Can we ensure that Digital Government services are secure? Case Study

User Generated

yvirfzbxrynhtu69

Computer Science

Description

Can someone please help me with this urgent Essay for IT Security:

Essay Information : IT Security Case Study 2.docx

Rubric for Case Study : Case Study 2 Rubric.docx

Unformatted Attachment Preview

Case Study #2: Can we ensure that Digital Government services are secure? Case Scenario: You have been asked to participate in a panel discussion of security issues affecting digital government Websites. Each panel member has been asked to select a specific Website (from the list provided in Table 1) and then research (a) the information and services that it provides and (b) the security issues which could impact the delivery of digital government services. Your two to three page summary of your research will be provided to the panel audience in advance of the discussion. Table 1. List of Approved Digital Government Websites BENEFITS.GOV DIGITALGOV.GOV GRANTS.GOV RECREATION.GOV SERVE.GOV USAJOBS.GOV Base URLs CANCER.GOV CONSUMERFINANCE.GOV DISASTERASSISTANCE.GOV FOODSAFETY.GOV HEALTHCARE.GOV MEDICARE.GOV REGULATIONS.GOV RESEARCH.GOV STOPBULLYING.GOV STOPFAKES.GOV VOLUNTEER.GOV WOMENSHEALTH.GOV DATA.GOV GIRLSHEALTH.GOV READY.GOV SAFERCAR.GOV USA.GOV Research: 1. Read / Review the Week 3 readings. 2. Research three or more attacks which could compromise the security of a Digital Government Website which uses Web Applications, a Web Server, and a Database Server. Here are some sources to get you started: a. Web Applications Architectures and Security (in the Week 3 content module). b. Cyber Vandalism -- https://www.digitalgov.gov/resources/readiness-recovery-responsesocial-media-cyber-vandalism-toolkit/ c. Cybersecurity: Actions needed to address challenges facing federal systems (GAO 15573T) http://www.gao.gov/assets/670/669810.pdf d. Cognitive Hacking and Digital Government: Digital Identity http://www.ists.dartmouth.edu/library/78.pdf e. US-Cert Publications (See Technical Reports section) https://www.us-cert.gov/securitypublications#reports 3. Review the Website for a digital government service (select one of the Websites listed in Table 1). What types of information or services are available via your selected Website? What population does this Website serve (who is the intended audience)? 4. As part of your Digital Government Website review, determine the types and sensitivity of information collected, displayed, processed, and stored by the Web applications which implement the Digital Government service. a. See http://www.digitalgov.gov/resources/checklist-of-requirements-for-federal-digitalservices/ for general security and privacy requirements. Copyright ©2015 by University of Maryland University College. All Rights Reserved b. See FIPS 199 for additional guidance on determining the sensitivity level of a Federal IT system. (See the section on public websites.) 5. Using FIPS 200 and NIST SP 800-53, research the general types of security controls which are required for the IT systems hosting the Digital Government service that you reviewed. 6. Find three or more additional sources which provide information about best practice recommendations for ensuring the security of the Web Applications used to deliver Digital Government information and services. These additional sources can include analyst reports and/or news stories about recent attacks / threats, data breaches, cybercrime, cyber terrorism, etc. which impacted the security of digital government services. Write: Write a two to three page summary of your research. At a minimum, your summary must include the following: 1. An introduction or overview of digital government which provides definitions and addresses the laws, regulations, and policies which require that federal agencies provide information and services via the Web. This introduction should be suitable for an executive audience. 2. An overview of the information and services provided by your selected digital government Website. Answer the following questions: a. What types of information or services are available via your selected Website? b. What population does this Website serve (who is the intended audience)? c. What sensitivity level which should be assigned to the Website (use FIPS 199 criteria). d. What security issues were observed during your review? 3. A separate section which addresses the architectures and security issues inherent in the use of Web applications when used to deliver the services provided by your selected digital government Website. 4. A separate section which includes recommendations for best practices for ensuring Web application security during the design, implementation, and operation of digital government websites. Include five or more best practice recommendations in your discussion. Your white paper should use standard terms and definitions for cybersecurity. The following sources are recommended: • NICCS Glossary http://niccs.us-cert.gov/glossary • Guidelines on Security and Privacy in Public Cloud Computing http://csrc.nist.gov/publications/nistpubs/800-144/SP800-144.pdf Copyright ©2015 by University of Maryland University College. All Rights Reserved Formatting Instructions 1. Use standard APA formatting for the MS Word document that you submit to your assignment folder. Formatting requirements and examples are found under Course Resources > APA Resources. Additional Information 1. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs. These items are graded under Professionalism and constitute 20% of the assignment grade. 2. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must comply with APA 6th edition Style requirements. Failure to credit your sources will result in penalties as provided for under the university’s Academic Integrity policy. Copyright ©2015 by University of Maryland University College. All Rights Reserved Criteria Introduction or Overview for the Case Study Excellent 20 points Provided an excellent introduction or overview of digital government which provided definitions and addressed the laws, regulations, and policies which require that federal agencies provide information and services via the Web. The overview appropriately used information from 3 or more authoritative sources. Review of a Digital 20 points Government Website Provided an excellent overview of the information and services provided by the selected digital government Website. Provided full, complete, and concise answers to the following questions: a. What types of information or services are available via the selected Website? b. What population does this Website serve (who is the intended audience)? c. What sensitivity level which should be assigned to the Website (use FIPS 199 criteria)? d. What security issues were observed during the review? Appropriately used information from 3 or more authoritative sources. Web Application 15 points Architectures and Provided an excellent Security Issues discussion of Web application architectures and common / frequent security issues inherent in the use of Web applications in the context of digital government Websites. Discussion included 5 or more examples of security issues. Appropriately used information from 3 or more authoritative sources. Best Practices and 15 points Recommendations Provided an excellent for Ensuring Security discussion of best of Digital practices for ensuring Government Web application Websites security during the design, implementation, and operation of digital government websites. Included 5 or more best practices (with recommendations) Addressed security issues using standard cybersecurity terminology APA Formatting for Citations and Reference List Professionalism Part I: Organization & Appearance Professionalism Part II: Execution which could be implemented to improve the security of digital government websites. Appropriately used information from 3 or more authoritative sources. 5 points Demonstrated excellence in the integration of standard cybersecurity terminology into the case study. 5 points Work contains a reference list containing entries for all cited resources. Reference list entries and in-text citations are correctly formatted using the appropriate APA style for each type of resource. 5 points Submitted work shows outstanding organization and the use of color, fonts, titles, headings and sub-headings, etc. is appropriate to the assignment type. 15 points No formatting, grammar, spelling, or Overall Score punctuation errors. Excellent 90 or more
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer


Anonymous
I was stuck on this subject and a friend recommended Studypool. I'm so glad I checked it out!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags