Final project paper 2

profilemoody2233
finalproject.pptx
Home>Information Systems homework help>Final project paper 2

Final Project – Security Plan / Assessment to Include

Policies – sample or areas that they should include or address

Procedures

What standards do you suggest following

Suggested Incident Response Plan

Testing – penetration tests – internal and external

Training / awareness

What should the client do to prepare for the audit

Final Project – Security Plan to Include

Testing portion – Similar to an Ethical Hacking Plan – Someone asks you to test the system (inside and outside). What would you propose?

Make it a business proposal and lay out all of the steps, naming exact tools and procedures

Comment on what you could expect to find

Lots of details – no simple overview, you have to have enough content to prove what you suggest will work or be of benefit

Final Project

Goal is to tell me what I don’t know

I don’t want you to tell me the easy stuff, I need to fix that beforehand

Tell me how to prepare before you come in

Run the Microsoft analysis tools, patch everything, make sure policies are up to date

Request authorization

You need a letter protecting you so you can explore my system

If you don’t have the letter – you go to jail.

Say that you will not do any destructive tests

Final Project Format

Professional

Any business format that you choose

Executive Overview

Table of Contents

Sections

Final Project – Business Security Plan

Research and build what you would put into a detailed security plan for an organization:

It needs to be written as a business proposal.

Can be done in teams of 2

At least a 15 page paper – of content….

Or 20 for group of 2

Business Security Plan

Research and build what you would put into a detailed security plan for an organization:

Policies – samples or areas that they should include

Procedures –

What standards do you suggest following

Testing – penetration testing - Ethical hacking

Internal and external

Training – what training would you offer employees (details)

Ethical Hacking Part

The plan needs to show exact steps and procedures on how you would test security on a company.

Internal threats

External threats

Detailed procedures, what you expect to find

Final Project

Develop a Business security plan for a company (real or fictitious). It needs to include:

Overall plan – General policies / procedures

Ethical hacking – what tools, what do you expect as results or what are you looking for?

The business owner has to understand why you are testing for certain things

How would he know that he is getting what he is paying for.

Security Awareness Plan – how to train employees

What materials would you put on a reference list for each section?

Can be a group of 2