Policy

adrian2019

COM590_TermProjectGuidelines1.pdf

Home >Information Systems homework help >Policy

COM 590 Term Project Guidelines

This project is due at the end of Week 7.

Purpose

This course project is intended to assess your ability to identify, design, and organize information

technology security policies.

Learning Objectives and Outcomes

You will be able to develop draft IT security policies for an organization and apply learning constructs

from the course.

This assignment is worth 15 percent of your total grade for this course. You will receive an individual

assignment grade ranging from 0 to 100 points, which will then be weighted by the 15%.

Scenario

You are a security professional for Blue Stripe Tech, an IT services provider with approximately 400

employees. Blue Stripe Tech partners with industry leaders to provide storage, networking, virtualization,

and cybersecurity to clients.

Blue Stripe Tech recently won a large DoD contract, which will add 30 percent to the revenue of the

organization. It is a high-priority, high-visibility project. Blue Stripe Tech will be allowed to make its own

budget, project timeline, and tollgate decisions.

As a security professional for Blue Stripe Tech, you are responsible for developing security policies for

this project. These policies are required to meet DoD standards for delivery of IT technology services to

the U.S. Air Force Cyber Security Center (AFCSC), a DoD agency.

To do this, you must develop DoD-approved policies, standards, and control descriptions for your IT

infrastructure (see the “Tasks” section in this document). The policies you create must pass DoD-based

requirements. Currently, your organization does not have any DoD contracts and thus has no DoD-

compliant security policies, standards, or controls in place.

Your firm's computing environment includes the following:

Blue Stripe Tech's computing environment includes the following:

 12 servers running the latest edition of Microsoft Server, providing the following:

o Active Directory (AD)

o Domain Name System (DNS)

o Dynamic Host Configuration Protocol (DHCP)

o Enterprise resource planning (ERP) application (Oracle)

o A research and development (R&D) engineering network segment for testing, separate

from the production environment

o Microsoft Exchange Server for email

o Email filter

COM 590 Term Project Guidelines

o Cloud-based secure web gateway (web security, data loss protection, next-generation

firewall, cloud application security, advanced threat protection)

 Two Linux servers running Apache Server to host your website

 400 PCs/laptops running Microsoft Windows 10, Microsoft 365 office applications, and other

productivity tools

Tasks

You should:

 Develop a list of compliance laws required for DoD contracts.

 Determine which policy framework(s) will be used for this project.

 List controls placed on domains in the IT infrastructure.

 Describe the policies, standards, and controls that would make the organization DoD compliant.

 Write a professional report that includes all of the above content-related items and citations for all

sources.

This project is due at the end of Week 7.

Submission Requirements:

1. A Word Document 8 to 10 pages (font size - Times New Roman 12)

2. Double spaced with one-inch margins all around, all figures and diagrams must be labelled

3. All citations and the reference list in the paper should be formatted in accordance with APA 7th edition

(or later) guidelines

4. References are NOT included in the page count.

Source Information and Tools

The following tools and resources are helpful in completing this project:

 Course textbook

 Internet access

 DoD instructions or directives

https://www.esd.whs.mil/dd/

 Risk Management Framework (RMF) for DoD Information Technology (IT)

https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/851001p.pdf?ver=2019-02-

26-101520-300

 U.S. Department of Defense (DoD) Chief Information Office Library

https://dodcio.defense.gov/Library/

Department of Defense Information Security Program

https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodm/520001m_vol1.pdf?ver=202

0-08-04-092500-203

https://www.esd.whs.mil/dd/

COM 590 Term Project Guidelines

Department of Defense Internet Services and Internet-Based Capabilities

https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/817001p.pdf

Citations for all sources must be in your report.