Purpose
This course project is intended to assess your ability to
comprehend and apply the basic concepts related to information
security management, such as the following:
The ability to discern when a risk assessment should be
performed and carrying out the task
Understanding user or customer access requirements, whether
remote or local
Using a layered security approach to establish and maintain
access controls
Working with other departments, such as the human resources
department, to identify and implement methods to prevent
unwarranted exposure to information by inappropriate personnel
Your ability to execute the tasks within these information
security domains and others will be evaluated against the learning
objectives as identified and described in previous lessons of
instruction for this course.
Required Source Information and Tools
The following tools and resources will be needed to complete
this project:
Course textbook
Access to the Internet
Access to the library
Text sheet: Integrated Distributors Incorporated
(access_project_ts_integrateddistributors)
Learning Objectives and Outcomes
Successful completion of this project will ensure that you
are capable of supporting the implementation and management of an
information systems security framework. To be able to do so, you
need to be able to do the following:
Relate how an access control policy framework is used to define
authorization and access to an information technology (IT)
infrastructure for compliance.
Mitigate risks to an IT infrastructure’s confidentiality,
integrity, and availability with sound access controls.
Relate how a data classification standard influences an IT
infrastructure’s access control requirements and implementation.
Develop an access control policy framework consisting of best
practices for policies, standards, procedures, and guidelines to
mitigate unauthorized access.
Define proper security controls within the User Domain to
mitigate risks and threats caused by human nature and behavior.
Implement appropriate access controls for information systems
within IT infrastructures.
Mitigate risks from unauthorized access to IT systems through
proper testing and reporting.
Project Checkpoints
The course project has a checkpoint strategy. Checkpoint
deliverables allow you to receive valuable feedback on your interim
work. In this project, you have four ungraded checkpoint
deliverables. (See the syllabus for the schedule.) You may discuss
project questions with the instructor, and you should receive
feedback from the instructor on previously submitted work. The
checkpoint deliverable ensures refinement of the final
deliverables, if incorporated effectively. The final deliverable
for this project is a professional report and a PowerPoint
presentation.
Checkpoint
Purpose of the Checkpoint
Expected Deliverables
1
Understanding requirements
Clarification on project deliverables
Discussion on project concerns and progress up to this
checkpoint
A review of the course project’s outline and schedule for
completion
Prepare an initial outline of issues and potential solutions and
discuss with your instructor, the chief information officer (CIO).
2
Clarification on project deliverables
Discussion on project concerns and progress up to this
checkpoint
A review of the course project’s outline and schedule for
completion
Prepare an extended outline of issues and potential solutions
and discuss with your instructor, the CIO.
3
Clarification on project deliverables
Discussion on project concerns and progress up to this
checkpoint
A review of the course project’s outline and schedule for
completion
Draft the report and the PowerPoint presentation to discuss with
your instructor, the CIO.
4
Clarification on project deliverables
Discussion on project concerns and progress up to this
checkpoint
A review of the course project’s outline and schedule for
completion
Modify the report and the PowerPoint presentation based on
feedback from your instructor, the CIO.
Deliverables
Introduction
User identification, authentication, and authorization are
essential in developing, implementing, and maintaining a framework
for information system security. The basic function of an
information system security framework is to ensure the
confidentiality and the integrity, as well as the availability of
systems, applications, and data. Certain information security
implementation and management knowledge is required of network
administrators, IT service personnel, management, and IT security
practitioners, such as information security officers, security
analysts, and domain administrators.
Scenario
You are provided with the text sheet entitled Integrated
Distributors Incorporated
(access_project_ts_integrateddistributors.docx) to complete this
project. You play the dual role of an IT architect and IT security
specialist working for Integrated Distributors Incorporated (IDI),
a multi-national organization with offices in several countries.
Your instructor for this course plays the role of the chief
information officer (CIO). Your peers play the role of selected
technology staff. Each of the organization’s locations is operating
with different information technologies and infrastructure—IT
systems, applications, and databases. Various levels of IT security
and access management have been implemented and embedded within
their respective locations.
Tasks
Your goals as the IT architect and IT security specialist are
to:
Develop solutions to the issues that the specified location of
IDI is facing.
Develop plans to implement corporate-wide information access
methods to ensure confidentiality, integrity, and availability.
Assess risks and vulnerabilities with operating IT facilities
in the disparate locations where IDI now functions and develop
mitigation plans and implementation methods.
Analyze the strengths and weaknesses in the current systems
of IDI.
Address remote user and Web site user’s secure access
requirements.
Develop a proposed budget for the project—consider hardware,
software, upgrades/replacements, and consulting services.
Prepare detailed network and configuration diagrams outlining
the proposed change to be able to present it to the management.
Develop and submit a comprehensive report addressing the
learning objectives and your solutions to the issues within the
scenario.
Prepare a 10- to 15-slide PowerPoint presentation that
addresses important access control, infrastructure, and management
aspects from each location.
Self-Assessment Checklist
I have considered an access control policy framework to define
authorization and access to an IT infrastructure for compliance
within the course project.
I have considered the influence of the data classification
standard in an IT infrastructure’s access control requirements and
implementation.
I have defined proper security controls within the User
Domain to mitigate risk and threats caused by human nature and
behavior.
I have developed and implemented an effective plan to
mitigate risks to an IT infrastructure’s confidentiality,
integrity, and availability with sound access controls.
I have developed an access control policy framework
consisting of best practices for policies, standards, procedures,
and guidelines to mitigate unauthorized access.
I have implemented appropriate access controls for
information systems within IT infrastructures.
I have followed the submission requirements and necessary
details for writing the report
"Is this question part of your assignment? We Can Help!"
Other samples, services and questions:
When you use PaperHelp, you save one valuable — TIME
You can spend it for more important things than paper writing.
