Assignment: Operation Security
Scenario
You work for a high-tech company with approximately 390 employees. Your firm recently won a large DoD contract, which will add 30% to the revenue of your organization. It is a high-priority, high-visibility project. You will be allowed to make your own budget, project timeline, and tollgate decisions.
You must develop the proper DoD security policies required to meet DoD standards for delivery of technology services to the U.S. Air Force Cyber Security Center (AFCSC), a DoD agency. To do this, you must develop DoD-approved policies and standards for your IT infrastructure (see the "Tasks" section below). The policies you create must pass DoD-based requirements. Currently, your organization does not have any DoD contracts and thus has no DoD-compliant security policies or controls in place.
The firm's computing environment includes the following:
- 12 servers running Microsoft Server 2012 R2, providing the following:
o Active Directory (AD)
o Domain Name System (DNS)
o Dynamic Host Configuration Protocol (DHCP)
o Enterprise Resource Planning (ERP) application (Oracle)
o A Research and Development (R&D) Engineering network segment for testing, separate from the production environment
o Microsoft Exchange Server for e-mail
o Symantec e-mail filter
o Websense for Internet use
- Two Linux servers running Apache Server to host your Web site
- 390 PCs/laptops running Microsoft Windows 7 or Windows 8, Microsoft Office 2013, Microsoft Visio, Microsoft Project, and Adobe Reader
Tasks
You must:
- Select a team leader for your project group.
- Create policies that are DoD compliant for the organization's IT infrastructure.
- Note DOD-specific requirements for the organization's IT infrastructure and U.S. compliance laws that may affect the firm
- Include DoD-compliant policies, standards, and controls that affect the User, Workstation, LAN, and LAN-to-WAN Domains
- Develop a list of compliance laws required for DoD contracts.
- List controls placed on domains in the IT infrastructure.
- List required standards for all devices, categorized by IT domain.
- Include DoD-compliant policies, standards, and controls that affect the WAN, Remote Access, and System/Application Domains
- Develop a deployment plan for implementation of these polices, standards, and controls.
- List all applicable DoD frameworks in the final delivery document.
- Write a professional report that includes all of the above content-related items.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.