Final project paper

profilemoody2233
finalproject.ppt
Home>Information Systems homework help>Final project paper

Final Project – Security Plan / Assessment to Include

  • Policies – sample or areas that they should include or address
  • Procedures
  • What standards do you suggest following
  • Suggested Incident Response Plan
  • Testing – penetration tests – internal and external
  • Training / awareness
  • What should the client do to prepare for the audit

Final Project – Security Plan to Include

  • Testing portion – Similar to an Ethical Hacking Plan – Someone asks you to test the system (inside and outside). What would you propose?
  • Make it a business proposal and lay out all of the steps, naming exact tools and procedures
  • Comment on what you could expect to find
  • Lots of details – no simple overview, you have to have enough content to prove what you suggest will work or be of benefit

Final Project

  • Goal is to tell me what I don’t know
  • I don’t want you to tell me the easy stuff, I need to fix that beforehand
  • Tell me how to prepare before you come in
  • Run the Microsoft analysis tools, patch everything, make sure policies are up to date
  • Request authorization
  • You need a letter protecting you so you can explore my system
  • If you don’t have the letter – you go to jail.
  • Say that you will not do any destructive tests

Final Project Format

  • Professional
  • Any business format that you choose

  • Executive Overview
  • Table of Contents
  • Sections

Final Project –
Business Security Plan

  • Research and build what you would put into a detailed security plan for an organization:
  • It needs to be written as a business proposal.
  • Can be done in teams of 2
  • At least a 15 page paper – of content….
  • Or 20 for group of 2

Business Security Plan

  • Research and build what you would put into a detailed security plan for an organization:
  • Policies – samples or areas that they should include
  • Procedures –
  • What standards do you suggest following
  • Testing – penetration testing - Ethical hacking
  • Internal and external
  • Training – what training would you offer employees (details)

Ethical Hacking Part

  • The plan needs to show exact steps and procedures on how you would test security on a company.
  • Internal threats
  • External threats
  • Detailed procedures, what you expect to find

Final Project

  • Develop a Business security plan for a company (real or fictitious). It needs to include:
  • Overall plan – General policies / procedures
  • Ethical hacking – what tools, what do you expect as results or what are you looking for?
  • The business owner has to understand why you are testing for certain things
  • How would he know that he is getting what he is paying for.
  • Security Awareness Plan – how to train employees
  • What materials would you put on a reference list for each section?
  • Can be a group of 2