User Account

All Pages

Analyze the risk of various plausible solution in the review

Assignment Help Computer Engineering
Reference no: EM133631425

Homework: Information System & Information Security- Problem Identification

Overview

The objective of the final comprehensive project is to show you are competent in the Information Assurance discipline and prepared for the final capstone systems analysis and design course. Youwill show competence through the execution of a final information security plan. The objective of the plan is to identify a current and relevant security related problem in computing, study related literature that pertains directly to the problem, analyze an appropriate secure fault tolerant solution, design the secure fault tolerant solution, and develop a continuity and disaster recovery plan for the final solution. The identified problem must be contained in a software, network, or system environment that you have sufficient knowledge of and data access to be able to perform a thorough analysis and design.

Instructions

Current and proper current APA formatting is required and must include a title page, proper margins, citations, organization, proper grammar and spelling, and an ending resources page.

At the minimum, this phase of the project must include:

A. Executive summary, introduction, and conclusion

I. Executive summary

II. Introduction

1. Statement of the problem

2. Documentation of the organizational requirements

3. Purpose of the plan

4. Scope of the plan

5. Rationale of the plan

III. Conclusion

B. Review of Related Literature

I. Scholarly, peer-reviewed, original research (8 minimum sources and at least 8 double-spaced,current APA-formatted pages)

II. Comprehensive investigation of past and current security solutions relevant to the problem

III. Summary of the research outcomes

IV. NOTE: required minimum length in the grading rubric excludes all systems analysis and design (SAD) diagrams and any other tables and/or graphical elements

C. Risk Analysis

I. Analyze the risk of various plausible solutions in the review of related literature

II. Value of the assets

III. Potential loss per threat

IV. Threat analysis

V. Overall annual loss per threat

VI. Reduce, transfer, avoid, or accept the risk

D. Environmental Diagrams (minimum of 2 required) could include, but are not limited to:

I. System and/or network architecture diagrams

1. If you are designing a secure network or system, at least 1 complete architectural diagram must exist that details all the connections, nodes, and/or pertinent pieces of equipment (e.g. data links, servers, switches, routers, firewalls, IDSs, SANs, databases, etc.)

2. If you are designing a secure application,detailed UML class and/or component diagrams must exist

II. Security and business requirement mappings

III. Information or data flow diagrams

IV. SDL Threat Modeling diagrams

V. Risk matrix

VI. Process overview (e.g. see ISO 31000:2009 Process Overview Diagram)

VII. Shared resource matrix

VIII. Attack and/or malicious mappings (e.g. distributed denial-of-service attack mapping, encrypted message flow)

Critical to your success is a comprehensive and proper understanding of the information system and surrounding environment for which the plan will address. Within the scope of the plan, youmust notate each domain that will be addressed. It is important to clearly define what is inside the scope and what is outside of the scope of the plan.

For example, if you choose application security, youmust narrowly define the application and its counterparts within the scope. This could include mobile code, object-oriented code, database, distributed system, neural network, and a number of other components. Subsequently, the research in the review of related literature must focus on the specific types of solutions that will be necessary to be analyzed and designed. If the specific domain is software development security, and the solution must secure malicious code, the review of related literature, risk analysis, and diagrams must have some focus on varying types of malicious code such as logic bombs, Trojan horses, viruses, time bombs, trapdoors, worms, and rabbits. If the domain is network security, a number of network architecture diagrams must be present that identify every possible device within the selected business environment.

Choose each element wisely; assuring that sufficient selection occurs to develop the solution based upon the research in the review of related literature. Additionally, the comprised components must provide sufficient depth to allow the minimum length requirements to be met for each phase of the project, but more importantly to securely design the system and/or application. Within EACH of the 2 diagrams, there is a minimum of 20 elements exist that accurately detail analysis of the environment that needs securing. The details will be supported by previous designs in the review of literature. These serve as a benchmark for your designs. If your literature review is insufficient, you will be assessed on relevant literature review, given your choice of design. In other words, be very detailed. If your diagrams are not detailed, they will be unable to achieve the purpose of a secure design and ultimately, fail the customer.

Reference no: EM133631425

Questions Cloud

Describe how an attacker could use a sniffer in conjunction : Describe how an attacker could use a sniffer in conjunction with a Trojan to successfully gain access to sensitive data.
Describe the four priorities : Describe the four priorities and why they are critical for 2021. How can they be sure that their mission, vision and values are maintained?
Values and vision into strategies for the organization : What can you say about their values and vision? How did they translate these values and vision into strategies for the organization?
Identify essential element of relational expertise : Identify an essential element of relational expertise. Identify an essential element of relational expertise.
Analyze the risk of various plausible solution in the review : Analyze the risk of various plausible solutions in the review of related literature. If you are designing a secure application,detailed UML class and component.
Conflict and Stress Strategies : Conflict and Stress Strategies Your task is to create a resource based on one of the following topics Stress Reduction Strategies.
Risk management consists of reducing risky behavior : Much of risk management consists of reducing risky behavior. How can college students learn about and minimize these risks?
Evaluate the current business situation and knowledge audit : Evaluate the current business situation and the knowledge audit context as per the given topics, analyse the perspective of the stakeholders
What can happen when you settle for superficial sensing : What can happen when you settle for superficial sensing? Opportunities and threats go unseen, and sensing structures aren't well developed.

Reviews

Write a Review

Computer Engineering Questions & Answers

  Describing possible applications of data

Describing possible applications of data and big data analytics to Electronics Engineering degree programs. Cite at least two specific examples of these

  Effects of enterprise risk management on firm performance

The assignment is to pick one of the research papers or case studies and write a summary of the paper in about two pages and write your perspective.

  Which companies are likely to be declaring bankruptcy

Computer can make predictions about which companies are likely to be declaring bankruptcy within the next few years. (Supervised or Unsupervised)

  Evaluate the history of the data encryption standard

Evaluate the history of the Data Encryption Standard (DES) and then how it has transformed cryptography with the advancement of triple DES.

  What are the pros and cons of a hybrid hie model

What are the pros and cons of a hybrid HIE model? What challenges do you foresee after implementation, and how to resolve them

  Describe how the hazards can be mitigated to ensure

Describe how the hazards can be mitigated to ensure there is a safe working environment? How would a new BMET learn about safety hazards in the workplace?

  Implement splitlists as an array-based member function

Implement SplitLists as an array-based member function of the Unsorted List ADT.

  Write the code used in a for loop

Write the code used in a for loop

  How they apply to the criminal event

Identify the relevant U.S. Laws covered in Chapter 2 of the textbook and how they apply to the criminal event. What investigative processes will computer

  What you do for first five steps of troubleshooting process

IT 202- Create a document that explains what you would do for the first five steps of the troubleshooting process to resolve the issue stated in each ticket.

  How ip addressing work with dns servers to process a request

Draw a map, labeling every aspect, which represents how IP addressing works with DNS servers to process a request for a web page from your computer that returns the web page. Assume that it takes a few DNS servers to find the IP address.

  Write type definitions for the nodes and pointers

Write type definitions for the nodes and pointers in a linked list. Call the node type Node Type and call the pointer type Pointer Type.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd