Extensión Cañar - Ingeniería de Sistemas
URI permanente para esta colección
Examinar
Examinando Extensión Cañar - Ingeniería de Sistemas por Asesores "Flores Urgiles, Cristian Humberto"
Mostrando 1 - 10 de 10
Resultados por página
Opciones de ordenación
- ÍtemAcceso AbiertoAnálisis de técnicas para pruebas de ethical hacking-pentesting en sitios web(Universidad Catolica de Cuenca extension Cañar, 2021-11-06) Ortiz Padilla, Gerardo Antonio; Flores Urgiles, Cristian Humberto; 030291381-9ABSTRACT The present work analyzes the techniques for the ethical hacking test, pen testing in a website, thus, it is essential to rely on the informatics system safety that uses the instructions to avoid vulnerability in the confidentiality, integrity, and availability of data, blocking out the unauthorized access. The main objective is to analyze the Ethical Hacking-Pen testing. The methodology was based on the different phases of the OWASP Ethical Hacking, which includes the planning, gathering of information, numbering and exploration of vulnerabilities, privilege lifting, and report. The population included a website that was created (DIGI shop). The developing methodology was implemented in the results, starting from the identification of the scope, resources, and metrics. Then, the architecture and the UML diagram of the security were designed. Later, the vulnerabilities were scanned in Kali Linux, where five threats were identified and the exploitation was carried out with the Metasploitable program. Finally, the comparison of ethical hacking techniques according to CVSS parameters was presented and in the last phase, an indicator was established as a measure to measure the level of solution to vulnerabilities. Concluding that the most suitable ethical hacking technique to identify vulnerabilities in the store's website is pentesting SQL injection. Keywords: ethical hacking, pen-testing, website, owasp
- ÍtemAcceso AbiertoConstrucción de una solución de business intelligence en la empresa mega market Calle & hijos cía. ltda.(Universidad Catolica de Cuenca extension Cañar, 2022-08-17) Iglesias Saeteros, José Eduardo; Flores Urgiles, Cristian Humberto; 035008233-5ABSTRACT Nowadays, business intelligence usage in companies and organizations is booming in order to change its strategies and have access to information in real time. This research states a BI solution in the Mega Market Calle & Hijos company. To do this, a survey to analyze information accessibility problems and executive reports completion were carried out to contribute the decision making. Giving this problem, a business intelligence solution design has been determined to facilitate the accessibility to decision making in a timely manner. That is why, the Ralph Kimball methodology was carried out to minimize possible errors and meet each of its phases. Several tools such as Excel, DbVisualizer, Knime, Power BI were also used to allow the sales, products, categories, sales in COVID-19 times, etc. reports as these tools are free and easy to use. Keywords: business intelligence, ralph kimball, decision making, enterprise, reporting.
- ÍtemAcceso AbiertoDesarrollo de software de análisis de riesgos y gestión de seguridad basado en ISO 27001, Cañar- Ecuador.(Universidad Catolica de Cuenca extension Cañar, 2021-11-16) Muñoz Muñoz, Juan Fernando; Flores Urgiles, Cristian Humberto; 030271231-0Abstract The present paper involves the development of software for the security risk analyses, which allows defining the necessary controls to compile with all protective requirements of an organization`s essets. In order to develop this research project, a software-development methodology was defined, in accordance with the project`s necessities. Once the methodology was defined. A software that allows the use of the MAGERIT methodology was designed and developed, to effectively and efficiently analyze the risks, showing the norm ISO/IEC27001 controls, such system allows to conduct an informatics-risk analysis thru the essessment of assets, impact, probability, identifying the threat index and the risk level of the assets. Finally, the software was tested by entering the essets, and providing it with the respective mark, some threats to such assets were identified,the impact and probability were marked to obtain the risk level, if the level is high, the necessary controls are presented for each threat to mitigate the risk. Keywords: MAGERIT, risk management, controls, ISO/IEC27001
- ÍtemAcceso AbiertoDesarrollo de un manual de procesos para el departamento de ti basado en cobit 5. en el municipio del cantón el Tambo(Universidad Catolica de Cuenca extension Cañar, 2022-05-24) Velasquez Zhau, Victor Manuel; Flores Urgiles, Cristian Humberto; 030279077-9ABSTRACT The present thesis work entails the design of an automated irrigation system prototype, which helps to maintain the balance of soil moisture causing water to be used efficiently, along with the use of an Arduino microcontroller and humidity and environment sensors. To design such a prototype, it must have two sensors one, that measures the soil moisture, and the other, that measures the humidity of the environment. These sensors will transfer the information to the Arduino microcontroller, which then will decide according to both the parameters and conditions imposed on the script, whether it is necessary to activate the automatic irrigation resulting in turning on the water pump. Consequently, the soil humidity is controlled, helping to avoid an excess or deficit of humidity in the orchard. To validate it, tests were carried out in different soil moisture environments giving optimum results according to the conditions imposed on the operation of the prototype. Keywords: automation, automatic irrigation, arduino, sensors, microcontroller
- ÍtemAcceso AbiertoDiseño de un plan de continuidad de negocio en la empresa Cañar net, Cañar-Ecuador(Universidad Catolica de Cuenca extension Cañar, 2021-11-27) Allaico Chimborazo, Miriam Maribel; Flores Urgiles, Cristian Humberto; 030274788-6ABSTRACT A Business Continuity Plan is a strategy that enterprises take on in order to recover and restore their critical functions based on a process that aids to define an olternative solution to avoid the interruption of the services or processes that are carried out within the Enterprise. The business continuty in the technoligical field is a methodology for the well mansgement of the ICT in order to obtain the well-functioning of the Enterprise. This research proposes a business continuity plan fr the Net Cañar Enterprise. It starts with an analtsis of the studies carried out before in the different ISP where similar methodologies are applied, and they validate the ones used in this Project. Then the most relevant definitions for the development of the business continuity plan are presented. On the other hand, a comparison of the dofferent standards and normative for the elaboration of the BCP was aslo conducted. Similarly, a Comparison beyween the different methodologies for the risk analyses. The gathering of information was done, the norm ISO 22301 is selected and specified for the elaboration of the BCP and the Magerit methdology for the analysis and risk management. Finally, the application outcome ot the magerit methodology is pointed out and the proposal of a business continuity plan that will be the reference for the Enterprise is developed. Keywords: continuity plan, bcp, isp, ICT, risks
- ÍtemAcceso AbiertoFraudes informáticos y su incidencia en la seguridad de los docentes y estudiantes de la UCACUE, extensión Cañar(Universidad Catolica de Cuenca extension Cañar, 2022-09-15) Chalán Guamán, Tania Estefania; Flores Urgiles, Cristian Humberto; 030289355-7ABSTRACT This research aims to analyze computer fraud and its impact on the security of teachers and students of UCACUE, Cañar campus. The objectives of this study were: 1) To conduct surveys to measure the level of security that exists when using technological means, 2) To analyze the different computer frauds and how the impact of these acts on social life and technology affects users, 3) To determine the different factors that influence computer fraud. The research arises because there has been an increase in computer fraud cases, generating concern due to the importance of the information handled through the networks. For this reason, analyzing some of these illicit acts is essential since, on many occasions, it is carried out with great ease to exploit people economically, taking advantage of their lack of knowledge and naivety when handing over personal information. The incidence analysis was carried out through surveys and a risk matrix using the MAGERIT methodology, determining the assets based on the study conducted and the threats that may affect them. The results showed that Phishing (identity theft) and Trojan Horse (spreading of information) are the most frequent technological media fraud, where about 60% of teachers and students are victims of this type of crime. Keywords: computer fraud, technology, information, magerit methodology.
- ÍtemAcceso AbiertoManual de políticas de seguridad de la información basado en la norma ISO 27001 en el GAD intercultural de el Tambo.(Universidad Catolica de Cuenca extension Cañar, 2021-11-16) Chimborazo Quizhpi, Carlos Francisco; Flores Urgiles, Cristian Humberto; 030236264-5ABSTRACT The Intercultural Decentralized Autonomous Municipal Government from El Tambo (GADMIET by its acronym in Spanish) has been developing different procedures throughout its territory to provide its citizens with services that improve their quality of life. The lack of information about security standards in the GADMIET makes the information handled within the organization vulnerable to manipulation. Therefore, this research aims at designing a manual of information security policies based on the ISO 27001 standard in the GADMIET from El Tambo. Thus, to efficiently develop this thesis work, the ISO standard is taken as a basis for the 27001: 2013 and the ISO 27002 good practice guide, to determine the controls that allow the assurance of the information. Accordingly, a survey was applied to the IT manager to determine the current situation of the organization. Additionally, the survey of assets of the department of Information and Communication Technologies (ICT) and the respective qualification. The level of risk was determined based on the threats of the aforementioned assets and the pertinent controls were established, obtaining, as a result, the policy manual for the intercultural GAD from El Tambo. Keywords: ISO 27001 standard, controls, risk management, ICT, GADMIET
- ÍtemAcceso AbiertoMarco de trabajo y herramientas para el análisis forense en la atención de los delitos informáticos de cibergrooming bajo los dispositivos móviles android.(Universidad Catolica de Cuenca extension Cañar, 2022-10-06) Murudumbay Huerta, Misael Julio; Flores Urgiles, Cristian Humberto; 035016048-7ABSTRACT This research work aims at developing a framework with its respective tools for forensic analysis regarding the cybercrime of cyber rooming-in mobile devices. The objectives of the research include: 1) To analyze scientific documentation and identify legal aspects in Ecuador about cyber rooming, 2) To select the methodology to structure the process of extracting information from mobile devices, 3) To run tests on such tool that allows us to recover information from mobile devices using computer forensic techniques. The forensic analysis methodology (DFRW) was the one used, which entails four phases that allow us to obtain satisfactory results when carrying out a forensic investigation. The first phase embraces "identification", which refers to the chain of custody started for the case of investigation based on electronic evidence (Mobile Phone) for its respective analysis. The second phase refers to "collection", the contents of the device were extracted physically and logically (Backup). The third phase deals with the "Analysis", techniques and forensic analysis tools were applied. The fourth phase is the presentation of the findings encompassed in the device through a technical report obtained with the MOBIL edit forensic tool, where more than 1000 image-photo files were found with sexual content, violence, and mockery, considered as the main evidence to be considered in a trial. Keywords: forensic analysis, computer crime, cyber rooming, methodology, dfrw.
- ÍtemAcceso AbiertoMarketing digital como oportunidad de crecimiento de las fan page en las redes sociales(Universidad Catolica de Cuenca extension Cañar, 2022-08-23) Torres Guaño, Daniel Duqueny; Flores Urgiles, Cristian Humberto; 035015464-7ABSTRAC This article presents a digital marketing plan implementation for the "Canar Stock Specials" fan page in Canar-Ecuador, with the page followers´ participation. The objectives of this study were: a) Analyze the current external and internal competitive situation of the CanarStock specials, b) Measure the evolution of the page indicators in the social network by the implementation of the marketing plan, c) Demonstrate the functionality of the digital marketing plan applied to the CanarStock specials fan page. To establish the status of the fan page, the internal and external competitive situation and start the project, a SWOT analysis was conducted. For gathering information, a mixed approach was used since the quantitative method will give us the real values of the indicators in the fan page, and the qualitative method will analyze the factors involved in the digital marketing plan. The research result is the evidence of the digital marketing plan implementation functioning, taking into account the data recorded from the tool "insights", showing that 18-34 females are the greatest followers interactors, the time with the best reception of the publications is at 2 pm with more than 54% of followers and the page reach is from Canar city where the enterprises that generate publications come from, getting successful results. Keywords: digital marketing, kpi's, insight, fan page, interaction.
- ÍtemAcceso AbiertoModelo de plan de continuidad de negocio para las cooperativas segmento B del canton Cañar(Universidad Catolica de Cuenca extension Cañar, 2022-04-13) Buscan Pinguil, Pacha Cutic; Flores Urgiles, Cristian Humberto; 030651466-4ABSTRACT This paper analyzes aspects that are necessary for the construction of a Business Continuity Planning (BCP) model based on the ISO 22301 standard for the savings and credit cooperatives segment 2 of Canar. This model will provide them with a competitive advantage by improving their public image and achieving greater confidence in their members and suppliers. On the other hand, BCP will also provide preventive management of IT risks that could affect its operations, so its correct implementation will prevent and minimize the losses of the organization in a mishap. The objectives were: a) Design a Business Continuity Plan model for the savings and credit cooperatives segment 2 of Canar canton by using recognized standards to guarantee the customers´ provision of the services, b) Conduct a theoretical study of the regulations of the business continuity plan, c) Identify the current situation of the savings and credit cooperatives of the Canar canton segment 2 with a Business Continuity Plan, d) Build a Business Continuity Plan model for the savings and credit cooperatives of the Canar canton segment 2 as a preventive tool to guarantee the continuity process in an existing incident. The descriptive method was used in this research and the IT area of the different cooperatives was taken as a sample for the model. The result was the Business Continuity Plan model for the savings and credit cooperatives segment 2 of the Canar canton, as a result, these financial institutions will benefit themselves by providing a guide to ensure IT continuity services. Keywords: bcp, savings and credit cooperatives, risk analysis, ISO 22301.