Network Security Proposal -
Intrroduction to Network Security CompTIA Secuirity +Points: 125
Assignment – Create a Security Proposal
Outcomes addressed in this Activity:
Summarize security guidelines and best practices Examine the various security
topics from a network administrator’s perspective Use the chapter in the
textbook as a reference
Identify operational and organizational
procedures and techniques to protect, assess, and audit network systems.
Instructions In this assignment you create
a security proposal that include the four areas shown below.
This proposal offers the Web Site 101
organization some of the security policies they require. You can use the
information in answers you submitted for your Unit 6, Unit 7 and Unit 8 essay
questions. Review the requirements and the format below. Each area should be at
least a half page.
To: Mr. Ross, CISO Web Site 101 West
Branch, IN 55545 From: XXX Security Consulting, Inc. Mr. Ross: As we discussed
previously, this document includes our recommendations for just a few of the
security policies that would be useful for your organization. These
recommendations are written in a form that will be approved by you and your
management and are intended to demonstrate what is needed, not how the policies
will be implemented. Procedural documents which will provide step-by-step
directions on the implementation of the policies will follow the approval.
Due to the time restraint and the
increasing focus on vulnerabilities in your security structure, this document
only covers four of the areas that will eventually have written security policies.
Please be aware that the information
contained in this document is confidential and should not be circulated to
anyone who does not have a security position with your organization. Based on
our assessment, these four areas will require security policy approval:
I. Authentication Authentication – the use
of a system to allow user’s access to a computer or network based on three
factors: something you know, something you have and something you are. Purpose:
(goals of this policy) Scope: (what the policy covers – personnel, resources,
etc.) Roles/Responsibilities: (how will it be administered, responsibilities
for compliance) Sanctions/Violations: (what happens when the policy is
violated)
II. Threat Assessment and Testing
Penetration Testing and Vulnerability Scanning – the use of software tools to
evaluate the network’s vulnerability to attack. Purpose: (goals of this policy)
Scope: (what the policy covers – personnel, resources, etc.)
Roles/Responsibilities: (how will it be administered, responsibilities for
compliance) Sanctions/Violations: (what happens when the policy is violated)
III. Data Security – Certificate
Management Public Key Infrastructure (PKI) – the management of digital
certificates used in the encryption of the company’s sensitive data. Purpose:
(goals of this policy) Scope: (what the policy covers – personnel, resources,
etc.) Roles/Responsibilities: (how will it be administered, responsibilities
for compliance) Sanctions/Violations: (what happens if the policy is violated)
IV. Auditing Auditing – the process of
ensuring policies are enforced including user access and rights review,
privilege auditing, usage auditing, escalation auditing, administrative
auditing, and log file auditing. Purpose: (goals of this policy) Scope: (what
the policy covers – personnel, resources, etc.) Roles/Responsibilities: (how
will it be administered, responsibilities for compliance) Sanctions/Violations:
(what happens when the policy is violated) Mr. Ross, we will cover other areas
such as perimeter security, device security, environmental security, etc. in
subsequent documents.
Thank you for your time in reviewing this
information. Please contact me with any questions.
Written work should be free of spelling,
grammar, and APA errors. Points deducted from the grade for each writing,
spelling, or grammar error are at your instructor’s discretion.
Please be sure to download the file
“Writing Center Resources” from Doc Sharing to assist you with meeting APA
expectations.
Assignment grading = 125 points
Assignment Requirements
Security Proposal
The proposal includes all four areas. 0-10
All four areas include the required sections.
0-20 The proposal clearly and accurately
presents the policy information for each of the four areas.
0-40 The proposal demonstrates a reasoned
and logical approach to each policy.
0-40 At least four pages in length not
counting the title page; include a title page, double space, font size 10 or
12, and references.
0-15 Column Total Less deduction taken for
spelling, grammar, and APA errors. Plagiarism is totally unacceptable.
New total after deductions