Assignment: Capstone Project
Overview
The purpose of this Capstone Project is for students to examine and solve real world information assurance problems and apply associated techniques to create practical solutions. The course takes an integrative and senior security officer approach to address the policy, risk, and control opportunities within cyberspace and IT environments.
Cybersecurity Policy Catalog
This Project is a two-part deliverable using MS Word and MS Project, or their open source equivalents. This assignment focuses on information as an asset and logical security techniques for a hypothetical law firm. The goal of this deliverable is to secure an information security policy, suggesting the fundamental guidelines should an untoward event occur. It can be seen that information assets security management can be reduced down to three (3) basic principles: integrity, confidentiality, and availability. Structure a policy around and within computers and associated equipment, as well as the people using it. Note: You may create and / or make all necessary assumptions needed for the completion of this assignment.
Submission Requirements
• Infrastructure Document (MS Word)
• Security Project Plan (MS Project)
Section 1
Write a three to five page paper in which you:
1. Create a cyber-security policy describing the principle, the objective, and policy statement for the law firm's company network.
2. Describe the roles and responsibilities by groups (e.g., position director of network security, the network security manager, network security engineers, IT area), defining roles and responsibilities.
3. Suggest the cyber-security policy statement, an explanation of the policy statement, and the reasons why the policy statement may be controversial.
4. Determine the security testing methodology you would use to facilitate the assessment of technical controls.
Section 2
5. Use Microsoft Project, or an open source alternative such as OpenProj, to create a security project plan for the law firm. The project plan should include:
a. Tasks, subtasks, resources, and predecessors.
b. An outline of the planning, analysis, design, and implementation phases.
c. The use of cyber-security in the information systems development life cycle.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also include a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also Include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.