Security Strategy Implementation Recommendations for Sifers-Grayson
Order ID |
53563633773 |
Type |
Essay |
Writer Level |
Masters |
Style |
APA |
Sources/References |
4 |
Perfect Number of Pages to Order |
5-10 Pages |
Description/Paper Instructions
Security Strategy Implementation Recommendations for Sifers-Grayson
Overview:
Now that the After Action Reports have been analyzed, the consultants must develop a plan for improving the security posture at Sifers-Grayson. This will be documented in a Security Strategy Recommendations document. The security strategy will be based upon multiple layers of policies, processes, and technologies that, when implemented, will be used to defend the Information Technology enterprise from both internal and external threats and attacks.
Note: see https://www.techrepublic.com/blog/it-security/understanding-layered-security-and-defense-in-depth/ for a discussion of the differences between these two security strategies: layered security and defense-in-depth. You will need this information for the Security Strategies section of your paper.
Two defensive security strategies have been chosen by the senior members of the team.
- Defense Strategy #1: Build a DMZ for the R&D Center. The DMZ will host servers accessed by the engineers while teleworking and while reaching back to the R&D center from the test range. The DMZ will require the following: (a) business class routers, (b) business class firewalls, and (c) intrusion detection and prevention system.
Demilitarized Zone (DMZ). For definitions and diagrams see https://www.us-cert.gov/ics/Control_System_Security_DMZ-Definition.html and https://go.oreilly.com/umgc/https://learning.oreilly.com/library/view/principles-of-computer/9781260474329/ch9.xhtml#lev74 (Scroll down to sub-section on DMZ’s)
- Defense Strategy #2:Implement Enterprise-wide Protective and Detective Measures to defend against both internal and external attackers. These measures will include (a) controlling access to software documentation and source code, (b) implementing enterprise-wide identity management, and (c) implementing either a Security Information and Event Management (SIEM) tool or a Unified Threat Management (UTM) tool.
Your Task:
You have been assigned to research products which will be used to implement the two Defense Strategies. You will need to research suitable products and then write a report recommending a set of products and services which can be used to implement the selected strategies. Your report will include summary information and explanations about defense in depth and the two selected strategies.
Note: You may need to do additional reading and research to find the information required to support your explanations of defense in depth and the selected defense strategies. Make sure that you cite authoritative sources for this information.
Product Research:
- Products to Implement Defense Strategy #1 (Build a DMZ for the R&D Center). You must choose one product for each of the following categories (router, firewall, intrusion detection and prevention).
- Business Class Router with WAP and VPN capability (choose one of the following brands)
- Linksys
- CISCO
- NetGear
- Other (must get instructor’s approval first)
- Business Class Firewall (Network Based) (choose one of the following brands)
- SonicWall
- Fortinet
- Watchguard
- CISCO
- Other (must get instructor’s approval first)
- Intrusion Detection and Prevention System (network based – not cloud)
- McAfee
- Trend Micro
- Entrust
- Cisco
- Other (must get instructor’s approval first)
- Products to Implement Defense Strategy #2 (Implement enterprise-wide protection, detection, and prevention capabilities). These tools or applications will be installed or used on Sifers-Grayson servers (cloud hosting NOT allowed). Select one tool in each of the categories listed below. Your product recommendations must include all of the listed categories.
- Application Lifecycle Management (ALM) Tool
- Identity & Access Management (IAM) Tool
- Security Information and Event Management (SIEM) OR Unified Threat Management (UTM)
- Forensic Image Capture Utility (e.g. FTK Imager, Belkasoft, Paladin/Sumuri, SIFT)
Note: Make sure that you are using appropriate resources to find information to support your analysis and product recommendations. Vendor websites, industry or trade publication websites, and government websites are usually acceptable sources of information about the defensive strategies and products you will write about in this assignment.
Write:
- An Introductionsection which presents the security strategies being recommended in your report. You should explain what how these strategies will improve the overall security posture of Sifers-Grayson.
- A Security Strategiessection in which you present an analysis of the defensive security strategies and then provide an explanation as to how each of the two selected defensive strategies will improve the security posture for Sifers-Grayson. Include a comparison of the two primary types of strategies – layered security and defense in depth. Then, explain how the selected security strategies use one or both of these approaches. Use information from Project #1 and the Red Team’s penetration tests to support your justification for implementing the selected security strategies.
- A Product Evaluations section in which you present and discuss the technologies and products which will be used to implement each strategy. You must have a separate sub-section for each defense in depth strategy. Under each sub-section, you will name and describe the individual products (i.e. describe firewalls and then describe your chosen firewall product). Your presentation of each product should be in the form of a recommendation to purchase / implement.
- A Summary Implementation Recommendations section in which you summarize your product recommendations for products and technologies to be used in implementation the two defensive security strategies. Be sure to explain the benefits of implementing the two strategies (e.g. protection, detection, prevention of incidents caused by attacks).
Submit for Grading
Submit your paper in MS Word format (.docx or .doc file) using the Project #2 assignment in your assignment folder. (Attach the file.)
Additional Information
- You should NOT use any student written papers as sources for your research for this paper. Doing so may violate the university’s Academic Integrity policy and result in an Academic Dishonesty Allegation and referral to the Office of Academic Integrity and Accountability for investigation and adjudication.
- You will need between 5-8 pages to cover all of the required content. There is no penalty for writing more than 8 pages but, clarity and conciseness are valued. If your paper is shorter than 5 pages, you may not have sufficient content to meet the assignment requirements (see the rubric).
- As you write your strategy paper, make sure that you address security issues using standard cybersecurity terminology (e.g. protection, detection, prevention, “governance,” confidentiality, integrity, availability, nonrepudiation, assurance, etc.). See the NICCS Glossary https://niccs.cisa.gov/cybersecurity-career-resources/glossaryif you need a refresher on acceptable terms and definitions.
- You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file.
- You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
- You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).
- Consult the grading rubric for specific content and formatting requirements for this assignment.
Copyright ©2022 by University of Maryland Global Campus. All Rights Reserved
image1.png
Security Strategy Implementation Recommendations for Sifers-Grayson
RUBRIC
QUALITY OF RESPONSE |
NO RESPONSE |
POOR / UNSATISFACTORY |
SATISFACTORY |
GOOD |
EXCELLENT |
Content (worth a maximum of 50% of the total points) |
Zero points: Student failed to submit the final paper. |
20 points out of 50: The essay illustrates poor understanding of the relevant material by failing to address or incorrectly addressing the relevant content; failing to identify or inaccurately explaining/defining key concepts/ideas; ignoring or incorrectly explaining key points/claims and the reasoning behind them; and/or incorrectly or inappropriately using terminology; and elements of the response are lacking. |
30 points out of 50: The essay illustrates a rudimentary understanding of the relevant material by mentioning but not full explaining the relevant content; identifying some of the key concepts/ideas though failing to fully or accurately explain many of them; using terminology, though sometimes inaccurately or inappropriately; and/or incorporating some key claims/points but failing to explain the reasoning behind them or doing so inaccurately. Elements of the required response may also be lacking. |
40 points out of 50: The essay illustrates solid understanding of the relevant material by correctly addressing most of the relevant content; identifying and explaining most of the key concepts/ideas; using correct terminology; explaining the reasoning behind most of the key points/claims; and/or where necessary or useful, substantiating some points with accurate examples. The answer is complete. |
50 points: The essay illustrates exemplary understanding of the relevant material by thoroughly and correctly addressing the relevant content; identifying and explaining all of the key concepts/ideas; using correct terminology explaining the reasoning behind key points/claims and substantiating, as necessary/useful, points with several accurate and illuminating examples. No aspects of the required answer are missing. |
Use of Sources (worth a maximum of 20% of the total points). |
Zero points: Student failed to include citations and/or references. Or the student failed to submit a final paper. |
5 out 20 points: Sources are seldom cited to support statements and/or format of citations are not recognizable as APA 6th Edition format. There are major errors in the formation of the references and citations. And/or there is a major reliance on highly questionable. The Student fails to provide an adequate synthesis of research collected for the paper. |
10 out 20 points: References to scholarly sources are occasionally given; many statements seem unsubstantiated. Frequent errors in APA 6th Edition format, leaving the reader confused about the source of the information. There are significant errors of the formation in the references and citations. And/or there is a significant use of highly questionable sources. |
15 out 20 points: Credible Scholarly sources are used effectively support claims and are, for the most part, clear and fairly represented. APA 6th Edition is used with only a few minor errors. There are minor errors in reference and/or citations. And/or there is some use of questionable sources. |
20 points: Credible scholarly sources are used to give compelling evidence to support claims and are clearly and fairly represented. APA 6th Edition format is used accurately and consistently. The student uses above the maximum required references in the development of the assignment. |
Grammar (worth maximum of 20% of total points) |
Zero points: Student failed to submit the final paper. |
5 points out of 20: The paper does not communicate ideas/points clearly due to inappropriate use of terminology and vague language; thoughts and sentences are disjointed or incomprehensible; organization lacking; and/or numerous grammatical, spelling/punctuation errors |
10 points out 20: The paper is often unclear and difficult to follow due to some inappropriate terminology and/or vague language; ideas may be fragmented, wandering and/or repetitive; poor organization; and/or some grammatical, spelling, punctuation errors |
15 points out of 20: The paper is mostly clear as a result of appropriate use of terminology and minimal vagueness; no tangents and no repetition; fairly good organization; almost perfect grammar, spelling, punctuation, and word usage. |
20 points: The paper is clear, concise, and a pleasure to read as a result of appropriate and precise use of terminology; total coherence of thoughts and presentation and logical organization; and the essay is error free. |
Structure of the Paper (worth 10% of total points) |
Zero points: Student failed to submit the final paper. |
3 points out of 10: Student needs to develop better formatting skills. The paper omits significant structural elements required for and APA 6th edition paper. Formatting of the paper has major flaws. The paper does not conform to APA 6th edition requirements whatsoever. |
5 points out of 10: Appearance of final paper demonstrates the student’s limited ability to format the paper. There are significant errors in formatting and/or the total omission of major components of an APA 6th edition paper. They can include the omission of the cover page, abstract, and page numbers. Additionally the page has major formatting issues with spacing or paragraph formation. Font size might not conform to size requirements. The student also significantly writes too large or too short of and paper |
7 points out of 10: Research paper presents an above-average use of formatting skills. The paper has slight errors within the paper. This can include small errors or omissions with the cover page, abstract, page number, and headers. There could be also slight formatting issues with the document spacing or the font Additionally the paper might slightly exceed or undershoot the specific number of required written pages for the assignment. |
10 points: Student provides a high-caliber, formatted paper. This includes an APA 6th edition cover page, abstract, page number, headers and is double spaced in 12’ Times Roman Font. Additionally, the paper conforms to the specific number of required written pages and neither goes over or under the specified length of the paper. |
|
|
Also, you can place the order at www.collegepaper.us/orders/ordernow / www.phdwriters.us/orders/ordernow
|
Do You Have Any Other Essay/Assignment/Class Project/Homework Related to this? Click Here Now [CLICK ME]and Have It Done by Our PhD Qualified Writers!! |
|
|
PLACE THE ORDER WITH US TODAY AND GET A PERFECT SCORE!!!