Q1.) Operation security Individual project
Department of Defense (DoD) Ready
This course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.
Learning Objectives and Outcomes
You will be able to develop draft IT security policies for an organization and apply learning constructs from the course.
Required Source Information and Tools
Web References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on June 16, 2014.
The following tools and resources will be needed to complete this project:
DoD instructions or directives
Risk Management Framework (RF) for Department of Defense Information Technology (IT) http://www.dtic.mil/whs/directives/corres/pdf/851001_2014.pdf and http://www.rmf.org/images/stories/rmf_documents/850001_2014.pdf
Department of Defense Information Security Program
Department of Defense Internet Services and Internet-Based Capabilities
Department of Defense Proposes New Information Security Requirements for Contractors:
School/public library (optional)
You work for a high-tech company with approximately 390 employees. Your firm recently won a large DoD contract, which will add 30% to the revenue of your organization. It is a high-priority, high-visibility project. You will be allowed to make your own budget, project timeline, and tollgate decisions.
This course project will require you to form a team of 2 to 3 coworkers (fellow students) and develop the proper DoD security policies required to meet DoD standards for delivery of technology services to the U.S. Air Force Cyber Security Center (AFCSC), a DoD agency. To do this, you must develop DoD-approved policies and standards for your IT infrastructure (see the “Tasks” section below). The policies you create must pass DoD-based requirements. Currently, your organization does not have any DoD contracts and thus has no DoD-compliant security policies or controls in place.
Your firm’s computing environment includes the following:
12 servers running Microsoft Server 2012 R2, providing the following:
Active Directory (AD)
Domain Name System (DNS)
Dynamic Host Configuration Protocol (DHCP)
Enterprise Resource Planning (ERP) application (Oracle)
A Research and Development (R&D) Engineering network segment for testing, separate from the production environment
Microsoft Exchange Server for e-mail
Symantec e-mail filter
Websense for Internet use
Two Linux servers running Apache Server to host your Web site
390 PCs/laptops running Microsoft Windows 7 or Windows 8, Microsoft Office 2013, Microsoft Visio, Microsoft Project, and Adobe Reader
Create policies that are DoD compliant for the organization’s IT infrastructure.
Develop a list of compliance laws required for DoD contracts.
List controls placed on domains in the IT infrastructure.
List required standards for all devices, categorized by IT domain.
Develop a deployment plan for implementation of these polices, standards, and controls.
List all applicable DoD frameworks in the final delivery document.
Write a professional report that includes all of the above content-related items.
Format: Microsoft Word
Citation Style: APA
Length: 5 pages
Q2.) Cryptography Discussion
Write 500 words that respond to the following questions:
Read the (Yahoo Data Leak Article from csoonline.com) online article at https://www.csoonline.com/article/3123496/security/yahoo-s-compromised-records-likely-hidden-within-encrypted-traffic-vendor-says.html
Write a 400-600 words summary about what did you understand from it.
Be in APA format including your references.
Be 500 words long (not including title and references).
Do not re-state the questions.
Include two sources (i.e. two references).
Q3.) Operation Security Discussion
Participate in a discussion on the importance of separation of duties for personnel. Discuss examples of roles you would separate and why. For example, an administrator has full administrative server login access, and a network technician has limited administrative access but can view system login details. Payroll has access to employee financial records, but only payroll managers can approve raises.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more