information security

profilesquashyja

 

Write your answers as if they are being presented to your management. Be concise and to the point. Provide examples to justify to reasoning. Be sure to answer each part of the question.

 

 

 

Your homework should be written as if it was to be presented to your organizations staff. You need to pay attention to the clarity of your policy. There should be no ambiguity in your policy. It should be clear who the policy applies to and what assets the policy applies to.

 

 

 

Pay attention to grammar, punctuation and spelling, neatness counts.

 

 

 

Write the questions followed by your answers.

 

 

 

 

 

1)    For this assignment you are asked to write an authentication policy for a hypothetical organization. This policy should address the use of various authentication schemes for different assets. The policy can select from an array of authentication technology including: passwords, passphrases, image selection, pattern matching and other multi-factor authentication technology depending on the asset being protected.

 

 

 

This is an authentication policy which is a subset of a full security policy. The intent of this exercise is to provide you practice in writing a policy that conforms to various requirements. However, writing a complete security policy is too large a project. Therefore we are focusing on a subset of functionality which is authentication.

 

 

 

This assignment is to write an authentication policy for the assets defined in the problem.

 

 

 

With that said there are numerous issues, process and procedures that touch on the topics of authentication related to the assets in this problem.

 

 

 

The requirements for this policy are below.

 

 

 

 

 

 

 

 

 

 (100 Points)              

 

 

 

            When writing a policy you should consider providing an overview and a scope statement. There may be other sections you consider important.

 

 

 

This is an authentication policy which is a subset of a full security policy. The intent of this exercise is to provide you practice in writing a policy that conforms to various requirements.

 

 

 

For some functional areas you need to implement a password policy.  

 

 

 

You need to describe who the policy applies to and what assets are covered by the policy.

 

 

 

For some functional areas you need to implement a password policy. 

 

You need to clearly define the policy for how passwords are selected by users. You need to define how passwords are used.

 

 

 

You need to clearly describe how each authentication procedure is to be used by the user.

 

 

 

When you document a policy for a particular functional area or asset you should explain and justify your choice of functionality.

 

 

 

For some functional areas you should implement various multi-factor authentication schemes. You need to clearly define the policy for the schemes you select and describe how the procedures are used.

 

 

 

            Your policy must address the authentication for the following assets:

 

·      Authentication for desktop workstations

 

·      Authentication for laptops that connect wirelessly.

 

·      Authentication for laptops.

 

·      Authentication for laptops that go off site and contain critical client and company information. Also consider the authentication needed for these laptops that connect into the organizations network.

 

·      Authentication for handheld devices (e.g. Android, Iphone) that go off site and contain critical client and company information. Also consider the authentication needed for these handheld devices that connect into the organizations network.

 

·      Authentication for administrator accounts on servers

 

·      Authentication to physically access computer lab rooms that store critical client and company information on servers

 

·      Authentication to physically access rooms that store employee salary and performance review information

 

 

 

 

 

This assignment needs to be written in a style that can be presented to your manager and reviewed by her staff. Your management wants to see information presented in a clear and concise manner which illuminates the important details. Concise does not mean the policy is not complete. It must be thorough and focus on the requirements for the authentication of the assets.

 

·      You should use headings for each section.

 

·      You need to use separate paragraphs.

 

·      You should use clear grammar and correct spelling

 

 

 

Give some thought for how you are going to present this information. Providing this information in a clear presentation is a big part of this problem.

 

 

 

 

 

Please be sure to submit your answers as an attachment using the assignment tool.

 

  • 8 years ago
  • 10
Answer(1)

Purchase the answer to view it

blurred-text
NOT RATED
  • attachment
    information_security_assignment.docx
Bids(1)