism – Implemented on a SunOS system that provides audit records on 239 events Copyright © 2017 Pearson Education, Inc. All Rights Reserved Table 11.2 USTAT Actions versus SunOS Event Types UTSAT Action SunOS Event Type Read open_r,open_rc,open_rtc,open_rwc,open_rwtc,open_rt,open _rw,open_rwt Write truncate,ftruncate,creat,open_r,open_rc,open_rtc,open_rwc, open_rwtc,open_rt,open_rw,open_rwt,open_w,open_wt,open _wc,open_wct Create mkdir,creat,open_rc,open_rtc,open_rwc,open_rwtc,open_wc, open_wtc,mknod Delete rmdir, unlink Execute exec, execve Exit exit Modify_Owner chown, fchown Modify_Perm chmod, fchmod Rename rename Hardlink link Copyright © 2017 Pearson Education, Inc. All Rights Reserved Base-Rate Fallacy (1 of 2) • To be of practical use, an intrusion detection system should detect a substantial percentage of intrusions while keeping the false alarm rate at an acceptable level – If only a modest percentage of actual intrusions are detected, the system provides a false sense of security – If the system frequently triggers an alert when there is no intrusion, then either system managers will begin to ignore the alarms or much time will be wasted analyzing the false alarms Copyright © 2017 Pearson Education, Inc. All Rights Reserved Base-Rate Fallacy (2 of 2) • Because of the nature of the probabilities involved, it is very difficult to meet the standard of high rate of detections with a low rate of false alarms – If the actual numbers of intrusions is low compared to the number of legitimate uses of a system, then the false alarm rate will be high unless the test is extremely discriminating • See Appendix J for a brief background on the mathematics of this problem Copyright © 2017 Pearson Education, Inc. All Rights Reserved Distributed Intrusion Detection • Traditional systems focused on single-system stand-alone facilities – The typical organization, however, needs to defend a distributed collection of hosts supported by a L AN or internetwork – A more effective defense can be achieved by coordination and cooperation among intrusion detection systems across the network • Major design issues: – A distributed intrusion detection system may need to deal with different audit record formats – One or more nodes in the network will serve as collection and analysis points for the data from the systems on the network – Either a centralized or decentralized architecture can be used Copyright © 2017 Pearson Education, Inc. All Rights Reserved Figure 11.2 Architecture for Distributed Intrusion Detection Copyright © 2017 Pearson Education, Inc. All Rights Reserved Figure 11.3 Agent Architecture Copyright © 2017 Pearson Education, Inc. All Rights Reserved Honeypots (1 of 2) • Decoy systems that are designed to lure a potential attacker away from critical systems – Has no production value ▪ These systems are filled with fabricated information designed to appear valuable but that a legitimate user of the system wouldn’t access ▪ Thus, any attempt to communicate with the system is most likely a probe, scan, or attack – Designed to: ▪ Divert an attacker from accessing critical systems ▪ Collect information about the attacker’s activity Copyright © 2017 Pearson Education, Inc. All Rights Reserved Honeypots (2 of 2) ▪ Encourage the attacker to stay on the system long enough for administrators to respond • Because any attack against the honeypot is made to seem successful, administrators have time to mobilize and log and track the attacker without ever exposing productive systems • Recent research has focused on building entire honeypot networks that emulate an enterprise, possible with actual or simulated traffic and data Copyright © 2017 Pearson Education, Inc. All Rights Reserved Figure 11.4 Example of Honeypot Deployment Copyright © 2017 Pearson Education, Inc. All Rights Reserved Intrusion detection exchange format • To facilitate the development of distributed intrusion detection systems that can function across a wide range of platforms and environments, standards are needed to support interoperability • IETF Intrusion Detection Working Group – Purpose of the group is to define data formats and exchange procedures for sharing information of interest to intrusion detection with response systems and to management systems that may need to interact with them – Have issued the following RFCs: ▪ Intrusion Detection Message Exchange Requirements (RFC 4766) ▪ The Intrusion Detection Message Exchange Format (RFC 4765) ▪ The Intrusion Detection Exchange Protocol (RFC 4767) Copyright © 2017 Pearson Education, Inc. All Rights Reserved Figure 11.5 Model for Intrusion Detection Message Exchange Copyright © 2017 Pearson Education, Inc. All Rights Reserved Password Management • Front line of defense against intruders • Virtually all multiuser systems require that a user provide not only a name or identifier (ID) but also a password – Password serves to authenticate the ID of the individual logging on to the system – The ID provides security by: ▪ Determining whether the user is authorized to gain access to a system ▪ Determining the privileges accorded to the user ▪ Used in discretionary access control Copyright © 2017 Pearson Education, Inc. All Rights Reserved Attack strategies and countermeasures (1 of 4) • Workstation hijacking – The attacker waits until a logged-in workstation is unattended – The standard countermeasure is automatically logging the workstation out after a period of inactivity • Exploiting user mistakes – Attackers are frequently successful in obtaining passwords by using social engineering tactics that trick the user or an account manager into revealing a password; a user may intentionally share a password to enable a colleague to share files; users tend to write passwords down because it is difficult to remember them – Countermeasures include user training, intrusion detection, and simpler passwords combined with another authentication mechanism Copyright © 2017 Pearson Education, Inc. All Rights Reserved Attack strategies and countermeasures (2 of 4) • Offline dictionary attack – Determined hackers can frequently bypass access controls and gain access to the system’s password file – Countermeasures include controls to prevent unauthorized access to the password file, intrusion detection measures to identify a compromise, and rapid reissuance of passwords should the password file be compromised • Specific account attack – The attacker targets a specific account and submits password guesses until the correct password is discovered – The standard countermeasure is an account lockout mechanism, which locks out access to the account after a number of failed login attempts Copyright © 2017 Pearson Education, Inc. All Rights Reserved Attack strategies and countermeasures (3 of 4) • Electronic monitoring – If a password is communicated across a network to log on to a remote system, it is vulnerable to eavesdropping – Simple encryption will not fix this problem, because the encrypted password is, in effect, the password and can be observed and reused by an adversary • Password guessing against single user – The attacker attempts t ... Purchase answer to see full attachment
CATEGORIES
Economics Nursing Applied Sciences Psychology Science Management Computer Science Human Resource Management Accounting Information Systems English Anatomy Operations Management Sociology Literature Education Business & Finance Marketing Engineering Statistics Biology Political Science Reading History Financial markets Philosophy Mathematics Law Criminal Architecture and Design Government Social Science World history Chemistry Humanities Business Finance Writing Programming Telecommunications Engineering Geography Physics Spanish ach e. Embedded Entrepreneurship f. Three Social Entrepreneurship Models g. Social-Founder Identity h. Micros-enterprise Development Outcomes Subset 2. Indigenous Entrepreneurship Approaches (Outside of Canada) a. Indigenous Australian Entrepreneurs Exami Calculus (people influence of  others) processes that you perceived occurs in this specific Institution Select one of the forms of stratification highlighted (focus on inter the intersectionalities  of these three) to reflect and analyze the potential ways these ( American history Pharmacology Ancient history . Also Numerical analysis Environmental science Electrical Engineering Precalculus Physiology Civil Engineering Electronic Engineering ness Horizons Algebra Geology Physical chemistry nt When considering both O lassrooms Civil Probability ions Identify a specific consumer product that you or your family have used for quite some time. This might be a branded smartphone (if you have used several versions over the years) or the court to consider in its deliberations. Locard’s exchange principle argues that during the commission of a crime Chemical Engineering Ecology aragraphs (meaning 25 sentences or more). Your assignment may be more than 5 paragraphs but not less. INSTRUCTIONS:  To access the FNU Online Library for journals and articles you can go the FNU library link here:  https://www.fnu.edu/library/ In order to n that draws upon the theoretical reading to explain and contextualize the design choices. Be sure to directly quote or paraphrase the reading ce to the vaccine. Your campaign must educate and inform the audience on the benefits but also create for safe and open dialogue. A key metric of your campaign will be the direct increase in numbers.  Key outcomes: The approach that you take must be clear Mechanical Engineering Organic chemistry Geometry nment Topic You will need to pick one topic for your project (5 pts) Literature search You will need to perform a literature search for your topic Geophysics you been involved with a company doing a redesign of business processes Communication on Customer Relations. Discuss how two-way communication on social media channels impacts businesses both positively and negatively. Provide any personal examples from your experience od pressure and hypertension via a community-wide intervention that targets the problem across the lifespan (i.e. includes all ages). Develop a community-wide intervention to reduce elevated blood pressure and hypertension in the State of Alabama that in in body of the report Conclusions References (8 References Minimum) *** Words count = 2000 words. *** In-Text Citations and References using Harvard style. *** In Task section I’ve chose (Economic issues in overseas contracting)" Electromagnetism w or quality improvement; it was just all part of good nursing care.  The goal for quality improvement is to monitor patient outcomes using statistics for comparison to standards of care for different diseases e a 1 to 2 slide Microsoft PowerPoint presentation on the different models of case management.  Include speaker notes... .....Describe three different models of case management. visual representations of information. They can include numbers SSAY ame workbook for all 3 milestones. You do not need to download a new copy for Milestones 2 or 3. When you submit Milestone 3 pages): Provide a description of an existing intervention in Canada making the appropriate buying decisions in an ethical and professional manner. Topic: Purchasing and Technology You read about blockchain ledger technology. Now do some additional research out on the Internet and share your URL with the rest of the class be aware of which features their competitors are opting to include so the product development teams can design similar or enhanced features to attract more of the market. The more unique low (The Top Health Industry Trends to Watch in 2015) to assist you with this discussion.         https://youtu.be/fRym_jyuBc0 Next year the $2.8 trillion U.S. healthcare industry will   finally begin to look and feel more like the rest of the business wo evidence-based primary care curriculum. Throughout your nurse practitioner program Vignette Understanding Gender Fluidity Providing Inclusive Quality Care Affirming Clinical Encounters Conclusion References Nurse Practitioner Knowledge Mechanics and word limit is unit as a guide only. The assessment may be re-attempted on two further occasions (maximum three attempts in total). All assessments must be resubmitted 3 days within receiving your unsatisfactory grade. You must clearly indicate “Re-su Trigonometry Article writing Other 5. June 29 After the components sending to the manufacturing house 1. In 1972 the Furman v. Georgia case resulted in a decision that would put action into motion. Furman was originally sentenced to death because of a murder he committed in Georgia but the court debated whether or not this was a violation of his 8th amend One of the first conflicts that would need to be investigated would be whether the human service professional followed the responsibility to client ethical standard.  While developing a relationship with client it is important to clarify that if danger or Ethical behavior is a critical topic in the workplace because the impact of it can make or break a business No matter which type of health care organization With a direct sale During the pandemic Computers are being used to monitor the spread of outbreaks in different areas of the world and with this record 3. Furman v. Georgia is a U.S Supreme Court case that resolves around the Eighth Amendments ban on cruel and unsual punishment in death penalty cases. The Furman v. Georgia case was based on Furman being convicted of murder in Georgia. Furman was caught i One major ethical conflict that may arise in my investigation is the Responsibility to Client in both Standard 3 and Standard 4 of the Ethical Standards for Human Service Professionals (2015).  Making sure we do not disclose information without consent ev 4. Identify two examples of real world problems that you have observed in your personal Summary & Evaluation: Reference & 188. Academic Search Ultimate Ethics We can mention at least one example of how the violation of ethical standards can be prevented. Many organizations promote ethical self-regulation by creating moral codes to help direct their business activities *DDB is used for the first three years For example The inbound logistics for William Instrument refer to purchase components from various electronic firms. During the purchase process William need to consider the quality and price of the components. In this case 4. A U.S. Supreme Court case known as Furman v. Georgia (1972) is a landmark case that involved Eighth Amendment’s ban of unusual and cruel punishment in death penalty cases (Furman v. Georgia (1972) With covid coming into place In my opinion with Not necessarily all home buyers are the same! When you choose to work with we buy ugly houses Baltimore & nationwide USA The ability to view ourselves from an unbiased perspective allows us to critically assess our personal strengths and weaknesses. This is an important step in the process of finding the right resources for our personal learning style. Ego and pride can be · By Day 1 of this week While you must form your answers to the questions below from our assigned reading material CliftonLarsonAllen LLP (2013) 5 The family dynamic is awkward at first since the most outgoing and straight forward person in the family in Linda Urien The most important benefit of my statistical analysis would be the accuracy with which I interpret the data. The greatest obstacle From a similar but larger point of view 4 In order to get the entire family to come back for another session I would suggest coming in on a day the restaurant is not open When seeking to identify a patient’s health condition After viewing the you tube videos on prayer Your paper must be at least two pages in length (not counting the title and reference pages) The word assimilate is negative to me. I believe everyone should learn about a country that they are going to live in. It doesnt mean that they have to believe that everything in America is better than where they came from. It means that they care enough Data collection Single Subject Chris is a social worker in a geriatric case management program located in a midsize Northeastern town. She has an MSW and is part of a team of case managers that likes to continuously improve on its practice. The team is currently using an I would start off with Linda on repeating her options for the child and going over what she is feeling with each option.  I would want to find out what she is afraid of.  I would avoid asking her any “why” questions because I want her to be in the here an Summarize the advantages and disadvantages of using an Internet site as means of collecting data for psychological research (Comp 2.1) 25.0\% Summarization of the advantages and disadvantages of using an Internet site as means of collecting data for psych Identify the type of research used in a chosen study Compose a 1 Optics effect relationship becomes more difficult—as the researcher cannot enact total control of another person even in an experimental environment. Social workers serve clients in highly complex real-world environments. Clients often implement recommended inte I think knowing more about you will allow you to be able to choose the right resources Be 4 pages in length soft MB-920 dumps review and documentation and high-quality listing pdf MB-920 braindumps also recommended and approved by Microsoft experts. The practical test g One thing you will need to do in college is learn how to find and use references. References support your ideas. College-level work must be supported by research. You are expected to do that for this paper. You will research Elaborate on any potential confounds or ethical concerns while participating in the psychological study 20.0\% Elaboration on any potential confounds or ethical concerns while participating in the psychological study is missing. Elaboration on any potenti 3 The first thing I would do in the family’s first session is develop a genogram of the family to get an idea of all the individuals who play a major role in Linda’s life. After establishing where each member is in relation to the family A Health in All Policies approach Note: The requirements outlined below correspond to the grading criteria in the scoring guide. At a minimum Chen Read Connecting Communities and Complexity: A Case Study in Creating the Conditions for Transformational Change Read Reflections on Cultural Humility Read A Basic Guide to ABCD Community Organizing Use the bolded black section and sub-section titles below to organize your paper. For each section Losinski forwarded the article on a priority basis to Mary Scott Losinksi wanted details on use of the ED at CGH. He asked the administrative resident