...A Final Project Overview and Timeline Final Project Overview In completing each assignment, you build the sections of an Information Security Policy. Final Project Timeline You should budget your time wisely and work on your project throughout the course. As outlined below, the assignments in the course are designed to assist you in creating your final project Information Security Policy. If you complete your course activities and use the feedback provided by the instructor, you will be on the right track to successfully complete your final project of creating an Information Security Policy. □ Week One: Introduction Review the two company profiles provided in your syllabus and select the one you will use for your final project company. You design the Information Security Policy for this company throughout the course. Once you have decided which company you are using, it may not be changed; therefore, considerable thought should be put into this decision. Next, decide which type of information security policy—program-level, program-framework, issue-specific, or system-specific—is appropriate for your final project company. Assignment: Final Project Information Security Policy: Introduction Complete and submit Appendix C. Note. Section 1 Introduction of Appendix C corresponds to Section 2 of Appendix B in the final compilation due in Week Nine. In completing Appendix C, provide an overview of your final project company, describe...
Words: 899 - Pages: 4
...i [pic] RISK ANALYSIS Project or System Name U.S. Department of Housing and Urban Development Month, Year Revision Sheet |Release No. |Date |Revision Description | |Rev. 0 |1/31/00 |SEO&PMD Risk Analysis | |Rev. 1 |5/1/00 |Risk Analysis Template and Checklist | |Rev. 2 |6/14/00 |Minor changes per Office of Administration | |Rev. 3 |4/12/02 |Conversion to WORD 2000 Format | | | | | | | | | | | | | | |Risk Analysis Authorization | | ...
Words: 1892 - Pages: 8
...|[pic] |Course Design Guide | | |College of Information Systems & Technology | | |CMGT/442 Version 4 | | |Information Systems Risk Management | Copyright © 2010, 2009, 2008, 2006 by University of Phoenix. All rights reserved. Course Description This course identifies and defines the types of risks that information systems professionals need to consider during the development and implementation of computer based information systems. This course will survey remedies and prevention techniques available to address the risk areas present. Organizational policies and current regulatory considerations will also be examined relative to development, implementation, and use of computer based information systems. Policies Faculty and students/learners will be held responsible for understanding and adhering to all policies contained within the following two documents: • University policies: You must be logged into the student website to view this document. • Instructor policies: This document is posted in the Course Materials...
Words: 1982 - Pages: 8
...Purpose This project provides you an opportunity to analyze risks, threats, and vulnerabilities and apply countermeasures in the information systems environment. Required Source Information and Tools ------------------------------------------------- Web References: Links to Web references are subject to change without prior notice. These links were last verified on June 12, 2014. To complete the project, you will need the following: 1. Access to the Internet to perform research for the project * Microsoft Windows How-To, including: * Optimize Windows for Better Performance: http://windows.microsoft.com/en-us/windows/optimize-windows-better-performance - optimize-windows-better-performance=windows-7 * Monitor Attempts to Access and Change Settings On Your Computer / To Turn On Auditing: http://windows.microsoft.com/en-us/windows7/monitor-attempts-to-access-and-change-settings-on-your-computer * What Information Appears in Event Logs? http://windows.microsoft.com/en-us/windows/what-information-event-logs-event-viewer - 1TC=windows-7 2. Course textbook Learning Objectives and Outcomes You will: * Explain how to assess risks, threats, and vulnerabilities * Evaluate potential outcomes of a malware attack and exposure of confidential information * Evaluate information systems security countermeasures * Explain how system hardening relates to a company’s IT security policy framework * Analyze the purposes...
Words: 1575 - Pages: 7
...Unit Plans Unit 1: Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts Confidentiality, integrity, and availability (CIA) concepts Layered security solutions implemented for the seven domains of a typical IT infrastructure Common threats for each of the seven domains IT security policy framework Impact of data classification standard on the seven domains Reading Kim and Solomon, Chapter 1: Information Systems Security. Keywords Use the following keywords to search for additional materials to support your work: Data Classification Standard Information System Information Systems Security Layered Security Solution Policy Framework ------------------------------------------------- Week 1 Assignment (See Below) * Match Risks/Threats to Solutions * Impact of a Data Classification Standard Lab * Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) * Page 7-14 in lab book. Project (See Below) * Project Part 1. Multi-Layered Security Plan ------------------------------------------------- Unit 1 Assignment 1: Match Risks/Threats to Solutions Learning Objectives and Outcomes You will learn how to match common risks or threats within the seven domains of a typical IT infrastructure with solutions and preventative actions...
Words: 1409 - Pages: 6
...Course Syllabus College of Information Systems & Technology CMGT/442 Version 4 Information Systems Risk Management Copyright © 2010, 2009, 2008, 2006 by University of Phoenix. All rights reserved. Course Description This course identifies and defines the types of risks that information systems professionals need to consider during the development and implementation of computer based information systems. This course will survey remedies and prevention techniques available to address the risk areas present. Organizational policies and current regulatory considerations will also be examined relative to development, implementation, and use of computer based information systems. Policies Faculty and students/learners will be held responsible for understanding and adhering to all policies contained within the following two documents: • University policies: You must be logged into the student website to view this document. • Instructor policies: This document is posted in the Course Materials forum. University policies are subject to change. Be sure to read the policies at the beginning of each class. Policies may be slightly different depending on the modality in which you attend class. If you have recently changed modalities, read the policies governing your current class modality. Course Materials Cooper, D. F., Grey, S., Raymond, G., & Walker, P. (2005). Project risk management guidelines: Managing risk in large projects and complex procurements. Hoboken...
Words: 1690 - Pages: 7
...Purpose This project provides you an opportunity to analyze risks, threats, and vulnerabilities and apply countermeasures in the information systems environment. Required Source Information and Tools To complete the project, you will need the following: 1. Access to the Internet to perform research for the project * Microsoft Windows How-To, including: * Optimize Windows for Better Performance: http://windows.microsoft.com/en-us/windows/optimize-windows-better-performance - optimize-windows-better-performance=windows-7 * http://windows.microsoft.com/en-us/windows-8/improve-performance-optimizing-hard-drive 8.1 * http://www.makeuseof.com/tag/7-quick-tips-hacks-optimize-windows-10-experience/ win 10 * Monitor Attempts to Access and Change Settings On Your Computer / To Turn On Auditing: http://windows.microsoft.com/en-us/windows7/monitor-attempts-to-access-and-change-settings-on-your-computer * What Information Appears in Event Logs? http://windows.microsoft.com/en-us/windows/what-information-event-logs-event-viewer - 1TC=windows-7 2. Course textbook Learning Objectives and Outcomes You will: * Explain how to assess risks, threats, and vulnerabilities * Evaluate potential outcomes of a malware attack and exposure of confidential information * Evaluate information systems security countermeasures * Explain how system hardening relates to a company’s IT security policy framework ...
Words: 665 - Pages: 3
...Information Risk Management Plan Project Name | Network Vulnerability Colt Manufacturing R&D Server | Document Purpose The Project Information Risk Management Plan formalizes a system's information security and privacy upgrade. During the Project Planning Phase the project team: * works with Colt Manufacturing IT Department to register the data involved in the project and determine the data's classification. * useable resources in this document are reviewed to identify potential areas of information security and privacy risk. * document risks in the project Risk Register. During technical design activities in the Project Implementation phase, prior to purchasing or building an application: * System Proprietor (functional owner) works with the principal System Custodian to complete the Project Information Risk Management Plan. * Project Team submits the Plan to Colt Manufacturing IT Department and System/Network administrators for review and approval. Review & Approval Signature indicates review and approval of the Project Information Security Risk and Privacy Plan, and authorizes the Project Manager/Team to proceed with the detailed planning and execution of the project. Role | Name | Signature | Date | Colt Manufacturing Senior Management | | | | IT Department...
Words: 3263 - Pages: 14
... |[pic]www.csudh.edu | | |[pic] | |[pic] |College of Natural and Behavioral Sciences | | |Department of Computer Science | | |http://csc.csudh.edu | |Course Title: |Communication Systems Security | |Course Number: |CTC 362 | |Instructor Name: | Mehrdad S. sharbaf, ph.d. msharbaf@csudh.edu, Office: tba, phone: tba, office Hours: tba | |Date: |Spring Semester, 2016 | |Course Length: |_15_ Weeks | |Web Companion |N/A ...
Words: 1433 - Pages: 6
...ITT Technical Institute 3825 West Cheyenne Avenue, Suite 600 North Las Vegas, Nevada 89032 NT2580 Introduction to Information Security Week 1, Unit 1 – Information Systems Security Fundamentals Class Plan Time Duration: This Class Period will be approximately 4 ¾ Hours in length. It will be divided 2 ¾ hours for Theory and 2 ½ hours for Lab. Content Covered: • Textbook o Chapter 1 - Information Systems Security Objectives: After completing this unit, the student should be able to: • Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts: ▪ Confidentiality, integrity, and availability (CIA) concepts ▪ Layered security solutions implemented for the seven domains of a typical IT infrastructure ▪ Common threats for each of the seven domains ▪ IT security policy framework ▪ Impact of data classification standard on the seven domains Materials: Week 1 PowerPoint Presentation Assignment Overview: Refer to Assignment 1: Match Risks/Threats to Solutions in the Graded Assignment Requirements section of this instructor guide. In this assignment, the students need to match common risks or threats within the seven domains of a typical IT infrastructure with the possible solutions or preventative actions. Use the hand out worksheet NT2580.U1.WS1.doc. Refer to Assignment 2: Impact of a Data Classification Standard, you must write a brief report...
Words: 530 - Pages: 3
...ITT Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications ...
Words: 4114 - Pages: 17
...Template Project Specification Enclosures Distribution List Project Survey Time Schedule Resource Plan Organizational Chart Project Budget Contents 1 Project Business Direction 2 1.1 Project Goals 2 1.2 Purpose 2 1.3 Business Opportunity 3 1.4 Project Background 3 2 Project Scope Description 3 2.1 Project Outcome 3 2.2 Quality Objectives for the Project Outcome 3 2.3 Organizational Requirements on the Project Performance 4 2.4 Project Performance Quality Objectives 4 2.5 Included, Excluded 4 3 Project Plans 4 3.1 Time Schedule 4 3.2 Project Milestone Definitions 5 3.3 Delivery Plans 5 4 Project Budget 5 5 Project Organization and Stakeholders 5 5.1 Project Organization, Roles, Responsibility and Authority 5 5.1.1 Project Steering Function 5 5.1.2 Project Management Function 5 5.1.3 Project Executing Function 6 5.2 Project Organization Overview 6 5.3 Customer and...
Words: 2362 - Pages: 10
...EMR EQMS ERMS FMS FY GDP GIS GNI GNP GoR G2B G2C G2G HIV HLSC HRMS ICT ICT4D IDS IPAR IPS ISP ISPA ITU IXP JICA Advanced Global Atmospheric Gases Experiment African Information Society Initiative Agriculture management Information System Africa Rural Telecommunication Banque National du Rwanda Business Processing Outsourcing Community Development Computer Emergency Response Team Common Market for Eastern and Southern Africa Communication Navigation Surveillance /Air Management Cyber Security Computer Security Incident Response Team Coordination Technical Committee Focus area Working Group Develop a Digital Court Recording System East African Power Pool Eastern Africa Submarine Cable System Economic Development & Poverty Reduction Strategy (2008-2012) e-Government Education Management Information System Electronic Medical Records Electronic Queue Management System Electronic Records Management System Financial Management Systems Fiscal Year Gross Domestic Product Geographical Information System Gross National Income Gross National Product Government of Rwanda Government-to-Business Government-to-Citizen Government-to-Government Human Immunodeficiency Virus High Level Steering Committee Human Resource Management System Information Communication Technology ICT for Development Intrusion Detection Systems Institute of Policy...
Words: 28160 - Pages: 113
...Final Project Next Generation Firewall By: Edward Caudill Submitted as partial fulfillment of the requirements for the Bachelors of Computer Science Independence University April, 2015 Copyright ( 2015 Edward Caudill This document is copyrighted material. Under copyright law, no parts of this document may be reproduced without the expressed permission of the author. Approval Page INDEPENDENCE UNIVERSITY As members of the Final Project Committee, we certify that we have read the document prepared by __________________ entitled ________________________________________ and recommend that it be accepted as fulfilling the Capstone requirement for the Degree of ________________________________________ ____________________________________________________________Date: _________ Name of Course Instructor ____________________________________________________________Date: _________ Associate Dean Signature ____________________________________________________________Date: _________ Senior Associate Dean Signature I hereby certify that I have read this document prepared under my direction and recommend that it be accepted as fulfilling the dissertation requirement. ____________________________________________________________Date: __________ Course Instructor Abstract Taking advantage of a vulnerability (i.e., an identified weakness), in a...
Words: 3381 - Pages: 14
...Introduction to Information Systems Security [Onsite] Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Credit hours: 4 Contact hours: 50 (30 Theory Hours, 20 Lab Hours) Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information Systems IS308 ...
Words: 4296 - Pages: 18