Reference no: EM131218119
Project- Sample Cyber Security Profile
Every organization must create a cybersecurity profile (system security plan (SSP)) for all of its major and minor information systems. The cybersecurity profile documents the current and planned controls for the system and addresses security concerns that may affect the system's operating environment. The cybersecurity profile includes security categorizations and security controls, and is included in the certification and accreditation package. For this project, you will create a sample cybersecurity profile describing the security posture of your selected organization.
Learning Objectives
After completing this project, students will be able to
1. Select and incorporate appropriate management, technical, and operational security controls into a system security plan.
2. Integrate and evaluate management, technical, and operational controls in the context of an information security program.
3. Develop a sample System Security Plan for an information system.
Deliverable
Your sample cybersecurity profile should be at least five full pages, double spaced, 1-inch margins, in New Times Roman 12-pitch font, with a cover page (name, course number, date, title of paper) and a reference page. The cover page and reference page are not included in the five-page minimum. Papers not meeting the five full-page minimum will lose points. You must have at least three sources, correctly formatted per APA guidelines. Submit your research paper to the appropriate TurnItIn assignment area by the due date.
Detailed Description of Learning Activity
1. Read NIST Special Publication 800-53 Rev 4 Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans.
2. Review the sample System Security Plan template in the Project Description area of the classroom.
3. Select one management, one technical, and one operational control from the eighteen family controls that apply to your selected organization (i.e., AU - Audit and Accountability).
4. Describe each family control. Include why these controls are required.
5. For each family control, select two associated family identifiers (i.e., AU-3 Content of Audit Records).
6. Describe each associated family identifier, describe the implementation status as it relates to your selected organization's security program, and describe how your selected organization implements the family identifer.
7. Write your sample cybersecurity profile. At a minimum, the profile should include
1. an Introduction that includes the purpose of your paper and introduces security profiles as they relate to your selected organization
2. an Analysis section that includes Items 3-6 above
3. a Conclusion that summarizes what you wrote
4. You are encouraged to use the sample SSP template as an example for how to document your research.
8. Use spell and grammar check before submitting. It is also a good idea to have someone else read your paper. You should also review the grading rubric below to ensure that you have all the graded components.
|
What are a trade deficit and a trade surplus
: What are a trade deficit and a trade surplus? What are the implications of a long-term trade deficit or trade surplus? What techniques are available to correct Balance of Payment Deficit or Surplus?
|
|
Barlow declaration of independence
: How is Barlow's declaration of independence similar and different from theDeclaration of Independence (Links to an external site.)that Thomas Jefferson wrote in 1776 in terms of what each wanted to achieve for the "people" or to empower them?
|
|
What are the elements of capital budgeting
: What are the elements of capital budgeting? How do you determine these elements in the global business arena? Provide examples of how you would use capital budgeting analysis to determine the desirability of global projects.
|
|
Calculate the adjusted relative risk for death
: Calculate the adjusted relative risk for death due to use of the CCU. Interpret this estimate. How does it compare with the results from the "before-after" study - Discuss the author's conclusion. How could bias and changes in medical treatment af..
|
|
Review the sample system security plan template in project
: Review the sample System Security Plan template in the Project Description area of the classroom. Describe each family control. Include why these controls are required.
|
|
Write the code to call a function whose name
: Write the code to call a function whose name is send_number. There is one argument for this function, which is an int. Send 5 as an argument to the function.
|
|
How is the unix system call read actually invoked
: In Unix-like operating systems, there is both a API library function named read(), and asystem call referred to as read in the Unix documentation. However, Unix system calls do notactually have names like a library function does.
|
|
Compare the impact of foreign aid on their broader economies
: Essay topics for PUBH5752. There is considerable debate around the benefit of foreign aid for health outcomes in developing countries, particularly with regard to sustainability of programs. Select at least 2 recipient countries and compare the im..
|
|
Are the weights the same on earth and the moon
: If the mass of a sliding block is tripled while a constant net force is applied, by how much does the acceleration decrease? Explain the difference between a vector and a scalar quantity. Give at least two examples of different variables that are v..
|