Case Study
busy bee
Week346.......docx………Week 3……..
Management Briefing: Identity Governance & Administration
Must post first.
Write a 3 to 5 paragraph briefing paper that identifies and explains the three most important reasons why Sifers-Grayson should invest in an Identity Governance & Administration solution instead of continuing to use the existing paper based process for requesting and issuing computer accounts.
Your audience is a mixed group of managers from across Sifers-Grayson's operating areas (company HQ's, Engineering, Finance & Accounting, Program Management, Sales & Marketing). Some of these managers are familiar with the importance of separation of duties and least privilege but most are not. One or two of the managers might know the definition for RBAC. Your briefing paper needs to address these information needs as well as discussing why information should be labeled as to its sensitivity ("classification") and ownership.
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your article.
Reference Articlr
https://www.isaca.org/Pages/Glossary.aspx?tid=1443&char=G
……………………………………………………………………………………………………………………………………….Weeek 4……..
Debate: Does Sifers-Grayson Need an Application Lifecycle Management tool?
Must post first.
Nofsinger Consulting has decided to recommend that Sifers-Grayson invest in an Application Lifecycle Management tool. Based upon past experience with such recommendations, the Nofsinger team knows that it must be prepared for debate amongst the client's managers and executives as to the relative merits of such tools.
To help your team prepare for the expected debate, you have been asked to write a 3 to 5 paragraph response to the question "Why does Sifers-Grayson need an Application Lifecycle Management tool?"
You should focus on the benefits of security focused configuration management and implementation of access control / controlled disclosure of information about software requirements, designs, source code, executables, etc.
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting.
Reference Article
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-128.pdf
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-64r2.pdf
https://www.inflectra.com/spirateam/highlights/understanding-alm-tools.aspx
…………………………………………………………………………………………………………………………………………….Week 6……………..
Week 6: Security Operations & Control Center Talking Points & Discussion
Must post first.
Prepare a short "talking points" paper in which you answer the question: Does Sifers-Grayson need a SOCC?
In your talking points, you should address the phases of the incident response process (i.e. Incident Detection, Containment, Eradication, & Recovery) and discuss the role of that a Security Operations Center will play in making sure that incidents are handled and reported in an effective and efficient manner.
Your "talking points" should be 3 to 5 paragraphs long (15 - 25 specific bullet points).
Your audience is a group of Sifers-Grayson executives who are unhappy at the thought of diverting more profits to pay for yet another IT manager and subordinate staff.
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your article.
Reference
https://www.sans.org/reading-room/whitepapers/analyst/membership/35907
