Reference no: EM131308670
Assignment
Overview - Every organization must create a cyber security profile (System Security Plan (SSP)) for all of its major and minor information systems. The cyber security profile documents the current and planned controls for the system and addresses security concerns that may affect the system's operating environment. The cyber security profile includes security categorizations, security controls, and is included in the certification and accreditation package. For this project, you will create a sample cyber security profile describing the security posture of your selected organization.
Learning Objective - After completing this project, students will be able to 1) explain security categorizations, 2) explain management, technical, and operational controls, 3) provide examples of management, technical, and operational controls, and 4) create a security profile.
Media - Students will use the Internet and Microsoft Word. Students will use the NIST website. Students will use their selected organization's information security program documentation. Students will use several NIST Special Publications.
Deliverable - Your sample cyber security profile should be at least three (3) full pages, double-spaced, 1-inch margins, New Times Roman 12-Pitch font, include a cover page (name, course number, date, title of paper) and a reference page. The cover page and reference page are not included in the three-page minimum. Papers not meeting the three full-page minimum will lose points. You must have at least three (3) sources, correctly formatted per APA guidelines. Submit your security profile the appropriate assignment area by the due date.
Detailed Description of Learning Activity
1. 2. Review the sample 800-53 System Security Plan template attached to this conference. This is a template an organization would use if it was doing a FULL security profile.
3. Select one management, one technical, and one operational control that applies to HHS (i.e., Risk Assessment - RA).
4. Describe each control. Include why these controls (and family controls) are required.
5. For each management, technical, and operational control, select two family controls (Vulnerability Scanning - RA-5).
6. Describe each family control, state the implementation status as it relates to HHS's security program, and describe how your selected organization implements the control.
7. Write your sample cyber security profile. At a minimum, the profile should include:
a.) An introduction that includes the purpose of your paper and introduces security profiles as they relate to your selected organization.
b) An analysis section that includes items 3, 4, 5, and 6 above
c) A conclusion that summarizes what you wrote
8. Use Spell and Grammar Checker before submitting. It is also a good idea to have someone else read your paper. You should also review the below grading rubric to ensure you have all the graded components.
9. Submit the project to the appropriate TurnItIn assignment area by the due date AND post a comment in the WebTycho assignment area stating you uploaded your assignment to TurnItIn.
10. Use the MANDATORY template for this assignment. You will earn zero points if you do not use the template.
|
How should it change its target for the federal funds rate
: Would you recommend borrowing from a bank at an 18 percent annual interest rate to take advantage of the cash discount offer? Explain your answer.
|
|
Consider the dilemmas hospitals face
: For this discussion, consider the dilemmas hospitals face in treating the uninsured. Consider the following questions and post your response:
|
|
Most appropriate for an aggressive? investor
: An investor is considering purchasing one of the following three stocks. Stock X has a market capitalization of ?$99 ?billion, pays a relatively high dividend with little increase in? earnings, and has a? P/E ratio of 1111. Stock Y has a market capit..
|
|
Source of funding for state emergency management offices
: Who is usually in charge of developing and maintaining the community emergency plan?- Where does the emergency management office reside at the state level? Give three examples.
|
|
Create a cyber security profile for major information system
: Every organization must create a cyber security profile (System Security Plan (SSP)) for all of its major and minor information systems.
|
|
Critical chain project management
: Dave Armstrong has asked you to meet with him in his office. He continues to be concerned about the schedule. From a business perspective, he believes that this project will allow him to capture and hold 80% of the market but only if the project..
|
|
How do you think this attack impacted the us
: Do you think that this attack should be considered a terrorist attack or an example of guerrilla warfare? Why?In your opinion, how do you think this attack impacted the United States' government? Explain.How do you think it impacted the general popul..
|
|
What is the incident command system
: What kinds of things do volunteer organizations provide for victims in the aftermath of a disaster?- What is the Incident Command System, and why was it originally developed?
|
|
What is your profit? from these transactions
: Last year you sold short 400 shares of stock selling at ?$74.39 per share. Six months later the stock had fallen to ?$38.62 per share. Over the? six-month period the company paid out two dividends of ?$2.05 per share. Your total commission cost for s..
|