BAIT 3 INFORMATION SECURITY AND

RISK MANAGEMENT TUTORIAL

SOLUTIONS
Multiple-Choice Questions,

Multiple Choice Questions

1. What is the primary objective of digital auditing in information system

security?
Answer: B) To trace and verify actions
2. Which tool is best suited for capturing and analyzing network packets?
Answer: B) Wireshark
3. The process of maintaining the integrity of evidence from collection to court
presentation is known as:
Answer: B) Chain of Custody
4. Which tool is primarily used for monitoring user behavior to detect
anomalies?
Answer: B) Varonis
5. Digital time-stamping is used to:
Answer: B) Establish the timing of events
6. What is the main feature of write blockers?
Answer: B) Preventing data writing
7. A comprehensive tool for log aggregation and visualization is:
Answer: A) ELK Stack
8. Which act governs cybercrime regulations in Tanzania?
Answer: B) Cybercrimes Act (2015)
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
9. What is the purpose of user and entity behavior analytics (UEBA)?
Answer: B) To detect behavioral anomalies
10.A fintech company finds unusual data transfers during off-hours. Which tool
should be used first?
Answer: C) Splunk
11.Which of the following ensures logs remain unaltered during investigations?
Answer: B) Tamper-evident mechanisms
12.What does the term “privileged access monitoring” refer to?
Answer: A) Tracking elevated user privileges for anomalies
13.What is a key feature of the ELK Stack in digital auditing?
Answer: B) Log aggregation and visualization
14.Which type of analysis combines multiple data sources to identify
relationships between events?
Answer: B) Event correlation
15.Which component of UEBA focuses on detecting deviations from normal
user behavior?
Answer: B) Behavioral pattern analysis
16.The use of digital timestamping is essential for:
Answer: B) Verifying the authenticity of event timing
17.What legislation guides cybersecurity practices in Tanzania?
Answer: C) Cybercrimes Act (2015)
18.In a forensic investigation, which tool is best for network-level evidence
collection?
Answer: B) Wireshark
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
19.What is the purpose of creating a forensic image of a storage device?
Answer: B) To preserve evidence for analysis
20.Which tool is commonly used for automating log analysis in real-time?
Answer: A) Splunk
21.In Tanzania, the Cybercrimes Act (2015) requires organizations to preserve
logs for how long to ensure compliance?
Answer: C) 12 months
22.Which of the following is a key advantage of using forensic imaging in
digital investigations?
Answer: B) It creates an exact replica of data without altering the original
evidence
23.What is the main purpose of using event correlation tools in information
system audits?
Answer: B) To aggregate data and identify patterns indicating anomalies or
breaches
24.Which auditing tool is best suited for detecting anomalies in user behavior?
Answer: C) UEBA
25.A Tanzanian fintech company needs to ensure compliance with BoT data
security guidelines. Which of the following best aligns with this objective?
Answer: C) Conducting regular IS audits and maintaining an audit trail
26.Digital timestamping in forensic investigations is crucial for:
Answer: B) Verifying the sequence of events and ensuring evidence
integrity
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
27.Which of the following tools would be most effective in auditing seized data
from a compromised system?
Answer: A) FTK Imager
28.What is a significant challenge when using privileged access monitoring to
secure financial systems?
Answer: B) Privacy concerns over monitoring administrative users
29.How does the use of SWOC (Strengths, Weaknesses, Opportunities,
Challenges) analysis benefit IS security management?
Answer: B) It helps identify gaps in security and align strategies with
organizational goals
30.Which Tanzanian regulatory authority is primarily responsible for
overseeing cybersecurity in the telecommunications sector?
Answer: B) TCRA

Should I move to the True/False Questions, or do you want further explanations

for any of these answers?

True/False Questions

1. Digital auditing ensures accountability and non-repudiation.

Answer: True
2. The main purpose of digital auditing is to anonymize data for compliance.
Answer: False
3. Chain of custody is essential for maintaining the integrity of evidence.
Answer: True
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
4. Wireshark is used to create forensic images of storage devices.
Answer: False
5. Splunk is primarily a forensic imaging tool.
Answer: False
6. UEBA analyses behavioral patterns to detect deviations.
Answer: True
7. Audit trails help reconstruct events during an investigation.
Answer: True
8. Log tampering has no significant impact on digital auditing.
Answer: False
9. The Cybercrimes Act (2015) in Tanzania governs digital forensic practices.
Answer: True
10.Privileged access monitoring focuses on the actions of general users only.
Answer: False
11.Forensic imaging is essential for preserving the integrity of digital evidence.
Answer: True
12.Event correlation involves combining multiple logs to identify relationships
between events.
Answer: True
13.Digital timestamping does not enhance the reliability of audit trails.
Answer: False
14.The ELK Stack is primarily a data encryption tool.
Answer: False
15.Audit trails are optional in digital forensic investigations.
Answer: False
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
16.Tamper-evident mechanisms ensure logs remain unchanged during audits.
Answer: True
17.Splunk is used for forensic imaging of hard drives.
Answer: False
18.Wireshark is used to capture and analyses network traffic.
Answer: True
19.User and entity behavior analytics (UEBA) analyses patterns to detect
anomalies.
Answer: True
20.Privileged access monitoring is only applicable to general users.
Answer: False
21.Privileged access monitoring focuses only on detecting external threats to a
system.
Answer: False
22.Event correlation tools are essential for identifying patterns of malicious
activity in audit logs.
Answer: True
23.Digital timestamping ensures that the integrity of timestamps in logs is
preserved during audits.
Answer: True
24.The Cybercrimes Act (2015) in Tanzania requires organizations to report
cyber incidents within 24 hours.
Answer: True
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
25.Audit trails should always be encrypted to protect sensitive data from
unauthorized access.
Answer: True
26.Behavioral analytics is irrelevant in identifying insider threats.
Answer: False
27.Digital auditing can be used to ensure compliance with regulatory standards,
such as those set by BoT.
Answer: True
28.UEBA (User and Entity Behavior Analytics) is only effective for detecting
large-scale cyberattacks.
Answer: False
29.In digital forensics, tamper-evident logs are vital for maintaining the chain
of custody.
Answer: True
30.The purpose of SWOC analysis in IS security is to recommend sound
systems that align with organizational goals.
Answer: True

Matching Items Questions

Here are the matches for Column A with Column B:

 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
1. Privileged access management
D. Prevents unauthorized access by limiting sensitive system controls
2. Digital timestamping
B. Verifies the sequence of events and ensures evidence integrity
3. Audit trail
J. Ensures only authorized changes are made to digital records
4. Forensic imaging
B. Provides an unaltered copy of digital evidence for analysis
5. Event correlation tools
E. Tracks events to identify links between suspicious activities
6. Behavioral analytics
C. Analyses patterns in user activities to detect unusual behavior
7. Cybercrimes Act (2015)
A. A law in Tanzania focusing on addressing cybercrime and protecting data
8. Splunk
P. Tool used for monitoring and analyzing system logs in real-time
9. Phishing attack
K. A deceptive method to steal sensitive user credentials
10.Incident response plan
I. A framework for managing cyber incidents to minimize damage
11.Tamper-evident logs
X. Protects audit logs from tampering or unauthorized access
12.SWOC analysis
F. Helps determine strengths, weaknesses, opportunities, and challenges in
IS
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
13.Encryption
N. A security measure that converts data into unreadable formats for
protection
14.Insider threat
O. Suspicious or harmful activity initiated by an employee within an
organization
15.Regulatory compliance
Y. Tools that align IS with business goals by addressing risks
16.BoT
U. Regulates and supervises financial institutions in Tanzania
17.TCRA
G. Regulatory authority responsible for overseeing cybersecurity in
telecommunications
18.Digital forensic investigation
Z. The process of gathering evidence to investigate digital crimes
19.Vulnerability assessment
S. Technique used to detect and address weaknesses in IS
20.Two-factor authentication (2FA)
H. Strengthens access control by requiring two authentication factors
21.Data retention policies
L. Mandatory rules for organizations to store records for a specific time
22.Ethical dilemma
Q. The preservation of accurate and unmodified data in IS
23.User and Entity Behavior Analytics (UEBA)
C. Analyses patterns in user activities to detect unusual behavior
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
24.Risk mitigation
M. Combines strategies to protect systems against breaches
25.Firewall
V. Security component that blocks unauthorized network traffic
26.Mobile banking fraud
T. Banking-related scams where attackers exploit customers or systems
27.Blockchain vulnerabilities
W. Identifies vulnerabilities in smart contracts and decentralized systems
28.Cyber resilience
R. A measure of an organization’s ability to recover from cyberattacks
29.Privileged access monitoring
D. Prevents unauthorized access by limiting sensitive system controls
30.Data integrity
Q. The preservation of accurate and unmodified data in IS

Short Answer Questions

1. Define digital auditing and explain its role in information system

security.
Answer: Digital auditing is the process of evaluating an organization’s
information systems, applications, and data to ensure security, accuracy, and
compliance with standards. Its role includes identifying vulnerabilities,
ensuring data integrity, monitoring system activity, and ensuring compliance
with regulations.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
2. What is an audit trail, and why is it critical in IS security breaches?
Answer: An audit trail is a chronological record of activities or transactions
in an information system. It is critical for tracing actions, detecting
unauthorized changes, and reconstructing events during security breaches,
ensuring accountability and evidence integrity.
3. Briefly describe the importance of chain of custody in digital forensics.
Answer: Chain of custody ensures the integrity of evidence by documenting
its handling and storage from collection to court presentation. It prevents
tampering and maintains the reliability of digital evidence in investigations.
4. List two tools used for network traffic analysis and their primary
purposes.
Answer:
o Wireshark: Captures and analyses network packets to identify
anomalies or malicious activity.
o Zeek: Provides real-time network traffic analysis and logs for deep
inspection.
5. How does UEBA assist in detecting security anomalies?
Answer: UEBA (User and Entity Behavior Analytics) analyses behavioral
patterns of users and systems to detect deviations from normal activity,
identifying potential insider threats or compromised accounts.
6. Explain the role of Splunk in digital auditing.
Answer: Splunk is a tool for log aggregation, real-time analysis, and
visualization. It helps identify patterns, anomalies, and potential breaches by
processing large volumes of system and application logs.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
7. Identify one major challenge in log analysis and propose a solution.
Answer:
o Challenge: High volume of data makes identifying anomalies
difficult.
o Solution: Use advanced tools like AI-powered log analysis systems
(e.g., Splunk or ELK Stack) for automated anomaly detection.
8. What are privileged access controls, and why are they important?
Answer: Privileged access controls restrict and monitor high-level
permissions to sensitive systems. They prevent misuse of access rights,
reduce insider threats, and enhance system security.
9. Describe the process of creating a forensic image of a storage device.
Answer: A forensic image is created by making a bit-by-bit copy of a
storage device using tools like FTK Imager or EnCase. The process ensures
no changes are made to the original data, preserving it as evidence.
10.How does the Cybercrimes Act (2015) in Tanzania influence digital
auditing practices?
Answer: It mandates data retention, logging, and secure handling of digital
evidence, ensuring organizations comply with regulations and enabling
investigations into cybercrimes.
11.What are tamper-evident logs, and how do they ensure log integrity?
Answer: Tamper-evident logs are logs embedded with mechanisms (e.g.,
cryptographic hashing) to detect any unauthorized modifications. They
ensure evidence reliability during audits or investigations.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
12.Name one technique for digital timestamping and its relevance in IS
security investigations.
Answer:
o Technique: Trusted Time Stamping Authorities (TSA).
o Relevance: Verifies the timing of events, ensuring accurate
reconstruction of incidents.
13.How does log tampering affect digital auditing?
Answer: Log tampering compromises the accuracy of records, making it
difficult to trace events or detect security breaches, and undermines audit
reliability.
14.Define event correlation and its importance in IS security investigations.
Answer: Event correlation combines data from multiple sources to identify
patterns or anomalies. It helps detect security incidents by linking seemingly
unrelated events.
15.What is the difference between UEBA and traditional anomaly
detection?
Answer:
o UEBA: Focuses on behavior analysis using machine learning and
advanced analytics.
o Traditional anomaly detection: Often rule-based and limited to
predefined parameters.
16.Name one challenge faced by financial institutions in Tanzania when
implementing digital auditing.
Answer: Lack of skilled personnel to operate advanced auditing tools.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
17.Describe the role of audit trails in compliance with Tanzanian
cybercrime regulations.
Answer: Audit trails provide a record of activities that ensure compliance
with data retention and reporting requirements under Tanzanian laws.
18.What makes tamper-evident logs critical for forensic investigations?
Answer: They ensure the integrity of evidence, making logs admissible in
legal proceedings and reliable for reconstructing incidents.
19.How does forensic imaging support accountability in IS security
breaches?
Answer: By preserving exact copies of evidence, forensic imaging prevents
data tampering and provides a reliable basis for analysis.
20.What is the significance of privileged access monitoring in financial
organizations?
Answer: It tracks high-level user actions to detect misuse, prevent fraud,
and ensure compliance with security policies.

Scenario-Based Questions

Scenario 1

A multinational fintech organization discovers a breach in its supply chain

software.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
1. What digital auditing tools would you use to trace the source of the
breach?
o Tools: Splunk for log aggregation, Wireshark for packet analysis, and
event correlation tools like Exabeam to identify links between actions.
2. How could event correlation provide insights into how the breach
occurred?
o Event correlation aggregates data from various sources to identify
patterns, relationships, or anomalies that indicate the breach’s origin,
such as repeated access attempts or suspicious file downloads.
3. Propose strategies for mitigating third-party risks in this case.
o Conduct regular third-party security audits.
o Implement strict access controls and privilege management for
vendors.
o Require vendors to comply with cybersecurity standards, including
penetration testing.

Scenario 2

A Tanzanian bank experiences a phishing campaign targeting employees.

1. Which digital auditing techniques could trace the actions of

compromised accounts?
o Analyze audit logs to track login attempts and activities.
o Use UEBA to identify deviations in account behavior.
o Apply Splunk to correlate login times with phishing emails.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
2. How would you implement privileged access controls to minimize the
damage?
o Enforce multi-factor authentication (MFA) for all privileged accounts.
o Restrict access to sensitive systems based on job roles.
o Continuously monitor privileged account usage with alerts for
anomalies.
3. Suggest measures to prevent future phishing campaigns.
o Conduct regular employee training on identifying phishing attempts.
o Implement email filtering solutions to detect and block phishing
emails.
o Simulate phishing campaigns to test employee awareness.

Scenario 3

An employee at TCRA is suspected of unauthorized access to sensitive documents.

1. Describe how forensic imaging could provide evidence in this scenario.

o Forensic imaging captures a bit-by-bit replica of the employee’s
device without altering the original data, preserving evidence for
analysis.
2. What role does privileged access monitoring play in detecting insider
threats?
o Tracks high-level user activities, detecting anomalies like unusual
access times or excessive file downloads.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
3. Explain how UEBA could assist in identifying anomalies in employee
behavior.
o UEBA analyses behavioral patterns and flags deviations, such as
accessing restricted files or performing actions outside normal
working hours.

Scenario 4

A Tanzanian bank discovers an insider facilitated a $500,000 breach.

1. What auditing techniques and tools should be used to reconstruct the

missing audit trail?
o Use Splunk and ELK Stack to correlate logs from various systems.
o Recover tampered logs using backup copies or tamper-evident
mechanisms.
2. Propose at least three changes to the bank’s privileged access
management policy to reduce insider threats.
o Enforce least privilege access.
o Implement session recording for privileged accounts.
o Schedule periodic reviews of access permissions.
3. Recommend a framework for monitoring and continuously improving
the bank’s information system security posture. Include digital auditing
and forensic strategies.
o Implement a real-time monitoring system (e.g., Splunk).
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
o Use forensic imaging tools like FTK Imager for evidence
preservation.
o Conduct regular penetration testing and security audits.

Scenario-Based Questions:

Scenario 5

A Tanzanian fintech start-up relies on third-party software for processing mobile

payments. The software vendor’s system was hacked, exposing customer
transaction data.

1. Detail the steps to trace the origin of the malicious scripts using digital
auditing tools. What challenges might arise during this process?
o Steps:
▪ Use forensic imaging tools to capture and analyze the affected
system’s data.
▪ Apply network traffic analysis with Wireshark to trace
suspicious packet transfers.
▪ Use event correlation tools (e.g., Splunk) to link the activity to
the vendor's system.
o Challenges:
▪ Limited access to third-party systems.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
▪ Difficulty in distinguishing malicious scripts from normal
operations.
▪ Potential encryption of attack data by the attacker.
2. Discuss how third-party risk impacts fintech companies and propose
measures to audit third-party software security.
o Impact:
▪ Third-party vulnerabilities can directly affect customer data and
financial transactions, leading to financial loss and reputation
damage.
o Measures:
▪ Conduct regular security assessments and penetration testing of
third-party software.
▪ Require third parties to adhere to cybersecurity standards.
▪ Implement a robust vendor risk management framework and
monitor their security patches.
3. Design a comprehensive incident response plan for mitigating the effects
of this breach. Include steps for restoring customer trust and preventing
future occurrences.
o Incident Response Plan:
▪ Detection and Analysis: Identify and confirm the breach using
network and log analysis.
▪ Containment: Isolate the affected systems and prevent further
data leakage.
▪ Eradication and Recovery: Remove malicious scripts and
restore systems to a secure state.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
▪ Communication: Notify customers about the breach, outlining
what happened and what is being done.
▪ Prevention: Implement stronger security controls for third-
party software and continuous monitoring of system activities.

Scenario 6

A mobile banking platform in Tanzania reports a spike in unauthorized access

attempts targeting customer accounts. Cybercriminals are exploiting vulnerabilities
in two-factor authentication (2FA).

1. Identify the flaws in the existing 2FA process and suggest improvements
to strengthen authentication mechanisms.
o Flaws:
▪ Weakness in the 2FA method used (e.g., SMS-based codes that
can be intercepted).
▪ Lack of time-based token expiration or multi-device
verification.
o Improvements:
▪ Use more secure 2FA methods, like app-based or hardware
tokens.
▪ Implement biometric authentication (fingerprint or face
recognition).
▪ Introduce adaptive authentication, where multiple factors are
considered based on risk levels.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
2. How can digital auditing techniques be used to identify patterns in the
unauthorized access attempts? Propose specific tools and approaches
for this investigation.
o Approach:
▪ Use UEBA to analyze user login times and geolocation data to
identify patterns of suspicious access.
▪ Apply Splunk for log aggregation and to track failed login
attempts, account lockouts, and other irregular activities.
3. What ethical obligations does the mobile banking provider have toward
its customers in addressing this issue? Discuss in the context of
Tanzanian cybercrime laws.
o Ethical obligations:
▪ Notify affected customers immediately and provide clear
information about the breach.
▪ Offer affected customers support (e.g., temporary account
freezing, fraud monitoring).
▪ Ensure that all measures are taken to prevent similar incidents.
▪ Comply with the Cybercrimes Act (2015) by reporting the
breach to authorities within the legally required time frame.

Scenario 7

The Tanzania Communications Regulatory Authority (TCRA) suffers a

ransomware attack.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
1. Outline the immediate steps TCRA should take to investigate and
mitigate the ransomware attack. How should digital forensic tools be
applied?
o Immediate Steps:
▪ Isolate affected systems to contain the attack.
▪ Use forensic imaging tools to create copies of affected devices
for later analysis.
▪ Analyze the ransom note and network traffic using Wireshark
to understand the attack vector.
▪ Report the incident to the relevant authorities and follow the
incident response protocols.
2. Assess the long-term impact of this attack on TCRA’s operations and
public trust. What legal or regulatory challenges could arise from this
incident?
o Long-Term Impact:
▪ Disruption of TCRA services may affect communication,
regulation, and oversight of the telecommunications sector.
▪ Loss of public trust due to failure to protect sensitive data.
o Legal/Regulatory Challenges:
▪ Potential breach of data protection regulations (e.g., Tanzanian
data privacy laws).
▪ Possible legal liabilities due to failure to protect critical
infrastructure.
3. Propose a robust cybersecurity framework for TCRA, focusing on
digital auditing, backup strategies, and user training.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
o Cybersecurity Framework:
▪ Digital Auditing: Implement continuous monitoring with real-
time logging using tools like Splunk and ELK Stack.
▪ Backup Strategies: Ensure offsite, encrypted backups are done
regularly and are tested for recovery.
▪ User Training: Regularly train employees on phishing,
ransomware, and other social engineering tactics. Conduct
simulated attack drills.

Scenario 8

A Tanzanian accounting firm experiences an integrity violation in its financial

reporting software.

1. Explain how forensic imaging and audit trails can be used to identify
the source of the modifications. What challenges might be encountered
in this process?
o Forensic Imaging: Capture the system's hard drive to ensure a bit-by-
bit copy for investigation.
o Audit Trails: Review logs to track changes made to financial reports,
focusing on access times and users involved.
o Challenges:
▪ Potential tampering with logs or overwriting evidence.
▪ Difficulty identifying malicious insiders if access permissions
are too broad.
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
2. Discuss the ethical responsibilities of the accounting firm in disclosing
this incident to clients and regulatory bodies.
o Ethical Responsibilities:
▪ Immediately inform affected clients and explain the nature of
the violation.
▪ Report the breach to regulatory bodies as required by law (e.g.,
Tanzanian Financial Reporting Regulations).
▪ Cooperate with authorities in resolving the incident and
ensuring transparency.
3. Recommend measures to prevent future integrity violations, including
digital timestamping and tamper-evident logs.
o Measures:
▪ Implement strong user access controls and separate duties to
prevent a single person from making critical changes.
▪ Use digital timestamping to record all changes made to reports,
ensuring a clear audit trail.
▪ Enable tamper-evident logs to ensure any unauthorized
modifications are easily detected.

Note:

Please keep in mind that these solutions are provided to help guide you through the
tutorial questions, but there may be occasional errors or differences in
 BAIT 3 INFORMATION SECURITY AND
RISK MANAGEMENT TUTORIAL
SOLUTIONS
interpretation due to various factors (such as rounding, assumptions, or different
methods). I recommend reviewing the steps carefully and checking your own
understanding, as some answers may not be 100% accurate. If anything seems
unclear or doesn’t match your expectations, feel free to reach out and we can go
over it together!