tag:blogger.com,1999:blog-31732375906485782432024-03-14T00:15:34.974-07:00Randy Marchany: Cybersecurity and other stuffMy interests include Cybersecurity issues, music from a performer viewpoint, and volleyballRandyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.comBlogger43125tag:blogger.com,1999:blog-3173237590648578243.post-42907589521615243562023-02-17T11:48:00.000-08:002023-02-17T11:48:56.660-08:004 Tips for Prioritizing Metrics<p><br /></p><span id="docs-internal-guid-3f06351f-7fff-9243-87df-c213c1ee076d"><br /><p dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;"><span style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">There are three phases to setting up a security metrics program. First, you must collect the data, analyze it and finally report your findings. The Collection phase involves installing sensors (Zeek, Commercial IDS/IPS, vulnerability scanners, etc.). The Analysis phase uses tools such as ServiceNow, Remedy, Crystal Reports, etc. The Reporting phase is the process of creating workbooks (weekly, monthly, yearly) and a set of Operational, Incident and Compliance reports. Your target audiences include your boss, your boss’ boss, IT manager peers, security team, your Board, internal audit, CFO/COO and units involved with regulatory compliance. Matt Tolbert gave a talk in 2007 on Security metrics that resonated with me. Here are some notes I took from his talk for prioritizing security metrics. A good metrics reporting package should include:</span></p><ol style="margin-bottom: 0; margin-top: 0; padding-inline-start: 48px;"><li aria-level="1" dir="ltr" style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: decimal; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">Operational.</span><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> Examples of these reports include helpdesk tickets completed, security project status, # of security scans completed and their results, inventory of hardware or software connected to your network. The target audience includes your boss, IT manager peers, and your security team.</span></p></li><li aria-level="1" dir="ltr" style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: decimal; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">Incident.</span><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> These are the number of reported security incidents and their status such as success/failure, financial and reputational impact, “after action reports”, legal status. The target audience is your boss, your boss’ boss and your Board of Directors/Trustees.</span></p></li><li aria-level="1" dir="ltr" style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: decimal; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">Compliance.</span><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> These metrics show how effective your security controls, services and training are in complying with whatever security or data standards your organization has to be in compliance. The target audience includes your boss, your boss’ boss, internal audit and units involved with regulatory compliance. </span></p></li><li aria-level="1" dir="ltr" style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: decimal; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">Executive.</span><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> These metrics are similar to the Compliance metric but they also show the value of the security controls, services and training you’ve installed. They should also show areas that need improvement as well as showing progress to meeting the organization’s business goals.</span></p></li></ol><p dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;"><span style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Tolbert suggested 4 benefits from building a security metrics program. These metrics can help:</span></p><ol style="margin-bottom: 0; margin-top: 0; padding-inline-start: 48px;"><li aria-level="1" dir="ltr" style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: decimal; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Provide budget and staffing justification for expansion</span></p></li><li aria-level="1" dir="ltr" style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: decimal; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">See what risks your organization really faces</span></p></li><li aria-level="1" dir="ltr" style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: decimal; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">See what risks your organization will face long and short tem</span></p></li><li aria-level="1" dir="ltr" style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: decimal; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Gauge the effectiveness of your team(s) effectiveness in meeting your security control requirements.</span></p></li></ol><p dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;"><span style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">There are a number of good resources on building a security metrics program. Matt Tolbert’s 2007 “Effective Security Metrics” presentation is a great summary. Andrew Jaquith’s book “Security Metrics: Replacing Fear, Security and Doubt” is another good resource. It’s one of my “bibles” of security metrics. The Educause “Effective Security Metrics: A Guide to Effective Security Metrics” ( </span><a href="https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide/toolkits/effective-security-metrics" style="text-decoration-line: none;"><span style="color: #0563c1; font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide/toolkits/effective-security-metrics</span></a><span style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ) has good high level points to setting up a security metric framework regardless of your industry sector.</span></p><div><span style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div></span>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-42198460166614493272022-04-03T15:24:00.005-07:002022-04-03T18:16:10.430-07:00Motorcycle Riding and Being A CISO<p> I was checking out some YouTube videos and ran across this one with Michael Jordan, Charles Barkley and Oprah Winfrey. Towards the end of the video, Michael talks about being a defensive driver if you ride a motorcycle. "You have to be really focused and see the traffic ahead", says Jordan. He then takes a dig at Charles. Check out https://www.youtube.com/watch?v=t_Q1k2r2yao.</p><p> </p><p>I've ridden bicycles almost all of my life and motorcycles for the last third of my life. When I'm on the bike (either type), I am looking ahead to see what traffic patterns are there and trying to anticipate how I can maneuver through those patterns safely and efficiently. My nephew and I used to play a game when he was younger. We'd be in the mall and the challenge was to walk through a crowd from point A to B without missing a step or stopping because someone stepped in front of you. You had to watch the traffic flow and make your best guess on where and when an opening would occur.</p><p> </p><p>This is one of the things a CISO or security architect should practice. You want to look at threat intel, network traffic or attack patterns and chart a course of action based on your past knowledge as well as your ability to guess what will happen next. Sure, sometimes you guess wrong but you use that knowledge to improve your prediction capability. Sound like machine learning? Probably.</p><p> </p><p>Next time you ride a bicycle or motorcycle, see if you ride defensively by looking ahead and anticipating the next action that can happen. Take that skill and apply it to designing your security architecture.</p>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-34759570997432245422021-11-28T13:33:00.003-08:002021-11-28T13:33:43.491-08:00Is Protecting Admin Privs on Endpoints Still Relevant?<p> </p><p><span style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;">The post-pandemic WFH (Work From Home) model should force us to reevaluate the effectiveness of our security architectures. The most common reason for wanting administrative privileges on a device is that the local IT support can't install needed software when it's required by the business. I ask my SANS students how long it takes to install a software package for a business unit. The answers range from 1-2 weeks to 6 or more months because of a software review process. </span></p><h3 style="text-align: left;"><b data-stringify-type="bold" style="background-color: #f8f8f8; box-sizing: inherit; color: #1d1c1d; font-family: Slack-Lato, appleLogo, sans-serif; font-size: 15px; font-variant-ligatures: common-ligatures;">Admin privileges on endpoints</b><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;">: </span></h3><p><span style="color: #1d1c1d;"><span style="background-color: #f8f8f8; font-size: 15px; font-variant-ligatures: common-ligatures;">I want to emphasize that I'm NOT talking about administrative privileges on Active Directory or some other central management (Kaseya, Solarwinds, etc.) domain accounts. I'm talking about local accounts and accounts on standalone computers. </span></span></p><p><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;">Is the "User having (local/standalone) admin privileges on a computer" as bad a security risk as people say it is? I emphasize the term "local/standalone" admin accounts. I think it is not. Why? </span></p><p><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;"> </span></p><p><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;">1) in the old days, having admin privileges on a multi-user system was a big deal. If you were in administrator/root mode and your account got owned, the consequence of that breach would impact ALL of the users on that system. For large multiuser systems, that could be hundreds to thousands of users. I understand why there was concern about the administrative/root accounts being secure. </span><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;">For servers that provide a service to multiple remote (to the server) users, it makes sense to restrict admin privileges on the server(s).</span></p><p><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;"> </span></p><p><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;"> 2) <span style="font-family: Slack-Lato, appleLogo, sans-serif;">In</span></span><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;"> today's BYOD world, users are admin/root and general users simultaneously. There usually is only user per device. The impact of an admin/root failure is limited to the individual. Phishing, ransomware attacks are just as damaging regardless of the entity that triggered the attack being a general user or admin level account. Smartphones, tablets, etc. have merged the admin and general privilege levels into a single account so it makes no sense to "restrict" admin privileges on those devices today. You can't enforce that. </span></p><p><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;"> </span></p><p><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;">What about high risk data exposure? Such data exposures can happen in either admin/root or general user mode. For most of the hits I've seen over the years, the damage was done regardless of the privilege level of the account involved.</span></p><p><span face="Slack-Lato, appleLogo, sans-serif" style="background-color: #f8f8f8; color: #1d1c1d; font-size: 15px; font-variant-ligatures: common-ligatures;"> </span></p><p><span style="color: #1d1c1d;"><span style="background-color: #f8f8f8; font-size: 15px; font-variant-ligatures: common-ligatures;">It comes down to training. I've said in a previous blog entry that a poorly trained sysadmin is one of the greatest threats to an organization's data and infrastructure. Organizations should require a minimum amount of training for employees who want administrative privileges on a device. </span></span></p><h3 style="text-align: left;"><br /></h3>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com1tag:blogger.com,1999:blog-3173237590648578243.post-633173283584232782021-04-15T22:07:00.001-07:002021-04-15T22:07:19.519-07:00Time to Train - <p> "Excuse me, sir. How do I get to Carnegie Hall?"</p><p>"Practice, Practice, Practice."</p><p><br /></p><p>I've always said that a poorly trained sysadmin is one of the greatest threats to any organization's infrastructure. The military training module may seem archaic and cumbersome but it is effective. There is a significant amount of investment in creating an effective training program. I believe the correct technical description is "it ain't cheap". Organizations that fail to train their technical and general user staff in basic or advanced IT security practices are doomed to suffer multiple failures. </p><p>I'm not going to dive into pedagogy (can't help but giggle everytime I hear that word) or the merits of a good training program. Too much has been said on those topics. Instead, I'm going to present my idea of a training roadmap here:</p><p></p><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: center;"><a href="https://lh3.googleusercontent.com/-_aw83nWJbLM/YHkYI12hS5I/AAAAAAAAMVE/LvkZhGOZw7AUX25zfLM2zzZcjwyJcvpYgCLcBGAsYHQ/image.png" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="910" data-original-width="2370" height="291" src="https://lh3.googleusercontent.com/-_aw83nWJbLM/YHkYI12hS5I/AAAAAAAAMVE/LvkZhGOZw7AUX25zfLM2zzZcjwyJcvpYgCLcBGAsYHQ/w416-h291/image.png" width="416" /></a></div><br /><br /></div><br /> Here we have 3 main training tracks:<p></p><p></p><ul style="text-align: left;"><li><b>Technical track</b> - the target audiences are system administrators, developers, IT Security analysts/architects. These training programs are designed to enhance your staff's technical knowledge.</li><li><b>Awareness track</b> - the target audiences are your general staff, management. These training programs are designed to make your workforce aware of the laws, regulations, best practices for handling your organization's sensitive data. In addition, these programs show your staff the different types of physical and cyber attacks they may see and how to respond to these threats.</li><li><b>User (How-to) track</b> - this training program teaches your staff how to use the day to day tools of your business. It covers things like how to:</li><ul><li>use Microsoft Office, Adobe Acrobat tools</li><li>use graphical design tools</li><li>use collaboration tools</li><li>use in-house tools</li><li>use external software or hardware products.</li></ul></ul>There needs to be a blend of externally developed training materials (SANS Secure the Human, Skillsetsonline, LinkedIn Learning, etc.) and "local" training for in-house applications.<p></p><p>Take a look at the above roadmap and I would like to hear your suggestions on how to improve or implement the roadmap.</p><p><br /></p>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-1515193182649608352021-01-23T13:30:00.000-08:002021-01-23T13:30:12.345-08:00Resilience Is the Key to a Successful Defensive Strategy<br /><p>The main mission of any CISO is not to prevent breaches of their infrastructure, rather, it's to safeguard you organizations' sensitive data and identity. I've said many time in the past that there are no <b>device</b> breach notifications but there are plenty of <b>data</b> breach notification laws. There are many ways to protect data and identity like encryption, monitoring outbound traffic, increasing user awareness, multi-factor authentication. These are important things but they are a means to achieve a goal. Resilience is the key to a sound defensive strategy. Here are some thoughts.</p><p></p><ol style="text-align: left;"><li>We play defense not offense. 95% of companies hire cybersecurity people to defend their company from cyberattacks. They don't hire them to attack other sites. That's what the remaining 5% do. However, to play good defense, one must know how to play good offense. In other words, a Blue Team should have strong Red Team skills.</li><li>One must accept the fact that a breach will happen regardless of whatever controls are in place. The old defensive strategy of building a "wall" to keep the bad guys out has failed. While there are many variants of the now popular Zero Trust Network philosophy, there are 2 key points that must be in place:</li><ol><li>The network is hostile.</li><li>Data and identity are the new borders</li></ol><li><b>The key to a successful defensive strategy is resilience not prevention.</b> A sound resilience strategy is key to recovery.</li></ol><h3 style="text-align: left;">Resilience </h3><div>I could give the Webster's dictionary definition of resilience but let me give you an example.</div><div><br /></div><div>Ransomware is one of the destructive attacks that has affected a large number of organizations and people recently. It's been around since 1989 but what made it popular was the introduction of cryptocurrency as the payment mechanism. For example, the Virginia State prescription monitoring database was hit with a ransomware attack in 2009 and the attackers demanded a $10M ransom. The state didn't pay and restored from backups. There was a disruption of service, some loss of data but the service recovered. Collecting the $10M in small bills requires a bunch of duffel bags and every LEO in the planet watching those bags to see who collects them. </div><div><br /></div><div>This incident convinced me that the best defense against ransomware attacks is not "prevention", rather, it is "recovery". Take the time to carefully align file permissions with need-to-access requirements of the business. This is a difficult step. It may limit ransomware damage by limiting the files the malware can access.</div><div> </div><div>A good backup strategy is the best defense in this case. A system gets hit with ransomware, you wipe it, patch it, restore your data from good backups and then move on with your business. A good resilience strategy should include these steps:</div><div><br /></div><div><ul style="text-align: left;"><li>find your sensitive data. Consolidate it into something like a data lake. </li><li>Map where your sensitive data goes within your network borders as well as outside your borders. </li><li>Backup this data lake by taking snapshots, doing old school incremental backups and store the backups offline in a read-only mode. For example, NetApp devices allow the creation of a read-only snapshot.</li><li>Test your recovery processes frequently.</li></ul></div><div><br /></div><div>The old RFC 1244 "Site Security Handbook" describes two defensive strategies: "Protect and Proceed" and "Pursue and Prosecute". It set the following conditions for each of these approaches:</div><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div> </div></blockquote></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><span style="font-size: 13.3333px;"> <b>Protect and Proceed</b></span></div></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 1. If assets are not well protected.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 2. If continued penetration could result in great</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> financial risk.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 3. If the possibility or willingness to prosecute</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> is not present.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 4. If user base is unknown.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 5. If users are unsophisticated and their work is</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> vulnerable.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 6. If the site is vulnerable to lawsuits from users, e.g.,</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> if their resources are undermined.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> <b>Pursue and Prosecute</b></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 1. If assets and systems are well protected.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 2. If good backups are available.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 3. If the risk to the assets is outweighed by the</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> disruption caused by the present and possibly future</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> penetrations.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 4. If this is a concentrated attack occurring with great</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> frequency and intensity.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 5. If the site has a natural attraction to intruders, and</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> consequently regularly attracts intruders.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 6. If the site is willing to incur the financial (or other)</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> risk to assets by allowing the penetrator continue.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 7. If intruder access can be controlled.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 8. If the monitoring tools are sufficiently well-developed</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> to make the pursuit worthwhile.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 9. If the support staff is sufficiently clever and knowledgable</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> about the operating system, related utilities, and systems</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> to make the pursuit worthwhile.</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"></pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> 10. If there is willingness on the part of management to</pre></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><pre class="newpage" style="break-before: page; font-size: 13.3333px; margin-bottom: 0px; margin-top: 0px;"> prosecute.</pre></blockquote></blockquote><div><br /></div><div> <b><i> Figure 1. Protect and Proceed vs Pursue and Prosecute</i></b></div><div><b><i><br /></i></b></div><div>My ransomware scenario's recovery process is an implementation of requirement listed in RFC 1244 - " "Attempts will be made to actively interfere with the intruder's processes, prevent further access and <i><b>begin immediate damage assessment and recovery." </b></i></div><div><i><b><br /></b></i></div><div>This is an example of resilience. Andy Greenberg's book "Sandworm" has a chapter dedicated to resilience. Dan Geer's essay "A Rubicon" is another example of the importance of resilience. Creating an "parallel" network universe addresses interdependency issues and allows for a quick recovery.</div><div><br /></div><div>We should certainly spend funds on detection tools but the bulk of present-day defenses should be focused on how we recover from an attack. Resilience processes such as backups, monitoring and disrupting outbound traffic to questionable sites are examples of a good resilience strategy. </div><div><br /></div><div>You're going to get breached at some point in time. How fast you recover can limit the damage done to your business processes. </div><div><br /></div><h4 style="text-align: left;">References</h4><div><br /></div><div>https://assets.documentcloud.org/documents/4366740/Geer-Webready-Updated.pdf</div><div>https://tools.ietf.org/html/rfc1244</div><div>https://mysupport.netapp.com/NOW/public/eseries/sam_archive1150/index.html#page/GUID-8538272A-B802-49D9-9EA2-96C82DAD26A2/GUID-F6C0C512-F196-4008-97AE-EA06EE4D32F6.html</div><p></p>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com2tag:blogger.com,1999:blog-3173237590648578243.post-7183884028109230482020-08-31T11:21:00.001-07:002020-08-31T11:21:57.453-07:00RDP Security Tip and other Infographics<p> Thanks to Thomas Roccia for this great resource he created. It's at <a href="https://medium.com/@tom_rock/security-infographics-9c4d3bd891ef">https://medium.com/@tom_rock/security-infographics-9c4d3bd891ef</a>. I think you'll find these graphs to be particularly useful in any presentation you do. </p><p>We've been asked a lot about Remote Desktop security given the WorkFromHome (WFH) situation we're in during the pandemic. It is a serious problem and here's a great infographic from Thomas' site. </p><div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-o8J9bX1ZgYg/X00_SaLhCFI/AAAAAAAALis/eRRf-4h2nEIvsVUfVc0G3B4a7DmNWFBSQCLcBGAsYHQ/s1414/RDP%2BBest%2BPractices.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1414" data-original-width="1014" height="640" src="https://1.bp.blogspot.com/-o8J9bX1ZgYg/X00_SaLhCFI/AAAAAAAALis/eRRf-4h2nEIvsVUfVc0G3B4a7DmNWFBSQCLcBGAsYHQ/w459-h640/RDP%2BBest%2BPractices.jpg" width="459" /></a></div><br /><p><br /></p>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-82299917390096273132020-08-08T13:57:00.004-07:002020-08-08T13:57:58.035-07:00Academic Freedom and IT Security - They Do Work Well Together<p> I was a member of a panel on Cyber Hygiene that was sponsored by the SANS Institute today. My good buddies, Tony Sager and Russell Eubanks were also on the panel. </p><p>An attendee asked me about the challenge of balancing IT Security practices vs. the cherished Academic Freedom (AF) issue. I responded that IT has to stop being the Department of NO and go out and listen and learn how researchers do their thing. Only then should they decide on a path that supports rather than hinders their research. It's harder to take the time to meet and learn how end users actually do things given the multitude of tasks most IT people need to perform in their normal course of duties. Understanding how and why your end users do things allows you to design and build a more efficient IT Security program and architecture. Short term pain eventually leads to long term gain. Taking the time to understand how your end users actually use your IT services will actually lessen the amount of time you have to spend outside of your normal duties in the long term. </p><p>It was a great question and it got me thinking about the issue a little more and hence, this blog entry. I've been working in EDU IT for 45 years now and here are some musings on this balancing challenge.</p><p>I went on a motorcycle ride and got to thinking more about the question while I was riding through the mountains. It occurred to me that t<b>here should be no conflict between IT security and AF principles.</b> <b>IT Security practices should enhance and protect AF. One complements the other. </b></p><p>First, let's try to define "academic freedom" for the purpose of this blog. Here are some definitions that I'll use as my foundation. Academic Freedom is defined as:</p><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><p>1. <span style="background-color: white; color: #222222; font-family: Roboto, arial, sans-serif; font-size: small;">a scholar's freedom to express ideas without risk of official interference or professional disadvantage. </span><span style="background-color: white; color: #878787; font-family: Roboto, arial, sans-serif; font-size: small;">"we cannot protect academic freedom by denying others the right to an opposing view" (Oxford Dictionary)</span></p><p><span style="font-family: Roboto, arial, sans-serif; font-size: small;"><span style="background-color: white;">2. </span></span><span style="background-color: white; font-family: roboto, Arial, sans-serif;"><span style="font-size: small;">Academic freedom means that both faculty members and students can engage in intellectual debate without fear of censorship or retaliation. (</span></span><a href="https://www.insidehighered.com/views/2010/12/21/defining-academic-freedom">https://www.insidehighered.com/views/2010/12/21/defining-academic-freedom</a>)</p><p>3. <span style="font-size: small;">T<span style="background-color: white; color: #484548; font-family: "helvetica neue", Helvetica, arial, sans-serif;">eachers are entitled to full freedom in research and in the publication of the results, subject to the adequate performance of their other academic duties. </span></span><span style="background-color: white; color: #484548; font-family: "helvetica neue", Helvetica, arial, sans-serif; font-size: small;">Teachers are entitled to freedom in the classroom in discussing their subject, but they should be careful not to introduce into their teaching controversial matter that has no relation to their subject. (</span><a href="https://www.aaup.org/issues/academic-freedom/professors-and-institutions">https://www.aaup.org/issues/academic-freedom/professors-and-institutions</a>)</p></blockquote><p>After reading these definitions, I tried to see what the conflict was between IT practices and Academic Freedom (AF). Frankly, I saw more opportunities for IT practices to support, secure and protect AF. All 3 of the above definitions emphasize the right of the academic community to discuss freely any topic without the fear of censorship or retaliation. Looking at this from the IT Security point of view, here are some threat scenarios to AF in the online world. A sample threat would be attacks against the Confidentiality, Integrity and Availability (CIA) aspects of AF.</p><p>For example, let's look at censorship. DOS/DDOS attacks, domain blocking, confiscation of servers or endpoints are examples of availability attacks. Unauthorized modification of topics/data is an example of an integrity attack. Doxing is an example of a confidentiality attack. </p><p>There are existing IT Security practices that can mitigate the effects of these classes of attacks. Availability threats such as DOS/DDOS attacks can be deflected. Domain blocking can be addressed. Good file permission strategies along with good backups, file integrity tools can mitigate integrity attacks. Hunting down doxxers, online "bullies" can be done using techniques such as OSINT and log analysis to protect individuals from harassment or retaliation.</p><p>Sound IT Security practices can and should be done to further advance academic freedom. I think the supposed conflict between IT Security and AF is not the big issue everyone outside of the EDU world thinks it is. </p><p>To the webinar attendee who asked me the question of balancing IT Security practices with Academic Freedom, let me say IT Security practices should support academic freedom by designing procedures for protecting one's right to academic freedom. It should never interfere with that core business process.</p><p>This is my short answer to this question. I'd like to hear your opinions on this matter.</p><p>8/8/2020</p>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com1tag:blogger.com,1999:blog-3173237590648578243.post-67343537799941272202020-08-07T20:01:00.000-07:002020-08-07T20:01:14.854-07:00Encryption, Security and Privacy, Oh My!<br />
<div class="MsoNormal">
We’ve been hearing a lot of discussion about encryption
these days. The Federal government proposes installing “backdoors” in
encryption algorithms to allow law enforcement and security groups to be able
to monitor communication between entities who pose a threat to “our”
security.<span style="mso-spacerun: yes;"> </span>We’ll talk more about this
later but we want to emphasize this is an “age old” argument.<o:p></o:p></div>
<div class="MsoNormal">
Clay Bennet won a Pulitzer Prize in 2002 for an editorial
cartoon that expertly explains the security vs. privacy issue. Imagine a house,
two people inside it and a wooden fence around the house. The house has a label
that says “PRIVACY”. Workmen are removing planks from the house and using them
to build the fence that has a label that says “SECURITY”.<span style="mso-spacerun: yes;"> </span>Security vs. Privacy is like a see-saw. The
more security you want, the less privacy you have. It is not a “vice versa”
situation. More privacy does not necessarily mean less security. Security
advocates usually say “if you’re not doing anything wrong, then you shouldn’t
be worried”. <span style="mso-spacerun: yes;"> </span>There are lots of flaws
with this argument. The most common one is “who defines what is the definition
of “wrong”? Does wrong mean “illegal” or dissent, for example. A common
definition of privacy is the “right to be left alone”. <o:p></o:p></div>
<div class="MsoNormal">
Encryption provides a way to hide something you send or
store from unauthorized entities. It can be as basic as speaking a foreign
language to someone or using something based on high order mathematics. For
example, the Navajo code talkers used their language as an “encryption” method
of communicating without the enemy being able to determine what was being said.
As with any process, it can be used for good or evil. <span style="mso-spacerun: yes;"> </span>You “break” this encryption technique by using
someone fluent in the language being used. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In the 1990s, the Federal government proposed a method (the
Clipper chip) allowing law enforcement and security groups to decrypt encrypted
information. The resulting uproar was instrumental in shooting this proposal
down but it showed how people didn’t understand how encryption works. The
“clipper chip” was a “backdoor” way to decrypt a file or transmission. Suppose
you put your tax papers in a vault to protect it from unauthorized access. You
use a lock and key to gain access. A backdoor would be something like a master
key for that lock that allows it to be unlocked. Common sense tells us the
master key a) needs to be guarded all the time b) the person who has the master
key isn’t evil and c) the person who has the regular key knows a master key
exists. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
So what’s the problem? Well, in the digital world, copies
can be made without the owner’s knowledge. Any good hacker would try to get
that “master” key and use it. It’s folly to assume a digital “master
key/backdoor” would never be compromised. The 2011 RSA hack and 2013 Carbon
Black attack are examples of hackers going after the “master” keys with
success. While the whole purpose of encryption is to protect data at rest and
in transit, there are ways to try to get the data in its original form.<span style="mso-spacerun: yes;"> </span>Consider the following:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
A -> K -> M1 <span style="mso-spacerun: yes;"> </span>->C1-> EC -----------<span style="font-family: Wingdings; mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-char-type: symbol; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin; mso-symbol-font-family: Wingdings;"><span style="mso-char-type: symbol; mso-symbol-font-family: Wingdings;">à</span></span> DC -> C2 -> M1
-> file/display -> B<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Person A uses a keyboard K to create a message M, stores it
on computer C1 and encrypts it using tool EC. The encrypted message arrives at
the target machine, is decrypted by tool DC running on device C2,<span style="mso-spacerun: yes;"> </span>the data M is either stored in a file or
shown on the display to person B. <span style="mso-spacerun: yes;"> </span>The
message is encrypted only from EC on C1 to DC on C2.<span style="mso-spacerun: yes;"> </span>Attack points where the data could be copied
are at K, C1 C2, M, file/display. Note these attack points do NOT need to know
your encryption key. Why? The data is in the clear when it’s entered at K,
stored in a file M1. If you write a program to grab the data at these points,
you get the data in the clear. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
This is nothing new. The first public reporting of this
technique was done in 1998 when the FBI used a keystroke recorder against a
mafia don’s computer. The recorder allowed them to collect information used to
prosecute him. The keystroke recorder copied the data as it was entered <b style="mso-bidi-font-weight: normal;">before</b> it was encrypted. The 2001 Magic
Lantern tool and the 2009 CIPAV (Computer and Internet Protocol Address
Verifier) were law enforcement tools developed to get data before it was
encrypted. <o:p></o:p></div>
<div class="MsoNormal">
These were every effective techniques and did not require a
“backdoor” to an encryption algorithm. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
So, let’s go back to the Privacy part of this essay. Those
who advocate the “security” argument maintain there’s a need to be able to
determine if criminal intent is planned. If criminals use encryption to hide
intent then the government needs to be able to decrypt those messages.<span style="mso-spacerun: yes;"> </span>There are ways to get data before it is
encrypted so why the need for a backdoor? We need to remember that a message or
data in a file starts as cleartext. Data capture techniques have been around
for the past 20 years. Since they don’t require a backdoor to the encryption
algorithm, one could assume the real target is privacy.<span style="mso-spacerun: yes;"> </span>Why? The introduction of backdoors into any
encryption algorithm destroys the algorithm as an encryption tool. The
backdoor(s) will become publicly known eventually and encryption ceases to
exist. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
What’s truly ironic about this contention is that
individuals are freely giving up lots of personal information to commercial
companies. <o:p></o:p></div>
<br /><br />
<i>This is a reprint of article originally posted on </i><a href="https://encryption-and-data-loss-protection-solutions.enterprisesecuritymag.com/cxoinsight/encryption-security-and-privacy-oh-my-nid-1455-cid-5.html">https://encryption-and-data-loss-protection-solutions.enterprisesecuritymag.com/cxoinsight/encryption-security-and-privacy-oh-my-nid-1455-cid-5.html</a>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-86453274906790051872020-08-07T20:00:00.005-07:002020-08-07T20:00:56.592-07:00Out with the Old! In with the New! Perimeter Border replaced by Data and Identity Borders - Some Thoughts<br />
<br />
These are a few questions that I'll address in upcoming blog posts.<br /><ul><li>Are the industry threats your threats? Just because the magic quadrant says Threat A is the critical threat you need to address doesn't mean that it applies to your network. What metrics have you collected to determine the root cause of compromises or breaches in your org? While phishing is one of the major threats touted in cybersecurity mags, is it the root cause at your site? For example, for us, the 2 major root causes that led to breaches (big ones) that affected the entire institution were a) poor password management b) failure to apply OS and application patches in a timely manner. While we did have lots of successful phishing attacks, the consequences of those hits was limited to 1 or 2 people - the person who fell for the phish and/or immediate family. On the other hand, a sister institution found almost the opposite of our results. Phishing was a primary vector in their case. My point is that we need to take the time to evaluate the real causes of successful attacks against our infrastructure/data/credentials and then use this information to buy/build tools/processes to address those threats. This helps us avoid wasting money on defensive tools that address 1% of successful attacks against us. </li>
<li>The New Borders - Your Identity, Data. I used to say (still do) that the effective security perimeter is the device and not the border. As more and more devices become "personal" and not "organizational", the border becomes your phone, tablet, laptop, server, etc. BYOD is forcing us to adapt to this new paradigm. Mobility becomes the new data flow process. </li>
<li>Work From Home (WFH) has drastically changed the "border". </li>
<li>Both ends (endpoint clients, servers) of the traditional client-server process aren't necessarily inside your traditional "border". How are you approaching the visibility issue?</li>
</ul>
<div>
<br /></div>
<div>
<br /></div>
Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com1tag:blogger.com,1999:blog-3173237590648578243.post-43011985134936046872018-04-16T14:15:00.002-07:002018-04-16T14:16:08.935-07:00Why Corporate Security Should Be Like Museums? Edus Are.I was preparing a talk for the 2018 Educause Security Professionals Conference and was trying to think of ways to show how EDU networks are really microcosms of society. I wrote in an earlier blog that EDUs are small cities. I've said that our network security strategy is a blend of commercial and ISP requirements. It was wasn't until I ran into my friend, Christian Schreiber, who gave me the best analogy so far. As a CISO, I have to give a presentation to our Board of Visitors, our version of the corporate board of directors, every now and then. I like to use real world examples to explain our security strategy. Most board members come from the corporate world and want to know why we don't follow a corporate IT security strategy.<br />
<br />
Well, Christian was working on a talk and he said EDUs are like a museum. At first, I thought he was going to tease us about being quaint, staid and stuffy. Rather than state the obvious :-), he pointed out the following:<br />
<ol>
<li>Museums allows all sorts of individuals into their building.</li>
<li>Museums have high value assets and protect them with a variety of tools, technical expertise.</li>
<li>Key assets are highlighted to make them more accessible to the public.</li>
<li>Museums cover their interiors with a wide variety of tools.</li>
<li>Museums focus on detecting malicious operators who may be already inside the building.</li>
</ol>
Christian went further and give some examples of museum defense in depth:<br />
<ol>
<li>Museums have few access points but they allow free flowing access to anyone.</li>
<li>Museums erect additional barriers around high value assets.</li>
<li>Museums have pervasive monitoring tools: video cameras, motion detectors, laser detection systems, visitors logs.</li>
<li>Museums have numerous active response capabilities such as: uniformed guards, on-demand barriers, fire suppression systems, moving doors.</li>
<li>Museums have recovery systems such as insurance and tracking devices embedded in high value assets.</li>
<li>Museums assume there are hostiles inside their buildings.</li>
</ol>
As you can see, there are Continuous Monitoring, Zero Trust Network, network forensics components embedded in the bullet items above. They allow visitors to bring their own devices, take pictures, buy souvenirs and wander freely within public spaces. They also have restricted areas that require additional authentication and authorization.<br />
<br />
IoT, BYOD have been forcing orgs to reconsider how their network security should be implemented. The traditional border security model will fail in the new technology model unless they adapt to a mobile user environment. I used to say the device was the border. Nowadays, I believe there are 2 new borders that need to be considered:<br />
<ol>
<li>User identity - users access their work/home assets from all over the internet. For example, EDUROAM allows members of one EDU connect to the internet using another EDU's net and the member's home institution credentials.</li>
<li>Data - If data becomes the new border then does it matter where it's stored? If its protection schemes focus on the data element itself, then I don't believe it matters.</li>
</ol>
Given these 2 new borders then the museum defense model makes a lot of sense. This doesn't mean that you should discard the older perimeter style defenses but it does mean the combination of these layers forms the basis of a reasonable, successful museum defense.<br />
<br />
<br />Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com5tag:blogger.com,1999:blog-3173237590648578243.post-32918078540208740422018-01-05T12:42:00.000-08:002018-08-21T09:55:22.052-07:00Cybersecurity's Biggest Mistake - The Daystrom SyndromeI've been very fortunate to be part of the design team of the Virginia Cyber Range (www.virginiacyberrange.org). The range is designed to a) be a course repository (full course material, individual course modules, individual lab exercises) for NSA CAE schools in VA and K-12 school in VA and b) provide an environment to run these classes and exercises from any location in the world. I'll have more on that in a later blog. One of the unexpected surprises in the project is the enthusiastic adoption of the Range by the K-12 schools. K-12 teachers were caught in the middle of a number of competing worlds:<br />
<ul>
<li>Federal and state political pressure on school systems to include cybersecurity concepts in K-12 classes</li>
<li>School system pressure on K-12 schools to do the same</li>
<li>Local (principal) pressure on local faculty to develop these courses</li>
<li>Teachers are unable to create these environments because of school system and local IT resistance to build the environment needed to teach these classes.</li>
</ul>
That last bullet item turned out to be the major stumbling block in implementing these education programs. Why? As you probably know, local school systems have tightly regulated, locked down and restricted access to the internet from their school networks. Some of the reasons have to do with parental concern on questionable material/people on the net getting access to K-12 students; general concerns of the school IT staff to protect systems and data from unauthorized access. I suspect the real reason is a lack of funding to increase IT staff sizes and provide training to said staff. When you're 1 admin for 1000 machines, you're not going to allow special cases simply because you don't have the cycles to provide the required support. <br />
<br />
I came from the sysadmin world and remember the "prime directive" of sysadmins: "Keep the systems running at all costs". This directive, while noble, has caused more security headaches over the past 25 years. Simple things like patching OS, applications and hardware for security issues run into the sysadmin prime directive which resulted in security vulnerabilities not being corrected in a timely manner.<br />
<br />
This reminds me of the "Ultimate Computer" episode of Star Trek (TOS). The Enterprise was fitted with the new M5 computer which automated the ship's handling, offensive and defensive capabilities. When things went south quickly because the M5 started behaving in a dangerous manner, Dr. Daystrom was blind to what the machines was doing because of his loyalty to a particular train of thought (<i>"You don't shut a child off when it makes a mistake. M-5 is growing, learning.</i>"<br />
"<i>Learning to kill.</i>" "<i>To defend itself. It's quite a different thing.</i>")<br />
<br />
Sysadmins were infected with the "Daystrom syndrome" where we became so involved (enamored?) with our technology that we lost sight of the real goal of our technology: to allow people to use the technology in a meaningful way to themselves and to business. Some examples of this Daystrom Syndrome variant include:<br />
<ul>
<li>making systems harder to use for the sake of "security" of the system</li>
<li>restricting how users can access information that is "questionable" to the IT person but not the user. We're not talking about porn here. We're talking about using the Internet as a research tool to get software, algorithms, etc. that make our business more efficient and how this behavior is restricted by IT because of security issues.</li>
<li>not patching systems because that would required them being unavailable for a period of time. This downtime violates the 24x7 availability rule that is one of the governing things that sets sysadmin behavior.</li>
<li>Anything that causes the user to say "IT won't let me do this"</li>
<li>Anything that causes sysadmins to say " users will wreck our security, availability, stability".</li>
</ul>
Sysadmins and their upper mgt have forgotten the prime reason why IT exists in business is to allow the business to make more money (grow the business) by making business processes more efficient.<br />
<br />
Let me come back to the Range and K-12 scenario. The conundrum is the K-12 teachers need to build machines that can connect to the net and be able to be configured, modified by teachers and students. Let's also face the fact that most school IT suffers from low budgets and the IT machine/staff ratio is frighteningly high. These factors combined with the Daystrom syndrome means the K-12 teachers are told they can't use the school systems or net to build these cybersecurity classes. The Range provides an environment that allows teachers to actually create a space for their classes without IT interference. The school IT just have to allow web access to the Range. Unfortunately, this sometimes is easier said than done.<br />
<br />
This brings me back to my premise - IT has created a worse security problem than the one they were trying to solve by imposing unnecessary restrictions on user behavior thereby preventing them from doing their jobs which encourages them to bypass these restrictions.<br />
<br />
It's time for us to rethink the model.<br />
<br />Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com2tag:blogger.com,1999:blog-3173237590648578243.post-72758043048509663422017-06-05T11:45:00.001-07:002018-01-05T12:43:26.373-08:00Assume They're In Your Network Already<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]--><br />
<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:RelyOnVML/>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves>false</w:TrackMoves>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>PT-BR</w:LidThemeOther>
<w:LidThemeAsian>ZH-CN</w:LidThemeAsian>
<w:LidThemeComplexScript>AR-SA</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
<w:UseFELayout/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="false"
DefSemiHidden="false" DefQFormat="false" DefPriority="99"
LatentStyleCount="371">
<w:LsdException Locked="false" Priority="0" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 9"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="header"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footer"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index heading"/>
<w:LsdException Locked="false" Priority="35" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of figures"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope return"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="line number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="page number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of authorities"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="macro"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="toa heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 5"/>
<w:LsdException Locked="false" Priority="10" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Closing"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Signature"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="true"
UnhideWhenUsed="true" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Message Header"/>
<w:LsdException Locked="false" Priority="11" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Salutation"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Date"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Note Heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Block Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="FollowedHyperlink"/>
<w:LsdException Locked="false" Priority="22" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Document Map"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Plain Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="E-mail Signature"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Top of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Bottom of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal (Web)"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Acronym"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Cite"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Code"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Definition"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Keyboard"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Preformatted"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Sample"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Typewriter"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Variable"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Table"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation subject"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="No List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Contemporary"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Elegant"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Professional"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Balloon Text"/>
<w:LsdException Locked="false" Priority="39" Name="Table Grid"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Theme"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" QFormat="true"
Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" QFormat="true"
Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" QFormat="true"
Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" QFormat="true"
Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" QFormat="true"
Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" QFormat="true"
Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" SemiHidden="true"
UnhideWhenUsed="true" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="TOC Heading"/>
<w:LsdException Locked="false" Priority="41" Name="Plain Table 1"/>
<w:LsdException Locked="false" Priority="42" Name="Plain Table 2"/>
<w:LsdException Locked="false" Priority="43" Name="Plain Table 3"/>
<w:LsdException Locked="false" Priority="44" Name="Plain Table 4"/>
<w:LsdException Locked="false" Priority="45" Name="Plain Table 5"/>
<w:LsdException Locked="false" Priority="40" Name="Grid Table Light"/>
<w:LsdException Locked="false" Priority="46" Name="Grid Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="Grid Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="Grid Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="46" Name="List Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="List Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="List Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 6"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:8.0pt;
mso-para-margin-left:0in;
line-height:107%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:Arial;
mso-bidi-theme-font:minor-bidi;
mso-fareast-language:JA;}
</style>
<![endif]-->
<br />
<div style="border-bottom: solid #595959 1.0pt; border: none; mso-border-bottom-alt: solid #595959 .5pt; mso-border-bottom-themecolor: text1; mso-border-bottom-themecolor: text1; mso-border-bottom-themetint: 166; mso-border-bottom-themetint: 166; mso-element: para-border-div; padding: 0in 0in 1.0pt 0in;">
<h1>
<span style="mso-bidi-font-family: "Calibri Light"; mso-bidi-theme-font: major-latin; mso-fareast-font-family: "Calibri Light"; mso-fareast-theme-font: major-latin;"><span style="mso-list: Ignore;">1<span style="font: 7.0pt "Times New Roman";"> </span></span></span>Background</h1>
</div>
<br />
Traditional network border defense strategies have focused on a) keeping
intruders out of a network b) protecting internal devices from compromise.
Historically, sites have implemented their security strategy from the border
inward rather than from the endpoint outward.<br />
<br />
895,871,345 records have been breached as of 2/21/2016 according to <a href="http://www.privacyrights.org/">www.privacyrights.org</a>. Data from this
and similar sites suggests the traditional border network defense model has failed
as a data protection strategy.<br />
<br />
Border firewalls are not effective "<b>protection</b>" devices. They are,
however, excellent "<b>detection</b>" devices. Why? Firewalls always have to
let data pass through them. Wireless networks negate the effectiveness of a
"border" firewall<span style="mso-spacerun: yes;"> </span>by forcing
the network border to be at the endpoint. Whitelisting outbound traffic is a
challenge because most sites are now hosted by companies like Akemai which host
thousands of sites. However, firewalls log packet traffic and this information
is valuable in network forensics.<br />
<br />
Continuous monitoring (CM) is an effective strategy to detect and interrupt
data exfiltration.<span style="mso-spacerun: yes;"> </span>Seth Misenar and Eric
Conrad [1] list 4 points that show why Continuous Monitoring (CM) is a better
strategy for detecting, preventing and/or interrupting data exfiltration. The 4
points are:<br />
<div style="margin-left: .5in; mso-list: l1 level1 lfo2; text-indent: -.25in;">
<br /></div>
<div style="margin-left: .5in; mso-list: l1 level1 lfo2; text-indent: -.25in;">
<span style="mso-list: Ignore;">1.<span style="font: 7.0pt "Times New Roman";">
</span></span>Highly portable devices don’t benefit from the
traditional border network defense model.</div>
<div style="margin-left: .5in; mso-list: l1 level1 lfo2; text-indent: -.25in;">
<span style="mso-list: Ignore;">2.<span style="font: 7.0pt "Times New Roman";">
</span></span>Client-side exploitation significantly decreases the
effectiveness of traditional network defense architectures.</div>
<div style="margin-left: .5in; mso-list: l1 level1 lfo2; text-indent: -.25in;">
<span style="mso-list: Ignore;">3.<span style="font: 7.0pt "Times New Roman";">
</span></span>Lateral movement inside your network after a compromise
increases the likelihood of endpoint exploitation.</div>
<div style="margin-left: .5in; mso-list: l1 level1 lfo2; text-indent: -.25in;">
<span style="mso-list: Ignore;">4.<span style="font: 7.0pt "Times New Roman";">
</span></span>Endpoints must be able to defend themselves and aid in
detection.</div>
<br />
Monitoring outbound traffic allows a site to use CM techniques to determine
if a data breach has happened. Unauthorized data transfers are rarely detected
by traditional IDS, IPS or firewalls because intellectual property isn’t just
the standard social security, credit card, driver license, bank/debit account
numbers. <span style="mso-spacerun: yes;"> </span>Intellectual property is harder
to classify because the “sensitive” data elements are not the traditional items
that DLP solutions can find. Netflow monitoring techniques can be used to
detect anomalous traffic patterns. <br />
<br />
<div style="border-bottom: solid #595959 1.0pt; border: none; mso-border-bottom-alt: solid #595959 .5pt; mso-border-bottom-themecolor: text1; mso-border-bottom-themecolor: text1; mso-border-bottom-themetint: 166; mso-border-bottom-themetint: 166; mso-element: para-border-div; padding: 0in 0in 1.0pt 0in;">
<h1>
<span style="mso-bidi-font-family: "Calibri Light"; mso-bidi-theme-font: major-latin; mso-fareast-font-family: "Calibri Light"; mso-fareast-theme-font: major-latin;"><span style="mso-list: Ignore;">2<span style="font: 7.0pt "Times New Roman";"> </span></span></span>Hacker
Attack Strategy</h1>
</div>
When hackers attack a site, they have 3 primary goals:<br />
<ul>
<li><span style="font-family: "symbol"; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";">
</span></span></span>Compromise the endpoint and search for data that
can be stolen.<span style="mso-spacerun: yes;"> </span></li>
</ul>
<ul>
<li><span style="font-family: "symbol"; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";">
</span></span></span>Maintain control of the endpoint so it can be
used to attack internal and external systems.</li>
</ul>
<ul>
<li><span style="font-family: "symbol"; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";">
</span></span></span>Be able to destroy the system to eliminate
evidence of a compromise if discovered.</li>
</ul>
Hackers have adapted to inbound blocks by tricking internal users into
initiating an outbound connection to the malware site. For example, the infostealer
malware class searches the target system for sensitive data such as SSN, CCN,
bank or debit account information, builds a list of files containing these
data, phones “home” to let the hacker know it has data ready for exfiltration. <br />
A compromised machine has to communicate back to the hacker when an attack
is successful. If defenders interrupt the communications/control channel
established, a data exfiltration is prevented or interrupted. This also
prevents the hackers from issuing a “self destruct” command to cover their
tracks.<br />
<div style="border-bottom: solid #595959 1.0pt; border: none; mso-border-bottom-alt: solid #595959 .5pt; mso-border-bottom-themecolor: text1; mso-border-bottom-themecolor: text1; mso-border-bottom-themetint: 166; mso-border-bottom-themetint: 166; mso-element: para-border-div; padding: 0in 0in 1.0pt 0in;">
<h1>
<span style="mso-bidi-font-family: "Calibri Light"; mso-bidi-theme-font: major-latin; mso-fareast-font-family: "Calibri Light"; mso-fareast-theme-font: major-latin;"><span style="mso-list: Ignore;">3<span style="font: 7.0pt "Times New Roman";"> </span></span></span>Continuous
Monitoring Defense </h1>
</div>
Prevention eventually fails but detection and containment are forever. CM
assumes the attackers are inside your network and provides the data to find
them. The defenders' best chance for containing the attack lies in interrupting
hacker goal #2. Here’s how CM can help determine if a data breach of
personally identifiable information (PII) has occurred.<br />
<br />
1. The general security strategy should be "protect (encrypt) sensitive
data regardless of location." Protecting devices is obviously
important, however, if the sensitive data is protected then the probability of
a data breach is reduced.<br />
<br />
2. Monitoring outbound traffic can detect anomalous outbound transmissions. If
a system is compromised, we ask if there was any sensitive data on the
device.<br />
<div style="margin-left: 35.4pt;">
a. No. Use logs (syslog, eventlog, net flow,
sensor, firewall, IDS, DLP) to isolate the compromised host and if any external
communication has happened. Reinstall/reimage compromised host. Go to step 1.</div>
<div style="margin-left: 35.4pt;">
b. Yes. Run PII search tools like IdentityFinder,
Find_SSN to find out how many records were potentially exposed. If the data
files were encrypted, the chances of a data breach are minimal, go to step 2a.
If PII was in the clear, determine how many unique records were in the file. Go
to step 3. </div>
<div style="margin-left: 35.4pt;">
<br /></div>
3. Determine if sensitive data file(s) were exfiltrated from the net. Use
network forensics to determine:<br />
<div style="margin-left: 35.4pt;">
a) when was the earliest communication between
the attacker and the compromised endpoint. This helps us define the window of
exposure.</div>
<div style="margin-left: 35.4pt;">
b) if other internal hosts were accessed from
this compromised host. This helps us define the extent of the attack.</div>
<div style="margin-left: 35.4pt;">
c) the probability of sensitive data breach
occurring by examining netflow data to and from the compromised host.</div>
<div style="margin-left: 35.4pt;">
<br /></div>
Historical network data is used to answer the above questions. That data
comes from various sensors each fulfilling a role in CM. The biggest advantage
defenders have is the ability to monitor their network traffic. A system whose
logs have been wiped can still be monitored by examining network traffic.<br />
<div style="border-bottom: solid #595959 1.0pt; border: none; mso-border-bottom-alt: solid #595959 .5pt; mso-border-bottom-themecolor: text1; mso-border-bottom-themecolor: text1; mso-border-bottom-themetint: 166; mso-border-bottom-themetint: 166; mso-element: para-border-div; padding: 0in 0in 1.0pt 0in;">
<h1>
<span style="mso-bidi-font-family: "Calibri Light"; mso-bidi-theme-font: major-latin; mso-fareast-font-family: "Calibri Light"; mso-fareast-theme-font: major-latin;"><span style="mso-list: Ignore;">4<span style="font: 7.0pt "Times New Roman";"> </span></span></span>A
Continuous Monitoring Example</h1>
</div>
How do we detect a suspicious exfiltration? First, you have to establish a
“traffic” baseline to see what is considered “normal” traffic.<span style="mso-spacerun: yes;"> </span>Baselining provides you with the answer to
“where do my organization’s packets go? For example, the chart shown in Figure
1 shows the countries that send and receive packets from a network in a month.
The blue bar shows packets that enter the network from a country and the red bar
shows packets that leave the network for a particular country.<span style="mso-spacerun: yes;"> </span>Once you profile the inbound/outbound
traffic, you can do a detailed analysis of the traffic. <br />
Packet traffic within the United States is shown at the bottom of the
figure. A possible explanation is the majority of this traffic goes to external
search engines. For example, a search engine query for “Randy Marchany” sends a
relatively short packet stream to a search engine. The results of the search
are usually much greater in size than the original query. Obviously, not all
traffic is web based but having this data allows you to do a detailed analysis
of your network traffic.<br />
<br />
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAnAAAAFfCAIAAABBY2aKAAAgAElEQVR4nOzddXxc953vf23hLt3f3d17u3f3t1gIg5sm7TbJFjZtut027ZaSBmzH7IDj2ImZZMuWLGZmZkbLFhjEzDQaDTMzz3zuH3IcgyKNpSM5Ut7Px/nj2FG+3zmjsV46Z8454/NHAAAA8M5rr732u8/gQwAAALBiCCoAAIC3XC6XTqfTarUWi0Wr1ZrNZr1er9PpdDodggoAAOCt+aBaLBaBQPDee+9VVlY6nU4EFQAA4P64XC6DwaBSqQ4cOHD27NkdO3a0tLQ4HA4EFQAA4D64XC6TycRisdLT04mora2toqICQQUAALg/84d8NRqN2Ww2GAwWi0X3CQQVAADAW/NB1ev1t85FwklJAAAA920+qAtCUAEAALyFoAIAADAAQQUAAGAAggoAAMAABBUAAIABCCoAAAADEFQAAAAGIKgAAAAMQFABAAAYgKACAAAwAEEFAABgAIIKAADAAAQVAACAAQgqAAAAAxBUAAAABiCoAAAADEBQAQAAGICgAgAAMABBBQAAYACCCgAAwAAEFQAAgAEIKgAAAAMQVAAAAAYgqAAAAAxAUAEAABiAoAIAADAAQQUAAGDARgiqy2Zsa+/0EOmU0sK8nPKaeovdOf+fBHNTaWmpA2MzRDTS15GWnsETK4mo+VJNTkGJzmR9kI8bAAA2kHUfVKtBExvid+D4OSIqyEy+3jNcW5xdUH2FiOwmbXhY6PDISGxMbH9/b0xswvDwQEJKZseN1oy80s6rjak5JQ/64QMAwAbhcrkMC9Hr9esjqDaLSciZTEpLcxBZrDYiykqObWofICIJZywuKZOI6quKo8Iiqi5fI6L8rLTQiPChSRGRMSIy1nXPgG63e8FnBADWL71eb7fb7/0BMiuy9E4ZBmYWW/qmDWMck8ezuj/KYANwOp0ymUx+J5lMplAo1kdQiYjsmvikRCcRkbskN7368vX5v1YKp6Pj04iopqwgPiauvKGFiLIzUqNiogcmBETG8MhY9z2Dud3uz9pnB4B1SqvV2my2e394vBM+8y9/7Hpye+8iy0Obu18+NOxw3iyqRiG51NAwweKs0s8zWL/MZnNfX1//nXp7e8fHx9dNUB1GeUR0DBFlxgYfOOrb3tEplinHRgZUSmVKfExNbW1MbCJ7bjY6Kqq2tjotp3hybCg2Mbm0ILe4uvFBP3YAeJA+iGI9vLnn2T39iyxPbu/95bHR+aDKBTNHDx8pKio6efRwU/sgEdks5gVHtlitRGQxf/JfPW7bJ+d2wEZlNpv7+/sH7tTX1zcxMbFugup22mbZc0TU391xpampurqaK5TUV5XM8OUWvaqutlYgVRGRiDtbV39JZ7IR0dhgT1PrDReO4QB8se2PZj2ypee5vf2LLE/t6H3l+M2gSubGPvzw4LX2bj6fr9WbbjTVnD17NiA4jMPjpaalEVFRbmZ3T+/JowfLahov11X4njkdnZA2PT0VHxsdGRnVNTj+oLcYVtFGCOqCtFqtw3nvAd1lOp/N+4Pv+JaAyc3+U7uDRs/Et715YXpLwOTrfhMfRLOsdsYmAoC1dL9B9XhIJuLmZKadOX2mvrHR9/RpJ1FHY7l/YHBweDgRxUcFV1dX+weFu+2Gw4ePE5GIz73oe/TjUxfS48I/PuX/gDcYVtOGDSqz3row+c9/7Hz87Z5Ht/Z+d3f7G8eqH9rS9/jbPd94s+tHHw6ZrPee2wQA68D9BnWoszk4It5gNNUXZ/pdDAoMuDDLF5ZmJyUkp1447ycQCo8c3F9dUxMVk+x2mI8ePsIXiBrra86dPu4XFFVfU1nT2PKgtxhWEYLqlZ3B04+93fPc3v7v7Bn40b6u7Wfqv717cP5f2s+PjJgRVID1aWfQ1N/+puNbb3UvsvzTa50//HBoPqguh7UkL8PX90x4dLzObOexRoMuBiSkZllsjrYrNWHhkUmpmRMT45evtBDRWF+7//nzRRX1Go06JyMlMjpmYGz6QW8xrCIE1SsIKsCGVNwqP5vJDcznL7JcyOHFV4ldbpxzAUtAUL2yI2j60a09z+3tf2b3wI/2de3wrfv27sFn9/Q/iaACAAARIahe2hk8/c03ux7Z2vPMnoHv7e547Ujdtzb3Pbun/5tvdr300bDFhqACAHzRIah3u3XKrtPpJiKlxjbBM9d0qKo61DUdytKr8uLrit+eGg4vEhS3yHOb5a+fm9AZcXkZAMAXHYL6KZvdlV7OC6+Qkoe6+pUHE9geot5RdXyV+OOo6SvDht5hVVq9OKNewpHbGq5L869Ici/LrgzpFNoFbmkGAJ9/boPOpZK71IpFF7lLqyLCe6iwBAT1UyKpKSyXHVcrczlcxY3CExlzpvlDuU5nZDF/RmztGtPKVdYLmZyhaf3FHE7vpK51UDsltGixhwqwPklPbGM//zecl7++yDL3o78TvPWix2EnIrfLwZqa6Ovr4wjEi49sNurlCtVKvgDWHQT1Dkq5KaFKQkREnpgyrs5JRFTdJMq9pjoYN9s2qhsa05xImbvUJj8QNVPdpogs5jeP6g0mBBVgXRJ/+LuZR31mv/s/F1lYT3+Z+6vH54PKGe/asnlLTEzsoYMfFlQsfO9Sp1GVW1jCY0833+ha8AtsBnlBYRmPPXX1RvcqbhusOQT1DhyuLrJMTETkcgYVzOldRB53VCE3vkFedEXSMazhKO3F9cL4SkF0qVCktscVzjWPG53M3ZIJANaS5KPXWE99mf3C/15kmX32z3m/3TQf1PHe5uCoRCLyWNUHDh6SKxX5WWmR0bGTs7zpkd7oqMis/JL+9uaf/devLzc19fQNXqktDw4JDQgKVajUl2vKwsPCsgrKhrpa/uu//rupqbmnf3RmrP+837mI2CSN3pCZEh8aGhKVkGZx4DzHdQlBvYNEaiq5piQicrvym8RmDzkt9tKr8sBi4c6gqd5hVUq1KK9ZxhJbb/QqkquEdT2a8jaVXIP3UAHWpfsN6mR/68WwmPn/NyT4YkR48PsHjmanJxw+5VeQnXryzLnElIy56fGg8Ni+zusZOYURQed7pwRFGbFltS1NDTWNDXXbd+zs6umMjk7q774RFxcfcP68XKNrKM2Ojk86deqkUq0NPHtyaEb0QJ8VWCYE1SuHEtj/+FrnkaS54lZ5Yo3kB/sHjyXPFbXIgwsF/3l42GDGr5MA69L976E2nfILtNlsw13NZy4EF+WkfHzC73JjfWXtpZ6u9tLSkv0f7Kuvqw+JiO3vupGWlZ+UECM3UVN1YXpWzkW/s4WFhZu3vt3V0xkaGjPQ2xYXG+d//rzaaL5ckRsaGR0ZHU1ECWEB/RO8B/3EwHIgqF7ZFjj12Ns9j27teXhz98Obuzft6nt0a8/Dm3v+5Y+dPzs8YsGNHQDWJ/F7v5r+hg9r01cXWWYe9eH8/FvzQZULpj/av8/X9+zJ02dn+HKHRZ+SGBcWEdHeOzzQfSMsLDwhOVUgFCXFRReXlF270VFfU6kyufo7Wluu3khPik3PzA4MCuYIhMnxMaVlpdc7+ieHevzOnQ2NipPK5YVFhURUU1Ywy5c/6CcGlgNB9cqtWw/ee9ds3CkJYP1SRp0UvPWiaPd/LrIIt/1YenSzx+m49X+5XHf8k/d8ekHNEpfW4MqbjQ1B9QqCCgAAi0NQvYKgAgDA4hBUryCoAACwOATVKwgqAAAsDkH1CoIKAACLQ1C9gqACAMDiEFSvIKgAALA4BNUrCCoAACwOQfUKggoAAItDUL2CoAIAwOIQVK8gqAAAsDgE1SsIKgAALA5B9QqCCgAAi0NQvYKgAgDA4jZaUF0O+11/Y7PZPl23f/pfnS6398MiqAAAsLgNFdSJwa6I8PD0rDyVzjT/Nzea6sNCQ8tqLrtczqqSvNCw8Os9I3arKSMlISIyZnJO4OXICCoAACxuIwXVFeR/TmOnkY7GnJI6IjKoRMGhEXaHIzMlsbqqKjW70G63JiYmlRQX1Ld2a8WzkXEpXg69eFAttvvY2QUAgA1pIwXVU12SW1Rek54QEZtaQEQi9nBCcjYRNdSUhgeFVDddJ6KC7PSg8JDhSRG5dVGRsffuWrpcLplMJpVKZZ9QyGVb/Ucf39Z7b1Cf3tn3s0NDXL5EIZcBwOeWRCIxm81r/TMJvmA2UlBpZmKko6unND+jqOoyEenk3LDIOCIqzE7Pz83LLakmopTkpMzMtOu9k2SShUfFexYax3WPHUFTi+yhGkz2e/8XAPhc8XgW/OcOwJgNFdQbTXUpaekpKalSla6xrlwgUdSVF0ZHR2fkFhuNhsyUhOjo6OrGaxqlLCY6MjIyqqN/zMuRccgXAAAWt6GCSkRSsdBksRNR+7VmvlRDRAI+3+UhInI77QKBaP7LzAatRKb0fliclAQAAIvbaEG9xeVmcq8RQQUAgMVt2KAyC0EFAIDFIaheQVABAGBxDyCoDvvdNzP6/ENQAQBgcWsd1I7W+h07diamZ81yRasx/ipBUAEAYHFrHFRXUMD5uISk3Jys4NAI+/q5KgxBBQCAxa31Hmp7S+0ffve7s37n/YPCEVQAANgw1i6oBrUkOSG+9XpbbmZqXFKaxmhldvxVhaACAMDi1i6oDqvxUk3F+7u37ztw6OSxI0lZxcyOv6oQVAAAWNxaH/INDTivspFBNnvo6GkHDvkCAMBGsdZBbW2oDAgKy8pIPhsQhqACAMCGsdZBdVqNuenJ8UlpUqVuNcZfJQgqAAAsbo2D6k6NCd2z951dO7afDYxahfFXC4IKAACLW+ugRoUFBYWG1zfUR0ZErqMPPUNQAQBgcWsX1PkP91VJBRVlJaeOfRwSk+LEe6gAALBRrF1Q1RL2Ozu3J6Zl3bhxo6GhQSxXMzv+qkJQAQBgcWsXVJfT3lhTunvHtv0fHYqLi88rqnBjDxUAADaKB/BpM00NNdm5+ZMzHA+CCgAAG8Wa3imptelybW1tfV1twNmT/mFx2EMFAIANY+2CqlPw3vjtK7/6ze8PHztZXF4lkMiZHX9VIagAALC4tT7kq5RJOtquZ6QmZeaVurCHCgAAG8UDeA91PUJQAQBgcWseVLfLYDSvysirCUEFAIDFrXFQPRkJ0TWXmi/6Hssrb1yF8VcLggoAAItb46C6Lp477XvWLyMj48KFAPN6u/Xgs3v6H97S89DWvoe29j20ufuhLb3/9EbPC/uHTRYEFQDgi26tD/nOjg9k5ZeM9LUFhcetn57SzuDpR7b0/Nu7Awk10pyq2azymaxL0pwrsvTS6eJ6jsNF5HG59Vq3Zf5otttjsz/gRwwAAGtrrYPKGh8qKS2rrq6a5YlXY/xVsjN4+utvdP3an+/qqXbFHHLnhxM5qSHRkXjOXZVOLrsq7oQy2k/XUOVU8JRxvorIM6ahoQf9qAEAYO2s9SFf/zMnyusu52dnZBeUra8bO/zDq537M2TW5GPq1GjLxLjN5Zae2KqvLrZL5R6tQPTxW4bmapfRau2rU6TGma6XKtISHvSjBgCAtbPWe6gxwX7JOWVGi201Bl89O4On//73nfH1cmdroaK2XBr0saHtmq4iXV5bJg34yDI+qC1O1l8qkEeet072S8/slpzapb28ns66AgCAFVrroLKnRuKiI4ODgjLzy1bjPVSjXmswWW7/G4X8k1syeVxyhXJ+1W41q7V674fdGTz993/oquuQ0nR/t5YE5Rm6lHAbZ7bTQLLYE7qqUrtUTkSKyBPSwIPGvlEis8T3g/WzBw4AACu11kGdGe0LuHA+IDBkiiNkfHDWWH9yUnJsTMz4LJ+IiDz1lcWRkZE5hRUWizkvMzUyMrKhpcOgVSXExURERPWOTHs58s7g6X94tetMnpgaYswJ56wpF+yCWVv6WUuSn60wycGbkQceVESe1taU29kjyvATyujTusY6xjcQAAA+t9b6PdSTRz6ekxsn+q6e9gti+gPGPSlxUc1tPTeuts7xJUSkk/NCw2OIKD8ztaiwMKuwgoiSk5JysjNbOkedenF4dIKXD2H+LN9Nu/qjquUDN8Ya22VvhcxlNUr6r45e6tVZichpdYkF819s18icMimz2wYAAJ9za72HmpEQkVFYNTM5cOT4aRvDx3zdF04dKyivSU9OaO8bIyIReyQhOZuIGmpKwwNDqpuuE1FBdnpQeOjwpIjcuqjI2HsvIHW5XLLbyOUypUK21X/siW2939nT98iWnqf3Dj+2vf+xrT2Pvt336M6hF/cNcPgSpUol12jkcrlcLu/s6ZXIFXK5XAYAnw9SqdRsXn/3aIP1ZQ0/bUYtn5qZFfPZMRFhAUGhM8xfNuOOCAqQm4k9dC0xo9jj8egVgpCwaA9RdlpyeVlZRl6Jx+NKTEwszM+93DZgVnAjYpLuHcXj8TjusSNo6tadkp7d0//snpt3Snpye+9/Hh7WGay3f3F/f7/ZbL53EAB4UOx2u9u9ji59h3Vp7YJq1KmlcsWN5vqIiMio6OjLrW2Mn7MzOzEUHR0VE5sgkqlqKwq5IsX1y7WhoaGF5XV2u604NyM0LKy5rd9i1CUlxIRHRI1Mc7wcefFbD1ru3NceHh52Op1MbxwAAHyurV1Q3S57U0PFqdNnx1gcHme2/tJlpt9DJSKyW812p5uIBnq7JEo9ERkMhlv/1WAwzq94XE7z/Vy6c1/38h0eHnY4HAxsDAAArB9r+B6qxz3Y037k0McXQ0LDQ4MCQqM3yOehHh623HkkaWiahXv7AgB80az1SUmdLZfa+oZ72q/O8mWrMf4qWSSo/3ViQs/l2oY7raO988tYdZFxaP6PPdaRbrfZ+KAfPgAArLq1vmzm2McHpGYSTPed9Q91bIg91F9eFPMCj8494jP73F/OL+zv/X8315/9c9bTX7GO9T7ohw8AAKturfdQa4qzA8Nja6pKjp0+b98YQQ0Q8YNPcJ7wYT//13cv3/9fs9/5c+t4/4N++AAAsOrWOqhEVF6QnZSWpdKvp2vClghqyEnOUz7sF/733cvzfz373F8iqAAAXwRrHFRPfXne7r3vJqZlDI5NrcL4qwVBBQCAxa31e6ghFy/EJ6VWV1X6+wfYNswhXwQVAOALb60P+Q50tb7x2qsHPvo4Ii5lNa5DXSUIKgAALG6tg6pTSXMyUtOy8vSW9XTrAwQVAAAWt8ZBdV/0PR6XkpEQG5WaXbSObqyJoAIAwOLW+qSkmFD/1p6xm39YhQlWCYIKAACLW+tDvh2tl3x9fQMDLxaU1SKoAACwYax1UNmTIwUFBdVVVW2dfZ71U1QEFQAAFrfW76H6+56sutRckJuZV1zpRlABAGCjWOs91NjgcwmZJQaTdTUGXz0IKgAALG6tgzo3NRofExUUGJieV4KzfAEAYMNY66DOjPZd9L8QEBgyxRGuxvirBEEFAIDFrfWtB08e+XhObpzobT3tF4g7JQEAwIax1nuomQkRybnlrMmBI8dO416+AACwYaxpUN1Om1goyE1PuhAQND7LY3z81YOgAgDA4tYuqC67OcD3+KW2QSJKTUqSa03Mjr+qEFQAAFjc2gWVPdrhHxI7vz7S2eIXGOHCIV8AANgo1i6oagn7o4+OGGzzF8vYjh49bl4/180gqAAAsLg1fQ/1SlXB3nf3RUZFHT7wQWJ2KePjrx4EFQAAFrfWZ/lKBHM11VUdPYOrMfjqQVABAGBxax3UdQpBBQCAxSGoXkFQAQBgcQiqVxBUAABYHILqFQQVAAAWt6GC6nbaOm5cnWBxbv2Nxahtbm6SqXREpJDwm1uummxOImJNjLR19no/MoIKAACL21BBrSsvLK2sS0mI6RtnE5HbYU1JiCkrK4+NT+bzubHR0WVlJZn55bNTY7EJiQXZGeX1LV6OvJKg2iYGVnOjAQDgc2FDBVWn04v57HO+Z6Z5UiKSC6ai4lKIqLokLzEuvrSuiYiy01Ni4mL6xvlEhvCI2HvvLeHxeGx3sttt2wMnPyuov/AXcgKPLRJU/WCnzeGYH8pqtTqdjk+mcrtczvk1p8NOdOux3H4HqbsfDAAsg9Vqdblcq/STB2DehgoqESmlgrTE2PrmDiKScsfikrKIqL6qJDI0vPrKdSLKz0oPiQgbnhIRGSIjY+/9F+ZyuRQKhVwuVygUCoVCqVCoVYqt/mOPb+u9N6hP7+z7Tz/ezPmPuU//yWcFVdrepNDp50eTyWQ6rb7mmiy+UjQjNhr1hvxL4twWudZgkMt0SRXC+j6Ny+XMuyRJrJGElwh5Srtapbz1YO6LSqlQKhQKhUKtUmrU86sKjVqpVilvfc3t6wAbmEwmM5vNa/3zCL5gNlRQq0oLxlj8pqqCvLIGmVSkV8siwsKnpqfjYmK7ujpj4pKmpybik9Ovt1zJLqoc6GhNyizwcuRdITOLHPIVhJ5aZA/VPnnHXSz6h9UJtVIWRx9WLKxslZV1qiubJHW9mqxqYceUIbGE1z5t4kutnYOqfVEsnWVFt2e8eZtHm0dpuDmO1uAy2G77gvVzO2UAgM+5DRVUIYeVmZ5aUlHrcLlL8zOmeTI+azwhIaFrYJyIettaEhKTZ/lSIqqvKknLylPpvf3EGwZPSrLZ3UTUM6hMbRAnVQjEBlIrjCHZvIhSARF19iiyWhVElFrG62Yv/xdqgch4OG5WanJLpKawAl5UMb9zxjTJ0oUX8cOL+GNCKxF19SnO5C7/Q/S0Glt9t4qIJDJzfJmgvF3l9lDvsDqkSJB2SW62e4ioa0jdO4vdAgD4QthQQb2dUMA3mG1Lf513mD3Lt3tQGVEqJKK4Iq7ISCqpITyfF1kiIKK2Lnlhu9putp/P4i770Xo87rrrkv1RM1KTZ3xKHVsludIuK2lTt3bKS9qUOdWClgmjyWg/lzATUCxY3hRare1M3NSBpDkiisnntE8ZYgs4Q1xTXD4n76qSLbURkVptef3EcGmnftkb0jeqGeBY7FZHQoUwrlIUWCA0mF2FjeKwYmHDoM5pd8aVCcJLhD0sNBsAHrwNG1RmMRjU/mHVr0+MVnWpB+ZMLZ3yuCpxQgm/Y9pQeUWcc0UWksuZUzr6BxUJ9bIVPuasGgFH7Z7j6n3T5wKy5hoHdb3DKr8sjl8Gp3tKn1YpaOlVRZcJHM7lHPa1Wl1CvjG2TEBEjdckRxJmjyWzJVpHZB43pUYcWsQXKW0VV2XFTbKmQcPyHv/4jOb1U8NF7VqP2yPT2JvaZX75Ao3KciSedW1EZ7S7h0ZUJ1I5nZMG+zr6IEAA2LgQVK8wGFSu0NTQra7pULZPGoioc0jdNmEgIrfT1dilHONbiEihsku0zhU+5vhinsTgzqvmNU+YyeUIyORcyOTIbMRn606mzSZVChPL+K/7jc9K7Msb36K1RpYIyOMJzJ7TWV2Xr0uzm+UKnYOIyhqFxxNY53O4ITmcU1l8y7KabTA7WrpkZe0aIiLyBGXNyc1uqdjon81NrxYWXFP2DKuDC/mxxbyaHs3yNgEAgEEIqlfW+MYOOp3aoFOv8DEXX5YIdW6ZzBxewA3O5/XOmmbm9MH5vJAC3pTYRkRWgz3ninTZ4+uVluB8HhEllfJKritiinjNg5rYIl5xi+xiDndaZBXILFmVgvha2bJ3INt65cVtGiKaYWlDS4REpFTbrC4iotPJrBGBhYjIYjueMrfsrQAAYAqC6pU1DiqXy+VyuSt/2B4PEZHH7THf/Fx3stvdDjcRkdPptFqtKxnc6XDzpFYicjldrf3qUZ6ZiPQ6e2O3SqS+ea2twehUGZZ/8V9rp6zgmpqIyhuFpV0aIpqc0Z7L4uZdlmRckV3tUYSVCFMr+EU3VCvZkI3NYzdpcqIcips7+uq0QIfa7JgbVkScUGXHO3UGIjK1lOqvtz7YxwmwASCoXlnjoPL5fD6fvxobcotCoZiamlrVKYRCodXi7XnUC9Lq7XKdk4hkSqvGfDPMc3xT65B2/ijyKMvYNbXM92hv0RicROSwuXom9Hqrm4j0BnvXhH7+RGWN1tY7bVjR1UsPkMelK4nlb3nZLpITkbmtgvPai3aZztRWY2WxNGnnDd19DvawYMdPlEX5D/qxAqx7CKpXNmRQp6enV3WKsbExlWoV9x3dbrdEvPzLfojIYLQHpLCiquXk8cQVcfOuyCLLhByx+ULGXGaDJKJcxBGZY0sFOQ3i7CY5Uw97TXncbptNmxFqFykcc4Oa8nx1Yax1lk9Etskbgj2vWFhsj91m6WlQlXp7TTYAfBYE1StrHFSBgC8QrPugTk5OqtUrfSd4ES6Xq7+/3+NZ/im+QokpsZSbeklBHo9YaRuf0fpmcnhSC0tiJaLAHG7eJXF0hehSp3KAvaJd7Vsct72fvGZ31dAkXXDI1dosf3nkOdG+X6qK8u0CNhHZ+utkkYFEZOmuURXnrdGjAdi4EFSvrHFQhQL+1CzX4qDlXdPiDZlMPjW7uufyrFFQVzaIQKBLqr15hVLHoOp0KlukdxNRZO7c9QlDVaMwoEjYOaIOKxEu71thsznjSvkTYpvb6c6qEV7I5g5yLVqdLbaEH5LPG5cTua1GkfTSgNGmkRtb61wmKxHZJroNl8os4yNEZJvsMfd1LTnR/KNzuT79/WL+FiJEZEzzt7AFRA63RqmIOmKZ4RjqMxSxAcqok4b2diKydCGoAAxAUL2y2kGVqu3bg6bevji1PWhqs//EztCZ1iHl1Iwytl7988NDCTUyok9OMWKIw+VUzwybmqvddqdHJzVdLja1Vpv7O27+Vz7LbXMsPsKSpqcmtZrVDeqcSOw2L/weqtvs1T7lxLQ6rlrqdrryr0itDnd0PufaqCE0i51/XelweVo7ZKmXFUajzTedY1/W+6jNHfItfmMTUtvomCqpUW422cNLBK098uQGGYtnmhqekX/4S015pc1qlYcf0+TGKeKCXVqlzO9dfWWeZXzEOnRVHnlWleCna7r8WVPw+IbQQoHTQ0KRMTiXE1Yi0FndY5Ma/yxOcp3EbNKXVRMAACAASURBVHcreOI5nj67WekkculUHqeLiGyTfTbuzQ869FiMLr1uyW2ZZBuujeiIaE5grOtSNw9oJ/gWIiK3hyNd0Qlut1htn+7Cmyyfns5msuK+9rAOIKheWe2gcqTWx97ueXhL96Nbe/71rb6yxllXpp8x9pT6xo1f+PFzGnnG0AN2mZY8LmN9hio3Yxmb4HJ5rg1rG3vVl/s0lweNWh5bHfiRqChTlR5lFXKUFTmq0H3i0x8RkZ3VzX3jh06tZRmz3G5melKrXcWgEpH5Wrks8LAqI8ZlMBORsSFdlZNJ5NbkhMkufqS/tvSZqyKxsbFPSx5qbJMH5/FqezQCkfFQ/Gx8pSihTmK3u8paZCHV2lHFMh+h20PVl8WjImtzm6x2QEtEkUW83kntwajpvFYVicdUCb7qS5dt/GFFQjgRqZMv6C+ViI9s1eTEWOfYmpxg0wSHLGJZqO+C41ssjsTiuQ9i2ESUUMwdl9i7+hTZl6XRRTyT3V1QJ2wa1CRVS2dFlnNpc2rLAr+TabVankC45IYMjKov5PGKmyQlN5SzPGN1h+qDkMnMVhURVV4SvBPHXuYTdJveEfWFLE58tVhnctZdlQTn87KvyMw2V9kV8fksTnU3rjaGzzsE1SurHVSezPrc3v5ndvdt2tn3kzM8ZUWyODNrxkCm0I8EOtLUpPJ3vmJXmZ2iKcmxN+TxEcvYBJPF9fz7A//6etdDm7u/tXN8sKJSEx0waSPTxT0t9bOlo05r2lm7XOMxq9XZkbKwk07dfd/Pr3fK8JtTY2+cn5hfXj0z+Mdzo/PrrxwfbehmIK4ez6cLuYzSk7uIyFidpL3S4tZJRft/pczPd7D75AmRHqdN5n/AZV7pfjaRx9FR4x7pISKPRWdoKLaMjRKRfXZQX5FtvNa45IGDwlrBkMDa06/Iv6Ei8kSV8CMKuX1cG7mdVSMe20C9urbexu5WpMYTkSrFz9DZ6RDyXGqRPOSILOq0hSUiq1QWenrBwd0eD3lcsSUCF1FkAVdlJaFQF5TJja4QEtHVDnl5hzKzkn8scdY/j292LPBYFQrFxMTEks9Cfo2gql9H5Po4fpaI7CZbSCHfTcQXGGOKOQn14iVHWILHfSqRZSHq7pFnXpZ1jWnlKuvFHG7niCa8VOh2ey5kzEmN2E+FzzUE1StrFtRndvd9/8DkdHuXJvKUuCJffHSH9XKJob5YnRtpmeWTx+MQjCrSYpaxCWar6+VDw0/v6H12T//j2/tbBpT28hhdVqTq+JbBbtnkpRp9ejQRqaIOqwvS5QHvm4aG73eKpn7NP7/W+di23se39T6+rffJ7X1PfLL+//++I/vySm+mSESRZcKfHxn5g+/4z4+MxtfLbIWh2tIs+cX3lRkJ2uIUQ2ulprLE2lGnriglImX4cZt8pbs1+tI4dUGGOtnP0HFDneKnrS1WhB82jw6pYk9oSnItQ71LHogvvyTq5ZitZkd4Pjc4j3tlWD/N1gXn8yIKuJVDNldnkTivSCkRK4IO29iT8rCTxs4WbXWxQzgjjzirLUvRlBebr5cp0xM+cwKXMzSf5yGKKeAIDJ6JCXVSlSiqmE9Eda3ShEp+eKmIiGLzOZ2zCxx1UCqV3lxApVZb40r56VWCQ4lsIsqvETSOGjxO5/G4map2+cl0tlK/wnt7eUouibKaZBE57OhaORFVt0iOpXObO+QZLXIiCs/hTKz0CimA1YWgemXNgvrtXX0vfDjKYwns12tsg9cUEacduYHm9EDBzpdURQVEZGd1yZOWs4d6e1Cf2jU0PDznrMmwjvcZok+K9B5Z7Eljdx8Rmdoa9HWFgp0v665eu98pWge1j27tefaeZ+m5vf3feqs7v5mBK08OJ83946udT2zr/YdXO0NKJZ6x6+a+NnVGsDE92JF8Wh3xkfDgDmNTqTInjYhk/gecxmXeWPEWU2uJPPKsPPhj09CQQywgIlXCKX1ro9R3pzItXFdf6VnqbF2rzWV3eojIanVyZTc/sEGlsQmUdiJysPpM/f02N1m7LynCTpmHRzwOq7YoVhlzzjrHIY/TUBitTAl36oyfOYHTGVcmdHlofEobkMMJzOOJtY4bPYqLudzIMqFMY0+vFESXCqLKhNqFPg3Qy6DOsHWVHaquIVVslYQ8Ht+UWZWNXA7npU5F8RXxlosTPMVKP4tidFrfPq7PqRHktchHZo1ElFcrDCvgpjRIiah7TKdov6yrLXE7XB6jSl+RqitJcyi1HptRV5llHh5caniAVYegemXNgvqdPf1P7x3p756k3Av27EDr9SvFnYa2CYMhJ9gyJyQi+1y/Kid5GZtwK6jP7e1/ZGvvhXwhdZY5swI5nWOFPQZ3e6VD9elpKebOK3T/+xtrENSTaZyHNnc/t7f/ka09hzLEdC3bmhXiKYwYn9JlNmuUfa3awkyP06pKOCsPPqyrq1r5jNqCKG19pa4oRttQR0TavDB1QY7HYbOLeOR2yS9+YBpd0dVHVqdLrFjsmVGZlz7fx2Jzz6dSqbFpTDePi4rkVsv8MV63e05s/qwbQCq1uinW7NJTWBwFjeKkWrHC6HI7XfVdqk/j7HG1TSz/M4Vuae6QR5UJYyuEMo09p0YQXsSPKBXKtfa0Cn5Gs9baVavPjtNXp+tbW8zXy2Qhp0xtV9wmkyrF39BSp0r0t0vW57XCsIEgqF5Zs6A+t7f/ye09v/adaekUdt9gnc6T/tWv2g8nc8lpu3ndotvptlnd7vs+5fT2oD67t//J7X3vJogDytX/dXrmB/sG0prvOMnTTaRQKe93irUM6rN7+p/e2RdZKeu/MVF1Q/nvB8e+/lavQGoih52IyO1wSARuopVcpTpPFXHEODhiaspR5WVoMi9Izh+x8+ecohlVaphtZkzmv9/KW9Hbhzqdbnh4saPrfX19LteK3jsUCgUqxR3H291mo9tkmF8UAt708OAnf9S7Lcv5LDy3w6Jh4hIpmcpm/eT6JKHc6px/mXs8Mq1TneKriA/R5MTYRCJtlr/04nFVRrSNNSTx3asrT9dWFLhtKz0aAbBCCKpX1jKo332n/6ntvY9tH3hy99CjW3u+9Vb32Uzu7V+sMxhmZmbudxNuD+r8Mj/40zt6v/Fm9xt+d5yWYrFYBgYG7neKBYP6zO6+Z/f0f+ut7jxGg/rc3v5n9/Q9srX3qT3Dj7zd98S2nu+/OyBS3nEK0uTUlMm04hsy6HjukghPfS6RlUpDDFlhqoQLdrHE0ntZGedvHbnvd5rvotfrx8bGFvmCoaGhFQZ1bm5OIPj0g289dqtw+39wfvZ17iuPcV95jPPLR9m/fHR+fe4n/yz56LVlTCESiaZ5AhdnzDbLmv8by2CH2+X22Iz66kxdTbHbttJPT1KEvK+91GibuCGP9nfKxURk6ayUnH1XcuY9p0quSjhp7O5d4RQAK4SgemUtg/pJLfqf3XNz3+6uoKrV6vHx8fvdhHuDentZd4XccdzSarWOjIzc7xT3BvWpHX3ffX/4ub39f/e7jpxrS1/puKTbg3rriZp/6v7t3QHRnW/jjYyMGI2f/dbjZ+ibNkSUCBOqxQnV4sRq8cW86cQmfXKLMbFWFnvZKLnz+KvaZF5hs9cgqBwORyj89MIYj83CfeVR1lNfnn3uL+cX9ndvrsw87iN4+0fLmEKtM0iFbOnOH2tr6sjj1KT78ba94vGQrjhKXVqgL4tT5aSvZBOIyHwpW12YbbpersqK05WnGtqva3NDNRX5qgQ/83CvMvKoaeS+/1EAMAtB9craB/X2g6V3BVWj0XhzncNd1j6o//p694E0iUCg9svkvR/HEw0MOaRSIrKzhq2jPTbWuOv+a3dvUG/tB98b1NHR0WUENaZc9Ne/av/WW93zy8NbeudXvvFm99//vrNj/I43CycmJmSyFZ29bLMYpqfWOqi83z49++xf3PuKZX37fwh3vbysSVz62lx1aqiprY08TtvsiCL6nNNsd2lURKQvi1aXrPRewWaTQVuTpc5LclkdLpVIkxWmq6sgIqd0Tp0eZu68scLxAVYOQfUKguqNW0F9dk//kzv6gotFxoZ0S8C+K9NOWX2hKT1YGXPGNDJiqE3XZIXxN//QPMm63ynWIKgptZJvvrnAFM/u6X98W2/PnR9uMz09rVDc900flDqHWGWXqO0StX2Wr77RPTa/LlbZ5Zq7z5UdnOWs8H1gkYCrkIk+/bPTymU6qJYbZVLf/epEX3nYebfDQ0SKKF+H0U5Ehvos5bIu9LrL+MTkIp8EqLM7NFrtymcBWAkE1Sufq6BqLdaJ+78N7xJBDb7jwgk70fDcfX+Qy+1BfXzHIJ8joctJqqDjV2c94qIkbXGWOumcobObiOwTbcqMz76w8rMtFtR3+sWaO37ijkyzTM77PntrDYK6LXDqmV39L+wbfGHf4Iv7Bl7cNzC//uye/tcCuZpLpaqAfcqwI/PL1KnditDDyrAjytDDytBDLuXSnwnvcHoECpvwk6V7iN0/xptf58ttGpVB8PtNDO+hGkSe0Ru66CPKqEAiInLJAg+73GQoi+Tv/q2594ZDLFpihKWwpsdtls88l5ipjxAGWAkE1SsPNKg9ZzO5bgnXzpmyc2fs3BnlaP9Ua+P8up0z5RBzvdmExYL6du/uSK65PFlx7h1F4EFF4EFpwP7p4zvm1+X+HygjT7jNS+/q3R7UZ3b3ncsR9bK19rSAPq5LWp6uivdXhB8zdHUTkTzwQ5v4vs8ipsWD+v6wYE7m4EzefGa4M+PNDdrJ4Zt/nJt0m7y6L8AaBPV1v4mHN/d8e1ff/PLM7v75lUe39vx3sER4eg/rH31mHr+5zD395ZknfGYe95l51GfmUR/7zOiS408LzM/u7f/euwPff2/g++8NPP/ewPPv3Vx/dMdgaA5Lt+U7Kwyq2eoOKRT4ZfP8c3j+ufyT6XMXKxUOKd8pEgUXi5r6lNbhbg+R6XqFrjBRlxNpG73vs7eMFhdbbOFIrPNLS/vYGEsxv84WWwzmO355WoNPPARYEoLqlQcY1Ie29vumsfW7Xpx99s/ZL/4f9ov/h/3i19j//rfz66zv/Jlgyw+82YTFg7onTqTe94vpf/aZecJn5gkf1hOf/Bx/wmf6IZ/Z5//apV76HN3b30P97jv9f/f77vTyCVeir9ZBmsD3bQqzbaBenhTr1vCkgSe8ecz3WiSozx/jTiTF87/z5U+epf9z61liv/i/WZu+Ymyq8GaKxYL6dk/vnTcbmhZKlJb7vqHBWxcmH397gW/Ek9t7fxciFgccnFvw5fT9v2Z//6/s7KWP9k/yzE9u7920s++ZXX3P7Op7Znf/M7v759f/dXN/YObMyoOq1js37er7l9e7Pnmzuefxt3tfv8h+K4j9j3/ofD/yjoP5TiLR/f/aUd+lemRrz3ff6Z9fvvfuwK31h7d0V7bd8QsZggqfBwiqVx58ULf/2+ymr7L/7a9uLt+/uTLz9FcEbz7vzSYsEdRYoeboH2ef/vK9WzH73f/J+c9vuDRL71DedVLSN97qLW/mUHth04iF29VpjD+liPN3KNSO2T5dQ7U3j/leSwQ1MY7/tM+9zxL73/4X6wkf45Vyb6ZYJKhPvDPWVtul890mO71LdmaX/Mzu2Y/f5B97W35mt+zMLsmh103Xar2ZYrWDOsU3b9rV9509d4//3N7+b709EJzFQFA1BucPPxzatOuO89Ln7zT58OaefVF3BNVoNA4NDXkz7O3qOlXffKt7/n6cz+ye/7Xg5vo33uyquHFXUAV8vuCzhgJYGwiqVx58UHe+MPudP1vgJ+AzfyrY/O/ebMLaB/XJ7b0fRM9mNKneDph8+SRriHPHHQPsdrvNdt/7dkvvoT7zpQW+ES/8DevpL698D/XJD2auppWKn/SZecJn5sk/mXnyT9hPf3n2qS/Nr0/+g486yd+bKTZkUG8tj2zp2R99R1BNJtPo6NJHqu9S36V6eMsC/+ie29v/0Oauyo477iPBV6r5ytX9aCOAJSGoXkFQlxHU777T/8S23m++1f3k9t5/fLUz49Idl5cIhUI2+74/8+sBB3Xf9LWsKukLf8F+/m/unWXmcR9NZpg3UyCo3lgkqI/sGCqtGDX4bpEeel16+E3pkTc5+3/P2f976ZE3pYffFL3/K11R4v1OB7ByCKpXENRlBPWOn+P33HpQJBLNzd33ucoI6roMqtkyuujNKxa0WFD3jBXndiie/x+sJ3xYT32J9dSX2Ju+wt70lfn1yX/ykZ3afr/TAawcguoVBBVBRVBvd19BNTtco9P3fc3xYkHdPVqc36X82f9lf/+vFvhGPOEjv/D+/U4HsHIIqlcQVAQVQb3dYkHd2vthAtcYfUT49o9F7/xC9M4vBHt+ztr2kvidX4je+YVw508kR9/yWBf4ZNa7IKiw7iCoXkFQVxrUN7vyW+8YQawzzsnv+1JUBHUdBPXtvg8T+Zp3Xpr5pg9r01dZm746u+mr7Gf+dH595jGfuZ/+szfXBCOosO58EYPqcTnqq0rTMnNVOm9va46grjCoD23py6vjOq5VGS6XGq+UGa+UCUrS5wqS59cN9QXW4S5vtgJBXS9B1R54ZXbTVxd4OT33F9xfP+7NfUIQVFh3vohB7Wytzy6qGuq6mpTp7Q27d4Tyv7l1eNOe8buWR7eP/jxQowg7JX3UR/y9v7x7+e6fiTZ9mdhLfwiG3ECb9ow/uWvs3in+Zcv42Syxa8f3RE8tMIXwSR/lW9/3citeOjz92PbRe6f4xtbR3Qlq27FXRY8tMIXo21+R/vQfybb0x2R2TDq+sWX46XvG37Rn/F93sPKLxiw/+FPBQz7Cx3yEj/mIn/ARP3lznff3PtqPvfrUsFNZ0n95a+je8Z/cNfbd47K5tCTFkwt9I773F8LHfDzXvbpINOOy7p9eX2CKp3ePP7KP35VXr//el8Tf/Yt7ZxE85GPLjfRmijcCuA9tXeAb8ci20d+EabWBByULvpye+zPxc39K4qWPk/MU9PjOsad2L/CN+OetE6F5Aufmp0RPf2mBl9MTPuqdL3mzCTY3vfDh1OM7F3jFfn3r2IcpCseB/xI9vtDLadOXZL98iGjp+xM3DVr+dfMC/+g27Rn/+i5WRcmg+Sd/JX7uTxf4RjzsYwxAUOEB+CIGtSQ3pXeUT2SIjIy9927bRqOxpqamurq65jabD6a/+Gb8S1sT7lp++Fb8rz/My/no3awfPpT58qa7l58+nfHSExUpCTVLyc6veGlrwo+33D3+S1sTnn8j4f1TmaWbX8748eP3TpHx48dyXv/ZkuPX1NSUlVf9cnfSD99aYCtefDN+y9Hc4r2vZvzwkQWmeOnJrFf+raq4cMkpIhKLX3wj/j/uGf+lrQkvvJXsey6h6NfPZfzkycyfbrpryfjBQ/nvvunNVrx7Kuv51+PuHf/HWxJ+ujc79cSxnB8/vMA34uVNGT98pDQswJspTgblff+PC0zxH1sTfrA9PfLMxfyXn8j86QJTpP/7Q8VnPvZmij/uT/v3hV5OP3gr/ncf5eV9uOuzXk6ZP326MjN1yfHTsst/tDlhwW/E828mHjyTXvL6jzP+44kFnqUfPZq7+ZfebEJxadV/7kz60eaFvtdvJuw4nlOy878zfvToQi+nJ7J/8+/VZaVLThEcW/TC6ws8Sy9tTXhhS8r5c7GFrzyT+dOnF/hG/OChgv3b7hqtrKxsGZdpAdyXL2JQy/PTuka4RIbwyNh7b51ut9unp6enpqambyPmz8rFbJno7kUuZksELBZfOCtXzcqUCy2qmVn29FJYrBmZiC2/Z3yZiK0QswW82RmxbFa20BRyFUssW3L86enpmZlpqZD9WVsh4rNmhJLP3AqpYnqGteQUc+yZBcefn4LHZc9IFAuPL1exhGJvtkLIm1UsuAkitkw4O8vjsT5rE+SqmTmON1PwOKwFp5CJ2HLR7ByPw1rwGzE/BY/vzRRiwWe/nPgslmCRl5NyenZ2yfFnWTNy8We+nPiLv5xEUm82YWZmev4BL/xy4rFmRJ/1clLNSuTTMzNLTsFhsz7z5SRic7lslnThp2hWrmIJRHeNNjExoVbjzg+wur6IQZ0dH4iKTcjLSq9oaHnQjwUAADaIL2JQiWh2cqStq+9BPwoAANg4vqBBBQAAYBaCCgAAwAAEdZn0SklaUkJoWPjVrkGP0xQfF292EpG7pqbaYHWufHyDShQeHBgfnxAaEtozMqOUcBuaWonIZlBXVtbcey7V8uSkJ43PiYmorbV5apbTUF9jsjE1Nmmk/LCgi+fOnbvgH5CamlLX2EJE7U01eWX1RNTSWDfDkzIxj+dKXUVYaGhadr7eZCWiif4byZmFTIx800Bn85nTZwIvBqTnlkyMDgUFXkyIjw+LiJzlSRichYgGu6+PjM9eri72PXc+wN+/5vI1pkY2amXBF8/7+wdEJ6Qarfbe65cDLgbHxcbEJKQovb4ae3ETQz1XuwaIqKa0oHtwtKGyMDQ8MjoqMjOvxOZk5kU12NVy5vSZixcvZuaXEVF/e/OZM77BwUGhkTEq/dK3XgJYbQjqcrjtZt/jh6/c6OXz5i5c8J+YGv+P720KTSkmoqNHD0l11pVPwRq+fuS4n81ml86N7n3/o/a21rOB4URklHE/OniUgWITEdE7b77yh20HiCg5Iqjxavvpk0dVRqbGJqfdKuDzjnz4TmVjh0TEPXz4qN3lCvU9uHnPx06X88yJo3zl0lf3L6m+NPtCSIxQKMxPj8stayCi2GDf3/7xbZFy6XvxeCk1JiCjqEav12u02vL8lPCkLLvdfqO+8INDvkxNMa8oPaq4vCHkvG/7KFulkL23Z9foHCO/c9DcWPf+Q8dkMllSeEDppWu5CRGl9W12uz010j8oPpuRKepLspILKq9eqvD1DzeaLacOHxhhSW1Wy4kD71VfZeZ8hYzYwJiUIh53LuT8ydK6qwWZ8UU1zXq9XqfTOV2M/SIIsGwI6nKIWQPHTl249UeNZDYsOPTsmTMdfcORESEy3X1/zOe9hKz+ndt3ZWZmhIUE5ZfVjfW3B0XFE5FZKTh18hxD0XPFRYUF+vsXVl6qKsxpaeu66H9ObWIsqPOiAs8NTomJKCk2suXa9eyszLTUtKampsjoOEbGP3f88ARPdeuPCt5kWHTStcvVidmljIxPRIVpke8fOJyYmNg/xmpvqnx3/8H01JSACxdqr1xnaop55XmJVfWtUYHnknNLaqrK9+0/IFDqGRlZwhl74/XXgoKCtr29bZwtLE6NOnraPykx4fwF/66hSUam6Giq/s1/v/LL37xqdhMRnT70QVh0UlxM9MWgMK74vu8xuaC8lMjqy91EpOSPB4ZHlxZkHDxyMi01pbCsmqF9YIAVQVCXQyNmfXTo+Pz62GBfT9e1iMhEtVz44Xt7Dxw7rTE7Vj4Fd7L70OFTgwN9u7a/PcSWSaZ7z1yMICKXTnzoyEmGfnq4Ll7wU+uNoX4ndu39oKt/KPDiBYZzShQe4Ns7xiOi7muN+z/Yd6V9YHqoY8/uPdVXbjAyfvC5E+3Dc0Rk0Sn6Bkdqi1Jf27wj4NzJV7fsdi59Nx6v5KdGBEUldnZ0CCSK5rpi//C4rhstW7ftUpkZe7YEPI7VRVfKs8qrm6Iung2NSykpLeOJFUyNz5noPX3+otVq7btaFxKVlJ+WmF5Q01CZ/86BY0xN0VJTcPx86JWakrNBsUR07vjHLR2DyZH+FyKSmZoiNzni0rVhImINXg+OSiwrzErNLZ2amuTwBExNAbASCOryeDLiw0Ojk8pKig4cOjY83Hvu3EUiaqnIePbFn5jvvf3S/WMNX/f1CyUi4czA2zvf1Rv0Jw4dSM3IDDh7IomxfS+X78mjchNpxTPf3vTt7pHJIwfeSc3KLywqFcoZuwQ+0PdY1wiHiExK3ks//tGkSO8xy15+6aVJATNTTA52HDp8rKKiwvfEkZKKqjMnjk/xJDqdPuD0odLGdkamSI8NqmrqnF+vKkxLyisjoubKnA+OnHW6mIn21frSoydOHzn08eD4TLDfWZ6GgYMctxPMDG7dtq28vCLY3ze7pCY7Iepy+ygRxQefCUnIYWSKhtLs+NxKIjp96IOKhqag82f4KjsRHXp/V01LDyNT5CWFHjx8trgof/++fUOT3OLMmDP+oQ319dU1dTI1M7vyACuBoC5fb+eNuvpLWpONyDnL5sz/5cT4uIOJoJqNWvYcb359cnRYZ3ZYjZra6srrHb0MjH6TZ449a7G7iGhudkZrMI0P91VVVVVW1YgVWqbm4M7N6ozzJ4y4JsbHHW4ick9NTTmYO0Yn4c/V1lSPTs0RuaY++dxNjULKYvMYGV8s5MmVmvl1pUwslMjm1wcHBpg63YaIOq41d/WPEtHcLMtotTM17Dyn3XK9tamysupqWxcRiflcpUZPRC6baWBwmJFfClRyCV8kJSKzXjU0Msrlcs1WBxFpFZKxyfv+MNQFKST82prq6pqaGY6QiKRCbm1NdW1tTVV1rULD2FvmAMuGoAIAADAAQQUAAGAAggoAAMAABBUAAIABCCoAAAADEFQAAAAGIKgAAAAMQFABAAAYgKACAAAwAEEFAABgAIIKAADAAAQVAACAAQgqAAAAAxBUAAAABiCosL5dbawNDg4qr73izSeTuuzWOe5nf6aby1aSnxUcHNreO7Lgf2++fEmmMS33kQLABoegwjpWlp14+NSF3t6+oPNnGtsG3XZLR3u71mglIqlMRkRKpdJkNsul4qGhYavD2Via8dFJf73ByGGzhkfH7C4PkVskEhEReZzB545HJmb19vYcO3KEI9Pp1bKOzi67i4iIw5qaGB/+cP8Bnd0zNTY0xeYRkdth7e7qVGmND/AZAIDPDwQV1iubQfHBB/tNn3zCt0LMPXfqeEBAwJkLIVNjg8HhcUSeiMjo9AifbgAAIABJREFUhpryve/tDzx/Jre0NjbINzguPT7c3zcg3P/cmd4Jbk9zVUJWCRGxRzo/Pn7u1uCssf6jR474+/vHpOT2dlw7cdLX78THx86FXKkrP+V79tDHH/WPTCZHXjzp6xcaEWu2M/GZ8gCwziGosF5pJTMHDx2fX58cHU6Lj8wuv0JEEUEBkdHR9a09dg0/OiEtLyOptZ/FG+8uKK0qKcjT6I3nT58wu2my92piUnLgxUCNyU5EXc2V/hGJ86P19/WEXfTrHBcS0dnjhw4eOekhmultCQoN27dnR1xy2pnjR2pbOruvX4mIirnW0ev05nAzAGx0CCqsVx6X/cKpw5GJGQU5GReCIq/UV5/2C8hOTw6LTSnJSQuKSjh+8N30vNKYiFC9g7ISIluut58+cbztxvWA4AgiMir4L//HDxs7br5dalCJP3h3b35RSXxkcGpOcXlBRmhUYmx4QGZeUXRoQFZ+wZbXX62+3Bp8wTcrKysmIWVwoDcqKiYq+Pwxv/AH+jQAwOcFggrrmNNqqigpLKuqtTg8RNR+9XJhSYXNRVa9qrKi/Hpbh1yhmJqcJKKpiXGTxdbdfmNgcHiOJ/B43GPdLR8ePuW+bTSNXJiXk33lajsRkdtRV1Vae6mFiPRKcUlJcXPrdZuLVBJuTk7ONEdI5GlrvVxYUq7S4TQlACBCUOGLyaAS+Z/340rUD/qBAMDGgaACAAAwAEEFAABgAIIKAADAAAQVAACAAQgqAAAAAxBUAAAABiCoAAAADEBQAQAAGICgAgAAMABBBQAAYACCCgAAwAAEFQAAgAEIKgAAAAMQVAAAAAYgqAAAAAxAUAEAABiAoAIAADAAQQUAAGAAggoAAMAABBUAAIABCCoAAAADEFQAAAAGIKgAAAAMQFABAAAYgKACAAAwAEEFAABgAIIKAADAAAQVAACAAQgqAAAAAxBUAAAABiCoAAAADEBQAQAAGICgAgAAMABBBQAAYACCCgAAwAAEFQAAgAEIKgAAAAMQVAAAAAYgqAAAAAxAUAEAABiAoAIAADAAQQUAAGAAggoAAMAABBUAAIABCCoAAAADEFQAAAAGIKgAAAAMQFABAAAYgKACAAAwAEEFAABgAIIKAADAAAQVAACAAQgqAAAAAxBUAAAABiCoAAAADEBQAQAAGICgAgAAMABBBQAAYACCCgAAwAAEFQAAgAEIKgAAAAMQVAAAAAYgqAAAAAxAUAEAABiAoAIAADDAu6B63Aq5XK/XK+Qys9W28lk1apVer3e5PSsfCgAA4PPAy6C6Opsqv/a1r31wIlBrMK181s6Gwq997W+HZqUrHwoAAODzwNtDvlrhhI+Pz4XEktv/Usxj3Wjvml+fGR++dqNDJpOqtQYi6my7zuZLiUgiFmu1usG+bjZPPP+VA73djeU5Pj4+XZPCtdhEAACA1edtUOWcYR8fn/Pxhbf+ZvBGw9ad7/ge/fB8RGpjafr3fvCz2PCArz/0+NisIMr/5NmAkFd/+9+jHPGRnb979Lkfnziw52v/9IjdQ2lhp//7jd05SWFf+er/6JsWr/n2AgAArIplB9Xz7h9/9oNfvB4T7PvbN3bs+MPPfvS7d3WC0T/56l/yhcJ/+b//MzQh43c//3/t3XdcG/f9P3Dab9u0337zTdJ+myZp6oxmtkkaZ7dJHCdO7Hgk3gtsDNhgbAwYg7HxAmMDZhgwYMzeIASIjZDYey8JDTRAWwJJaO/1/v0hx2ljnJBfaJu0n+cfedxJuvd97oTz0t197nPv51W3RwW5/XndHg65z+XH9/Hm5a888VB8EcEsobq4/HiYLvznbzCCIAiC/CMs+5SvkOri4hKdXQ0AALaO9tZD2z589s1PLFa70WCgjPXud3WLj43OLau1mZX3ubgk5NUAgNFkDvH87O3Nh2Ynu1x+8t+CBdlzv/1FdF6jZYHm4uIyxkTXUBEEQZB/E8vt5TvcXnffffft8jjR0NBwPujo6cgb00Otv/zFz6/GJpKojOqSTFd3r6QbqT0DIzYHBLhvffJPbxWVV83L5X77P1390c7mqsKf//f9dKEi9fLJP731UVzkuZ/+9Gc1HaP/ug1HEARBkJW03EAV8nl8Pp8xQyeTyWTy9KJKCwAz5LHa+kajxVaRFf/Y46tefvml+3/5i5hMLAC0NjcNjJIAQMjn8fh8oVDI5/OdPYQ721tGxiZYLLZSrf3XbDSCIAiCrDSdTjc8PDzy94aGhqanp7/FwA5FmcnnImLq6+tjoq50DEz845qLIAiCIN9PZrOZy+Xy/h6XyxUKhd9upCSpRMRmsw1m2z+ooQiCIAjyfWa327VL0Wg0aOhBBEEQBFkum82mugcUqAiCIAiyXChQEQRBEGQFoEBFEARBkBWAAhVBEARBVgAKVARBEARZAShQEQRBEGQFoEBFEARBkBWAAhVBEARBVgAKVARBEARZAShQEQRBEGQFfLtApU5PkcgUrd7ocDhWth1sBnVikqRUa++ubNRrGAyGSqtfTp1p0iSZQtUbTCvWQoedzaDPMNkAYDbqKBSKXKn5jiU5LDqFzrDYVmbc46mJMSqdYTSZv/smC3kcBpM5PjbK5n7zs9+l8+LFZewK2YJErlAta+1c9tj4hEyhWvG/LgRBkH+C5QaqxaDydN0RfDGKQCCcOR3SO8FY5gr6e3qtX/8JhyX0uOdhv+AmPOHKxTN1rQN3fcL652dWJRbUfX0Zg1rqtuuzc1fiCQTC6ZCTYzTOMlvY09f7tc2zt1Tlubi4XLlZAuBIjI9jCxeXWXlJVUUZkXEpTXWV4dFx9u8WHIui2e2bN8QmZxAIzcFBJ2fFy8otAEtv/907GQBgvLPuZz/56Y2sQq/9WwPOx9xr+aH+XgAID/KOyyz7mtWM9PcBQEzYiaspBd/YpviI07sPHK5vbLoedTkPU/+Nn3eaHh9eUKCHACII8r2w3EANP+H6uxffcU5LBFy+RC7mzxEIRIlMZVTLyjDlbDazHFO+qNb1tDdX4XDlWKxSa2wsvfmHZ1/qH5tsJeI7OruampqIzU1l5TitRt3R3m602AGgMOnifQ/+zugAAFDLJSyOQCkVEwkE5hwfAPizM30Dgy8//XhSUSPYrf09XZQZ9pJbctL9s2ff+Ng5LeSxxTKlgMMkEFukSo1GLi4rr2CzmJjycpVW30ForMJVl2MrNQZTeWbsM39cPTJBIjY3dHZ1NTU1EfD15VX1WrWyvb3TYncAgGpBHBbk4+Ligu+bZNBIJqtdIuJ3dbRNUBg2s6G6sqKtra26rpHHmcVgymVqI4B9ZLBvgkRbsp2+ez99f9M+sUwpFPAAgD492drWqTNauAwyrq5xhkrG4uqMRkNdNa6rq7OhiWixWHraiZ29QwDAYdI6e/oMJgsAADh2fLh6zVYvZ9k5Jk2hMbDpFGJLu1pnlPAY2Kpa5gwVW4nTGwxNdbjq6uoKXI3JbLl+yf+Vt96fZszd3TYFn/KzH/2IJNSrueMuLi4dk7Mmg7q9rU0sUxp1qonxMTab015f8tQfnm3pHSovyuseniKPD2IrqjAYDIs377Db2DM0IoG4sKgaJFY+/dQz+M7+itICYu8oOKy9XR0j4yQA6G0nVFbhMOXlggWFc72dNfkuP/o5T2ECAJNWRaWzDBpFWyuRypgDsFdiMWQao7GmijEnYlLGMdgKDAYzwxHxaKPPPf1kaiHOhg5oEQT5HlhuoL606oFtPmF3ZnVSzvvvriEQmz/ZsIVGmfr1Qw81EAgPP/A/k9zFwAMb3vhg04b3Xj8Tm9tQlPToE38SS+b3r3/rjQ82hp2/hCnOue/n94+Q6fX1jTa7AwC2vf+nV9bs+HJNVt3Ha9+raSJ8tnF9d1//R++/OzA2+fIffldQ15l4+fTl6LjPNm0YZ4oAQKNa5HK58zK5c0Oe/vVPPUO+PKha5FPfXfMRsblx/eatVPLoQw/+ikAgPHj//7ClWs8tf33/010fvPlSVEZFWWrE7194UzK/sOmvL723ftv5S+EleWk/++WvSTRGfQPeeQTJplKkKm1MiJfLfQ/cLMA6rIaT/n6XL5156vnVJqv1hcd/FXA28o0Xnww4d3XdOy+fT8wvTI06c/Hqvu2bCQPTAKDXqrlcrkgy72yYXMhe+/Yr//WzX6QV104PENZ/trcWW7DrkF9vM/b/Vj2Hryn75YOPWmy2N55/bPOug+ERkX6+vkmpafv27q+uKj/o5XP+tP+piOsA4DAu/reLy+XUL48RmeMdH6zf0liD+XzPofF+wkO/fpyIr/2fB36lNtvWvvLU1v2HX33hyZKmvuhTHn9+f9OCXAkARr2Wy+UKRRJnJC3MTv7iJz/pnhYAaH/5Xy4xaXkBRz0TExMOeBy5EHJi7YZtY1P0+pK0hx55UiAU7Vn3hl94amlaxCNPv3Roz5YNe30XuPSAk6c893zmduLiUAv2wd88LhAID21Z43HqSvzFoMvXM0KPe2RXEq+ePPDC62t3fLpmt/dZZ8tDPD9/4IlX//bvbffmj/Oxta7bt3SNTL370lMxt0o+ffvF6MyaNmza/b994riX61827OYxxv/3/v8lDpDt3+VfAIIgyApZbqAe3rZm1csfOKftVssQsfzXjz5rMul//8jDDc0tLzzzTP/oyPNPPk4Va8767DgZnhwX5nsw6EpvfcHTf3wHALw+X+MRfDvt9m3865vrtmlvH2ZBTIjnTx78/e3VOOx86uADD/xqUW9679XngkLPrnryWQD48PUXs7ENH7/1fGRqMW16SiJXAkA9JmvLli0XY1Odi+76aPWL737mnLZaLG2Vmb99+hWzQfnoww/jW1qefebZ0ZHRp37/O77K7Ldn/cWkgov+ricupTSXprzw5noA2PnRmwFX0pyLb3n/1Q8+O2C03L7GyWcyZkVyANjw9guPvfQegCM3/UbYaf9Vf3jZAvDOy8+2DNM9P3//ekHdlSB33zNR+ze+6xsWx5qh8EQLADDYVrtly5bjwRedO3x8chIAWnG5jz35YmjAkTWfe0jnJh5Z9XxzLfa5P78z3EN87InnAWDtG89dL2gCgGceeTC9oh0AMmNCnnjpLyKhgEShAQDYLW89+/An+084G2kxmwsTL7z4zgb1PPvhR1cRm+ueee7l0eHex1c9aQTY/O6rt7DNh7d/eL2g/taVoDXbDjmXIg20bNmyxfN4sBkAABT86ft+/OMpgc68QHdxcSmrqHz8N79uG6ZMk0gjfR3PPfHIdq/gvmbs48+8BADe2z8MisqqzovdsOtIXVHan9/bpFXJ4uKu7fvsk51HTjPGWh9Z9TwABB74zDck4pN3XikljF4LPrT32PmUiED3wMichLA1mw86m4G9FeXi8lO58fZfgVbO/c2DD1AFip1rX4+6WbBt7VsZ5XjXje9eL2jqq8t94+NtvfiK51evWRAyf/Obh7mLpm/7R48gCPKPsNxAlQqY697/S2TCzRYiEVdTL+DOehw8UFJS5HrwsEwu//DtV909PR+4/39H6IKAA5tcfUODvHZt9z4zM9b+28eeGKMy3Tb99fNDp5yHQWNtVVv3et2pbFBLd2z8yP/sFWJLC7YSJxIJ/H088otLDrgdnGGyNn/0Xmp2/hsvPn2jqC4vKfyPr79XS+jQGYxwFyGbvOavb8WlZLcQidV1eN4c8+CBgyXFBQe8jsnl0r+s/pOnl9f99z9I4S14fr7G5/RV770bPE5FT3bXPbrqmWnG3OdrVrsFhDtb2FVbsPuQ3xeFHQ3YouKqJgBQS1h+QaF6reLFp1eFnDnz1NPPzcxyVj//RG5l87a1r11IyD5xYPOBgMtNmIwnn3+luLJBo7u7I5XjyoXg9HxMW2Pl2YgY8sTQIS/f3IzkwHNREi7theee83Tf/6vH/qBUqd968fdnrmUBQFJ40NN/fA1T00wZ631m1e8uXI0XSKTOWrSxzrfffPNWXimR0NxA7GDTpw64exbkpB8NPCeb5770wnNenu4P/N9jEoVq3esvXIi/tfWD1yJSy/ClaU8+/wqdI7l7H050N/zIxSUlt+zU0YO+IZEOu33/5jVb9niQ6cz+3j5cad7eg94TQ92PPvp41/CU68Z3j4TG5iaef3vd9pSosNfWbh3ubHjmxT8HHj30/qb9s7Sx3/720daBscM7Pt5//DwmOzky7kbICR9872S43/7NrsfCT3m988lu5zkAh8Xg47bdzTuQQCRisVihSBQecuJmdoHXQTcaRxTivXvjtj0vPPHItSwcvuTGC298UJge/8QLbyrkkmd+/0h8VrkddWJCEOR74Nv18h0ZGhwdm9AbzQBgNetJJJLZ6gAA+bxoikSmUanzUvkci0GfYTLotBnmLACwmAyFSs2aoVLoDJsD2Aza0GA/mcb8SuWp8ZGh4VGVRg8A4LBOk0gavQkA9OrFyakpHo8nW1QBAHlyfI4v/prNGR4cGJuYMpotAGA2aEkkstUBALAg4pPI01QqVSpbZDPoMwzWDI3KnOUCAJMxo1JrGDQKjcG2AzDplMGBfuqXlxjtDNo0mTrj/F+/zWpxOBycWbZYssDlcJRKJWV6msPjz9Co7DkOc4ZGZ84BAJ1CorO4S7XQYbGYOWzG0PCoMwTUiwvTVLrzPe4sc5pCo1JpCqWSOk1mznKcr09PTbA4AgCQS/hDI+N/e8nQYTEM9PdNkigWqx0AdOpF8jTV+ZaAO0ueplCoNPmiYoZGYbLZVMo0hy8GcNBpVL1pib5ivDk2iUweGhygszhf7FHzyNCgSmvUqhRs9qzRbAUANpM5L5Mz6VQma5bLmaVQ6WwWk0KbMRoMLCZTurAwO8cBgDk2UyKVsxg06gwbAOZYMwKxFADYDDqNPsNk0Kl05t9uC408OTA4JF283bWKRiHLlVoAMOk1U1NTdDqNKxBJRPzpacosm0WenrY5QMTncIVL/DJAEAT55/tn34eaGnPu+OmI7/NFr7iLp05djPtXtwJBEAT5gfkXDOxgs32f8xTgh9BCBEEQ5PsGjZSEIAiCICsABSqCIAiCrAAUqAiCIAiyAlCgIgiCIMgKQIGKIAiCICsABSqCIAiCrAAUqAiCIAiyAlCgIgiCIMgKQIGKIAiCICsABSqCIAiCrAAUqAiCIAiyApYVqDazsSQr9VriTYPZplkUp6en8xfk0+ODZaUlqSlpPMni3XX5rOmzZ8+MTrMBoLm2vLSy/m+fKzLcRagjdi3ZIKtZfyXiAp27AAAAjsmR/rLSkhupqbNC2XfcVJNeXVyQL5JrAIBBHi2rqgcAsFvrKjET1FkAqK8oDDkdGnwqqH9yxm7WlxTkC6QqAGBQSdW4yu7BsXsUdhAbcT3DUwDApk2eOxuakl3iHAvYpJHlF5XYAABsSdHhp89dNtlhbma6GlfVMzgB4OhuqQ8NPTPN4n/HTUMQBEH+5ZZ7hJqffPlYaDQAAJgLCktFPNaefa42gM6mmlHyV5/FBgBglH+87gOO3AgAI92E5o5+58tmixUArBaz0WicHOgsxzUCgN1qNplvP01MrVIe83LrI80CgFbK3bVrn8UBXS31JAa3r6WB2DkEAHqtFgCsJm1OZrZYoQUAtVrtXFyv01rvMbS92ahz3bF9hC4CgNHO2r2exwAAHLYLgT65FS0AjrGRYQZrNjn2St8ky241Hti1Y5Qxr5lnh567pNWoTxw9MsVa+slxiZeDY9IKAWCwv5dMJu3YvJ4wQAGAmqK0dVv3AkATNvdcRAxXKFkUMkLPhWs16sBjR4dIMzwer64k81zUjWV9VwiCIMj32HIDtTzr+tmrqQAAYKmowJlNhiAfty27DlLZgqULmxS7d20XKiwAQBrpHSdRS3NSYxNTzoQEkVmCmpJsHKEn53r40VPhcqmESGi6cPZ05+DUaH8noRm/Y+uWMYYQAOw2U+jxQxu37ScxeADgd3B3QhamuwVfWlJ8IzVDMEtb99F6Cps/MjyQm3UzOiFtcHAA39yMxxNt93jgdNjJgLEZIQAIGGN+wWedL+YkRRVXt9/ZIVmZWQarAwDOnwqcZMvkc5Mbt+wwW+2nj3mUNPYuWRZXmJqcg7kzm5YQQ+FIRTz2yGDPhcgrANBaj3XbuyMyKXtRQN/0+U6z1X7mmEcFcdhhM0VHhOG773XsiyAIgvxgLDdQMRnx56JvAgCAA4ut0JkdAFCUkbx69WvNvRMAAGBvrsMVFZUsagwAAGblzp3bJRo7AFBG+8gMTkFaTA6urbUqJ7OsoQWXn1pU29uELa5tbyrPKaxsam2szstKDww+CwAXQvwGpzkAYLc7AACTk7p69equUWp+SlznyAyDPNbR1rx/736eQBASEiYW8YJPhc7MUPMLinDlxV5Hjnb23352N3VyuKioiESfvbMVof5+zkDlUoeOnzrjfDEjPvJOoLKnhwvLa5zTZwNPDNP4AI7CrLTiooKN6zdQuFIAUEpFRUVFTS3dd8pic5PuBCqfRW3rHQG7LjgosCAv65NPPx2jsZ1v+R7xYAoXMXm3iooKNm5YPyNS2a3G4oyE/R7HrPf4BYAgCIL8UCw3UIdaqvZ7HjeazAsCdjmuXjYvyC0qA4C8pMvnrqUDAICd2FhTWopRaIwAAGD1dN1FGCBbLOb6KqxAqs69cbW4sbe1KvtmUU1bTWFyPq6jpjAqJR9XkHI8JHx2jksa6li/YZNAsnDMYy9xgAIACjEnN68EAEpvxsSlF+UkRZfWtCRGX6zDEw7t30eiUL08DtNnaDu3bRuaIM/NzrJYrPamqm279st1FgCgTY2WlpaSGXN3tsLP89AQlQ8Ac+Q+96MnnC8mR57NKSc4p8sLs8eotz/vf9ijn8xxTteUZMam5DinVTJxaWlpc1vPnbJFN6Nj0goAYG6GXFyK4QmEPM4svqG2LD/9rx+snaCxZtlslVqNKS4WybV3qllMBvG81KxZiIq+ZkaBiiAI8gO37F6+Dls1tiS/oKiiEieSqewmdcqNxLKyslJMhUylXbI0l0FOS00tw5T3DIwBQFFmCqaW0IQrLiyvbcKVZpVUz/OY1+KSVMrFK+eDwy5FKTW6tgZs3PXk5KTEMQoLACx61c3kxNKystIyrFpnnOxvzcwvqasoSbuVdSMpkcbiFmSkDE4xhjsbfY+f6BkhDXa3VNfW9/QNGK1LXEbVqhejLkd0DpEBYLK/LfxKtEprBJslIzm+ANtgBwCwtbW2Gq0AADq1Ijoyon2QBA7bQE9HI6H97oJf7BhLaU5qak6p1WrNSY09FRJ6OvjUyLTzqNRaVlkFAOlJcTkFpUKJDOzWgZ5OZzWNXBgdFYXF1Umkim//xSEIgiDfL/9Bt804HF89DLz7leW8hSAIgiB3+w8KVARBEAT5x0GBiiAIgiAr4FsEKpM61YTHDwwMUKl0QkNNNb4dAMwGXQ2ucpLKWrK6Si7BNzV19/aNTZAYlMmcvBLniVSrQVlYWGRa+n7RpUnFvI6efocDABzjQ310Fg8ARnvbrl2LTUhImKDNLi4IbyQnjU7fvilWxJttbe9QavRLVpsc6IiOjhmnzgJAb2t9TEwMgzcPAPjqspiYa/NKvUYp72hvHZ0g2ezo3C+CIAjyzZYbqN34ysDQi0LxPJc5nZaZy6KMP/J/D9V1jgFASX4WjSO5u7RSwvHx9h4jz8jl0qxb6e3EpsPe/l+8aV9YWPhWDaUMtmzb5+5cNjL4eFJ2JQB0tOAJLW1XL56pJfZy2czWhor9h7wBYGay/+q16zKlZslLocp5XvjFC4TW9gW5SjRLu3D+QltHl1JjYJKGL1y41NnVa7LYw8NCeDJ1esLVvsmlhq1AEARBkL+3zEC179z0ccsIwzljMpvkYlFRduq6dR8zhLKx/i6hTHV36fToM8fDYm/POOxyAfPEMf/0m8nFVU1KmSgzu0Ai4iVfT8zJupVZWCFfEFdisYWFBSzeEtkMACoR61jASed0edaN9IKaO2+VFOQtqAwAMNBafzO3DAA89m6Lup5WVdO45DEwnzHp7rrXL+S8zmSljHTu373rzOV4ix36iDW7d26PSs60A2Bybuw/6InB1at0xm+3RxEEQZD/SMsMVPPad9+ZmJXemRex6WNk+lQ/YfPW3dX1TfMKLQDYraaB3q6e/mGLDQDgvL/7uficO4sYZTwf35NcDsPL57hKLnE94DUv4e/avocv4Hke9mbNcQjEllD/I7lY5y2hjsnRwa6ubq3B7FxczqMdPRHonC6+mXAnUOUCZmZuEQCA3VpRlLVluxudNr196y7pgsRr37ZyfB8AmPTqrq6u4XHS3275tYtBSTlY53So/+Hiug4AAIfZ18ute4Ih5jJ8Pdz2uPsqdaaV2dMIgiDIv7XlnvKNCPYJvZICAGC38gRC4RyT2NEDAOWZsX989a9qswMArEZ1enJ8UlqWweIAgAFCxcebdqoNFgAQi0QCFjkw6AI4jEd8jxt0ap+j/iqV/JiPP4A9IDCoubkxv7Qi8WpYeqEzKe1l+Rnx8QlS5e2LoAoB3evoced0UWpcWn61c5pQW97WPwHgMJksAHAtMnx8ctLb08sBkJ8SXVzbBgBquTg+Pj6nqMK5iFajsQNMDrTX4ju0Gg0AdBNqW3tGNRoNAOCrsSQK7dKZYABIjjxd1vjliEgIgiAIci/LDVSzXhkTeSklPaO+Ec8RiCf621LSs4wWGwCUlxRJ1UufF60qyQm/EoOpqJog0+aoY/6Bp+k0sv/JoGnypH/AqcnJsQD/kzMz9NOhZ2prqs6cPZ+cEJOaXbpkKfp4z7ETAXK1DsCeFnc5NjXfOQZ+XTVOrrWAw3IzMTYrt2BodBIA+jsIFbialpY2ncl6d6m2emxUbELvwKjN7qguyYlLTBkem3IAFNxKTk7LmJiiAkB3G76R0NrV1SmRK7/TDkYQBEH+M3y722a0Go3ZagMAk8lkMhrty+gBazWbtDqcoQrEAAAK9ElEQVQ9ANisVrvdZjQa7Xb7V/5rs9m+sY7ZbLbb7RarDcBhsVotFstX1m2zWvR6w51Zk9EA92YwGO4x/eUvA4Ne942tQhAEQRAndB8qgiAIgqwAFKgIgiAIsgKWF6h268TIQFt7R1dnp0iqAADK1BiB2KLQ6G1mY093J53Fvbu0gMMiEok9Pd2T0/RvbojdVFdbq/2asR7s1vHh/vaOrrGx0faObvPfP/LUZjHiGxski5pvXI9Zq6ita/jmU8x/QybmYcvL+fOLAGC3moYGB+RKLQCYDdqBgQGt0QoAzfXVpWVldY1E41JPYnPYraNDgyyO8It5K4PBdABYLUbGDN2w1IVeBEEQ5IdleYHqsJdnxbl5n6JMjX7yyaditXkAX7Z20w6j2eKwWdNT4ocps3eXXpgjf7h2HZPJ8NiztaC67RubQqNRTV8TdA572a3YfV6B8/OShtpamfqrl0gPu+/rnmJ/TX3NonSaygCbmUqlLX/0I4tRh8OW3UiK3/D5LoVal3EjoaunLz4uXiZfTIy71tPbez0plS8SpSQnFubnHPLyVZvv+k3gsGXfSh2dmIyKOD8wxQSAlsqcz/e4A4BWOb9r61aGcIm7eBEEQZAflmWPlNRYFnwp3mzQfLz2Q57CNDvRefDo7btCW/C1vAX13aWtaomb6wG73R50eH9mOXGONo7BNUr4rCJMhVKhHBsZau/sksrkk+MjbW1d8xIxvqnZYDT0dLRW19TyxQvjgz21dXW3bqXz5m8/3ay3qfzYqUsCPpcnloHDNjE6WFxcIlcbZCJuWyvRdd+eqdl5qZhbUY4ZmaROjg7k5ebW1DcNDw5U19TM8sXFaTFefqFzbAaB2A4AM9NTNdVVE1S2XMyprMQV5ed0DIwvsYOstx8FdybkZP9A38FDngBwLTw0IjLyeGAoAAT6uBOHqABgVIjKsNVL7GOLavvWrQBQV5AcnpRr0CjK8jNCwy463wz2O07jyf8/vjkEQRDke2W5gdrThDnse+LAvp34PjIATPU2uX0xjiC+vmpWtAgADruVx5nj8ATO07FmtcTdzTUk6ETwpQQAENCGD3gHGNTzPscDOlvxfoEhE2TqYCf+uH/gwNCEQibcs3MvVzSPq8LFR4YlZJZgMxPPx9wsTI+LSs13rqgXX77noA+usnxkmt3ZVJlfWhV14XRaRnZ0dIx8UR504lgdnph4PbEOVxp8NuJW8jW/0+GkqYmqquq0hCsRcRm9+KrI5DzNIsfV3Xd0qOdKXKp0XnzokEdDLW6v25GR/nZ379uPHNcoF+fm5hZVX/5KELCmq5vahYyx3W4eAJAUfd7t4IGTZ8MB4KTvwYqWIQBorsF0DZOdn9dr1XNzc1K586eA4/qVcyk5pWcDfa4mpldhsUN9Hd4+R1UaPQAEHfOl8xf/Ad8sgiAI8k+13EDtaigJj0sfaK12PxoEAHzKwOe7DjjfqsKUihe1AGAxKKMuhV28Eq8zOwDAppk/5HFEwJ/duW0bZ0Grk8x4B5y1mZSHfXw1Wg0mP33/wcNMrqCmLH+PqztXKDl7KoTOZJZiK0tzbiRklnTWYkrqekh9TZcTM2+3ob40JPy6czohIiQ5t9Jms413N27etg8Aroafy87OOuLjZzCZlQplRWFmHq4NbLq8wuIaTG5k/K3upqqotCIA/emwy9Xled4nLwFAcMCxiqrqS5fjwabx9rt9zD3UiQ8LC2vuGnLOmvTq3r5+ANBJ5zw8DwNAxJmTBUVF/idDAMDviPsEUwwOy62baUq9xbkIdbwvLCysouHLE92UsV43d6+Jqcmrly6Ehfi/+trrAxN0AAg65ssUoVO+CIIgP3jL7JRkK7oZ43rE3wEQEXIsIv6WwWBIir2SXVhWV1PV3Naz5CVJDmX40w2fihW63qbyna7eYok4JMAvMyvL/2RwUzOe2NpeVJhfW1fbTGwpyM2emBg7fvRYZ1fnEW+ftOSEC1fislPiEjPK6jHZweFxdgBw2ArTYly9TmgNJgDg0MY/37wx9NxlDpcbczEk9voNP1+fzsHxq+cCD/sc7xocz0uNvZSQZVJL3N3d09NunDobOTnUc8w/hEIa8TzsO78guXT+bEVVdU1DM3m484hvEJM64XbIS2P46kCDNrPhfLDfiZMhp0+f4UtVnYS6cmxFcSnW4YDq8hJsRQWmshYAFngzZZW199rLcyx6YV7OKGnGOWtViy5fiQIAnWbR84BrzwTjO32HCIIgyPfAcjslyWRSqXTBbLUDAJ/Hs9gcACDgcYXi+XuVVqsUMplMqdYBwLxYqNYZLSaDXKF0OMBiNvF5PLPVAeDg87hGiw3sVqlUarbatGqVVmcwGQ0KxaJcvri4uCiTLzoAwGGXy6RS6YLJfPso0GzQzktvX30UCgUG4+0sFIlEAKBSyBekMgDQaVRqrc5kNAKAVqPRabUyqdTmAAAHny8AAKNeK5PJFAqFTCYzWb7a4dZuswgFAi6Hw+HynRdTF+a/3OT5L6YtFrPVds8uyotymcH8ZWWHw240GgHAZNRLZTKV+ps7JyMIgiDfc85A1Wg0Op1OqVTemfjqKV8EQRAEQb6GzWbTaDQikYjL5VqtVqVSyWKxtFotClQEQRAE+RZsNptOp2Oz2YGBgbOzs8nJyQUFBXa7/e8C1WIykKamjBYHAOi1KiqVKhJL6DTqDJN9r/OcRr1mamrKeVupWiGjUqka3VfvHGXSKRzB0k8/BQAhd5bBXmK8iDtMeu3ExITJeu+xIAAAQK/V6L4Y43eOxRAv3D5LzJyhyRRf9uNVKBT3qiARcjkCMQBoVfK+vr6hoWGB+PaT7FQqpXUZAxojCIIg//ZsNptarTYYDLm5uVu3bg0ICOByuXq9/u8D1Wy8FXvunXVbrQBGnSImJlYsmT+4c2NSHs5qWzpOTAZtxKnDn+72AgD1AjcmNlat/7K/j0al0JusKdHnrudW3atl9cXpQZfiv6bpdrNy987tQqXlazfQfu38qVvFdQCAKyvoGhwvycuYoDKqMYUjU5Ssm8kkJh8A2msKDh09ueTyIz1tuDp8XkZKW99Yf2v9+YvhAceOXM8qAwABY3zrrv3apYZGQhAEQf7T3LmGajQaKyoqWCyW2Wxe4hrqAm9my4a1/mHRANCMxwPAhVO+zntS74VNGln3/psR17MBoAnfDABSMa+9o1Ot1V88dexWaUNLbdnl2OTamlqN0QYO2/jwwCRlRqNS9PV24wmtrY24qKQsg1bd09k+Mk7W67Sjw8PdHa1tXQMAIJsX9PW0urq5SRR6NoPW3dOnv8cAfqW3rt/IqQCAG1fPJWdj8LUV08zZ2IvBRVV4HKaIzp1XSEWp8VeCzlxccvFgv8PjHJWOP+XmcdyZnJ3NteN0rsWoqSrJ8fA9rjKhQEUQBEG+7OWrVqstFoter3em6VcDlTIxNMsXnfY9mHiroKuzEwDCAn3qOpcYWuiOkb4egVh4eN+2nBLc4PAIY3o8MjouMiwo+MK1hJhLNR1jbTVFV5OybiVczsPUYgoyCvLzN67fUF5ZuXff3s7uPmIdNiGjaGKgk9DafsLba4xEPbBvZ2t3r7eX19DIcHRMLJ/LOXz4CJGIj4pPIk2MzcuXGK0JAMoyElPzqgBAp1pY/95r+7yDAWBRPPvWK88FXEiw2234JsIsffLM2QtLLo7JvH485FJJVtIB75MAYDNp0tMz7ACtzY0iIT/07OlFAwpUBEEQ5Otum/l/ckt/y0wMlzsAAAAASUVORK5CYII=" /> <br />
<span style="mso-no-proof: yes;">
</span><br />
<b style="mso-bidi-font-weight: normal;"><span style="font-size: 10.0pt; mso-bidi-font-size: 12.0pt;">Figure 1. Inbound/outbound network traffic by
country</span></b><br />
<br />
Figure 2 shows a different pattern. It shows a traffic pattern of a large
amount of data packets leaving the network for China, Great Britain and Brazil.
This pattern doesn’t confirm an exfiltration is happening but we certainly have
reason to investigate this traffic further. The analysis confirmed an
exfiltration was happening. The incident response team was able to take steps
to contain and interrupt the data transfer. <br />
<br />
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAlgAAAFSCAIAAAChdzZwAAAgAElEQVR4nOzdd5Qbhbn38Q1JSCH9vbnc5F4SCB1MTwgppBAIISGhE9MMptgYB1Ns3Mvuenvvvffee++9994krXrvbZ73D4Ex9jZ7ZRmvfp8zJ0dayY9GWqLvaiTNOLwMAABgB1544YXnn3/+hfM4EAAAgB1DCAEAwC4oFAqJRKLRaAQCgVQqValUMplMJpMhhAAAYBcUCoVKpeJyuXv37vXw8FCpVAqFAiEEAAB7oVQqNRrNiRMnfH19Dx48GB8fbzKZEEIAALAXSqVSJBKVlJRotVoWi1VZWanRaBBCAACwFwqFQiqVarVauVyuUqnUarVUKkUIAQDAXlhCKDsPQggAAHYBIQQAALuGEAIAgF1DCAEAwK4hhAAAYNcQQgAAsGsIIQAA2DWEEAAA7BpCCAAAdg0hBAAAu4YQAgCAXUMIAQDAriGEAABg1xBCAACwawghAADYNYQQAADsGkIIAAB2DSEEAAC7hhACAIBdQwgBAMCuIYQAAGDXEEIAALBrCCEAANg1hBAAAOyaRqNRqVTqL1IqlQghAADYhfb29qqqqtqzVFdXd3R0IIQAAGAXCgoKYmNjE88SFxdXXFyMEAIAgF0oKSlJSkpKO0tycnJ5eTlCCAAAdgEhBAAAu4YQAgCAXUMIAQDAriGEAABg17ZICNUq9dlnzUaDwWS2nNaoP79IrdHadLUAAOBL7woOoWBp0tc/lIgaq0v9/fzyS6sZIiIScRcjwkJCwiKFUuVwT0uAv396TqFGo8lOS/QPCGjvG7m8qw0AAF8qV2oIGaMuPiLglFugXCoOCAg2mc3hwQHzXCkR5abGtQ/Nzg53JiWnRkdH642m3PSk5JSk9NwSo17lFxBsMF/utQcAgC+NKzOEDJOfmVxcXpWUlD41NRIdm0JEGYlR/eMsIkqKC59myaS8uWBfn5iEVCJqqiw97X66uqGbiEKDg+W6c+fpdDo+ny8AgCsBj8dTKBTnPzGEFXA+Dp0+Ej27xvJRyPTIvOpSP0XBleUKDaEpPTkhJSnx3Xf/09bZFRYeodFqw4L857kSg9FYkJnU3Dsx3tucmp4ZEx2lVGsyUxIyMtJTsgpVCrFfQIiROW8ew5gA4MphNq+wYefZEyP/82zrTa90rLH899OtlV0Sy/V7WutdXU67uXuNzSxd6ict+DK7MkP4KUNBQTERtTVU+vr6VtS3qWW8lPQsuUQYFR4aFhEjVWrGBzr8/XyzC8v1en1+Voqff0DvyOTlXm0AuCR2uI3ftqPzgV09ayy3vNpZ1yclIpNOvvvNNwYm5sYGOivrWnVqRX52Zm1zB2M2DQ0PE9H42CiXyy0tKhibmp+bHE5JTeeJ5RqFODcne2Ry7nLfV7CmKzqEnzMajUSkU0oHBofPuchkMp51Gm8PAmxZFxRCIuptqz918qRfYBiHJ4gN9c3MLwkL9E1KSXX39iEiXy/PnKz0A4dP9XW1OJ92Ky0pKikpdTp5NCQsfM+77w7NsC/rfQVr2iIhBAC4oBCqpIKmlnYi6m2qOHj4iKPTaSKa6mk4cfKUX0g4EXl7emRnZZbWdswONAfFZBDRYEfDSy+/XFRSGhoSPDqHEG4dCCEAbBHbnUav395+5xtdayw/e7G9pkdCRAatytfdydnFzc3ldGVDe3Ntqau7h/Npl6HR8YhA74DAgCMnTldVlOWX1Bo0Ml9PNw8Pz4zcgvzstPDIyJj4RLFcve76wJUCIQSALWJ/2Myj+wf+dXR4jeUvHw+0jcjP/JPF+bllntByepm1KJGriMhk0C6x2Dq9Qa/X63R6y0/mFxYtV5ufm5UpUMEtBSEEgC3CZGKMG1iY8z43DnYOIQQAALuGEF4MdWcd661HOfue4ex7Zvn9p/u9jrA+fJ7z/tPs9/7JPfSqWa283CsIAAAbhRBeDHlB0vh1DlN3fW3qrq9Nb7uq6pVHx+/71tS2qyZvc5j53f8zy8SXewUBAGCjEMKLoShNn7zDYeY3P5r5zY9mH/ph3dv/mnz42pmHfjj9y+/M/fUGs1xyuVcQwB7xjr+18Mw9Sy//do1l4em7NN0Nlusr5dK5uTm+aJ3/w6pVKq3OsPrljEKhwNuOVzSE8GIghABfQkuv/G7iZoepe7+xxjJxo4OqtoCIGKP6kw/edffwPH7kUHJW0YoDBUsz9S2dA93tozOsFa9QX10xM7dQVVl5Ce8VXHoI4cVQFKdO3Ogw89APZ379g5lffrf2nacnH7525lffm7rvmwghwOXCevMvU3d/3fIX6mrL1LavqhqKicikEh4/cZyIyKw78PHHC8uC0oKs0PDI2SXOxFBPaGhISWV9cUbc9p176uobhoaH05Li/Hx9iqqahLzluOjIkNCIiamZ3a+9GBaXXt/QLOQthwb6+gaG8ETSkrzMAH//qLgUnRG7sroyIIQXQ1mdv/DPO6bv//bMb/9r4fEbG5//zfi935j70//N/uHamd/9F0IIcFlcWAjVopOnTmrNREQRoQE+Pl573/8oJjL4qJNbfHTY0ROOCalZ3c11UcmZJXlZWdk5x46dWF7mODk5Dw2PZmbleDgfi0hKT46OaGnvjAoP9ffxqW4bHGqv8Q0IdnQ8ObnI9j59cmASe5+5MiCEazGwJlXtDURkWBxX1hWp26r1SwtEZFZJdRNDAs/98sJYWX6yMMyFd3ynoiheXpot9Dlo5OG/foDL4AJDKNy//yOhXDk/OXj0hFNOZvK+/YdLigvzi8tbmxpSkxM//PhAYW5OTHJmaX52WnpGcGgkEQUF+icnxHt4BzgdOxCWmJYUFdbU2hEdHurr5dXYMzHZ2+Tu6R0YHMQQxQR5dw/PX+ZHBDYGIVyVkTcrCHSU5USJM5P0033ywiT2e0/IKiqISBzyiSDY38SbEkb7yIuTZGVFupE2SW6SND1MPTRCRv3lXncAe7S4/dcT1ztMbbtqjWXiZw7KmjwiYsx6fw9nRycnRyfnnpFpxmRIT44PDAruHhjtbW8MDApKzcrlsBajIiMLi0o7OztLyyuJqKy0tKW5MTAoJCYqvKK+raOpKjE5tbKqlsteDPTx9PQNWGQvlxQXGIlqSgtnWYLL/ZDAhiCEq2K0KpNMJIl1FqXEE5FZsiQI9SAi7UibwP+YLDfTJF7kex8Wx3jIyvLFce7ijDhZQbKexWaMa3zADAAuFWHgcc77T3M/eWmNhbP3Ke1w1+VeU/hyQQjXoW4p4vs7MwxJ4t2UPYOMUsA58pYsI1zgc0rdUy+M8JKXJEkyoviu+6TlpbJkL0l+NmEPTgAAVw6EcFWGuQFRXJB2tIvncZQxm3gu75t0xGjlqpZKabI31/mgurdOEOatai4UJYUpqnPFGQmSGBd5fd3lXnEAALgACOHqzEZVY6E4KcQgEBGjV3U2fn6RTqEbH1U3lylrsqR5yYqGKmVlhqIsRV5TLi9MNQo4l2+lAQDgwiCEF0PdXrv02u9nHvrR0o4/cj95ae7PP5265xuc/zzN3v232T//1CQVXu4VBACAjUIIL4a8MGn85w4zD35/+r5vTd399ekHvzfz0A+n7rl68g6Huceux/cIAQCuIAjhxTh7F2tnL9jFGgDAFQchvBgIIQDAloEQXgyEEABgy0AILwZCCACwZSCEFwMhBADYMhDCi4EQAgBsGQjhxUAIAQC2DITwYiCEAABbBkJ4MRBCAIAt40oNoUTIy0pPrW1sIyLOwnRiQsLo9ILlIsakryjOzy+uYIhkQk5yUmLXwCgR9Xe2JKWkCaSKzd86QggAsGVcqSGsrypp7eqLiwzt7uuPiQjr6+8PCAgUKbRE1FBekFlQXl6QVVnbmJoY293bFx0Z0dTUFBkd19vdFhadsPmDJKnKM9cIIankm7+DAABgG1dqCIloZqT34OETPb2dsfEpRJSeEDkwwSai5LjwaY5czp8L9vOLiU8hosaKYldP16r6LiIKCQpSnHcAeb1eLxQKRRskVy5nRk/d+ZUVQzj72PXChVmRRLLRaQBwgYRCoVKptPUzDmxdV2oIhQIBQ9RUVRwcFpKQnEFECVEh4wtCIkqNj5hgSSXsyfDQsOjYBCKqKsoNCAooqWohooCAQI3x3Gkmk0m9cTq9KD9xjRCqeBy1RnMBAwHgQqhUKr3+vL9nAS7WlRrC8sKshJT0mKjw3sGR3PSkxKSk6IRUqVTU0Nw6OdwbGh4ZGR42PDlbWZSVkJgYHhW7uLAQER6amBCXXVSx+VtXlmWstWlUKdv8TQAAgG1cqSEkYkYG+2YXOURk1Kl7urvVepNWxs8vLCGi+enxiZl5IiKzsa+3RyRTEpFUyO3tH7TKbePDMgAAW8aVG8IVmIxGg/G87Z6XAEIIALBlbKkQ2gxCCACwZSCEFwMhBADYMmwaQrVafSnG2h5CCACwZdgshObS3JS3d+2JS0nn8K/4TiCEAABbhq1CaFS6uzqHR8clJsQGRcRZebjNIYQAAFuG7TaNtjeUbv/39oOHDydnFlp9uI0hhAAAW4YtQijhLbifPp2RlRMaHJSaXWC24ujLBCEEANgybBFCk1E/MtD9/rvveHj5vL9nV0J2iRWHXxYIIQDAlmGzTaOMi+MpLRFrrNPVN9Taw20NIQQA2DJs9x7h2EC3j4+vu5tLRUO71YfbGEIIALBl2C6Eo/2d7q4uoZGxixy+1YfbGEIIALBl2CiEjFHl7nzyxCnHvXveC4pOse5w20MIAQC2DNu9IkxLjDl+yjk8NCQwLMbqw20MIQQA2DJsEUKVXNzd3ctdXh4d6g8LCRmfZVlx+GWBEAIAbBm2+R7h/Ovbn3vptZ1BIWFJScm9Q+NWHH5ZIIQAAFuGzd4j1JXmZ3l5++QVFE3NLVl3uO0hhAAAW4bt3iM06DR1FUV7dr2TXVJr9eE2hhACAGwZtgihiDP93JN/e/7fr7h5+ZVVVC2weVYcflkghAAAW4YtQmjQa7raW3OysyLCwz09PaubOq04/LJACAEAtgxbH6Feq1aKJdJLNNxmEEIAgC3D1iHcGhBCAIAtw3Y73S7ITGvu6IqLiphaxHuEAADwZWGrr08YlKeOHwsKDnE8eSI4Mt66w20PIQQA2DJs94qwqig7KDKhujQvGPsaBQCALw3bvUe4ODNRV99YWVnJEyusPtzGEEIAgC3DViE0aRyPHU7Pzg0NCiyrbbHycJtDCAEAtgxbhZAxuTseK2/oNJrMVp58OSCEAABbhu02jQ52t3p5enh4eJbXt1ploEwiVqq1ltNCgeDsizRKhUKlsZwWCYWW9jImo1BknUQhhAAAW4btQtjb1uBy2tnbP4gjsMIX6jubaoJCQsPCIxZYy/UVRYGBgRm5xWaGiGh5cTo0JDg4JIwjEHe31AQGBiamZcll8pSEmMDAwPq2ns3fOkIIALBl2OzoE8qDBz5RGUx1xRlBUcmbH9jR0qQjaqkqiIqNi41LJKKo0MAZtpiIspJjeidYrMn+uLiEqOgYIirMSo2Ni8kurCQy+vkH6je9dXbtEDKKK37XOQAA9sN2rwjjIwLT80pKc1N9QmKtMnBxcjAgMHxifDAmLpWIMhKj+sdZRJQUFz7Nlkl5c8G+PjEJqUTUVFl62v10dUM3EYUGB8t1547S6XRcLpe3QVIZOz1yettV54dw5lffnX3set7MJE8o3Og0ALhAXC5XLpdb5WkEgGx09Akea2hkbHywx8vdLTgyVqk1bn7mcE/LKWfXhWWhWSv18wsQicUhgf6LfKlKrS7JTatp7e9rrcnMyY+LieILRSkJsfn5eQmp2QIeyz8ozMScO41hGNPGmc2y4tQ1XhEapSKT2XwBAwHgApnNW+Fjd/AlYYsQqpVyiVRSXVYYFxcXEhzc3Nm/+ZkZiZGePgERkRGT8+yx/k5/f//Gjn6NjJeYnKZRyhNio6LjklQ6w/z4QGCAf3FlvdlsLi/KCQgKGZtZ3Pyt4z1CAIAtwxYhNBm0qXEhb77zXtfA0EBPR3l1gxWHn02nkk9MTl+i4WdDCAEAtgwbvUfIZc1FhoWEhkd4e7jlldZYd7jtIYQAAFuG7T4skxQTObXIqq0oYfGv+A9VIoQAAFuGzb4+oT588BO5nhlpr3L0CLTucNtDCAEAtgxb7lmmxcfH18XZqbCy0erDbQwhBADYMmwXQhF3ISjAv7al0+qTbQ8hBADYMmy1adSk8fNyOXL8lKe3d0nVpfrUqM0ghAAAW4atXhGa9WGB3h8eOJwQF+PpF2rl4TaHEAIAbBm22zSqkHCdTx51dvOaZ/OtPtzGEEIAgC3DdscjTImL8PULiI1LGJmYsfJwm0MIAQC2DJsdoV7r7urC4kunJ0bHJhFCAAD4srDdptFQH5cDR07lF5UssLlWH25jCCEAwJZhuxDy2At5uTmpKSmt3QNWH25jCCEAwJZhu02jbo7HQiOiAvz9apq7rDzc5hBCAIAtw2ZfnzB4nHYcnmETkd5gsPJwm0MIAQC2DNttGq0qynZyPu3n51fX2mP14TaGEAIAbBm2CyFrbtzL3dUvKHxxWWD14TaGEAIAbBm2CqFRffzwodHJyaTIwKScEisPtzmEEABgy7DZK0KTj5tTY8/wcEetsycOwwQAAF8WNtvptnFuejzQ18vD23+eg12sAQDAl4UtQmjQKt0cj3eNzpNeFhubaGCsOPvyQAgBALYMW4RwvKfBJziGiIgxl2YnRyXnWHH45plNTEEd1z9raZqnUyn10QWs2HKuWs8sLCkDsxYzG4QmhvQ6Y0YNV/FZwxFCAIAtwxYhFLAmPzl4RK4xEhF3pt/Rzc+Kwzevf1jsk8NRqgxhBayCOm5mkzCzjF3aJY7KW+qeUOTU8eVqY0750mueYxI9QggAsNXY6D3CmpLs/7z/gaur69497zV2DVl3+CYtLCl90peaBySHImZa+sXHIqePRc+2D0sPh04mVixHFHGkKpPOYIouWlxWmi3/BCEEANgybPc9QolgubWlZenL9yVCjdpQ2SFs6hP5ZSx6pczPiI3zMzLPlDnX5AUiis2Zb57QEFFIzvyyCiEEANhqbBfCLy2FXBeeuxRVxK4flg+NS/2ylgIyFwfn1TVtfP+sxaBcllRjJqKY4iWeGiEEANhqEEIiIp3OtCTUWU4LxDqB3Gg5vcTT6k1ERAaDXq01mj/7vCtCCACwZSCEGzI6OqrVqs+cRQgBALYMhHBDhoeHVSrVmbMIIQDAlnEFh5AzN9nU3k1EM+ODkRERPUPjlp8bdOq8rLS0rHyDmQTsueioyMb2HiJqa6iOio5d4oku4rZGRkYQQgCALelKDaFoeenEJx8ExqWbTboAf//p6elAf3++VE1EVUXZBZUNDRWFRWWVSXHR45PTcTFRVVVVMfHJk+NDweEx5gu/ubGxMa1We+asqjxzjRCSSm69OwoAAJfWlRpCnVYzM9aTnl+qkrEjohKJKD0xqn+cRURJceHTbLmMPxfs5xuTkEpETZUlLh4u1Q3dRBQaFCTXnTtNr9cLhULRWWRSsVkvN+tlZr2MMSjGhrqUkmWzXm7Wy82Mlp8TM3XnV1YM4exj1wsXZsVSmQgALg2hUKhUKm39pANb15UaQiLizA4lZuXr1OLAkEgiiosInlwSEVF6QuTogki4OBoZERkVE09E5flZoWEhheWNROTvH6g1nTvKZDKpVCr1WRY40vC82YiCuciCuajCec/47tDsyajCuYj82aga0XRSzNzdV60WQiWPo9Zo1ABwaahUKr1eb9vnG9jKruAQsmaGkjJziSgrNSEiMjIhLVsuE1ZU185PjgaHhIaGhE4tsBoqCiIiI6LiErlcbnRkWEREeFFl/UaG902pfvZix42vdN38atfNr3bduqPn5le7b36168aXO295b6YrIpZ9/1dX3TSqlF3aew4AANZzBYfQaNArLJtHGOPExITRTFq5oKyimoh4nCXW8qcHe5qanFBp9ESkUcomp2c3OHxgWnnXzq773ul5YNcXlvve7v7lgbmeyFjW6iHEh2UAAK4gV3AIz2cymcyMdQ7yhBACANiJLRVCK0IIAQDsBEK4MoQQAMBOIIQrQwgBAOwEQrgyhBAAwE4ghCtDCAEA7ARCuDKEEADATiCEK0MIYVMYs6o+Txh8Wj0ybFgcFgUdE/l9Ik6LJyLdQKOitZGIlJWpwgBnWX66db7xAwAXCyFcGUIIm8HoFNLcBN1kP8/9E5NaY5Lwhb4fKZpbjZwp1ruPC5LiiIh78m1pYY6Bx7vcKwtg7xDClSGEsHmSuNNc9+MMkXFpmB/gTESMTqPtrxPlphGZRFHu0sxoQYCTSa1ddxQAXDoI4coQQtgMRqfUzU0TkcB9n04ok2cGyJtaLBfphupEGYmMXqlbXCAivuf72lnW5VxXALuHEK4MIYTNYLRyYfBxUYSXMMqPMRhF4U46nthykW64QZyXwRhUQr9DojA3UWyw2XDe8VAAwIYQwpUhhLBZZoNuesyy71uz8vNjNTMGnVmjJiKzQaudGr1cawcAZyCEK7NuCPkCzThLS0QDY9KkSq5IZSKzOaeOF1PGnRQREWk1Br1cqhvr08+MGQU8ItLPj5tkCiIik063gadLrd5MRCqVYWb50zecFrkaocJoOa02kFKLDyd+uSyx2XyJ9HKvBQAghKuwYghZHOWbzkPpLVKhQOWStNA9Jo8uXR6akB2Lnq3ul/FmZ7iHXlYNjRN3Shrvwzv+miAiQNWYLwh0FEZ56+anxFGnheHu4vQ4xmhecVXFEu2RkMmGcbVKofPPWIwpZFX0yrqHxIG5rMgCNltDxv6GyaHl5kmVujZLkhpllMmUVWmSBD9xlIeew9V0VYkTg/XctT67qFAbPzvJSJVGIuIKtB1j8gURQ0QGmYwrMxERY9SZ5DIiMonY2rEhIiKDRjvYrunvMGtxGNVzzc7Ostnsy70WAIAQrsKKIZTI9eXN3OIuGYej8MpkcUW6k9Gz+Q38U/FzzSNKmm4TO++ZK2+JqFcbicThTgaRkO+218SQuiGD57ZfEOpFRHy3vdrF5RVXdWxG5hg93TCqVsq1nqmLObXLidUCjkA7z9HU9UiltVlL239vFsoMPWXipEhFVYaiqd7AntF0VbE/flU7OSJJj1K3l/MDTq843GgwpxYtHU9YsJxNKVhwz+ISw7gnzMVX8joHuWLfvfKkqPgGVc+yUen5jqSkzCRcFEa4i+O9Fa0tmvZivucheXG6SaFe7aE2Gc1SpeVNMkYsNxKRWmVoHZapDQwRcXiargnFlnwxOzc3x+FwLvqfG7kzqpY6ItJ014giPDUTk0b+rDjCWRzhLM1LN/JZ4lhPeUURY8QbkADrQAhXZt1No33DooxGkdloLmniFzTxT8TMWraUksFYM0v66hRDV3t2l34kL1ueHElEmvZSYYQnz3WvJDtFXhQvTgpi739ltRASUVMnv3ZIucxV+WYsJpVzYit4RLTIUrUOSDQCnizBx8AVyVI8eN4nRFHumvFxIpLlhsobGoiIiBH67BPERa44WaHQ51RwfLOXiGh+SeEWP5veINGrdHt9J4paRSRZkMU48ZPjJqTEb6oSOL6n7O1X1aULQr3lJam6hXlxlCPPx0lWnr/ay1kuX7PXa6yiX6nRGJwiJkNLBcQwfmkLufX80MLlBbYquJAfWa0sm7jQX+DnqjuEM1wDEXUPS7qmPu1xTbtgjKvXKA1j8ypdb71mZJCIzEqRsq7EKJFZrmPkslZbbavYVAilbMHhF3jep4nMkvQI7WgPz/2AUa4wsOdEAQckRQWqpiJVb6cw6LB6CG9DAqwDIVyZdUPY0SdIbxTr1IbIAlZhEz+rSdjWLwrOZ0fkLGYP6JniUF5VfeGwcdnvsGZwhIhUDYWq9iZxjJuiuVZelq7pa+X7HDWu/qKqpI5TO6zqGxKGl/Lkcp1H8kJZm2B8WVvXLsgfM5uz/TVsoSj6lLy12yyY5PudJsbA8zhg1jNmtdwklzM6Oe/0+0albsXhJpUhvICt0RiPR05n1wvc09hCqX6KpVEoDeUDeslkjygjRcaaE7p+JE0LEWelSJI9BXHh6tZiUVyIYXHaKBZJEt2kJUUrDp9jKQPTl2oHVTKZLrGInVgtImL8UucTy5dDCjmTcyrh6ICpPJmdk6YZGyGzUVGRpZudIyLD4ri8LMesNaz9e2zvF75wfHhwSb/IVuxwGs5okhIRZ1n14rGBplmNRsfMp8VIk8NFUS7KtkZRhKM0J0EY6WlSKZWlMYu7nzPp1w9he7/YN2OxZlBGRHKZLqWaa2JoalYekLmYUMFTaFedMMcXLcuVaw8fn1XmNwtLO8QTHC0RqVSG2WUtEXG5Mm5Hizwp1HI1WYrX8ulDDENmGYfnfczyCR3dQN3S3ud1HO4a8/vGZAUtotIO8aJQT0Q8oVamNhMxnUOSpmE5Q5t9KT7PUpW0i1R6hoha+8WtYwrLD3MaBQ1D8i35Qh+uRAjhyqwbQrnSwJcaiIjNVTcMSE0MEVHfuKxrSklExoEm0fD0otSsqcs1ylVEZJgbEkW4ysoLyWzWNheKw93Vo2v9XT8yJRtZ1DJmc0E9NziXNcvXcXnq8LylxCqe0kDaFB/e8KJ0sFUU7CyKcpXX1RrZI5YtriberMD7oDQjShDps9qH+GUCjW/mok5rLGsVxBey3g+eHZ6VZ9YLpheVx5MF8qE6cVKUSsCRFKcJPffx/NyU9XnijCTdcLMw0kdekqqdGJPEusjr61db+eYucVGnnIgWFpWJ1SKVUh+QuVjVJQ4vYFd3ShSz45qGIsGhF6WlxbKcCElOgiDQUTPcLQg6KcuNFcYGrf17VGtNeTW89gm1Tm9q6REXtMu0GmNaFTe7jtM5p+YIzZyKPEnQKaH/UWVbHd/rEBEJvPepeno0Ay083+PGz98cXRljNLnEzw7OKk4nzinVprjs+Xf8J00MZVZwFiXG1KKlwi7pWVc2qJrKlBqGLGIAACAASURBVDX5yrpCVV3hXFbsUl6iqq5QWVeoqMw2Li+eP39mUVXTI3nXY6xmWEFEpyMmAkt5YqHGr0gsmhmWxQWRyWhYZhORwPsj3bJIWRYnLS0mIgN7noiUpbGi9KQ11n9kWlHVJXrDdXSUoxsck7x4YmRWaBqflMaUcZNLlgr7NKQWaCdGiEg72CzNTTQq1GTWK8rTlI3V62aMxVYG5bKKm/lFHeKmbmFaLT+hhD22pI7IWkioEXRPrfNHAIDNIIQrs+XXJ+QanUAsWu1SlZHZ5H5HtMtLBqWSiPRzI5rBHiJiVDKjSGi51MhfVLXVM8ZVn9a0KkPjwKf3SKcx9k6piZjSJl5oPntWZCLJvLq7Y4hLZiLT8ox2epqIFCWJolh/o1xlXBqXxXjJygqZ1Z81yxr4eW0yIhoZl0WXC2VSrVPC/AJX45u+kFu7HNugNWkEwhA3hjHzfQ4RkbI6le/yobS4gIgEPoeN6nVeFGZXclvG1ETU2iMu7ZYPj4pPxc+diJz0yGGrNSZ5dhg3P5+bGqJsqFE1F4qTgpePvKEZmyYiQaizUbnOcMZsjsyaPxQx7ZPF0hoZo84YlrcoNxERqRQ657jZWcHnnxIyy6Uzv//x5K0OU3d9dequr87cc/XMPVdbTo9f5yDPj1/xJpbZypBCDhF1D0vCMhdrBqTtvcKCXi1JxhSJoWTSC4OOihODBcGnzVq9ONJJM7NIRPL8SFGUjyDohHpoaO27MDwqSagRENHMkjI4kzW0qNPrzSKJ7kTETMuiSeX9liA0yLg8xfc5rmwsFkb5yvJiJblpkjg3WWX52pNrmrjOSfNpldzRRVVw2nxsGTelhscV6xyjpsOLOI1jGrNoQV5ZZFlbcYSLwGO/jsUls0FekmpSatYeDmBFCOHKbBlCLpc3MbHqm2Czs7Ms1qb2PLK0zGWt/unEeRZHpl/n6X4NJobEylX/tNczJNWv86Jqdkk9ydYRkVCk65tWE9HQuDS6mDO4oCai9jENN8FH2dRERHyfw0SkrEnnO++TlhURkcDniFG1zudRLa8Iiai9V5LfKjWbGaXamF3FLu2X6fVmaYzLUmE5KyVUlpMoK0pStdYIAk4apUoiE8/7kFGxziPD5ypPpywQUUDK3CjXQGT2y5jXMsTja7xS5mf4X1g3s0I29/gvph+4ZuahH56zTN7uoChJXfEmIrIWBtl6hUSzP2QqsYTjkblUWM+t6FcSGVgzy0TE6NVnPpdrEvMZ06cbY9UjXYblVd9X/hTDeCfPLUg+/R1llHP75rRGE2PQm/pmNOKGUmmcr7w4j9EqGYYMM918f2fLn1CSBFd5bc3aswsq2EHFfLFE45+5cDx6ZmRZV9nMS6jiWbaOKPk8gfNbnJMfE5FJwtcONnCOvmtS62Q5IUuvP2GUrvpGAIDVIYQrs2UI+Xz+9PT0apfOz89v5rOFRLS4uLi0tLTapRMTE0Kh8KKHa7Xa/v7+1S6VSqXDw8MXPZyIiBiB+wd6oYKIxNGu0uIsQdApdW+LIPCkvCxNEOG77ttYGq1Jb2SISK83a3SfRkJvMFt+aFBIFIVxyspChiHD3JAkNVy3YNlEadIMtNN6bxEa9KbYAlZwDiu8kKPUM2Q2RxawGCKPmOkPI+diy3gzZ78iVMjmHr9x+pffOf+/nMk7Vg6hQWtwjJvVE+m1xv4JeUYpyzF5cXJO4Zu1VFDPj60Vr36vtRPzC+usPZFYqHZOnD9zNi6fPcI29A2JoirFZukC/8gb4jjv5SO7zUbSz/by/RyNCg0RyXLCJPmZ6w6fnJH5ZbNqu4RxFdyiBm5OszChmFXQLIgqYNX3SYQitYk3I4zys1xZEuem7B0gIrNKKY3xNPBW3UYCYHUI4crsJ4STk5Mi0cU/6eh0uqHVN77JZLKxsbGLHk5EjNmgGe5hzEREjEYmy4vXjI0RkX6qT5qbSJrNfj1xfHJ6jS3PnGUOs8ZW3c8s8j7bWwFDOr2ZIZIpjRyhboqlkp71EaSLCaHeODynOnNWrzEu8LRENDghy2sRGVZfNbVavcbv5QylUj+28Plrr1mWWqwym03mhl6pSKgwz44qCqL4nif1C6OLL/9WmpeiGx+SJrot7XlB2VBuWF7/P8uRKXlOo0ClZ4iYyjZh/ZCMiOaWlFl1fKGKSMnhh7gTESPn8jwOnnmkJWHOBt6qjQewOoRwZbYMoVImZC/OrHbp/MICZ90NXGtaWlpksa7UEM7Ozsl1q9aOzeUaDBe/XZeIhoeHVSrVihcxDNPb22s2X/w3KERC3uLC/JmzFxHCtXHYrNU6rVarN/la3MyY2UIxGdRGocAkZisrshRlaeruVs1Ai7I6V1GcYtzcFnuBQKBamhBF+xORfrhJmBB+5iJJtIdRgH3ugO0ghCu71CGcYml6pxQDM8qBGVVDz1JZ48TAjGpgRtkzqWALv/C8P8/lc8SbelLgc5cEvFWfsyZZHPF6X0JYg0GvGx5ePYQKxdj4Jr4DSDQ+Pr5GpwcGBjSaTX2qYmRkZI0QDg4ObiaEy8vLs7OzZ85aN4Rms7mvr+/ShVCj0ayx0VtNtCwQbGb+8MiIVCwyqxRExOg0lv2vWpiVctPm/r4BuCAI4coudQhfch674aX2bTu7tu3suuvN7rvf6tm2s3vbzq7/297lFjehdn2HvedJzr5nOO8/M7v7H/N7nuS8/wxn3zOstx5VNa/zUT0iMpqYo9Fzb3tP7PGf2uM/9ZbH0NueQ5bTr3lMVrdxjL116rYqdVu1pr1mKjeZV5Wvaa9Wt1WrWypMkgt7v9Bs0o+PrhpCuVozNr3qi92NmJqckEpX3Uo2PDys1W7qQ7WXOoRzc3Nnzlo9hIODg6uFUEs0NLfC9zE2TqvVrvFaXyQSja75lZ51jY2NyeTyNS7V67FbPrARhHBllzqEr7mO3/Ja5/3v9Jyz/OK1Xs/YUem/rp+81WHqrq9N3fW1mXu+Pn331y2nx69zkGaErztcb2T++EH/z//dfutrnbe+1nnbju7bdnRbTl/7776omDbRn78/ue2qqXuunrrn6pn7vjl97zem7rl66u6vT9zkoGoqXXd+dr3g2RMjO9zGd7iNv+Y6tv1Un+X0i06jJ9IFkjBH1ksPsd56lP3Wows7H5l+7Y/stx5lvfXo0vZfi0JObeTBZz77X4ZocnJCLBYzn509x+ZDuDAzSrTqhMGRkc186dvGIdSN9yvK0pXVecrqPFFpxnhiiKo6T1mdpyjP1HQ3XOjKrx1CsVi8xkedN2JsbEwmk6126eDgoE638h4eAKwOIVzZpQ7hDrfx23Z0njP8gV09N+7o9Yobk22/a/qBa1Z8upTlxq47XG9k/n5oaNvOrvPn37RzMCGxU/zET6d/9d1zP8T/6x9M3f11dWvluvP9sljXPtN6247O23Z03r6j6443eiynf/bv9mc8WbyPX5z6hYOlstP3XD1jqew9V09c77D84XPrDueIdM+fGnn2xMjzp0aePzXy9NH+Z08MPX9q5LmTI08eGRqa/8KG0OHxCZ3pwl6xCaSGzDp+TqMgt1GQ2yQMyxxMr2bnNgqzGwS5TUKFUsfotJbFrNUM9fWaNOpPf6LXrdTitahkPBFv/vPzesXsX634HiEzOjJ49nm+y96x/3OY2nbV1Larpu766uw9V1tOT1zvsPTawxc4nExG3djqr/U3H8KpyTG1atVXhENDQwgh2IwdhVDIZbW2d25wD8RbPIR//9/pB7937vyHfjh1z9UbCWFIHvvGlzvOH377610v+7P5R3bM3HXV+Ss/dedV3EOvrjt8nqu94/WuW1/rvOP1rjte77pzZ/edb3Td8XrX7Tu6rn+ps21QzCgkZvmny0hXh1rA/eyslDawGbN9VP6T59pufKnjplc6bnql49Yd3Te/0nnTKx3Xb2+/+d2J/rik5SeuX3j6Lssy/c87LSfm/3Er640/mdXr7wylqFUYU7KcUMFNrOCF5EwFZIwlVvASKriRpfyuHtbykzdvJoR6g1mmNMpVRrnKKFUaOroHLWdlKqNSywi8Dkze4bDCI3/319m7n1h3OBFp9Z/PF4hVnT1DcpXJMl+l+cL/dSRK1cTs3GpzVmQyM5bJcpVRrjL1DIyxuRLLWZnKaDJ94Y8MhBBsyV5CKBNwQkJC0tNS0nOLN3L9sSXjnW8O3Ltr6P7dX1jufWfwgYOcoZhEwX0OrIe+f86y9MC3OH/9OenX//jG656zt7zef87w+3cP3fD6sG/SjG77nUv3f/P8+fO3OegKEzey/n8/MnHHmwPnz//Fm+Mpqf2qv//P0q+uOXf+r7+3eNdV5u66dYeHFwlveLnv/OG3vjHwcpBQdux11p0rPDiLtztIjry27nCulO7fPXT3O4PnDL9v19Dte+da08plj/8P56/Xcx6/gfP4DUufnWA/et3yP24m0Vr71bQYnDPc+sbAvbuG7ts9dJ9l8u6h+3YP3f3O4C8PccYiwnm3OSze9w3Lwrr/m5YTC3c4cB69jozrv2v15PGJ/36u54ZX+m54pe/G1wZuem3AcvoHzw14xU5on7956YFvrfibNVSu/828onbFvbuH/vzxmGX500fDlhO/3TeyPVAs8jyw8iO/7SvCdzcUwshS0b27zswfPTP/wb3De4IWSSkh7iLxWcRnKaZG5juaLKeJu0DKVTdynsES0Z8+GvvjR6Nnrfzonz8e+9NHY799f3iC84UQXmhlATbDXkLY3VSRVVRHRIEBgefvP1Iul/f39w+dJae045Zn0m9/PvPOF76w3P5cxrY3yjNOOlff8dWye39wzlK67Zry3/7fQHvL0Hr+9UHhL/6Vds7wO1/I/Nm/Mj8+Xdj2xC2ld377/PnFN36lzd953eG9/YN/eCv35mfSV5j/TK6La1rLH64tves7586/5/slt17dlRS57vyjATU/+0fq+cNvfCr9HwdrGt7+V9ktKzw4JTd9tf7NJ9cdXlnfc+cLmbc9l3HO8Duez7zppZJYJ9+6O75Sevs3S+/4Vukd3yq789uWEyW3XV1293f6qsrWnZ9e1H7jU+l3nPebve25jG07y3NOnKi+faXf7J3frvjDDQOd7evO//t/Cn7x1EqP/FNZh1zyWx67oXTbNSv+ZttDPdYd7h7VcO1fU25+Ot2y3PJMhuXEz59M/c3eqpoPdpTfctUKj/ytX6954eF1hw8NDX3kVXXtY5/Nf+bz+df9I/Xv+6ua332m7J7vlT/00/KHflL20E/LHvpp+UM/KX/op6V3fafh/ZfWHV5c1XXT0+k3PZX2+co/k3Hz0+k3PZ1+/VOZ6emVfdmJPTkpliXf370jPb4nJ6UnO7k3N3Wwr/fsUX19fZvc3RLA2ewlhO0NpXllTUQUHBSkPO/PeoFAUFZWVv1FtbU1qyzV1TU11bV1qyy11RtQW7Pq/Jqa6ura2hWH19TWVdfUbGz+aitfU7PWytdVV68/v2b1la+tqa6uWXnlq2vrqms29uCs+sivu/IbcuX+Ztd75De78mvOr6murFxlqaiuqtzQg7Pa8Lra6vLSqpyMypxMy1KTn1OVazmdUZmTWV35hfmlpaUjIyOX4XkEtih7CeHy/ERgSHhLU11EXDIO/gIAAGfYSwiJaKS/Mz0zR7L6Uf0AAMAO2VEIAQAAzocQAgCAXUMIN85cU1YUHBxcUtVgZpjMtBShQk9EdbW1So0V9ovYWFXk6eXt4+PT2NbTUl8VHBoWERFeUFplssZbmoPdLYGBgdFRkUlp2Vq9oa62RqrWE1FjXTVPbIUDhfd3NlXWtxHR1MjgyPhUW2uTQLbyfssugoiz4Ofj7efvn5ieYyKaHOz09PAMDAyIjE1S6y9+/2efM+lL8rODg4OrG9stD3ZuevLo7KpHcLwgchEnyM/X188vM6/EZGZKC7JCwyMjwsLKa5utMp8x6gpzM4ODg/NLKo0mc3VpnqeXd0BQyNTCpo5Yco7mpoZFNjsxOszXzy8oNIIjuLDdyq+INTvu7+fj6+sbFBySnJw2Nr1IRMkJsRyxWisX1NQ1bf4mADYIIdyogrRY35CY6enpQB/Pzr6BV5969JBrCBEdP3Z4WWKF9x1dTnxS0djN5S6LJVLHE4daesdkUslH773T3De1+eGRQZ7JuWVyudzH+UhGbom7i9OCQElETsc+GZha/7t368pNDL77l78TKrRNxVnpuSU+ni6ji/zNj7Xorik+cPz0xMREmJ97Uk5pQXp0Qnoxj8fj8QUmsxX+TEiMDIhIyJienvRwdR6eXdbK+S89+6RPeNLmJxPRSFf1gUOO8/Pzp44ebO8ddDpxZHCGIxUL3n175+g8b/PzY0J8IhIyl1jsjOS43sExV8ej9d0j7TWFR065b374GW4ujuXVlUcOH+JyubWF6YdOemx+plopnxjte+vtt3snphrLc/3CE3Vq2ROP/rm8dWikoyYw0jqPP8BGIIQbdfLIQZbos51SGuRBvr5Ojo7VDa3hoYFca4TQ5/SRk6c9omPjBRKlr9txT/+QkKBAb7+gZeGqu6HauJSYoEMnnCPCw9zcvSan5z3cXVliNRH5uDkNz1jh6bg0P93Lw9UvJKqpuqKgtCo0yHeCdfEH+z1Hd21ZUGwqERnlyx5e/rmZSR9/ciwmJrqgtMoK0xntoYMHFGd9tTQ/NbaootbXw2VJqNj8+NmR9ldeftXb2/vt3e+xeSKnYwcCI2ICA/wDQyMlyk3tJZWIzBrxgf0HiYi9MJWfnzc9v+TmePioo9uhj98PjVv/6/kb5+frVd/c9MlH+0pLy4J93IIik6002OTo5KRkiPTyoJDwyvLS+Li49Mzs9OSEtoFJK90EwPoQwo1yO3Wkb5JNRPOTIx0dLQF+QVKx4NAHe/Z8eFCissJu8n1cj6fllvb29SvVOi/XkzUtPfEhXp4hcZufTESJUYEJmQVVRZkfHXYiIsejh5ekBiJyOnpoYskKR0DNSo5u7hmuKkx74fntVQ2toUF+y3KrHUanq6YkNDGLiHgzA27eQQXZyfFp+XOzs1y+NVrLGI8fPjAvUBHR6ED3yNjEwX27HF08dvz7udjMss2PH+2p8/AJMxqN+akx0Ylpvl5uHYMj/q7HIlPyNz+cMagOfvyRUGmQ8NkhXqd9Q6JCgv3Hl0QahejjDz8SKq3wK5gYGyGiYD+v2qbGj/ftzcvLr21oscb2aCIiMqmPnzghVBmJKCUmZN/+I0KxNMLX5cAxZ4V2gztDBLAChHCjxnpbjx07kZyc9MknB7v6B7zdPYhoqKX04Uf+Zo0nHPJxdxyb//QAb+4up6Y5UiI6+MGe2vbBNf/dhsRFBFQ29xJRsMep9KLapvLcw8ccg4P8nD38ddZ4EzI7Oaqoto3I/O8n/5pV3hDg6ejiHRAbGz/HssIG0qHWmjfe3h0XF3fg4486R6bKs+MOHXPOysrMyM4VKzZ1MEKLzsbK46eck5MSj510ys/J8PQL0Wq1vIXxfR8dUOk3+3Q8PdT65s53EhMTjx4+VN/S6e3lLtAQkf4/u9/uHZvf/Mq315WdcnLJyc3zdXcpKKvxcTvpGRgeHRF8ytVba7BCsHJTog8eOnzc0XVmasTNw3vzA7/ApD52/LglhNW58a+8vY+IUsI8Pzxmze26AOtCCC+AiMduaWkRSpVExOPyLE8zy8scozXeqRLweRrdp0Xl83lavYGIVDLxEtsK7+FJxEK5Uk1EJoN2bn6RiCZHBze+C/J1yaRimUJJRCq5VCpX8pdZLc3NTU3NQokVtusadJq+nq6mpuZFDo+I5BJhe1trS0tLS1uHahOHFD7b8tJcS0urUmvUKGUS2aefHuKwWVrDZh8hk0E30NfT2NQ0PbdERDwuV280EZFUxF+2yitaIsEyq6WlZXp+iYiWWQvNTY1t7Z16q3zIioiIers6eGI5kZnLs8JW9C9gzFwu1/J/H61ayeMLiUilkIkk6++5FMCKEEIAALBrCCEAANg1hBAAAOwaQggAAHYNIQQAALuGEAIAgF1DCAEAwK4hhAAAYNcQQgAAsGsIIQAA2DWEEAAA7BpCCAAAdg0hBAAAu4YQwpeeSd/UUDc4uqEjtTJms1a36uEhlVJhTU31Anvlg0OxlhZ11jh0EQBcWRBC+FJTSnhHD+4PDg09dexwVkktEamUnx4miTGbiYgYy/GGGJ3eQETp8ZHVrX1EpFGrjKZPq2Y0mohodrTvgw8+CAsLO7B/f/fILBEpPhtlNhk1csGhQ4cNRBq16sytq9WbPYg8AHz5IYTwpRYf6h2XWUpExOgnp6by0hM/OXDAPyyOx56PTUgjMqSmZVSXF584cerYsePdff1vvPRcYkaet4dLQECAf2gMkTk8OJAjUhBjOnV4f/vwPBEpJILZmZmoUP/9+/en5JZxFmdPnThxeP8+F5+w3o4mVxdn/5BI7vJykK/n8ZMnqxo7L+8jAACXGkIIX2rOJw7NLCuISK9RdTdVn/YMIKIQP6+gkJDsklqteCk8Ki480KdlcLosN6WguDQ5JX1+euSTI6eMJnNkeHhudkZYXBoRMTrpJwcPWWbKpeKS7OTwhGwicj159NDREyyxuq0yz93Le9fOHUEhoXv3vNc3PObv6ZqYljE4OnX57j0A2AJCCF9q6bHBzp5BHe3tp51Op6WkuHj4NtbXuHn6xESERCdnup88GJeSEeDnR0RBfj6VFWW+QREVhdkZRTVElBTm9eJru+QaAxERY3I9eSg+o7C5odrN0zctOS4wPL6iJMfXP8jd9XRtY9O+PbsycnKPHDyYmJAQEZvU0lSfk5Pz3q63qtoGL+8jAACXGkIIX24mQ15GckBQyPDkPBHVlhX4B4YsC6VSPismOjorJ392bq6ru4eIaWvvkIgEeXn5bW3tbJ6IYcz+LseS86rPTFLJhLGRYRFRsVyRnIjJSksIj4pX6U28hcmw0NCU9Cytkfo7G4NDw+fYfKlgOSo8NCuvSIG3CQG2OoQQtqbm6iKf4Cjmcq8GAHz5IYSwNRmNxsu9CgBwZUAIAQDAriGEAABg1xBCAACwawghAADYNYQQAADsGkIIAAB2DSEEAAC7hhACAIBdQwgBAMCuIYQAAGDXEEIAALBrCCEAANg1hBAAAOwaQggAAHYNIQQAALuGEAIAgF1DCAEAwK4hhAAAYNcQQgAAsGsIIQAA2DWEEAAA7BpCCAAAdg0hBAAAu4YQAgCAXUMIAQDAriGEAABg1xBCAACwawghAADYNYQQAADsGkIIAAB2DSEEAAC7hhACAIBdQwgBAMCuIYQAAGDXEEIAALBrCCEAANg1hBAAAOwaQggAAHYNIQQAALuGEAIAgF1DCAEAwK4hhAAAYNcQQgAAsGsIIQAA2DWEEAAA7BpCCAAAdg0hBAAAu4YQAgCAXUMIAQDAriGEAABg1xBCAACwawghAADYNYQQAADsWn5+fkxMTMJZYmNji4uLEUIAALALXV1ddXV1DWepr6/v7u5GCAEAwC5oNBr1F2k0GpVKdWlDKOSyenp6uQKRmWEu0U2MDPUPj4ypNTpmhZtglAqFwWDc3C2Y+3p7JqZm9AbjSjexCYxZIhZ/unqMWSwWSaQya87/IhGPPTA4pNJorXgvWPPTvX39IonMyo/MZ3RajVKl1qpVXC5vI9dnGNPiwoJGZ9jIVZcWF1Qa/QbX5FLfUwCwAYVCIZVKZee5hCGM9HP++7+eLygsjgn1OXra64L+rUgkWvc6KsnyC089ccTJs6Ky8qP3361q6T//OukRHtse/KP2Yp+75sZ6HnvkT4ER8ZUVZe/ufmdyaf21OkMpl2n1azWYMRszYwN+/ONrE/JriCg5JjSjsPIiV3Q9vS3VB4+eKC0p2bPn3dE5rlVmOh/8z/OvvFVcWubretInJO6C/q1YLNnI1eRS4Y7n/varh/8WERby3PP/7p9YXGumRGpUi3/7y/sb+6bXHisSi8mo/vNvf1XU2LeR1bDBPQUAG7B1CNsqMh0cHLqnuEREjL6xqZmIVDLR/CKbiAwGPRGZTJ92wvKqSCTka/UmYsyZsQHvHzypUqks/RIJBSq1lohMJpNGo/nsFR7z8hMP3fLgXy0TFqZGhidmiWh+dlql+3SsgMtJDXe/5sf/q2GIiObmZi/oLph0ijuu+9H2945bzg72tC/xJEQ0NTVl+YnRZCYio8lERCajgYiMeo1AKCYizuzo9hdemuII9QYjEakUMrFEamaIiPR6nUajtUwQs6d/e+9tDlddM8mR8Bcnx2dYRKSQCpfY3DOPkkohFYikRMTmLJ9Zs/mFpQu6L5+8/dxjz71FRJzF6QUOn4iWFuakCg0R6fUG+uxXYDabLXdKLBISEZn1c/MLlglSEY8nkp4ZmBHh7uDwDa7CQER6paSltYOIRHwOmyskIr1eT0RG46e/KaPRREQCPs9oJrPZFORy3NEzVL+xV+o7n3r4f2//AxG99+KjP7ruDpWRiGhubtby34ZEyONw+SajIdzX6aibv1KplMlkRqPJci94XO6ZP4FmZmYYImLMSeHeHx5zUViuaTITEWdpQShVnFltiUio0n7+SvEC7inz6T3l83gm5oLvKQBcarYO4c6nHv7edXee/ZORroY3dr597NDHYYm5gsXR3/z69x1d3Y/+8TdNg7OlqWG/+cOj+/ftfvjxZzVqxX2/+O+HHn26f2DwpWf/vvs/+556+lkPt9Pbtt23JJCmxEaMzS0TkYI36+DgcDIg6eyb8HM9cfiE4ztvvT3Hk1Zmx73+zvsnPt71/35+u5kxh/i6Ojmeeu+DAxqDeYN3YaCpyMHBobhp8PMfmXUH3n/Xxc1t93sfqHX6XS8/6xma5O+8/40Pjqvlood//cCxU47337OtsXci1uvQVVd/v6qhJTbA9fF/PP3ayy8ec3J99OFfe0VlzY52x6flWebNTo5OjI09fNfPf3HvnwaG1JNIVAAAIABJREFUhnliRU1h6kcHDr/y7BPBSYXS5akH7rvfyfn0fXdv8/QP+ftfHj7qFaVVSY4cPnjk4EcewbEb/3V01hY4ODjccPt91S39RBQX7PnhJ0d373q7b4qdHe393I5368tzH/r9Yzq97uNdr770xq5/PPH3grJqV8fjr/77mYOngyYGOg8dPvLuO29XNPdaBv5h2//d9fBTZ99EQ2nm27v3frxvb25Fy2hH5e8e+Xt3Z+tvH/zVHE8R63vqz397+r23Xv7nS7vkEsG13/3G06+8O88RbGTN33rukRvu/hMRNRXGOzg4dI0txIT6Ojme2n/Mua2p5o03345OSBwfG7n+x9f846VdXd0dj/zhd10jM64H9zz90s6Xn/vHmx+e0qmk7+1519Xp+BNPv6JUyu647od/eHJ7Z1f33x55uK5nvDInfu8Hn+x9953m/qmGoqQHf/OHo/v3PfCbR2Qa44XfU3mY+5FHn3xh9+svPvv6+4oLvKcAcKnZOoTbH//l93+27eyf7Pjnw69+5L443PD/rrtlYXb8B9/+Xmff0HU//nZ+y2h5kt9/Xbetr6Ph6m9+T2mmlx97cOd+NyK658Yfv/Gxi1giVUi4P/rmVS6BsQMDA5bXVRLWmIODw8mAxDPz1cL573z7mzMCza7n/rz3iMsTv7snJKO2rzrtv39x1/z06E/++9qo2Lg/P/LoHE+xwbvQUZnp4OBQ1Dhw5ieDTYXf/sH/mInuu/Ha9LKWN//15/eO+XkfeefeR54jMn33a1flVbU++tDtjmHZvbWZP/zJzUSU5Hv4mh/fwBMK1RrN0d0v3Hz/n/oHBtk8sWXgxFDPDEssZk185yqHex78k0RtaCjJ8g4IfeqRB//68n9Izf+Kw1V9EwuP3HujY3BqmPOHf3zyjfKs6Fvv+W1YgOcz29++oN9If1vN7x+4w8Hh6sbWjlv+98fNI6zT+159ftex0pTAG+//fXtt0de++UMievOpPzz4+HaxRBLk/PFDj7+gkAj6Bkd3PvfY9nc+OrB3p5N/jGXar2768V0PP332/IfvucEtJr8xN+K2X/5lvK/5mh/9dGCw77tf/+ooRxnutO+WX/61uSrnWz/6X4bowdt/7hqaucHVPhPC5qIEBweHjKzMm67/eVRs3D+ffj41Mfrb3/6Of3Q6wzC/v/v6U6HpRMx3r3ao6Z365PV/Pfbinpw435/c8iudSnr82PFgX5erv36N3EjP/ume/zgGE9H/fP+bsVmFD97284KmkYjTH/7l+Xdby9O+/V8/G+rruObqbw7Miy70no5xlL5H3t72+6fqS1K+8+OfEf3/9u47rs373he476szPaf33La5bU/zum1z+mozm7RNmjZpkuO8cpq2aeLEjrcxG8yexmwbYzMNGBuz9xZbTLERiCGGJCSQhEBIQiDE0F6P9vf+IewmbQZpDcgvfu8/eD0S0vN8f5b8fHik34DfPv0lWoogyF7b7yDEl90+cuQIc9X2YZpFrlSd/+vrrhHpQsbQf/znk9zF+cf/43sU+twT33usg8whlKf/9NlXmdTRr3792yoLfPiH552CbwLAr5760bWsatsO714POvLVb7GF2zsHsBrf/OVPnn9z5wylUirWufT//e/fWpEb3T980z0k9q3fPJ1R2U3prf4//+/pJfbsV44cGaItA4DRtNvPqXQK8Xcf+1+uYcm2mzKZdIxQ++3HnwCAF376eEU70eXYWyHx2UlhLi+/cwbA/J3Hvtk/QX/r5Z/H5zaOd5Z/+/EnAaAkJezJ53+/s4c1zleOHIlMKXhwiGU2fW6BDwB9jUVHjhxZ2sTI/S1+QZeP//EPx1xCQLf59a98Y54nOvrCf6UWN2dfD3z7uHtL2e1/e/wnOhOAxbz7Lkgdbc22DiRHX3o28XbOsz99Ympx87r/uQ9cwlrLbz/36h/H+1u+9tj3AMD52BvH3cMBoCjlyre+/zPb09997fn/OXUJ7n9aCwC3r/oeOfKYwgAAYDZiSrXm9ReeTK/oIjbk/uzFN+enh77zwyfnGNR//9pXOZu6nDj/l986RR5s+eZ3nrACPP+TH9y4Vwuwq+KdP3jjR8+8DgCXXY798BevfPylVCoVDWX3vvG1b4zRWP/94k9j7lYDGP/jsa8Q6bwwp2On3CObStP+8xev6NRyfx/PuJjw73z3ByoT/Om3P/eOzQSAJ777b2WN7S/9/McE8mJOvP+bH7iNdlU//tPnlpjUb371a3SB5Mu19OtfXdzUpUW4v/auI4lQ863/+2MAeO7H3999SxEE2Wv731nGEh3kceykQ3tHZx2ulr28NkceOO/oGh0WEJ+ebzXrX/v1cyHh0b/+5TMtg9OtZXdePfrXvq6Wp5/5pUiuTQh1e+n1PwkEgj/99yvhidm2s4hmY/H9D04aPnZKWV1ivPX6q0m3c7q7u3H1zWqNJiE6JPr6zfNnzrAEG3WFt149+ucgH5efP//ypkxx6dx7R/9yogHfpVTrdt+GiX7873/3anElrquzHd/Zp1Ervd0ck1NTz5y7qNQZs+JD3nznmJfjqWMO3lLJ+q+ee7autfvEn9+4mV2zwpz4wQ+eIIxM5d+Kffn1/1God74UDHS/UEcY39m71dxYWVhY2WiyWAEgLfEab0MZ53/ulbfeu3Tx+NEPHNeWmc8+/czQ2PSJP76enF2efjX43VPuCon4V8/8zDMgjDQ+Zbbs9gybFh8eFZ/a0dEeejl8U67KS7seEnHVyeHcCG1pcWbgqWdfuBoT8cwvf7slkXqd++tJ12CjySJdX37hqSfdfIPnFgWk7oYf/eiJ+KQ01tLOV4YWg9bjwgkHj8DOLkJtTc3aprQfX+l6yTfQ272gtlOvFD//1C+ir8Y9+9RTMwvCvKSId447ttWXPffiKyrM4H7ynbePnZOqvviFUMolzqfe/c1rbxcXFTpcdGYsrQGA44l3jv7lRGcfaaCno6KqyunCuVkOP9Dpg7c/cGDP01564Vl831i0n6OTb2RpdvLr75yYo4x+97uPJ6Ukfv/7P1xYk14LuPjq28c47PnXXvplRetgY9k9v+AIdyeH7jH6QHPxr189OtTX9ezTz5Dn+V+6peyVzLigv57xaK4peP43r2r1RrePdttSBEH2wQH0GgWANcEylUrdliltNyUba0z2Tk8TlVwiXBPb+r9gmF6vx9RqtdFoMBhMYDHxeDy9Xo/p9Vqt1gowO0MmDg9TZuf/8RB0GnWetWC+/8Ufc44uUWhs2zzuolAk1ul0trxgzjG27leyexaDjjIzs8jlP7hjlkbTm3e2eTyewWjS6zEMwwwGg0atxrCdvjCiNaFErtTr9XoMMxhNSqm4p7dvdGxcrbvfud9qlctlDzrRAIDZYjFgWuHqmlqlXF8XYxhmNBo1Go1er9dqNVqtTqfTAoBRp56dpetN5t23wmqxSLc2aDSa3rRzMA5rfn1rp0OjaHVFplSbjEYdhmEYptVqLRYrABh1KgaDYTBZAGBDtDJ//7V7YJnDps3SlZqdmF8TcBd5Ox07JVti8abEbDJhOp1er8cwTK3RGAx6o8lsMuiWefzdXM0a9DqNVqfHtOKNzY/fz5xjSORqsFrYLKZ4WwYARr2Ox+PrdDqDwWh7FTCdTqPV6jHMbDavr60qlCrxukin33l36XQ6g8Gg1eoAgMthCde3AADT6Qx6vVqtNhiNev0nRlbspqW6nZbqNLaWmi27bymCIPvgYILwYSnLTvEIiDCaH+EzyqaA9eGHH1JY/IMuBEEQ5JB6tIMQQRAEQf5FexuEdXV17nvJw8PDw8NjL/Z88+ZNPp+/F3v+R3vWiE9oaGiYmJjY88M8bLm5uSwW66Cr2Cdi8cOZ0wBBkC9lb4Owp6fn+qOpsLBQJBIddBUPU29vL4PBOOgqvrT6+vrl5eWDrmKfbG9vf/F/KgRBHjb00SiCIAhyqKEgRBAEQQ41FIQIgiDIobafQWidIg0UFJcpNDpMo2ior1/bkgu5C83NTU3NrWrM3icgXhcs5uXlspfXwGohtONJ5E8sUNBUVyuSqD/1iR3NtcOTO/Oxidf4ba0tuPoGseRLj1zcC0ssOpnCAACFdCsvO6tvZNJ2/yp/cWh4TK1WlxfmpKdn5BVXAgCbQeknkgwmK4CVPDaytLL+ebveS5siAXFkzDZoZnaGTCRNmGwDRs3Y4OCQGQDAlHc3I7e01mTUF2ZnpmdkFFfiAIBNm0hOTp5l8w6qcgRB7NC+XhGOE+reO+FksVitFnNRUckSh+Xl46tSayoK8xZXNr/4+QfKqFx/++2j/C0tALTXV5FmPjGKXyaV6DCss7V1bVsJAKYHo9qtlsyEyKzSegCwGtXeHh5iqbKtsZrCWqZNjFDnFwHAbDYDgHRd0N7R83cjIs3m3U4F/s9pLs/2j0wAAB53cXJi2NnZVWcFNnU0IeW2UqtXybba29uJ/V2xN1Jpk6T0e0Xjg11ZhVUA1uhgr+LGvVoc6gsxJ/vPO3gCwHgfPquoerCrKb+yEQCI7dV/fv8jACA0VV5PSp/nLMu2xe3t7X1dLTHxKZhGHhMZQegflCo+/U8WBEEOp30NQsZYt5v3FQAAsLa2tmvVSg+HE17BUdvyR+HEhMkvXDi7oTIDwASxn73IzcvKKCgsuJGYqlDIs+7eXV5eev8vfxmlcRZYjJKCnPyyOvH6aheBEOrrXojrAACwmq6Fep90cF8SbgCA29njBTVtpKG+qsry5vbugdaajy54SGSyMdJQSlJi3xBplDTc0929LNzV2rP/HMpIV2xSpm2bQR5MuHUPADwcTiWmZ1XU1Ntmm+GzqKQpekHmjcKGXqti5ayjGwCU5qRVtvbtXWGfT77GCQ6OAID4K/71vdPyFbq792W5Qk4a6r0RfwMA6spyTh7/oBbfa3s8izrWR5rRysV+3u6u3kESpfagKkcQxA7taxDOkjrdfMJs281NTSq9BayG1Pio1954e567thdHfJj0srPnzmxrAQAmiL1C0Xp4oNfk3NK1KwEsrjAkwHtRsBobGc3lcWOiYui0mYKCwvCwUIFUj6+4V1CDBwDbIuaV+bdf+d3vx2fZOak3p1krlAkSvr7S0z+EMT2ellM+SezKLqkltDXWNTRdi7p8O6dkW7bbZTH+CZODbTGJO0FIGR/68MTJsYmJ8+cdNGrVpYunWgamAKC+qmxTgWXevFKGH7LIBacdnAGg8G5yZWv/3hX2+bYFzMCgcACIDfFpGaIphHMODk63bqVVVpR++MGx2aUVADCoNp2dXCQaEwBUlxUtr++s7FGcmXCnCK38gCDI3+xrEG7w5k6ePidRamSbq/XNreL1lUpcAwDEX/EtwHXtxREfJqvJw/Hs4DRLp9U24GqVGl14sC9rZfNamC+Dww8L9uXwhQGXLk1RqBfOnBqdpG6sizwdzzb1T5XevZF8rxQADBpZWUkFANTkpmTkV95Lvo4nDKXcvNbUVO/m6T062Hs5JrG/o87FO5jN4XIWOOx5up+Hc0Vz7961abS7ISg6EQDWRWuYwVhacI8yS78SHLAlVxfeSRmcZBq08uzcfAAY7mrIyKuamxyIT80CgMykmML6A3vJNpfprq6+AEBoKMuvbJka6ki+nTPU11Nbnn/06NGZ+UUulyuTSatratUGs3J7NSe/GAA211fX1sWTpIHB8ZmDqhxBEDu0371Gx4Z6S8oqmlvwqxsyi0GVn5eNq8Ph2wkfX/vbbgkW5wsKChoam2bn2RaT4U7GrfGZ2YLszPFJyt3b6ZyV9ba6ipEpBnW8Pzjk8hRjcXONl5iUXFiQTxggAYDVYqoqKazF4RoaW1RabGq4B9fY2oSrLCmryC8o4vN59+5mSWSy3IzEqzdvCQQrzU31xBESf3UP+6SM9OBvZ+UZzVYCvi6voHh+gQsA/EUmvrVthjYHANsi/iSFDgBgMQ0P9LS2d8mUWovJUJZ/r7aFcFBzvC7OTSWnpEmVGqvJMNDT1d7Vo7o/ZXl7WzsA5N5Nr2nA274LXOMvUugsAJidHE6/fYc2v3BAVSMIYqfQ8AkEQRDkUENBiCAIghxqKAgRBEGQQw0FIYIgCHKooSBEEARBDjUUhAiCIMihdgBBqFTI1VoMAORyue0ek9GgVqsx/SMwgsKo18nlCgCwmIwq1c6EOAZMu7G5daB1/ZMsJoNOvzPwQKdRGT42o5tapTKZdyaKO6hhEp/FZNQbd2YXBZVCoVSqjKa/n6v2wbtr52Eqlb21AkEQO7HPQWiqrSxtwrcTB3srqnGtdRWnHFyNAJhGcTsjjbtm76uSjg50FZdVEUdIxaXl3R3NIZHXbPdvrnJbWu1+QoB/sL0uaGttLS8tnueucuYo3b0DjXW1iysbAIBvrOvuJ2p0eh6TEh2XaLGnDNFplI3VJU5OzgzuqoA17ePrH+DrlZFXAQCSVU54ZKwFrH1dbcNEYg2u3gig3F4rLy+bmWXu7bStCII8svY1CJvKsnzDrgMAgHViclIp3Xr36G+DYlMBoLurQ2vf608IF2aOnzyr0psBYG6WRp0khUVF0ygUuRrT69RSuUKtVAiFKxQKVW8GI6ah02cl8j2cHe1fl5N6HT9EUwoZ4VcTyvLvlDd3d+NxFBa/oTQrMj5NbwYAkK0uOLl72dUrg+m0Zou1paa4rX9cp1GbrUAeInQNkcFqqi/LueDsabWYfdxdmIu8nHt3NRh22c+zkUA86KoRBLFf+xqEHuc+LG0ZenBTzOdSadRQb6e8iobpyQm1wa7/ZK/NTXLyjXxwUyHmXvINKMy+czO9gDE5EBaXMt7f5u53OTPlenENfqivq6woPyAk0p6b1FiW5R9+Y2aEcMHVT6dWvP3qi17hCQDWE8feq2tounTJS7CpMCpFPoEhdhWEALAt4l04/dHg5M4CIGXFBVKNYWaCxJqnX78WCwCUkc6f/Pgn7SOzKwzSiTNODbVlV2ITTfZ0XYsgiP3Y1yCMC/G4ml5s2zYa9CLeEpk6ZzWoT777dmBUgtm+z1Okzpp3P7po27ZaLGtcRkxiukm9FRF1Y32Fcy0lc5FOTsmt2uBSb97KpE5PDfV2unv6mz9/pwdtmjzm7+FUXNfZ39U8PTsfFepbVYvz8LwEAMlRAdUdo2CS+4WE2WGcj/c0+obEAoBiQ1BSgQOrKTw4IDY64pXfvtJPHKuqqp6nz7h7+lYU50XduAMAZ059JFI8Al9CIwiy//Y1CLdWF12dHBvwHZOTZDqLw5geLSipBIBV9oyLu4+9/8Fu1sdc9k/LKhgbn5iamZ2bGnb1CeLMTblfCqJMDHmHRI30tARfTZ0YaI2IiYu5EnovN+/M6XNCqf1+OqrHtNTJ0ey8IgtAfUUBgThJ6uscm6JVFN7rHxmrLi9d2ZBLhcyTZy8odPqDLvZvNlaWamrr+3oIQ6OTADDc09ZHmgEATKfdWuV4eXkplMq05KRl/kp1RRmTOZ+cmDQ9M1NaVmm0q686EQSxG/vda9SoUw0Th+jzbLMVRCvLVCrdaLYAgNGAmR+F89TkxOg4eUqLGRSSjekZinBFQKPRBXwejc7gcZfoc0z+8hJjni1aXaHRGVwuV62z36sQtULKZLHv37Iuspmrog0AAKt5jkGXqbQAINkQTU9Py1V2tICfTiUfGOhf5K3abkq2tjDDg89uLUKhEAAMOjWDwVCqtQCgVkgZc/OPwpsLQZCDgcYRIgiCIIcaCkIEQRDkUENBiCAIghxqKAgRBEGQQw0FIYIgCHKooSBEEARBDrV9DcIlNqO3r49KoRBHSHzecl9v78jI8Oz8wl4c66GTba339vTMUKhDA/1Csb1Pi7pLW+I1nsA2DsEyOzPFXuLZ7ie0NeKa2gBAurk+MUG2q+ETAKBSSDmLXABQSTeqqypxdXUzjAUAoEyRF/lCANCpFWOjo1v2PcUdgiB2Yl+DcJbU+f7xM1KpdHhogDNPe/+995aXl51Pf1BPGN2Lwz1cmFb61z//mcJZm6eQqXOLB13Ow9FQmhUcmwIAtWWFpEnqnZQbEwzu8vzUtbj49u4BxebKzaQ00Rr/ZuItu5pchjHWfdHZGwCY1Inc/KJbCddyS2tb6qsnqbO3Eq+PkqcK8/NoVEpkVPS2CjvoYhEEsXf7GoRi7qyDszubxWIvCQD0zk7OMpks0ONiffcjEIQAFg+ni0PjMxT6nFYlLy3Kzy8q6e7ta8O39AwMC/lLpWVlhXk5A+NUA6YdGeovLC7ZlMgXWfTiwoLJWdZBF//pKCNdMUmZAOB09tSqGogtpTcy8ttxxR+dPDU4TjPrlEG+HolpmUTShF2NR5etcYICwx/cHOnr5CwtuTmc0QB0VOd5+/h6+wUBwGUf164xxsGViSDIo2Ffg3B9iXbyzHkCoWuQNA1Wvae7W4DfpcjEu3txrD1gdjl/tqYR39jaadAqzp8+SWEtDfZ2deAbLrpeokyPOTp7UckjV2Liy0sLqCz+YG8XvrEu815BQ1VR2r3igy7+000OtsUkZgJAe11pckZOmJ97RlE9AKzzWGfOOkhV2uGuxjdff7W0vuOgK/2EbQEz8EEQmrH8vHwAqC/LuZ1T4u/pVNXcnZ2WUFuHO37sPQZv8yALRRDkUbCvQShkkR3dfHZuGOQOF523tsTnTh6fml/ei8M9bGaHs+fWVRYAAIsmNCgAAKqLcts7Otw9vSkUckR0vFoqir6aEB8bVoDrNBgM3Y3lLl5BG1vbwtU1u7qiemByAB8en2bbXp6fcffwXpeqlSoVAFRXVtAo5Ljk2wAGZxd3tcGOWiBZYXp7h9i2F+nkqvpW2zZzZsTDy0+uMwNAc2VeVPytAysRQZBHx74GIXmw3cPLd1OqBAARd87V1U2wKWdNEz19gtc2ZXtxxIdIsiHwcHMbobAAQC1dCwkOEstUdWU5t27fTUhMbGluuBafRJ+ZiIlL5C8vuLk43yuqUshlKXHhfgHB8xzeQZf/6Xrx1THxyUazZZW3WFdbuyzcAICs9OTiihr+qthiMrQ0NoyQxianqXa1NsgCbSz0coRMpQEAMmmQyRUCAJfDrK2tFYolAJaZybH6xhad0c4X/0AQxC7saxCaTOYHP41GIwAYjEYAALAaTfZ+zjIZjQ9+ms1/a8gOqxV2mmNPifFFzGYLWK1WKxgNn5gc3GT+W+cYDLO7/iYm27+/+RM9eAyG+0tkWK16vR0tl4EgiJ1D4wgRBEGQQw0FIYIgCHKooSBEEARBDjUUhAiCIMihhoIQQRAEOdT2NQgtVoD7Xf7gfvdKi8VqtVgAwGKxq2m8/p6tp6jZZNrVg01Gg8H4hQ8zfLKv5sftpu+pXo9ZrA+xk+qj1N/175jN9t7rGEEQu7WvQTg90h16Jaqpsf5eQanRbB3qrA8Ki1SodZhGkXU3c0Eg3ouDPiwSsSA0JLihuSUtLV0glnz+g5mU8bbuwc/+vbUXXxMec21kmJhfVKzUfSIyt4ULVyKijbtIpZrKCrFMs5viPwupr6O6qRMABEsLPT297e0d21I5kzoRGhTY2ksCgKmxYRyubm7BvmY8WJqfzi0os/0LbYr4tTgcf1U80NkYFBzq5+M9RmWxaRPBgf69ozMHXCiCII+CfQ3CFeaEg6svALz+0gtkzsbyTP9pF2/br+rqqhWYnV+RmM6fPm0GuOrvcCUpV6WQKVRqlUIuU6gAYHNjXaHSAsCGWKTS6IwGvVanBwDR2ipmNFutFj2GiUQi0/2LXiqx1S0gHACEQoHBDArptkSuBACwmDj0cWcndwuAWiHdkioAAMN0YrHYaDKL19f0RrNiU5CUkipVqrTanRQUCAQAAGDFMJ1IJNr94PfuhtKg6EQAuJMY00acITRWdg1NyORyNoUUl5QpFfMDQqMUcmlAQJBKb0fX6zzGmKOzNwCoJSJ/Xx/G0ioA8Ja5UpmiJC9ris6RyxUUUndcSuZBV4ogyCNgX4NQtEi96OhSVlIUG5+swkzM8W4Xv52Jspqb6xU6OzrVfhrTJVfnssqqy5cvs3gi5mRf5PVkziz5anwacaivtq6JQqF1tjbWNeEpDGZLdVFuRdP0GLG8tORmUvosZcLT2y8rIzUps9C2L9ZU/0fnnOpqq8iznHUBp6EB5+t9qXeI1NJY393ReNHl0vIyt7mxISTQt6GlNSzI+9ad7KLikrraqviE1Nlp0kenzwmFK0GBASvrm031uN7urqRbmZNjg15+gXfSEtOyS3fZpGlih22u0S3h4pu/+1XEzTsAYDUbU65HljT2Tg+2+EbEA8DFC6eZK19wEbyfpEJ2UFAEAFTnprj7Xc5IudHWNwYAYNIWFBYZrWA2Ytcjgktw9jVFKoIg9ml/g3CJ6h90OTEuMjW3GgDmx7udvIJtv2puqlfq7fyK0Bzo55ubfdfRwx8ARJzpiLgkrUQUG5c6TyO7u7m29QxNDBHc3Nz6xyjjffjUnLIlNmN4sOeSpx+byQiNuqaViwMCr9j2xST3egaGb2yIpQplVvJ1fN8Ee242Oz0hLjUPAG5ev3HndnpNaz9nfnaOORcVEaoDYM1Ok4b6PDx9WSxGdGwcAERFhjU34nyCIgAg1NejoKT0amK6alsQGBqxyyZNEzuuJt8FAGJfF6Gb4O58oZ/MAAAem+ro7tXZWh8cdRMAHC+cXd60o7X9JCus4OBIALgR5tfYT5HxZk5d9ACABdp4HZ5gewybRjp9zkljsvM3FYIgB29fg5BJ7nn3+FmLyehw8v2qlj6VROTq7DRDZ85RyU34Tju/HjRgyr/88Z1VuSE7MTL4WppExHXz9GptrHF09aHRZoe6W/0CgsbIlJ62+ivRCa0NFTcycjITr+YUlDhfdO7oaPX0DxUs0h0c3c0WKwAQWys+OOdiO0njq/LOOXl29AwO97R+dPo8cWTQ0cmtvrbyvIMLvqNnhbfo5uqoNJhSYi5n5RU5OVwcGSWLl/nqAAAGC0lEQVQ5OToK19Y93V3GJ6c8XF1pdEbWnTt9hNZLgRHLrOmLrl4Wy64CoL+l4lJwtMVizb+bOkxZGOluqcMTSMNEFptZXlmztbl+82biJHk8KfW2XfVFETInz513MZrMY70tt7KKWLSJwvJaAKgtL2LxxRaDdnBggM2aKyuvNtj5uwpBEDuwr0G4MEdtaGxSqDGZWFBT16gzWrfFK+3t7cSRMQ32xX0sD5Z0U9TY0MBeXgMw11ZXrm/JyKPEoWESY57FnJsdHBqWKZSsOdrg8KhcqWbSpgZJ5GUOk9DTSyaTKTMzhJ6+JQ6rvaNTZzABwOzUWFNLq+L+yu/tTbjmjl4AoE+NtrS2jY1Pmszm/s7mhlaCWqVoa8WLJco13kInoYdEIm1uS8dJw1wev6uzY0Om3hLxO7u6JQrNtojf0dXDWZjv6OzCDLvq3TpHIXcSejCDyaDTTk+SOVyBxWwitDV39Q5oMSMASDbWiMMjOr19vTrC5YXWtna5WgsATAZtmko3WQDAurS4ZAawmvStTfU9gyN6NOk2giC7gMYRIgiCIIcaCkIEQRDkUENBiCAIghxqKAgRBEGQQw0FIYIgCHKo2YJQrVbb8u/BBgpCBEEQ5FBQqVRSqXRrawvDMK1WKxaL9ywIrWbmHGNLpgIAvU7NZDJF6+ss5vziMn93Y94OmGiFx+EKAMBqMXPYLIFQ9A8PWGYv8T7j2VY2c068Lf/MvVstrHn6xuc8YG9gWo1C+beR8gq5zDYJHIM6NTYxbdvWqeXL/BW7eo2MBr1MJn9QkVql0Ol3pi9f5i4p1VoAoE5NkKdpaBghgiBfSK1Wy+XyhISExcXFnp6e/Px8k8m0R0FoGe7EPfviy6sSjdmoy8jIWBdvOJ56r7ih265Osp9llbfwu18939AzDgDVRbm9I9MPfqXXqcXb8r6WitBraZ/19OtRQTUdxM/Zf1yYb03b8EMseDcay7OjEu7Ytlc51I9OXjBYYY3HuhYbk1tcabLC0jwlv7BkiWdfQUgf6/H0CbFVpFdJzp78kLkiBYuhvDh/aJSs1mFcJi02Jra4sh4FIYIgX0ilUmEYhsPhLly44OLiQiaT9Xr9Xn00atRIQ3xdT5x3NwMQB/sBIDrUd5iyuBfH2gvlOel/ePMtzqpkaY4i2JDo1IoeQgdtfqG+9G5QdAKLMhYeE4erqVndVFhN+lFi//DY5NqqoA3fTOgbLMy70zY4scJdIHR1LfKEK7yFvr5+XE3tulRtNmjHR0lB3m743jHRqoBIHF7f2qdLw6mhtqibGQBg1Kk7mmp8fEIBoPRuwlkHF+7aNoDB8ezJ8jq8RPEvrXHx0ElWWP7+YQAAYJ4Y6ffx8hQpjM1ld129g+nzCwBw+2aUg4uncEN2sHUiCPJIUKlUCoXCZDLhcDgikWg2m219Z/ZmrlEem7HALbmTEBQRNzo2AQARQV79ZOZeHOuhsxrUpLHJmdGe46cdhohjfP5S9p3MloZav5DImoqiW7nlK8ypK1eTcGXZ6feKGnGVLXi8l7dvTVXpBUfnKcps3r20LiJ5oLuzJD8rODy+rwPnfTm2pijrTl5FZVHuPFeQfDWsrrk9LuZKY2v3+qZ0fxo1OdgWk3QHAOprKicmxoN8A/hbSqNBPz7Q7uDqOzpIOO/iNU4aPH3eSa61o8lltgXMwMBwABgi4IdHJ65Hhc7MLXg7nesikkN9XKtaBw163UA77oyDm8aAJpdBEOQL2DrLKJVKg8GAYdje9hpd57P7SVMAEOl78cOLXvCxIFQpFZidzeP1d6wGTVtbBwD0NBS/+NKb3GWOr7evVKXVaDTN1QXZlc1C5lRafo2QPZV8K+1qVASVs6rTaSmjfTdu3QaAouxbrX3DbU31/d0dkbFJk6P9mSW1PMZ4akqav6+PzAQV2akt3aNs+rSjw7mOQfL+NGpysC02+S4AFOVmZaSnvPHaGx3DO2v44aqrCB0tYTEJAHDZ35crVu5PSbuxLWAGBkUAAB5XmZ6R8c5bbxRXN8ZcCRWpYbSzNvVeie1hhXk5Eo1dv6kQBLEHnzV84v8DYJRw8YKkYwIAAAAASUVORK5CYII=" /> <br />
<span style="mso-no-proof: yes;">
</span><br />
<b style="mso-bidi-font-weight: normal;"><span style="font-size: 10.0pt; mso-bidi-font-size: 12.0pt;">Figure 2. Inbound/outbound traffic by country with
anomaly</span></b><br />
<div style="border-bottom: solid #595959 1.0pt; border: none; mso-border-bottom-alt: solid #595959 .5pt; mso-border-bottom-themecolor: text1; mso-border-bottom-themecolor: text1; mso-border-bottom-themetint: 166; mso-border-bottom-themetint: 166; mso-element: para-border-div; padding: 0in 0in 1.0pt 0in;">
<h1>
<span style="mso-bidi-font-family: "Calibri Light"; mso-bidi-theme-font: major-latin; mso-fareast-font-family: "Calibri Light"; mso-fareast-theme-font: major-latin;"><span style="mso-list: Ignore;">5<span style="font: 7.0pt "Times New Roman";"> </span></span></span>Summary</h1>
</div>
The traditional network border defense strategy has failed to prevent data
breaches. It's time to change our defensive posture from inbound-centric to
outbound-centric. Continuous Monitoring allows us to determine if a data
exfiltration has happened. CM and network forensics are the difference between
a small, internal breach and a major disaster.<br />
<br />
Some good reference books on this topic are "Extrusion Detection:
Security Monitoring for Internal Intrusions" by Richard Bejtlich,
"Network Forensics" by Sherri Davidoff and Jonathan Ham,
"Applied Network Security Monitoring" by Chris Sanders and Jason
Smith. <br />
<div class="MsoNormal">
<br /></div>
Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com1tag:blogger.com,1999:blog-3173237590648578243.post-82545948573615137042017-06-05T11:30:00.001-07:002017-06-05T11:30:18.401-07:00EDU Are Small Cities<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:RelyOnVML/>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><br />
<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>PT-BR</w:LidThemeOther>
<w:LidThemeAsian>ZH-CN</w:LidThemeAsian>
<w:LidThemeComplexScript>AR-SA</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
<w:UseFELayout/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="false"
DefSemiHidden="false" DefQFormat="false" DefPriority="99"
LatentStyleCount="371">
<w:LsdException Locked="false" Priority="0" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 9"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="header"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footer"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index heading"/>
<w:LsdException Locked="false" Priority="35" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of figures"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope return"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="line number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="page number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of authorities"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="macro"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="toa heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 5"/>
<w:LsdException Locked="false" Priority="10" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Closing"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Signature"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="true"
UnhideWhenUsed="true" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Message Header"/>
<w:LsdException Locked="false" Priority="11" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Salutation"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Date"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Note Heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Block Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="FollowedHyperlink"/>
<w:LsdException Locked="false" Priority="22" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Document Map"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Plain Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="E-mail Signature"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Top of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Bottom of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal (Web)"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Acronym"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Cite"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Code"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Definition"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Keyboard"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Preformatted"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Sample"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Typewriter"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Variable"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Table"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation subject"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="No List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Contemporary"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Elegant"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Professional"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Balloon Text"/>
<w:LsdException Locked="false" Priority="39" Name="Table Grid"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Theme"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" QFormat="true"
Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" QFormat="true"
Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" QFormat="true"
Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" QFormat="true"
Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" QFormat="true"
Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" QFormat="true"
Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" SemiHidden="true"
UnhideWhenUsed="true" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="TOC Heading"/>
<w:LsdException Locked="false" Priority="41" Name="Plain Table 1"/>
<w:LsdException Locked="false" Priority="42" Name="Plain Table 2"/>
<w:LsdException Locked="false" Priority="43" Name="Plain Table 3"/>
<w:LsdException Locked="false" Priority="44" Name="Plain Table 4"/>
<w:LsdException Locked="false" Priority="45" Name="Plain Table 5"/>
<w:LsdException Locked="false" Priority="40" Name="Grid Table Light"/>
<w:LsdException Locked="false" Priority="46" Name="Grid Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="Grid Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="Grid Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="46" Name="List Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="List Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="List Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 6"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:8.0pt;
mso-para-margin-left:0in;
line-height:107%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:Arial;
mso-bidi-theme-font:minor-bidi;
mso-fareast-language:JA;}
</style>
<![endif]-->
<br />
<div class="MsoNormal">
In a general sense, universities are small cities with the
services that are provided by such localities. For example, Virginia Tech
provides similar services to its community that the town of Blacksburg provides
to its citizens. A cybersecurity architecture has to encompass all of these
service areas. </div>
<div class="MsoNormal">
<br /></div>
<br />
Some of these services include:
<br />
<ul>
<li><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;"><span style="font: 7.0pt "Times New Roman";"></span></span></span>Power generation – VT has its own power
generation plant that provides electrical power, A/C and heating to facilities
on campus. The power generation plant also provide power to some segments of
the town itself.</li>
</ul>
<br />
<ul>
<li><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;"><span style="font: 7.0pt "Times New Roman";"> </span></span></span>Law enforcement – As many EDUs do, VT has its
own campus police department with full LE authority and powers as any other
state law enforcement officers (LEO).</li>
</ul>
<br />
<ul>
<li><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;"><span style="font: 7.0pt "Times New Roman";"></span></span></span>Dining Services – what used to be the
traditional dining hall facilities has evolved to a wide variety of food
choices.</li>
</ul>
<ul>
<li><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;"><span style="font: 7.0pt "Times New Roman";"></span></span></span>A Cultural scene – VT provides a wide variety of
music, theatre, lecture, film events that open to the community as well as the
general public</li>
</ul>
<ul>
<li><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;"><span style="font: 7.0pt "Times New Roman";"> </span></span></span>Library – this seems odd but since VT is a
public institution, its library is open to anyone regardless of their affiliation
with the University.</li>
</ul>
<ul>
<li><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"></span></span></span>Medical services – student health services,
counseling services, wellness services, adult day care services are some of the
traditional medical services provided</li>
</ul>
<ul>
<li><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;"><span style="font: 7.0pt "Times New Roman";"> </span></span></span>Athletic – from intramural, extramural sports to
NCAA sanctioned sports, VT offers a wide variety of athletic events that are
open to the public.</li>
</ul>
<ul>
<li><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;"><span style="font: 7.0pt "Times New Roman";"></span></span></span>Educational – VT is its own “school system”. </li>
</ul>
<div class="MsoNormal">
Urban universities offer the same services listed above with
the exception of the power plant but they do have a facilities management
program. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Corporations that offer a wide variety of services to their employees face the same security issues. As you can imagine, it's a challenge to balance the security requirements of each of these service areas.</div>
Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-17912031560206464982016-10-03T11:44:00.002-07:002016-10-03T11:44:10.079-07:00World Full of Smart Gadgets<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]--><br />
<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves>false</w:TrackMoves>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="false"
DefSemiHidden="false" DefQFormat="false" DefPriority="99"
LatentStyleCount="371">
<w:LsdException Locked="false" Priority="0" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 9"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="header"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footer"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index heading"/>
<w:LsdException Locked="false" Priority="35" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of figures"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope return"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="line number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="page number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of authorities"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="macro"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="toa heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 5"/>
<w:LsdException Locked="false" Priority="10" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Closing"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Signature"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="true"
UnhideWhenUsed="true" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Message Header"/>
<w:LsdException Locked="false" Priority="11" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Salutation"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Date"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Note Heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Block Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="FollowedHyperlink"/>
<w:LsdException Locked="false" Priority="22" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Document Map"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Plain Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="E-mail Signature"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Top of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Bottom of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal (Web)"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Acronym"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Cite"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Code"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Definition"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Keyboard"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Preformatted"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Sample"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Typewriter"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Variable"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Table"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation subject"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="No List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Contemporary"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Elegant"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Professional"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Balloon Text"/>
<w:LsdException Locked="false" Priority="39" Name="Table Grid"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Theme"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" QFormat="true"
Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" QFormat="true"
Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" QFormat="true"
Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" QFormat="true"
Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" QFormat="true"
Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" QFormat="true"
Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" SemiHidden="true"
UnhideWhenUsed="true" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="TOC Heading"/>
<w:LsdException Locked="false" Priority="41" Name="Plain Table 1"/>
<w:LsdException Locked="false" Priority="42" Name="Plain Table 2"/>
<w:LsdException Locked="false" Priority="43" Name="Plain Table 3"/>
<w:LsdException Locked="false" Priority="44" Name="Plain Table 4"/>
<w:LsdException Locked="false" Priority="45" Name="Plain Table 5"/>
<w:LsdException Locked="false" Priority="40" Name="Grid Table Light"/>
<w:LsdException Locked="false" Priority="46" Name="Grid Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="Grid Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="Grid Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="46" Name="List Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="List Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="List Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 6"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:8.0pt;
mso-para-margin-left:0in;
line-height:107%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
</style>
<![endif]-->
<br />
<div class="MsoNormal">
<b style="mso-bidi-font-weight: normal;">Internet Security: A World Full of Smart Gadgets</b></div>
<div class="MsoNormal">
You’ve heard everyone talk about the “Internet of Things”,
“smart cars”, “smart devices or gadgets”. This is just a description of the
pervasiveness of computers in our everyday lives. These devices are now being
connected to the Internet and this poses challenges to personal privacy and the
security of the Internet.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-QcxXpG0SC4I/V-54pATkv6I/AAAAAAAAD3g/t3nSxNJ-Oj0kXYxCcFdpUt9buy8t_21cQCLcB/s1600/worldfullofsmartgadgets.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://4.bp.blogspot.com/-QcxXpG0SC4I/V-54pATkv6I/AAAAAAAAD3g/t3nSxNJ-Oj0kXYxCcFdpUt9buy8t_21cQCLcB/s320/worldfullofsmartgadgets.jpg" width="224" /></a></div>
<div class="MsoNormal">
<span style="mso-no-proof: yes;"><br /></span></div>
<div class="MsoNormal">
<b style="mso-bidi-font-weight: normal;"><span style="font-size: 10.0pt; line-height: 107%; mso-bidi-font-size: 11.0pt;">Figure 1.
Smart gadgets in a home <span style="font-size: xx-small;">(image by Steve Johnson, Jeff Durham BayArea News Group)</span></span></b></div>
<div class="MsoNormal">
Figure 1 shows how pervasive these gadgets can become in our
lives. Every room in a house will be impacted by this Internet of Things. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
What does this have to do with Virginia Tech? Well, today’s
students show up on campus with at least 4-5 devices that need to be connected
to the network. These include the University required computer, their smart
phone, tablet, gaming consoles like Xbox, and usually a smart device like a
smart TV or radio. Each of these devices is a specialized computer and
unfortunately they’re not secured by the manufacturer. For example, printers,
copiers and scanners have no passwords associated with them by default. Figure
1 shows how common household devices will be able to gather personal
information (schedules, preferences, health) of the occupants. These devices
can transmit that information to advertisers, manufacturers. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Recently these
types of devices have been taken over by hackers and used to attack other sites. Brian
Krebs, a well known journalist, was the target of an internet DDOS attack that
forced his www site offline for a number of days. This was in response to a
series of articles he wrote about cyber criminals being captured. They
retaliated by launching a massive denial of service attack against his www
site. It's believed that many of the attacking hosts were “smart” gadgets. The new IoT botnet Mirai was used to launch a historically huge attack
against Brian Kreb's site
(https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/)
and is guaranteed to cause mayhem on the net. </div>
<div class="MsoNormal">
<br /></div>
Security experts have been warning the community about the lack of security in Internet of Things (IoT)/smart gadgets. Unfortunately, someone else heeded the warnings and took advantage of this knowledge. <br />
<br />
Stay tuned for more.<br />
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-79527578717217288342016-09-30T07:33:00.000-07:002016-09-30T07:33:21.292-07:00The Internet of Cows<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><br />
<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>PT-BR</w:LidThemeOther>
<w:LidThemeAsian>ZH-CN</w:LidThemeAsian>
<w:LidThemeComplexScript>AR-SA</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
<w:UseFELayout/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="false"
DefSemiHidden="false" DefQFormat="false" DefPriority="99"
LatentStyleCount="371">
<w:LsdException Locked="false" Priority="0" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 9"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="header"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footer"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index heading"/>
<w:LsdException Locked="false" Priority="35" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of figures"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope return"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="line number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="page number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of authorities"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="macro"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="toa heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 5"/>
<w:LsdException Locked="false" Priority="10" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Closing"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Signature"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="true"
UnhideWhenUsed="true" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Message Header"/>
<w:LsdException Locked="false" Priority="11" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Salutation"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Date"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Note Heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Block Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="FollowedHyperlink"/>
<w:LsdException Locked="false" Priority="22" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Document Map"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Plain Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="E-mail Signature"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Top of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Bottom of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal (Web)"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Acronym"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Cite"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Code"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Definition"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Keyboard"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Preformatted"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Sample"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Typewriter"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Variable"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Table"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation subject"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="No List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Contemporary"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Elegant"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Professional"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Balloon Text"/>
<w:LsdException Locked="false" Priority="39" Name="Table Grid"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Theme"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" QFormat="true"
Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" QFormat="true"
Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" QFormat="true"
Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" QFormat="true"
Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" QFormat="true"
Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" QFormat="true"
Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" SemiHidden="true"
UnhideWhenUsed="true" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="TOC Heading"/>
<w:LsdException Locked="false" Priority="41" Name="Plain Table 1"/>
<w:LsdException Locked="false" Priority="42" Name="Plain Table 2"/>
<w:LsdException Locked="false" Priority="43" Name="Plain Table 3"/>
<w:LsdException Locked="false" Priority="44" Name="Plain Table 4"/>
<w:LsdException Locked="false" Priority="45" Name="Plain Table 5"/>
<w:LsdException Locked="false" Priority="40" Name="Grid Table Light"/>
<w:LsdException Locked="false" Priority="46" Name="Grid Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="Grid Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="Grid Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="46" Name="List Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="List Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="List Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 6"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:8.0pt;
mso-para-margin-left:0in;
line-height:107%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-fareast-language:JA;}
</style>
<![endif]-->
<br />
<div style="mso-list: l0 level2 lfo1;">
<span style="mso-bidi-font-family: "Calibri Light"; mso-bidi-theme-font: major-latin; mso-fareast-font-family: "Calibri Light"; mso-fareast-theme-font: major-latin;"><span style="mso-list: Ignore;"><span style="font: 7.0pt "Times New Roman";"></span></span></span>Glenn Fink, a security researcher at Pacific Northwest Labs,
did a presentation called the “Internet of Cows” where he showed how dairy
farming has become an automated, internet accessible business process. He
took<span style="mso-spacerun: yes;"> </span>the discussion one step further by
saying that cows make great human surrogates in the privacy debates surrounding
IoT. He showed how data from almost every single biological process of a cow
(health, reproduction, location, sounds) is monitored by IoT.<span style="mso-spacerun: yes;"> </span>Analysis of herd data allows farmers to
predict the health of a cow, the optimum time for reproduction and milk
production. He maintained that cows don’t object to this type of management and
therefore, this is why they are well suited to study the effects of intrusive
monitoring. </div>
<div style="mso-list: l0 level2 lfo1;">
<br /></div>
<div style="mso-list: l0 level2 lfo1;">
It was one of those presentations that makes you go "hmmmmm". The use of "biological" Internet of Things has been well established in the animal husbandry world. As Glenn stated, we're already moving in this direction with regard to human health monitoring. The privacy implications of such monitoring should concern most of us these days. I've always said that I don't mind external sites collecting data about me as long as a) the default is opt-out where no data is sent out b) you tell me what you're going to do with my data c) you protect my data from unauthorized access. Obviously, this isn't the norm these days. </div>
<div style="mso-list: l0 level2 lfo1;">
<br /></div>
<div style="mso-list: l0 level2 lfo1;">
Hopefully, as more "fitness" IoT devices enter the market, people will start to demand their health info be safeguarded as much as possible. More on this later.... </div>
Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-5306320880295149482016-04-04T17:01:00.000-07:002016-04-04T17:01:01.153-07:00I'm BackYes, it's been a while since I've posted something here. It's been a busy, crazy year. Here are some of the things we've been doing here at VA Tech. I'll be posting some blog entries with more details on each of the items. Consider this entry to be a "headlines" blog.<br />
<br />
1. Stacy Kaye from Silverbull.co interviewed me about being a CISO. Her article can be found here<br /><span style="font-size: small;"><a href="http://www.silverbull.co/a-day-in-the-life-of-a-ciso-virginia-tech/" target="_blank">http://www.silverbull.co/a-<wbr></wbr>day-in-the-life-of-a-ciso-<wbr></wbr>virginia-tech/</a></span><br />
<span style="font-size: small;">I will warn you that the picture in the article is my official VT photo and doesn't reflect my usual attire :-)</span><br />
<br />
<span style="font-size: small;">2. MT6D - Moving Target IPv6 Defense. A series of research projects based on Matt Dunlop and Stephen Groat's research involving dynamic address switching as a defense against DDOS attacks in IPv6. Their original research has spun off a number of secondary MT6D research. Pretty neat and exciting stuff they did. Think radio frequency hopping but instead of hopping frequencies, we hop IPv6 addresses</span><br />
<br />
<span style="font-size: small;">3. Continuous Monitoring Update - an update on our evergoing continuous monitoring project</span><br />
<br />
<span style="font-size: small;">So keep in touch for more blogs coming up here and at http://www.securitycurrent.com/en/writers/randy-marchany</span><br /><span style="font-size: 12.8px;"></span>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-41791666720639272802015-06-26T06:17:00.001-07:002015-06-26T06:17:56.765-07:00Monitor First - The OriginAs you know, I've been a proponent of Continuous Monitoring (CM) not to be confused with the Federal Government's CDM (Continuous Diagnostic Mitigation) program. We've always assumed intruders are in our network so we've been looking for these intruders by monitoring outbound traffic.<br />
<br />
I'm reposting another blog by grecs which is posted at the <a href="https://www.novainfosec.com/">NovaInfoSec blog</a>. Grecs' blog on the origins of "Monitor first" is a great article on how this concept took hold. So, here's the full blog article by Grec posted on 6/25/2015.<br />
<br />---------------<br />
"Monitor First - The Origins" by grecs posted 6/25/2015<br />
<br />
Late last year @<a href="http://twitter.com/taosecurity" target="_blank">taosecurity</a> wrote an <a href="http://taosecurity.blogspot.com/2014/09/we-need-more-than-penetration-testing.html" target="_blank">article</a>
that questioned spending resources on a “pen test and fix” cycle rather
than monitoring for intruders that may already be in your networks. The
last sentence of the post not only emphasized his theme well but also
alluded to an article written by Bruce Schneier that originally stressed
“monitoring first.”
<br />
<blockquote>
I still believe that the two best words ever uttered by
Bruce Schneier were “monitor first,” and I worry that organizations like
those in this article are patching holes while intruders maneuver
around them within the compromised network.</blockquote>
I searched around a bit for this statement and found a copy in an old
edition of Cryptogram from way back in 2001. You can find the original
article <a href="https://www.schneier.com/crypto-gram/archives/2001/0715.html#5" target="_blank">here</a> but the first few paragraphs alone make the case of monitoring first.<br />
<blockquote>
You have a safe in a dilapidated building, and you need
to secure it. What’s the first thing you do? Inventory the safe? Assess
the security of the building? Install better locks on the doors and bars
on the windows? Probably not. The first thing you do, as quickly as
possible, is alarm the safe. Once the safe is being monitored, you can
then afford the time and attention needed to inventory the stock,
analyze the environment, and improve the security. Without monitoring,
you’re vulnerable until your security is perfect. If you monitor first,
you’re immediately more secure.<br />
Network security has this backwards. Companies see monitoring as
something to do after they have their security products in place. First
they develop a security policy. Then they do a vulnerability analysis.
Then they install a firewall, and maybe an intrusion detection system.
And finally they think about monitoring. Rationally, this makes no
sense.<br />
Monitoring should be the first step in any network security plan.
It’s something that a network administrator can do today to provide
immediate value. Policy analysis and vulnerability assessments take
time, and don’t actually improve a network’s security until they’re
acted upon. Installing security products improves security, but only if
they are installed correctly and in the right places. How does a CIO
know what products to install, and whether they are actually working —
in the actual corporate environment, not as they worked in the lab? The
only way he can know is to monitor. Monitoring ensures that security
products are working properly.</blockquote>
Monitoring first is just common sense. This practice not only allows
organizations to find the threats lurking in their networks sooner but
it also permits them to establish baseline metrics from which they can
measure improvements in their security posture as further investments
are made. And per Schneier “monitoring” does not even necessarily mean
going out a buying anything initially. Start simple with logs and other
data you already have (e.g., from <a href="https://www.novainfosec.com/2015/03/21/monitor-first-the-dns-edition/">DNS</a>, servers, proxies, and network devices) and grow out from there.<br />
--------<br />
<br />
I encourage you to read both @taosecurity and Bruce Schneier's articles list in the above post. Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com1tag:blogger.com,1999:blog-3173237590648578243.post-27176929253200394942014-08-05T21:33:00.003-07:002015-06-26T06:19:12.434-07:00Deja Vu All Over Again - Redux - 1999-2014Yep, it's time to use this title again. This time we're talking about DDOS amplification attacks. One of the lists I monitor posted the following:<br />
<br />
Christian Rossow has done some great work on DDOS. The two interesting papers are:<br />
<br />
<b>"Exit from Hell? Reducing the Impact of Amplification DDoS Attacks"</b><br />
http://christian-rossow.de/publications/exitfromhell-usenix2014.pdf<br />
<br />
The authors also look at DNS, NTP, SNMP, SSDP, CharGen, QOTD and NetBIOS. The last sentence of this paper, "We measured almost 46 million amplifiers for all scanned UDP-based protocols." <br />
<br />
<b>"Hell of a Handshake: Abusing TCP for Reflective Amplification<br /> DDoS Attacks,"</b><br />
http://christian-rossow.de/publications/tcpamplification-woot2014.pdf<br />
<br />
The quote from the Kuhrer paper:<br />
<br />
<i>"The basic idea is to send relatively small requests with spoofed source address to public hosts (e.g., NTP servers), which reflect significantly larger responses to the victim of the attack."</i><br />
<br />
is depressing to read.<br />
<br />
Why? In 2000, I was part of a Fed/SANS Institute Task Force that wrote a Consensus Roadmap to defeating DDOS attack doc (http://www.sans.org/dosstep/roadmap.php). In there, we stressed the importance of setting your (the collective your) network ingress/egress filters correctly in order to prevent spoofed packets from leaving your network. <b>The above quote says to me that we've (the collective we) has forgotten this basic defense technique.</b> So, my question to the list is "have you set your ingress/egress filters on ALL of your network devices to prevent spoofed packets from leaving your nets. If so, you've taken a giant step in reducing the impact of an amplification attack.<br />
<br />
The weird sense of humor in me says that the admins who were around in 2000 and set their filters ave moved on or retired and their replacements looked at those ACLs and said "WTF? Let's take these out."<br />
<br />
<br />
<br />
It's been 14 years now and spoofed packets are still an issue. <br />
<br />
I'm just saying......:-)Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-42225781855809017022013-12-27T20:27:00.002-08:002013-12-27T20:27:53.207-08:00Lemons for Security - Information AsymmetryMy wife handed me an article from the Annals of Internal Medicine (Vol 157, No. 2, p.139-140) entitled "Lemons for Obesity" by Michael Lauer, MD. At first, I thought she's trying to hint that I need to lose weight but she said there's a section in the article that might apply to cybersecurity. So, my curiousity got the better of me. Dr. Lauer's article described his thought about the obesity drug Qnexa and issues with aftereffects.<br />
<br />
What does this have to do with cybersecurity?<br />
<br />
Lauer mentions a Nobel prize winning paper by George Akerlof on the market for bad cars aka "lemons". He summarizes Akerlof's "lemon" scenario as follows.<br />
<br />
"Used car buyers believe 75% of cars are good (peaches) and 25% have problems (lemons). Buyer know lemon owners want to sell because of these car problems. Suppose a lemon costs $5K and peaches cost $20K. The buyer has trouble distinguishing lemons from peaches based on this limited information and owners have no way to effectively communicate their inside knowledge. Suppose the buyer seeking a deal offers $16,250. Peach owner will refuse such a low-ball offer but lemon owners will jump at the offer. If on the other hand, a peach owner accepts the low offer, the buyer wonders what's wrong with the car, i.e., it must be a lemon. So, the buyer offers a lower price of say, $12,500 which the peach owner is less likely to accept. So, over time, the only cars that sell are lemons. Information Asymmetry allows bad products to drive out good products."<br />
<br />
<span class="Paragraph 30670365 30670362 2" id="ctl00_scm6MainContent_rptSections_ctl03_lblSection">Twisting one of Dr. Lauer's sentences, if we think about the history of application software security, we've seen plenty of lemons. </span> <br />
<br />
<br />
<br />Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-27213224896863385982013-04-11T14:50:00.002-07:002013-04-11T14:50:11.797-07:00Identity Verification in the MOOC World. Not!<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
<w:UseFELayout/>
</w:Compatibility>
<w:DoNotOptimizeForBrowser/>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><br />
<!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="true"
DefSemiHidden="true" DefQFormat="false" DefPriority="99"
LatentStyleCount="267">
<w:LsdException Locked="false" Priority="1" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" Priority="39" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" Name="toc 9"/>
<w:LsdException Locked="false" Priority="35" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" Priority="10" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" Priority="1" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" Priority="11" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" Priority="22" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" Priority="59" SemiHidden="false"
UnhideWhenUsed="false" Name="Table Grid"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" UnhideWhenUsed="false" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" SemiHidden="false"
UnhideWhenUsed="false" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" SemiHidden="false"
UnhideWhenUsed="false" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" SemiHidden="false"
UnhideWhenUsed="false" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" SemiHidden="false"
UnhideWhenUsed="false" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" SemiHidden="false"
UnhideWhenUsed="false" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" SemiHidden="false"
UnhideWhenUsed="false" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" QFormat="true" Name="TOC Heading"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
mso-pagination:widow-orphan;
font-size:11.0pt;
mso-bidi-font-size:10.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}
</style>
<![endif]-->
<br />
<div class="MsoNormal">
According to some, Massively Open Online Courses (MOOC) are the latest saviors
in the financially strapped EDU world. The idea of having hundreds of thousands
of students taking a university course at the same time is an exciting new frontier
for higher education.<span style="mso-spacerun: yes;"> </span>Just think of the
financial gains an institution can achieve. Public universities have seen a
dramatic <b>decrease </b>in their financial support from their respective state
governments. Virginia Universities receive an average of 3-5% of their total
budgets from the state. The money has to come from somewhere to support a
growing student body. An income stream from hundreds of thousands of online students
is enticing to cash strapped universities. State legislators see MOOCs as a way
to continue financial support without raising taxes. After all, the money would
come from tuition. There would be a saving cost in personnel, infrastructure
and other high costs associated with universities. So, what’s the worry?</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
First of all, EDUs have been in the online class world for
at least 15 years. Interactive Video Conference (IVC) methods have been around for a long time.
For example, I started teaching an IVC course in 1999. It was in a special
classroom equipped with TV cameras, microphones for the students and 2 way
communications. If a student had a question, they pressed a button, their
microphone would go live, the TV camera in their classroom would zoom in on
them and 2 way conversations would happen. <span style="mso-spacerun: yes;"> </span>This format is expensive and today’s
generations of students don’t feel comfortable using this medium.<span style="mso-spacerun: yes;"> </span>Social media<span style="mso-spacerun: yes;">
</span>and a generational change have made MOOCs more popular. EDU faculty have experience in online learning. Learning Technologies (LT) is an growing and exciting field and well poised to address MOOC development. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
JoAnn Paul from VA Tech states “Today's students often
perceive electronic forms of interaction as LESS impersonal than face to face,
traditional classroom settings, regardless of class size. And why not? Students
already work in distributed environments, and increasingly need to learn how
best to communicate that way -- to get their point across -- and they know it.”<br />
<br />
We need to collect data on MOOC popularity when the students have to a) pay for the courses b) take them for college credit. I suspect then enrollment numbers will be significantly lower. For introductory level courses, MOOCs make sense because they provide a vehicle for accessing large numbers of people. <span style="mso-spacerun: yes;"> </span>More advanced courses don’t scale well. Where
does an online student go to do Chemistry or Physics lab experiments? How does one replicate the lab facilities and equipment. But that's another issue.....</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Apart from having curriculum designed by external entities,
the biggest problem with MOOCs is a very basic yet critical issue:
<b>cheating</b>.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
Laura Pappano’s NY Times article, “The Year of the MOOC”
states <span style="mso-spacerun: yes;"> </span>“Cheating is a reality. “We found
groups of 20 people in a course submitting identical homework,” says David
Patterson, a professor at the University of California, Berkeley, who teaches
software engineering, in a tone of disbelief at such blatant copying; Udacity
and edX now offer proctored exams.” Frankly, I’m surprised he was surprised
about online cheating.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
There are some fundamental
questions that need to be answered before even attempting to incorporate MOOC
style courses as credit for a degree. </div>
<div class="MsoNormal">
1. How do you verify the identity of the student who registers for the class?</div>
<div class="MsoNormal">
2. How do you verify the identity of the person who submits assignments and takes exams?</div>
<div class="MsoNormal">
3. How do you verify the person in #1 is the same person as the one in #2?<br />
<br />
These questions need to be addressed before MOOCs can become a vehicle for furthering one's pursuit of a degree.<br />
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com1tag:blogger.com,1999:blog-3173237590648578243.post-19991590671082271782013-03-13T23:42:00.001-07:002013-04-11T07:45:27.083-07:00Why Commoners WIll Always Be On The DefensiveIn the past year, one of my most requested talks is called "The More Things Change, The More They Stay the Same". I show examples of cyberattacks over the past 20 years, how the root causes are the same and how we're still fighting the same battles after 20 years with no tangible success. I ask "what have we [security types] been doing these past 20 years?". I mention how an entire industry has been created to "combat" cyber attacks but again, there's no economic incentive to really solve the cyber security problem. <br />
<br />
A recent article in Forbes, "<span style="font-size: small;">Shopping For Zero-Days: A Price List For Hackers' Secret Software Exploits<span style="font-size: x-small;">"<span style="font-size: small;"> by A<span style="font-size: small;">ndy Greenbe<span style="font-size: small;">rg (http://www.forbes.com/sites/andygreenberg/2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/) <span style="font-size: small;">talks about a particular firm that sell 0-day exploits to anyone who has the money. <span style="font-size: small;">A quote from the article caught my attention: "</span></span></span></span></span></span></span><span style="font-size: small;"><span style="font-size: x-small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;">Who’s paying these prices? Western governments, and specifically the U.S., says the Grugq, who himself is a native of <a href="http://www.forbes.com/places/south-africa/">South Africa</a>.
He limits his sales to the American and European agencies and
contractors not merely out of ethical concerns, but also because they
pay more." <span style="font-size: small;"> </span></span></span></span></span></span></span></span><br />
<br />
<span style="font-size: small;"><span style="font-size: x-small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;">As<span style="font-size: small;"> </span>other <span style="font-size: small;">w<span style="font-size: small;">riters have noted, there is now an eco<span style="font-size: small;">nomic incentive to NOT fix a bug in software. So, <span style="font-size: small;">the new paradigm is <span style="font-size: small;">to not fix 0-days, rather, it's to sell them or <span style="font-size: small;">pressure software vendors to not <span style="font-size: small;">fix them in order to give the nation<span style="font-size: small;">-</span>state an advantage.</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span><br />
<br />
<span style="font-size: small;"><span style="font-size: x-small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;">Yeah, I know. T<span style="font-size: small;">his is nothing new. But <span style="font-size: small;">here's <span style="font-size: small;">what this does to the common <span style="font-size: small;">security folk like <span style="font-size: small;">you and me. We can't afford to pay for 0-days<span style="font-size: small;"> </span>therefore we have to live with the consequences of having <span style="font-size: small;">0-days present in software we buy. We don't know if there are 0-days in software we buy therefore we have to <span style="font-size: small;"><span style="font-size: small;">implement</span> reactive defense tactics</span>. </span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span><br />
<br />
<span style="font-size: small;"><span style="font-size: x-small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;">W<span style="font-size: small;">hile</span> nation-states hoard 0-days<span style="font-size: small;"> for cyber warfare<span style="font-size: small;"><span style="font-size: small;">,</span> <span style="font-size: small;">"civilian" organizations are left vulnerable to effective<span style="font-size: small;">, successful cyberattacks. I<span style="font-size: small;">n other words<span style="font-size: small;">, <span style="font-size: small;">"civilian" org<span style="font-size: small;">anizations have no choice but to design reactive cyber defense strategies<span style="font-size: small;"> since we can't "prevent" an attack that exploits a software vulnerability i<span style="font-size: small;">nside our net. </span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span><br />
<br />
<span style="font-size: small;"><span style="font-size: x-small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"> </span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span> Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com1tag:blogger.com,1999:blog-3173237590648578243.post-40040520577078832402013-01-02T13:02:00.000-08:002013-01-02T13:02:01.735-08:00Application Security Questionnaires - The Time is Now!Back in 2009, I posted a note talking about vendor software security vulnerabilities and how they undermine our security. Way back in the early 2000's, I was quoted in a USA Today article on Cybersecurity saying that I was surprised that there weren't many product liability lawsuits against software vendors. In my 2009 blog post, I said I feared that comment only caused software vendors to modify their EULAs instead of fixing the problem.<br />
<br />
This problem has been around since the first program was written. The difference is that people are actively searching for these bugs to gain access to an organization's network and data. I believe it is the fundamental vector for APT (I hate that term) attacks. Mudge told President Clinton about this problem in the late 1990's. <br />
<br />
I still hope vendors will actually check their code for common vulnerabilities. However, here are some recent instances that are telling me otherwise.<br />
<br />
1. Vendor www application fails a standard vulnerability scan from a commercial and freeware scanning tool. XSS flaws across multiple pages in their hierarchy were the most common error.<br />
<br />
2. Vendor supplied password of "changeme" resulted in a compromise while they were onsite installing the software. They were surprised to find out our network was "open" to the net.<br />
<br />
3. Vendor password requirements undercutting our password strength requirements. <br />
<br />
We're in the process of modifying a Security Questionnaire for Software Vendors doc that we had in place for a number of years. It's outdated now but it did ask www app vendors if their software was vulnerable to any of the flaws mentioned in the OWASP Top 10 Security Risks ( https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project ). There have been a number of efforts to create an Application Security Questionnaire but they haven't gained acceptance.<br />
<br />
Why? These questionnaires are site-specific by nature. It's hard nee impossible to create a consensus document that addresses all sectors (.com, .mil., .edu, .org, etc.) of business or government. There is vendor resistance to any "requirements" clause. The recent flap caused by such a requirement in one of the recent Federal cybersecurity bills in Congress are examples of this resistance. To them, I say "if you had done it in the first place, there wouldn't be this attempt to 'regulate' you."<br />
<br />
Some of these include:<br />
<br />
<ol>
<li>http://www.sans.org/appseccontract/</li>
<li>https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project</li>
<li>http://searchsoftwarequality.techtarget.com/answer/Security-requirements-for-any-Web-application</li>
</ol>
For more links, google "application security requirements" for some useful links.<br />
<br />
<br />
Here is my wishlist for software vendors:<br />
<br />
<ol>
<li>Train your programmers in secure coding techniques. If they still leave security holes in your code, find another place for them in your organization.</li>
<li>Run a vulnerability scanner against your products. Your customers will start doing that soon. It's much worse for your reputation if the customer runs a scanners and finds errors.</li>
<li>Pay attention to the results in #2 and fix the problems before releasing it. </li>
<li>Do NOT assume the network will "protect" your application. </li>
<li>Follow some sort of best practices for password strength guidelines. Don't ever convert everything to upper or lower case only.</li>
<li>Never store user passwords in the clear. That's just plain idiotic. </li>
<li>Store sensitive data in an encrypted format. It can be done with the common database systems properly. See #1.</li>
</ol>
The purpose of a site questionnaire is to provide the customer with information about the security of the vendor applications they are considering purchasing. "Failing" the questionnaire isn't an automatic no-buy action. It informs the customer that additional security controls must be in place.<br />
<br />
The questionnaire is another component in a risk-based security management strategy. If the software is needed for business purposes and the user accepts the risk, then purchase can continue.<br />
<br />
The time of software vendors letting the customer debug their code has to come to an end immediately. OS vendors have done this and the number of OS issues has been reduced. It's time for application vendors to step up and deliver.<br />
<br />
1/2/2013 RCM <br />
<br />
<br />
<br />
<br />Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com25tag:blogger.com,1999:blog-3173237590648578243.post-69384340280630446812012-10-03T12:15:00.001-07:002012-10-04T10:35:48.469-07:00 Are Silicon Valley "campuses" the 21st century version of coal mining company towns?I was reading a recent article about the new Facebook "campus" that is being built in Menlo Park at the old Sun Microsystems facility. It's on 57 acres with an additional 22 adjacent acres set aside for more expansion. Later in the article, it mentions a Facebook official saying they "envisioned a long courtyard at the hear of the cluster of buildings being turned into a play on a European street scene where workers could exchange ideas in an outdoor social scene." <br />
<br />
I have some friends and former students who are working for other Silicon Valley companies with similar "campuses". They tell me they love it because they have housing, laundry facilities, dining halls, some stores all on campus. They tell me they don't need a car because everything they need is right there. A couple of them said it was like being in college. Of course, I always ask them about salaries and they were predictably decent salaries. A few of them said they were taking salary cuts in lieu of stock options. I started to get a funny feeling about that but couldn't quite put my finger on what was bothering me.<br />
<br />
A couple of weeks ago, I was watching one of my favorite movies, "Matewan", which tells the tale of a struggle between WV coal miners and the local coal mining company. The struggle resulted in a shootout that became known as the Matewan Massacre. Now, my reason for liking the movie is that a bunch of my musician friends are featured in the movie. Anyway, while I was watching the movie, it suddenly hit me why I felt a little uneasy when I was talking with my former students about their jobs in the Silicon Valley campuses.<br />
<br />
If you look at the history of coal mining towns, you find that everything in the town was owned by the company. Miners were paid in scrip and a portion of their salary was deducted for living expenses. You paid for items in the company stores with scrip. Basically, you paid for everything in scrip.<br />
<br />
The Facebook article got me thinking about the parallels between the Silicon Valley campuses and the coal mining company towns of the early 20th century. Here's some parallels that occurred to me:<br />
<br />
<ol>
<li>All "living" services - housing, food, laundry, schools, transportation, entertainment, employment provided and owned by the company.</li>
<li>Coal Company "scrip" = 21st Century stock options. Stock options can't buy me a car :-).</li>
<li>Miners/Workers aren't encouraged to leave the town/campus. Companies want them to stay on campus and work more than the traditional 40 hour week. </li>
</ol>
You could probably find more parallels but these are just a few that came to me. <br />
I hope this "campus" model of employment doesn't lead to abuses such as those that happened in our history. <br />
<br />
<br />
<br />
<br />Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-68638990211674080352012-04-09T11:36:00.008-07:002012-04-10T12:02:41.558-07:00A Cyber Security Industrial Complex?Dwight Eisenhower is one of my heroes. Yep, I said it right here and now. His speech on the military-industrial complex is only now being appreciated. It was done 50 years ago and is still relevant today. Why am I bringing this up and what does this have to do with cybersecurity?<br /><br />I did a SANS Lightning talk this past month and when I was researching material for the talk, I stumbled across some reference material from 2001 called "Top 10 Security Mistakes" (http://www.computerworld.com/s/article/61986/Top_10_Security_Mistakes). They were:<br /><br />1. The not-so-subtle Post-it Note.<br />2. We know better than you.<br />3. Leaving the machine on, unattended<br />4. Opening e-mail attachments (remember the Love Bug virus?) from mere acquaintances or even strangers.<br />5. Poor password selection.<br />6. Loose lips sink ships.<br />7. Laptops have legs.<br />8. Poorly enforced security policies.<br />9. Failing to consider the staff.<br />10. Being slow to update security information.<br /><br />Take a look at this list and tell me which of these mistakes have we eliminated in the past 10 years. If you come up with an answer of "none", then the follow-up question would be "what have we been doing these past 10 years?".<br /><br />I found another slide from a 2002 presentation I did where I made the following statement:<br /><br />"Viruses, trojans, rootkits will never be eliminated because we've created a multi-billion dollar industry to combat them. If we eliminate the root causes of cyber attacks, we eliminate a multi-billion dollar industry". I believe there's no economic incentive to eliminate these root causes. Or to put it another way, there is a strong economic incentive to NOT eliminate the root causes of cybersecurity attacks.<br /><br />Now, mind you, I've been an active part of the Cyber Security "industry" for the past 20 years. I helped write the original SANS/FBI Top 10 Internet Threats document back in 2000. Part of my job is measure the effectiveness of our defense strategies. If I use this 2001 list to examine our effectiveness industry wide, I think while we've made some progress, we (the collective we) have failed miserably.<br /><br /> Alan Paller talked about the 4 quadrants of cybersecurity: Academic Security Researchers, Hunters/Tool Builders, Operator/testers who monitor IPS, IDS, pentest tools and Audit/Policy/Compliance workers. The largest of these quadrants is the Audit/Policy/Compliance group which seems a little backward to me. We're focusing on compliance instead of actually fixing the problem. We need to train and develop more people in the Hunter/Tool Builder category so that we have a chance at fixing the root causes of cyber attacks one of which is insecure code.<br /><br />And so we come back to President Eisenhower's speech. We're seeing the militarization of cyberdefense. Defense contractors who used to specialize in tanks, helicopters, jets, advanced weaponry are retooling to become cybersecurity "experts". We're seeing a lot of money being spent to defend/monitor instead of fixing the root causes.<br /><br />Are there parallels between the complex of the 60's and the "complex" of the 201x's? Take a look at a recent NPR article on Eisenhower's speech and see if you can draw the parallels. It's at http://www.npr.org/2011/01/17/132942244/ikes-warning-of-military-expansion-50-years-later.<br />More on this later.....Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com0tag:blogger.com,1999:blog-3173237590648578243.post-69365058113198212162011-12-26T21:40:00.001-08:002011-12-26T22:13:54.174-08:00Tales About My Dad: The Magic HorsesA holiday story....<div><br /></div><div>When I was about 8-9 years old, I had a couple of plastic horses that I used to play with all the time. They were my best excuse for not going to bed at the appointed time. I'd leave them downstairs and then tell my Dad that I forgot them and absolutely had to go back down and get them. It was a kid's attempt at stalling and delaying the inevitable. Of course, my Dad saw through the ruse and proceeded to tell me that I didn't have to go downstairs to get them. All I had to do was whistle the special tone that only they could hear and they would come galloping up the stairs into my room. The only condition was that I had to be on my bed after I whistled the magic tone. </div><div><br /></div><div>Dad: Come here to the bedroom door and whistle the special tone. When you hear them coming up the stairs, run to your bed and they'll come.</div><div><br /></div><div>Me: Right. (8 year old sarcastic tone) They're just going to come up the stairs by themselves.</div><div><br /></div><div>Dad: Trust me. Whistle like this....<wee> and listen. When you hear them come up the stairs, run to your bed and they'll be there.</wee></div><div><br /></div><div>Me: (ok, I'll try it once and then run downstairs to get the horses). <whistling> 2 tones that sound like Wee Hoo! Wee Hoo!</whistling></div><div><br /></div><div>Scratching noises on the hardwood floor suddenly are heard. I look at my dad and he says "run to the bed". No sooner do I land on the bed when WHACK! The horses hit me in the chest and land on the bed. I stare at them totally amazed.</div><div><br /></div><div>The next night, I follow the standard procedure 8 year olds follow when they've witnessed an unexplained event. We do it again. But this time, I'm ready. I figure, my old man put the wool over my eyes and had them in his hand and threw them at me when I wasn't looking. So, before I go to the door, I have my Dad sit down on the chair by the bed so I can keep my eye on him. I go to the door, stick my head out and whistle the special tone "Wee Hoo! Wee Hoo!". Then, I hear the scratching sounds of the horses hooves on the hardwood floor below, I run to my bed, keeping my eyes on my dad who's sitting in front of me when WHACK! The horses hit me from behind! How could he have thrown them while in front of me and have them hit me from behind? What's going on here? Then it occurs to me that my Mom must be in on this. </div><div><br /></div><div>The next night, he sits on the chair by my bed. I go to the bedroom door but before I whistle, I yell for my mom. She answers from their bedroom right next to me. I go to the head of the stairs so that she's in front of me and my dad is in my room. There's no one downstairs. I whistle the the special tone "Wee Hoo! Wee Hoo!". I listen but there's no sound. Hah! I've got my parents trapped in their "trick". They can't throw the horses at me because I'm between them and the stairs. I whistle again "Wee Hoo! Wee Hoo!". Then I hear a scratching noise downstairs....the noise made by plastic hooves on hardwood floors....I look down the stairs and I see the first of the horses appear at the foot of the stairs! I did what any self respecting 8 year old would. I RAN! I didn't even make it two steps to my room and the horses hit me from behind! They hit me as my mom stood in front of me wondering what affliction has struck her son (that boy ain't right!). They hit me as my dad looked out from the chair in my room. I was dumbstruck! How could this have happened?</div><div><br /></div><div>My dad lived to be 100 years old. The day before he died, I was at his bedside playing some music on my hammer dulcimer for him. He laid there with his eyes staring into space, no words coming from his mouth. When I stopped playing for him, he blinked and looked at me. I don't know why but those horses popped in my head. I leaned over and I asked him if he remembered the horses from years ago. I didn't expect him to remember something that happened 43 years earlier but he looked at me and smiled. He did remember! </div><div><br /></div><div>Me: Dad, you remember that horse trick when I was a kid?</div><div>Dad: (whispering) yes.</div><div>Me: I have to know. How did you do it? I never figured out how you did it. How?</div><div><br /></div><div>My dad smiled faintly and motioned with his hand to come close to his mouth so I could hear what he was going to tell me. A silly childhood mystery was about to be solved. I leaned over to hear his answer.</div><div><br /></div><div>Dad: Magic.</div><div> </div>Randyhttp://www.blogger.com/profile/15650573868196476768noreply@blogger.com1