CMGT/431 Information Systems Security
CMGT430 LEARNING TEAM RIORDAN ENTERPRISE SECURITY RANKING PAIRS WEEK 3 2015 NEW
CMGT431 Threat Model

CMGT/431 Week 1

All Options listed below are Included in the Week 1 tutorial purchase!

 

Individual: Threat Model

Option #1: 982 words - Kudler Includes Threat Analysis Tool file, Threat Analysis Paper and Report

Option #2: 926 words - Toys-R-Us Threat Analysis Tool file, Threat Analysis Paper and Report

NOTE: Microsoft SDL Threat Modeling Tool can be used to edit Threat Models included in this tutorial!

Select an organization to use for your weekly individual assignments.
This organization should exist and offer students details of its organizational make-up via its website and annual reports.
Conduct a threat analysis on your chosen organization using the Microsoft® Threat Modeling Tool (TMT).
Using the TMT, write a 350- to 700-word analysis paper addressing the following:
    • How does the organization's code of ethics and security policies apply?
    • What specific security policies can your organization implement for their Information

        System?
    • Identify 5 components of asset security standards and governance and discuss their

        impact on your organization.
Submit the threat analysis spreadsheet and paper using the Assignment Files tab.
Note: The Individual Assignments in this course build off one another.
You will use the organization throughout all assignments. Ensure there are enough supportive materials for your chosen organization.

 

 

CMGT430 LEARNING TEAM RIORDAN ENTERPRISE SECURITY RANKING PAIRS WEEK 3 2015 NEW
CMGT430 LEARNING TEAM ENTERPRISE SECURITY RANKING PAIRS NEW 2015 WEEK 2 CMGT/430

CMGT/431 Week 2

Learning Team: Secure Network Architecture

Option #1: Includes MS Visio Diagram - Google

Option #2: Includes MS Visio Diagram - Kudler Fine Foods

NOTE: Both options include Fully Editable MS Visio Diagrams!!

An organization's success begins with building a strong, secure infrastructure. The organization's infrastructure includes creating the appropriate policies, procedures, and processes, as well as architecting a scalable, available, and secure network.
Create a secure infrastructure (e.g., network, critical assets, and data) of your chosen organization using Microsoft Visio, Lucidchart, or a similar program. The recommended infrastructure should be within your Learning Team's final presentation.
Submit your assignment using the Assignment Files tab.

 

Individual: Security Vulnerability Report

Option #1: 1,165 words - Kudler

Option #2:    996 words - Toys-R-Us

A security vulnerability report identifies the areas of the organization which are at risk of lost data, outages, etc. Typically, organizations categorize the report to focus on specific areas of the organization and highlight the level of risk per area. Based on the vulnerability report, organizations are able to plan appropriately for budget and resource
improvements.
Complete a 350- to 700-word security vulnerability report based on your chosen organization from the Week One assignment.
Consider people, processes, and technology that can be exploited by the source of a threat.
Submit the report using the Assignment Files tab.

 

Individual: Cryptography
Complete the Written Lab exercise below from Ch. 6, CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide:
    • Encrypt the message "I will pass the CISSP exam and become certified next month"

        using columnar transposition with the keyword SECURE
    • Decrypt the message "F R Q J U D W X O D W L R Q V B R X J R W L W" using the Caesar

        ROT3 substitution cipher.
Submit the lab using the Assignment Files tab.

 

CMGT430 USING ROLES PAPER KUDLER 2015 NEW
CMGT430 LEARNING TEAM RIORDAN ENTERPRISE SECURITY RANKING PAIRS WEEK 3 2015 NEW

COMING SOON!

CMGT/431 Week 3

 

Learning Team: Testing and Assessment Strategies
Security Assessment for an enterprise must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process. Testing of selected security controls ensures that applications meet business requirements, function as planned, and protect associated data securely from attack. A security assessment of
the targeted environment identifies vulnerabilities that may cause a security breach and specifies the security controls that mitigate the vulnerabilities. Refer to NIST SP 800-53 rev 4 for identification of the eighteen candidate security control families and associated security controls.
Choose five distinct security control families as specified in SP 800-53 rev 4, click on the chosen familites, and create a spreadsheet that identifies the following criteria for each family:
      • Control ID
      • Control Name
      • Vulnerability
Provide a short paragraph for each family describing the testing procedure that will mitigate the vulnerability.
Example:
Family - Identification and Authentication
Control ID - IA-2
Control Name - Identification and Authentication (Organizational Users)
Vulnerability - Illegal user access
Submit your assignment using the Assignment Files tab.

 

Individual: Audit Process
Organizations contract or hire individuals with specific skills to conduct internal audits to ensure their organizations are following their documented policies, procedures, and processes. In addition, federal mandates are placed on specific organizations within industries requiring continuous audits, requiring organizations to contract outside
auditors to work with their internal auditors in determining the health of the organization.
Identify the internal and external processes used by auditors for your chosen organization from your Week One assignment.
Create an 8- to 10-slide multimedia rich PowerPoint presentation with speaker notes, including interactive diagrams, media, or videos, that depicts processes typically followed within your chosen organization supporting internal and external audits.
Include two additional peer review resources to support your analysis.
Submit your presentation using the Assignment Files tab.

 

CMGT430 CONTROLLING ACCESS KUDLER 2015 NEW
CMGT430 CONTROLLING ACCESS KUDLER 2015 NEW

COMING SOON!

CMGT/431 Week 4

Learning Team: Change Management Plan
Instructions:
Change management plans define the process for identifying, approving, implementing, and evaluating necessary changes due to new requirements, risks, patches, maintenance, and errors.

Create a 350- to 700-word Change Management Plan for your chosen organization.
Include a discussion on roles and responsibilities, using swim lanes and callouts, illustrating who should be involved in developing, testing, and planning, and who reviews and signs off on the change management requests.
Submit your plan using the Assignment Files tab.

 

Individual: Prevention Measures for Vulnerabilities
Instructions:
After identifying your organizations' vulnerabilities through previous weekly assignments, you now need to develop security measures to protect those vulnerabilities.
Create a spreadsheet of vulnerabilities and prevention measures for your organization.
Categorize by people, process, or technology.
Provide 350- to 700-word paper onnext steps for each prevention measure based on the vulnerability, potential incident, environmental and security controls in SDLC.
Submit your spreadsheet and paper using the Assignment Files tab.

 

 


CMGT430 WEEK 5 ENTERPRISE SECURITY REPORT RIORDAN
CMGT430 WEEK 5 ENTERPRISE SECURITY REPORT RIORDAN

COMING SOON!

CMGT/431 Week 5

 

Learning Team: Risk Management & Security Plan
Instructions:
Compile the deliverables from Weeks Two through Four to create your
final Risk Management and Security Plan.
Include a reference-cited page at the end of your plan.
Create a 10- to 12-slide multimedia rich PowerPoint® presentation, to
include interactive diagrams, media, or videos, summarizing your Risk
Management and Security Plan.
Include detailed speaker notes and a reference cited slide at the end of
your presentation with 6 to 8 peer-reviewed or professional organization
sources.
Submit the presentation using the Assignment Files tab.

 

Individual:

Information Systems Security Implementation Recommendation
Instructions:
Effective information security recommendations must be incorporated into a formal information systems security plan with the objective to protect critical organization information assets.
Use your findings from the previous individual assignments to develop a 700- to 1,050-word security proposal for your information systems security implementation recommendation. The recommendation should identify risks, threats, and vulnerabilities.
Consider the requirements for multilevel security, the application of the COBIT framework, NIST, ITIL, ISO27000, COSO, the U.S. Office of the Presidency Executive Order 13636, and PPD 2.
Include 6 to 8 peer-reviewed or professional organization sources.
Note: The presentation should include detailed speaker notes, and a reference cited slide at the end of your presentation.
Submit your assignment using the Assignment Files tab.