User Account

All Pages

Develop a plan to implement the security controls-policies

Assignment Help Management Information Sys
Reference no: EM131396862 , Length: 5

The final step in developing the network security plan is to define how the plan that you have developed will be implemented within the organization. Implementing security controls and adding security devices can be a complex process that will affect every aspect of the organization.

A detailed plan that phases in controls and new devices-and has a backup plan for any problems-will greatly increase the success rate of implementing a network security plan.

• For this assignment, you will add a detailed implementation plan of 4-5 pages, which will describe your proposed solution for the implementation of a network security plan in your organization.

• Finally, you will refine the Network Security Plan document to produce the final draft version. Updates may be based upon peer and instructor feedback.

The project deliverables are the following:

• Update the Network Security Plan with a new date.

• Update the previously completed sections based upon your peers' and instructor's feedback.

• Implementation Plan

o Develop a plan to implement the security controls and policies that you identified in previous sections.

o Develop a plan to implement new security devices and modify existing security devices that are required to monitor the network and the polices that were created or updated.

o Describe how these controls, policies, and security devices have addressed the key security areas of confidentiality, integrity, authentication, authorization, and nonrepudiation cryptographic services.

• Network Security Plan

o Revise the entire document, and make any necessary changes and improvements.

o Ensure that the final version is sufficiently detailed to allow the organization to confidently move forward with the implementation of the security controls and devices based upon your recommendations.

o Previous instructor feedback should be addressed with appropriate changes.

• Update your table of contents before submission.

Network Security Plan

This course has been composed of a series of Individual Project assignments that have contributed to a Key Assignment submission at the end of the course. Each week, you have completed a part of a network security plan. The full Key Assignment should include the following tasks:

• Overview of Network and Existing Security (Week 1)

o Select an organization as the target for the analysis.

o Provide an overview of the organization's existing network architecture.

? The overview will include description of the network, the topology, protocols allowed, connectivity methods and network equipment, number of routers, switches, and any other network equipment, such as VPN concentrators, proxies, etc.

o Provide a summary of the current security devices currently in use on the network.

List the type of device, the vendor, and give a brief description of how the device is used.

• Risk Assessment

o Conduct an inventory of the devices within your network. Provide a summary of the number of desktops, laptops, network printers, and servers.

Identify key assets

Assets also include records and sensitive information that requires special protection.

Prioritize each asset or group of assets, and assign a value to each.

o Identify and describe the risks within your environment.

o Do not forget natural disasters.

o Determine the likelihood that the risk could occur.

o Identify the tools and methodology that you would use to conduct the risk assessment.

• Security Architecture Plan (Week 3)

o Based upon the risk assessment and your analysis, create an action plan to mitigate the risks that you have identified.

o Identify and select appropriate technologies to protect the network and the organization's information, and explain why you chose each technology.

Describe where you plan to place these technologies in the network, and explain why.

The plan should cover all layers of the OSI model.

o Identify additional software that will be required to monitor the network and protect key assets.

Identify security controls that need to be implemented to assist in mitigating risks.

• Security Policies (Week 4)

o Create the Key Assignment first draft for peer review.

o Continue the development of the plan.

Create a fourth section in the plan to list all of the policies you would have for your organization and a brief description of what each policy will contain.

Each policy will address how you plan to monitor the policy and what the appropriate punishments should be for violators.

Provide a timetable for when these policies should be reviewed and updated.

o Continue development of the Network Security Plan with an Incident Response Plan of 2-3 pages.

Include the actions that need to occur when an incident is in progress.

Include how your organization will identify and classify incidents, what the response will be, and the plan to recover.

• Implementation and Incident Response (Week 5)

o Analyze previous submissions, and make changes as necessary to the final paper.

Submit a detailed implementation plan of 4-5 pages that will describe your proposed solution for the implementation of the Network Security Plan for the organization.

This is the last and final section of the Key Assignment and should bring together all aspects of the implementation in one cohesive paper.

Revise the previous sections so that the entire plan flows and has a strong introduction and conclusion.

o Submit the final Key Assignment.

The final step in the planning phase is to review the plan to ensure that the Information Security Assurance Implementation Plan adequately addresses the requirements and that it is sufficiently detailed to allow the organization to move forward with the implementation phase based on your plan. This is also a good time to identify a model to ensure the development of secure Web-based and platform-based applications. In addition, you should identify methods to assess compliance with your plan.

For this assignment, you will add 3-4 pages describing a security-driven life cycle development model to prevent security holes for Web-based and platform-based applications, as well as methods to assess compliance with your plan and to assure the security of the organization's information. Finally, you will further refine the Information Security Assurance Implementation Plan to produce the final draft version. Updates may be based on peer and instructor feedback.

The project deliverables for Week 5 are as follows:

• Update the Information Security Assurance Implementation Plan title page with the new date.

• Update the previously completed sections based on the instructor's feedback.

• Assessment and Assurance

o Describe a security-driven life cycle development model to prevent security holes in applications for the organization.

o Describe methods that will be used to assess compliance with the implementation plan and policies outlined in your plan and to assure the security of the organization's information.

• Information Security Assurance Implementation Plan final draft

o Review the entire document for any changes and improvements that you would like to make.

o Ensure that this final version of the plan is sufficiently detailed to allow the organization to move forward with the implementation phase based on your plan.

o Any previous instructor feedback should be addressed with appropriate changes.

• Be sure to update your table of contents before submission.

Reference no: EM131396862

Questions Cloud

Discuss about the packet switched wan protocols : WAN Technologies Paper:Research Point-to-Point (dedicated), Packet Switched, and Circuit Switched WAN protocols/circuits/types. Define each protocol and describe at least two data transmission technologies associated with the protocol. Include t..
Second stage of the pipeline : 1. Prove that if the first stage of this pipeline, g, fails to be 1-1, then the entire pipeline, h can also not be 1-1. You can prove this directly or contrapositively. 2. Prove that if the second stage of the pipeline, f, fails to be onto, then th..
Using both the closed and open system analytical framework : Using both the closed and the open system analytical framework, specifically discuss the police department criminal justice component and Explain which system makes your chosen component more or less effective within the context of managing internal ..
Currently faced with sequestration : As a CFO/ Manager you are currently faced with Sequestration which is making you lose sleep. Unfortunately, you like to enjoy your sleep! The sequestration has compelled you to cut three program management positions because those programs are state a..
Develop a plan to implement the security controls-policies : The final step in developing the network security plan is to define how the plan that you have developed will be implemented within the organization. Implementing security controls and adding security devices can be a complex process that will aff..
Company core competencies-job core competencies : What is the difference between company core competencies, job core competencies, and trainer and HRM competencies? Are they the same or different? How can one build on the other?
Write code that will read queries from a sql file : CSC 553 Advanced Database Topics Assignment. Write code that will read queries from a .sql file (assume semicolon-separated queries), connect to MySQL database and run each query reporting the time it took
Information on job history using a chi square test : Researchers want to compare these results with information on job history using a chi-square test. What do you suggest they do first before performing a chi-square test?
What was the percentage discount : The original price of a computer was $1659, but Edgar bought it on sale for $981.30. What was the percentage discount?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Technology and tracking - how can information technology

technology and tracking - how can information technology help track measure and adjust control oriented information in

  Brochure advertising your services as a data repository

Create a brochure advertising your services as a data repository. Research commercial data repositories.

  Create a new field in the manufacturer table after rlmfgcode

Create a new field in the Manufacturer table after RlMfgCode named Website with the Hyperlink data type. Save the table. Switch to Datasheet view, add the Web site http://www.lenox.com to the Lenox China record (7).

  Corporate expansion strategya technology-dependent

corporate expansion strategya technology-dependent enterprise supply chain management is central to achieving airbus

  Important information about information security

Important information about Information Security - Analyzes available technological and procedural mitigants, identify best practices; and frame your plan to manage the risks.

  Perform an environmental scan

Performing an Environmental Scan and Evaluating Business and Technology - What are the most important factors to consider when performing an environmental scan?

  Summary of relational databases

In 500 words or less, Summary of Relational Databases, Some rules for this assignment: Write everything in your own words. Don't use any quotes

  Who are the advocates of this technology

For this assignment you will be writing a critical analysis on the topic of the privacy concerns surrounding "Facial Recognition Technology". Who are the advocates of this technology and what is their argument regarding potential privacy violations

  Describe the scope and analyze how to control the scope

Documenting the existing IT network and system is an important first step, but you, the CIO, know that capturing the needed changes can be critical to your success as an executive. You know that procuring and documenting quality business requireme..

  Difference between analog and digital signals

Identify the difference between analog and digital signals. Provide an example of a digital signal and an analog signal. Which type are you more likely to encounter? Why?

  Discuss the advantages of creating web browser access

Explain the importance of internal tools that are available within a DBMS. Please provide an example of one of these tools. Discuss the advantages of creating Web browser access for internal databases.

  Which is not primary characteristics ofcommunication

According to Bevan and Sole, which of the following is not one of the five primary characteristics ofcommunication?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd