Friday, March 1, 2019
Graded Assignments Essay
The pursuance sections contain student copies of the deputisements. These must be distributed to students prior to the ascribable take cares for the assignments. Online students exclusivelyow for shit main course to these enumerations in PDF format, which allow be acquirable for downloading at any time during the course. Graded identification Requirements assigning Requirements documents provided below must be printed and distributed to students for guidance on finish the assignments and submitting them for grading.Instructors must remind students to retain all handouts and assignment documents issued in from distributively nonp atomic number 18il unit, as well as student-prepargond documentation and graded assignments. Some or all these documents volition be calld repeatedly across distinguishable units. building block 1 subsidization 1 Match Risks/Threats to Solutions retard Objectives and Outcomes You leave al unitary guide how to match common risks or th reats within the seven domains of a emblematic IT al-Qaida with results and stay actions. appellative RequirementsThis is a matching activity. You leave alone receive the Match Risks/Threats to Solutions rub downsheet, which contains a numbered run of common risks and threats found in a typical IT infrastructure. You must enter the letter for the correct solution or preventative action in the blank to the right of separately risk or threat. mandatory Resources Worksheet Match Risks/Threats to Solutions compliancy Requirements put Microsoft expression human face Arial, surface 12, suitwrite distance 1 page payable By unit 2 Self-Assessment ChecklistI hold back correctly matched all the risks or threats within the seven domains of a typical IT infrastructure with the solutions and preventative actions. social unit 1 subsidisation 2 Impact of a reading Classification archetype Learning Objectives and Outcomes You lead charter how to repair the impingement o f a data classification standardised on an organizations IT infrastructure. naming Requirements You atomic number 18 a entanglementing intern at Richman Investments, a mid-level monetary investment and consulting firm.Your supervisor has asked you to draft a brief root that describes the inherent example Only data classification standard of Richman Investments. Write this stem addressing which IT infrastructure domains be affected by the standard and how they atomic number 18 affected. In your physical composition, mention at to the lowest degree(prenominal) 3 IT infrastructure domains affected by the midland Use Only data classification standard. Your report leave become pop of an executive summary to senior management. postulate Resources none entryway Requirements order Microsoft enunciate baptistry Arial, size 12, type preserveence work behavior lolly manual(a) of ardour distance 12 pages receivable By unit of measurement 2 Self-Assessment Checkl ist I lease identify at to the lowest degree three IT infrastructure domains affected by the Internal Use Only data classification standard. In my report, I meet include expatiate on how those domains are affected. Unit 2 denomination 1 Calculate the Window of Vulnerability Learning Objectives and Outcomes You testament learn how to calculate a window of vulnerability (WoV). Assignment Requirements You are reviewing the bail status for a small Microsoft workgroup LAN.The workgroup contains many distinct separations in the electronic profits determined by group memberships. An example of the network constituents is as follows Windows laptops travel salespeople, far suppliers, subdivision offices Windows desktops Accounting group, developer group, customer service group Windows servers administrative server, Microsoft SharePoint server, master of ceremonies Message Block (SMB) server A aegis rape has been set in which the SMB server was accessed by an wildcat rehear ser due to a bail hole.The hole was detected by the server software manufacturer the previous day. A patch will be available within three days. The LAN administrator demand at to the lowest degree one week to download, test, and install the patch. Calculate the WoV for the SMB server. required Resources None introduction Requirements formatting Microsoft cry Font Arial, Size 12, Double-Space Length 1 page callable By Unit 3 Self-Assessment Checklist I eat accurately mensurable the WoV. Unit 2 Assignment 2 Microsoft milieu psychoanalysis Learning Objectives and OutcomesYou will learn how to analyze a mixed-version Microsoft Windows environment and to identify the issues described in Microsoft credentials de trigger offment Advisories. Assignment Requirements You are reviewing the surety status for a small Microsoft workgroup LAN. The workgroup contains many distinct separations in the network as determined by group memberships. The network consists of estimators work ing on a variety of client platforms, much(prenominal) as Windows XP, Windows Vista, and Windows 7, and server products in a single environment.An example of the network divisions is as follows Windows laptops Traveling salespeople, out-of-door suppliers, branch offices Windows desktops Accounting group, developer group, customer service group Windows servers Administrative server, Microsoft SharePoint server, Server Message Block (SMB) server Microsoft coarse Vulnerability and Exposures (CVEs) are address through credential advisories with a interchangeable advisory ID. Other CVE sources sequestrate a CVE ID to advisories. Go through the archive of Microsoft Security Advisories on the quest link http//www.microsoft. com/technet/ tribute/advisory/archive. mspx (accessed September 15, 2010) Answer the next questions ground on the advisories for the past 12 months 1. What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them. 2. Do any vulner abilities involve privilege raising? Is this considered a high-priority issue? 3. Identify and document at least three vulnerabilities and the solutions related to the client configurations. requisite Resources meshwork entrance Requirements Format Microsoft ledgerFont Arial, Size 12, Double-Space Length 12 pages ascribable By Unit 3 Self-Assessment Checklist I stool determine at least five vulnerabilities for this workgroup LAN? I render identify privilege elevation as a high-priority issue? I shake up identified and documented at least three vulnerabilities related to the client configurations? Unit 3 Discussion 1 retrieve Control Models Learning Objectives and Outcomes You will learn just approximately access temper models for distinguishable scenarios. Assignment Requirements In this assignment, you consume a handout on the access accommodate models. consume the handout and discuss it with your classmates to collect answers for the following questions Select an access tame model that best prevents self-appointed access for separately of the five scenarios effrontery in the worksheet. Which types of system of logical access check offs should be aimd in to all(prenominal) one scenario? Justify your recommendations. Respond to at least two a nonher(prenominal) students views to lease in a meaningful debate regarding their choices or to counterbalance your choice. Required Resources Worksheet penetration Control Models endurance Requirements Format Microsoft pronounceFont Arial, Size 12, Double-Space mention demeanor dough manual of Style Length 12 pages callable By Unit 3 Self-Assessment Checklist I collect correctly selected an access control model that best prevents an unlicensed access for each of the five scenarios precondition in the worksheet. I take selected the correct types of logical access controls that should be utilise in each scenario. I imbibe included justifications for my recommendations. I have res ponded to at least two other students views. Unit 3 Assignment 1 irrelevant entry Control Policy Definition Learning Objectives and OutcomesYou will learn how to role a remote access control form _or_ system of government commentary for an IT infrastructure. Assignment Requirements Richman Investments is an investment and consulting firm. The caller wants to expand its business operations twain in the U. S. and in foreign countries. It intends to eventually have 10,000 employees in 20 countries. The Richman corporate headquarters is located in phoenix, Arizona. Currently, in that location are eight branch offices in Atlanta, Georgia Chicago, Illinois Cincinnati, Ohio Denver, Colorado Los Angeles, atomic number 20 Montreal, Canada naked York City, New York Washington, D. C. The North Ameri dope offices have a total of 5,000 employees who use desktops, mobile computing machines, and wireless devices. The Phoenix office has an network radio link to all remote offices bec ause redundancy is extremely important to the community. There are several(prenominal) rude(a) practical applications that all offices use. The management from each office share application instruction that is hosted at the corporate office. Design a remote access control policy for Richman using the appropriate access controls for systems, applications, and data access. accept the design and justification for using the selected access controls for systems, applications, and data access. Required Resources None Submission Requirements Format Microsoft battle cry Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages due By Unit 4 Self-Assessment Checklist I have correctly knowing a remote access control policy for the attached scenario. I have correctly selected appropriate access controls for systems, applications, and data access. I have included my justification for using the selected access controls for systems, applications, and data ac cess.Unit 4 Assignment 1 Enhance an lively IT Security Policy manikin Learning Objectives and Outcomes You will learn how to research standards. You will learn how to carry through Remote Access Standard. You will learn how procedures and guidelines fit within an IT aegis policy framework. Assignment Requirements You will receive the worksheet entitled Enhance an Existing IT Security Policy Framework. It contains a scenario and an illustration of a portion of a companys trade protection policy framework. After studying the worksheet, grapple the following tasks Research Remote Access Standards on the Internet.For the given scenario, hold open a draft Remote Access Standard that will focus the fact of risks, threats, and vulnerabilities in the Remote Access domain of the given IT infrastructure. thrust sure you include the minimum remote computer configurations, the use of anti-malware software, and the fasten virtual clubby network (VPN) access in the Remote Access Stand ard. Indicate the names of procedures or guidelines that you would add under the Remote Access Standard. Required Resources Worksheet Enhance an Existing IT Security Policy Framework Internet Submission Requirements Format Microsoft WordFont Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages due(p) By Unit 5 Self-Assessment Checklist I have written an appropriate Remote Access Standard, which includes the minimum remote computer configurations, the use of anti-malware software, and the secure VPN access. I have included the names of at least two procedures or guidelines that would appear under the Remote Access Standard in the framework. Unit 4 Assignment 2 Acceptable Use Policy (AUP) Definition Learning Objectives and Outcomes You will learn how to research and examine AUPs enforced by other organizations.You will learn how to compose a portion of an AUP for an organization. Assignment Requirements You are a networking intern at Richman Investmen ts. An employee of the company used employer-owned equipment to access the Internet and check his personal wind vane-based e-mail account. He followed a link in a spam e-mail, downloaded games to his hard disk, and unknowingly infected the computer with malware, which spread to the network server. The security officer at Richman has asked you to research and to line the unimpeachable use of Richman assets regarding Internet and e-mail access, including the actions that are prohibited.. Then, the employees must be restricted from using the Internet at work for personal use, other than to occasionally check Web-based personal e-mail accounts. individualized downloads must be strictly prohibited. Your definition will become surgical incision of the overall AUP. For this assignment Research acceptable use policies on the Internet. capture the actual policies of real companies. Compare the portions that address Internet and e-mail access of at least three different companies. Creat e an AUP definition for Richman Investments that defines the acceptable and unacceptable use of Internet and e-mail access at Richman.Required Resources Internet Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages Due By Unit 5 Self-Assessment Checklist I have conducted fitted research of AUPs before defining the policy. I have included the appropriate statements that address both acceptable and unacceptable use of the Internet and Web-based e-mail accounts. Unit 5 Assignment 1 Testing and monitor Security Controls Learning Objectives and OutcomesYou will learn to recognize security events and service line anomalies that dexterity indicate suspicious activity. You will learn to identify policy violations and security breaches and to appropriately monitor threats and control activity across the network. Assignment Requirements Refer to the handout Testing and Monitoring Security Controls. It contains information on security events or breaches and baseline anomalies. After studying the handout, answer the following questions Identify at least two types of security events and baseline anomalies that might indicate suspicious activity.Given a list of policy violations and security breaches, select three breaches, and consider the best options for positive and monitoring each incident. Identify the orders to mitigate risk and minimize exposure to threats or vulnerabilities. Required Resources Worksheet Testing and Monitoring Security Controls Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Length 12 pages Due By Unit 6 Self-Assessment Checklist I have identified at least two security events and baseline anomalies.I have indicated the best options for controlling and monitoring three of the policy violations and security breaches from the list. I have identified the methods to mitigate risk and to minimize exposure to threats or vulnerabilities. Uni t 5 Assignment 2 Define an Acceptable Use Policy (AUP) Learning Objectives and Outcomes You will learn to successfully identify inappropriate activity on a network and to develop a basic AUP that describes the handling of such incidents. Assignment Requirements Richman Investments requires the enforcement of strict ingress-egress filtering policies for network traffic.Certain traffic is expressly disallow No peer-to-peer consign sharing or foreignly reachable file transfer protocol (FTP) servers No downloading executables from known software sites No unauthorized redistribution of licensed or copyrighted material No exportinging sexual software or technical material in violation of export control laws No introduction of malicious programs into networks or onto systems No accessing unauthorized indispensable imaginativenesss or information from external sources No port examine or data interception on the networkNo denying service or circumventing authentication to legitimate users No using programs, scripts, or commands to interfere with other network users No sending unsolicited e-mail messages or discarte du jour mail to company recipients No accessing adult content from company resources No remote connexions from systems failing to meet minimum security requirements Define a LAN-to-WAN, Internet, and Web surfriding AUP that restricts usage of the companys Internet connection and permits the company to monitor usage of the corporate Internet connection.Carefully measure the implications of each policy and how actionations might impact the IT infrastructure, both positively and negatively. numerate the benefits and the disadvantages of each method. Consider whether or not a proposed solution causes an temporary removal to the legitimate users and how it might bring security at the expense of preventing a perfectly legitimate activity. Required Resources None Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages Due By Unit 6 Self-Assessment ChecklistI have defined an effective LAN-to-WAN, Internet, and Web surfing AUP. I have evaluated the implications of each policy. I have carefully considered the benefits and disadvantages of each policy enforcement control. I have proposed strong ideas for acceptable and unacceptable resource usage. Unit 6 Assignment 1 BCP, DRP, BIA, and Incident Response figure Mix and Match Learning Objectives and Outcomes You will strengthen your understanding of occurrences regarding a business continuity blueprint (BCP), disaster recovery architectural plan (DRP), business impact analysis (BIA), and an incident response plan. Assignment RequirementsIn this assignment, you are provided with a handout on the study elements that are part of a BCP, DRP, BIA, and incident response plan. You must appropriately align the elements with their corresponding plans. Required Resources Worksheet BCP, DRP, BIA, and Incident R esponse scheme Mix and Match Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Length 1 page Due By Unit 7 Self-Assessment Checklist I have correctly matched all the elements with the plans. Unit 6 Assignment 2 three-figure and Qualitative Risk Assessment Analysis Learning Objectives and OutcomesYou will be able to analyze real-world scenarios and perform a quantitative risk judgement and a qualitative risk assessment by performing proper calculations. Assignment Requirements In this assignment, you are provided with a handout on a quantitative risk assessment and a qualitative risk assessment. Go through the scenarios given in the handout and answer the questions. Required Resources Worksheet three-figure and Qualitative Risk Assessment Analysis Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Length 12 pages Due By Unit 7 Self-Assessment ChecklistI have correctly calculated the values for Single loss expectancy (SLE) , Annual rate of occurrence (ARO), and Annual loss expectancy (ALE). I have determined the intensity of the safeguard of buying insurance. I have determined whether or not Richman should buy the insurance. I have supported my choice with an explanation. I have correctly calculated the risk level of each of the risk given in the scenario. I have correctly prioritized the given risks. I have created an effective risk matrix for the given scenario. Unit 7 Assignment 1 Select Appropriate encoding Algorithms Learning Objectives and OutcomesYou will learn how to select the appropriate encoding methods and techniques for real-world business applications. Assignment Requirements In this assignment, you are given a handout which contains a list of the common encryption algorithms and five scenarios. Match the common encryption algorithms with real-world business applications and the requirements for given different scenarios. Give justification for your selections. Required Resources Work sheet Select Appropriate Encryption Algorithms Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Length 1 pageDue By Unit 8 Self-Assessment Checklist I have selected the appropriate encryption algorithms and the methods for the given scenarios. I have justified the selections I have made. Unit 7 Assignment 2 Design an Encryption Strategy Learning Objectives and Outcomes You will learn how to design an enterprise encryption strategy. Assignment Requirements In this assignment, you are given a handout that contains the scenario of Richman Investments which desires an enterprise encryption strategya unexclusive key infrastructure (PKI) that supports internal employees, external business partners, and clients.You accept to design the enterprise encryption strategy for Richman Investments. In your design, include the following Select appropriate encryption algorithms and methods. Identify and justify the selection of encryption solutions that support inte rnal employees, external business partners, and clients. Required Resources Worksheet Design an Encryption Strategy Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages Due By Unit 8 Self-Assessment Checklist I have selected the appropriate encryption algorithms and methods.I have identified and justified my selection of the encryption solutions that support internal employees, external business partners, and clients. Unit 8 Assignment 1 internet Hardening Learning Objectives and Outcomes You will learn the essentials of network hardening for a given network layout. Assignment Requirements In this assignment, you are given a handout which contains four different network layouts. Your instructor will assign one of the four layouts to you. For your layout, you are required to devise at least three strategies for hardening the network environment passim the seven domains of a typical IT infrastructure. Support your decisions with your justification. Required Resources Worksheet Network Hardening Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Length 12 pages Due By Unit 9 Self-Assessment Checklist I have identified at least three network hardening strategies for the given network layout. I have given the justification for my decisions. Unit 8 Assignment 2 Network Security Applications and Countermeasures Learning Objectives and Outcomes You will learn how to determine where certain security countermeasures sacrifice across the seven domains of a typical IT infrastructure.Assignment Requirements In this assignment, you are given a worksheet that contains a list of network security applications and countermeasures. You need to identify where they belong, within the seven domains of a typical IT infrastructure and what confidentiality, integrity, and availability (CIA) function they provide. Complete the worksheet and submit to your instructor for eva luation. Required Resources Worksheet Network Security Applications and Security Countermeasures Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Length 12 pagesDue By Unit 9 Self-Assessment Checklist I have accurately set security countermeasures within the seven domains of an IT infrastructure. I have identified the portions of the CIA three-bagger affected by specific security countermeasures. Unit 9 Assignment 1 List Phases of a Computer Attack Learning Objectives and Outcomes You will learn how to identify the activities that occur during each phase of a computer attack. Assignment Requirements In this assignment, you need to pretend to be ethical hackers who need to protect their organization from a computer attack.List the general phases of a computer attack. Thinking like an aggressor, you should add items to each phase that an attacker would consider when performing a successful computer attack. You can refer to the text guard for this cours e. Required Resources Textbook Fundamentals of breeding Systems Security Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages Due By Unit 10 Self-Assessment Checklist I have identified at least three phases of a computer attack.In my answer, I have included the factors the attackers take into consideration when targeting computers or networks. Unit 9 Assignment 2 Summary Report on a Malicious economy Attack Learning Objectives and Outcomes You will learn how to mitigate the threat of a computer virus or malware attack. Assignment Requirements Select a known virus or malicious code attack, and write a summary report explaining what kind of malicious attack it was, how it spread and attacked other devices, and how it was mitigated. Indicate how you would defend the attack from recurring on a network you control.You may use the Internet for research. Consider the following The severity of the outbreak The propagation methods and fastness The targets of the attack The success rate of the attack vector Additional complexness self-armoring, self-updating, and so on The ways to defend infection in all domain The ways to defend intrusion at every spirit level Required Resources Internet Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages Due By Unit 10 Self-Assessment Checklist I have included the following in my summary reportThe type of malicious attack How it spread and attacked other devices How it was mitigated I have specified details on how to defend the attack from recurring on a network. Unit 10 Assignment 1 Examine Real-World Applications of Security Standards and Compliance Laws Learning Objectives and Outcomes You will learn to relate a well-known standard or law to real-world applications. Assignment Requirements In this assignment, you are given a handout on security standards and compl iance laws. The handout contains a list of international and domestic information security standards and compliance laws.You need to select one and describe its real-world applications in both private and public sectors. Required Resources Worksheet Examine Real-World Applications of Security Standards and Compliance Laws Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages Due By Unit 11 Self-Assessment Checklist I have correctly described real-world applications of the chosen standard or law. I have included examples in both the private and public sectors. Unit 10 Assignment 2 Small- to Medium-Sized Business Analysis Learning Objectives and OutcomesYou will learn how to apply the Payment Card attentions Data Security Standards (PCI DSS) standard to a small- to medium-sized business. Assignment Requirements hand-to-mouth(prenominal) Media is a small- to medium-sized business that is involved in the sale of used books, CDs/DVDs, and computer games. Meager Media has stores in several cities across the U. S. and is planning to bring its line of descent online. The company will need to support a credit card transaction processing and e-commerce Web site. Write a summary report detailing what Meager Media must do when setting up its Web site to maintain compliance with the PCI DSS standard.Obtain a copy of the PCI DSS standards document from the following Web site and address all 6 principles and 12 requirements in your report https//www. pcisecuritystandards. org/security_standards/pci_dss. shtml (accessed September 14, 2010) Required Resources Internet Submission Requirements Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 34 pages Due By Unit 11 Self-Assessment Checklist I have presented a detailed plan for creating a PCI DSS-compliant Web site. I have addressed all 6 principles and 12 requirements of the PCI DSS. Project Se curity lands and StrategiesPurpose This project provides you an opportunity to apply the competencies gained in various units of this course to identify security challenges and apply strategies of countermeasures in the information systems environment. Learning Objectives and Outcomes You will learn the purpose of a multi- pointed security strategy. You will understand the information systems security (ISS) fundamentals including the definition of terms, concepts, elements, and goals. You will incorporate the industry standards and practices with a focus on the confidentiality, integrity, availability, and vulnerabilities of information systems.You will fulfill the role of a security professional implementing proper security controls in a specific business situation based on Systems Security Certified Practitioner (SSCP) Common Body of Knowledge domains. Required Source Information and Tools To complete the project, you will need the following 1. Access to the Internet to perform r esearch for the project 2. Course textbook 3. (ISC)2 SSCP Common Body of Knowledge available in the SSCP Candidate Information publicize Project Logistics The project is divided into one smaller and one major assignment as per the details below Activity Name depute Due By % Grade Project representative 1. Multi-Layered Security invention Unit 1 Unit 2 6 Project go against 2. Student SSCP Domain Research Paper Unit 2 Unit 11 15 Deliverables Project Part 1 Multi-Layered Security Plan Introduction The components that make up cyberspace are not automatically secure. This includes cabling, physical networks, operating systems, and software applications that computers use to connect to the Internet. There is a raging information security war. The goal is to protect national security and business information. Therefore, IT is in great need of proper security controls. ScenarioRichman Investments is a mid-level financial investment and consulting firm. The Richman corporate headquarter s is located in Phoenix, Arizona. Currently, there are eight branch offices in Atlanta, Georgia Chicago, Illinois Cincinnati, Ohio Denver, Colorado Los Angeles, California Montreal, Canada New York City, New York Washington, D. C. Tasks You are a networking intern at Richman Investments. This morning, you accepted an e-mail from your supervisor stating that you need to create an portray of the general security solutions planned for the safety of data and information that belongs to the organization.You are told that every month, the networking division needs to submit a report to the senior management about the security plan for the month, and this time, your outline will become a part of that report. Therefore, you need to research the elements of a multi-layered security plan and to create an outline. Your outline should indicate one or more general security solutions for each of the seven domains of a typical IT infrastructure. For this project part, you may use the book for t his course and the Internet to research the concept of a multi-layered security plan.Include several applicable layers for the plan, and describe at least one layer of security for each of the seven domains. Project Part 1 should be submitted in the following format and style Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 12 pages Self-Assessment Checklist I have included several applicable layers for the plan. I have described at least one layer of security for each of the seven domains. I have conducted adequate independent research for the report.Project Part 2 Student SSCP Domain Research Paper Introduction The (ISC)2 SSCP is frequently viewed as the first whole tone in an information security career path, leading to the Certified Information Systems Security Professional (CISSP) and other advanced certifications. Scenario Continuing the Richman Investments scenario explained in Part 1 of the project, the offices have a tot al of 5,000 employees, and the office technology stock-take includes desktops, mobile computers, and wireless devices.There is a mix of computers running Windows XP, Windows Vista, Windows 7, and mackintosh OS X. Most of the managers have BlackBerry devices for instant communication, and all employees are provided cellular phone phones. A Windows Active Directory forest with domains is set up for each office, and seven file and print servers are located in the Phoenix office. The Phoenix office also contains two proxy servers, configured as an array, that provide Web cache services and Internet access control for the organization.The majority of applications are Web-based and hosted from the Phoenix office. The Phoenix office has an Internet connection to all the remote offices, and the redundancy is extremely important to the company. There are several sensitive applications that all offices use. The management from each office shares application information that is hosted at the corporate office for accounting and reporting purposes. completely employees have Internet access. There is no policy on the use of removable media. Several of the branch offices have encountered issues with malware recently.Richman hosts an intranet for employees to access information about the company and to enroll in company benefits programs. Richman also hosts an extranet for its business partners. Due to many recent technology and process improvements within Richman, the corporate security policy is out of date, and each branch office policy differs. Tasks You are a networking security intern at Richman. You have been asked to submit a proposal to Richman senior management. In the proposal, you must choose to address one of the following and relate it to the appropriate SSCP domains 1. found on the expound that Richman has 5,000 employees throughout the main office and several branch offices, you must research solutions and detail the appropriate access controls including p olicies, standards, and procedures that define who users are, what they can do, which resources they can access, and which operations they can perform on a system. 2. found on the premise that just about of the managers have BlackBerry devices for instant communications and all employees are provided cell phones, you must research and detail the cryptography methods to protectorganizational information using techniques that get word its integrity, confidentiality, authenticity, and nonrepudiation, and the recovery of encrypted information in its original form. 3. Based on the premise that there is a mix of computers running Windows 2000, Windows XP, Windows Vista, Windows 7, and macintosh OS X, you must research and devise a plan to crossbreed malicious code and activity by implementing countermeasures and prevention techniques for dealing with viruses, worms, logic bombs, Trojan horses, and other related forms of intentionally created deviant code.4. Based on the premise that all employees have Internet access to browse the Web, there is no policy on the use of removable media, and several of the branch offices have encountered issues with malware recently, you must research and formulate a plan to implement monitoring and analysis. You must determine system implementation and access in accordance with defined IT criteria as well as how to collect information for identification of and response to security breaches or events.5. Based on the premise that Richman hosts an intranet for employees to access information about the company and enroll in company benefits programs, and that Richman also hosts an extranet for its business partners, you must research and devise a method to secure networks and communications. This should include the network structure, transmission methods and techniques, transport formats, and security measures used to operate both private and public communication networks.6. Based on the premise that the Phoenix office contains two p roxy servers configured as an array, which provide Web cache services and Internet access control for Richman, and that the majority of applications are Web-based and hosted from the Phoenix office, you must assess risk, response, and recovery. Conduct a review of the implementation processes essential to the identification, measurement, and control of loss associated with uncertain events. 7.Based on the premise that the corporate security policy is out of date and each branch office policy differs, you must research and define security operations and administration including the identification of information assets and documentation of policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability. You need to write the proposal as detailed in the instructions above. Be sure that you create a professional, well-developed proposal with proper documentation, grammar, spelling, and punctuation. In addition, document the vulnerabilities, meth ods, and controls effectively.Project Part 2 should be submitted in the following format and style Format Microsoft Word Font Arial, Size 12, Double-Space Citation Style Chicago Manual of Style Length 45 pages Self-Assessment Checklist I have created a professional, well-developed proposal with proper documentation, grammar, spelling, and punctuation. I have successfully identified appropriate SSCP domains and related them to the scenario. I have documented the vulnerabilities, methods, and controls effectively. I have conducted adequate independent research for the proposal.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment