Information System And Information Security

Information System And Information Security

Having Trouble Meeting Your Deadline?

Get your assignment on Information System And Information Security completed on time. avoid delay and – ORDER NOW

Project: Problem Identification Assignment Instructions

Overview

The objective of the final comprehensive project is to show you are competent in the Information Assurance discipline and prepared for the final capstone systems analysis and design course. You will show competence through the execution of a final information security plan. The objective of the plan is to identify a current and relevant security related problem in computing, study related literature that pertains directly to the problem, analyze an appropriate secure fault tolerant solution, design the secure fault tolerant solution, and develop a continuity and disaster recovery plan for the final solution. The identified problem must be contained in a software, network, or system environment that you have sufficient knowledge of and data access to be able to perform a thorough analysis and design.

 

Instructions

Current and proper current APA formatting is required and must include a title page, proper margins, citations, organization, proper grammar and spelling, and an ending resources page.

At the minimum, this phase of the project must include:

I. Executive summary, introduction, and conclusion

a. Executive summary

b. Introduction

i. Statement of the problem

ii. Documentation of the organizational requirements

iii. Purpose of the plan

iv. Scope of the plan

v. Rationale of the plan

c. Conclusion

II. Review of Related Literature

a. Scholarly, peer-reviewed, original research (8 minimum sources and at least 8 double-spaced, current APA-formatted pages)

b. Comprehensive investigation of past and current security solutions relevant to the problem

c. Summary of the research outcomes

d. NOTE: required minimum length in the grading rubric excludes all systems analysis and design (SAD) diagrams and any other tables and/or graphical elements

III. Risk Analysis

a. Analyze the risk of various plausible solutions in the review of related literature

b. Value of the assets

c. Potential loss per threat

d. Threat analysis

e. Overall annual loss per threat

f. Reduce, transfer, avoid, or accept the risk

 

IV. Environmental Diagrams (minimum of 2 required) could include, but are not limited to:

a. System and/or network architecture diagrams

i. If you are designing a secure network or system, at least 1 complete architectural diagram must exist that details all the connections, nodes, and/or pertinent pieces of equipment (e.g. data links, servers, switches, routers, firewalls, IDSs, SANs, databases, etc.)

ii. If you are designing a secure application, detailed UML class and/or component diagrams must exist

b. Security and business requirement mappings

c. Information or data flow diagrams

d. SDL Threat Modeling diagrams

e. Risk matrix

f. Process overview (e.g. see ISO 31000:2009 Process Overview Diagram)

g. Shared resource matrix

h. Attack and/or malicious mappings (e.g. distributed denial-of-service attack mapping, encrypted message flow)

Critical to your success is a comprehensive and proper understanding of the information system and surrounding environment for which the plan will address. Within the scope of the plan, you must notate each domain that will be addressed. It is important to clearly define what is inside the scope and what is outside of the scope of the plan.

For example, if you choose application security, you must narrowly define the application and its counterparts within the scope. This could include mobile code, object-oriented code, database, distributed system, neural network, and a number of other components. Subsequently, the research in the review of related literature must focus on the specific types of solutions that will be necessary to be analyzed and designed. If the specific domain is software development security, and the solution must secure malicious code, the review of related literature, risk analysis, and diagrams must have some focus on varying types of malicious code such as logic bombs, Trojan horses, viruses, time bombs, trapdoors, worms, and rabbits. If the domain is network security, a number of network architecture diagrams must be present that identify every possible device within the selected business environment.

Choose each element wisely; assuring that sufficient selection occurs to develop the solution based upon the research in the review of related literature. Additionally, the comprised components must provide sufficient depth to allow the minimum length requirements to be met for each phase of the project, but more importantly to securely design the system and/or application. Within EACH of the 2 diagrams, there is a minimum of 20 elements exist that accurately detail analysis of the environment that needs securing. The details will be supported by previous designs in the review of literature. These serve as a benchmark for your designs. If your literature review is insufficient, you will be assessed on relevant literature review, given your choice of design. In other words, be very detailed. If your diagrams are not detailed, they will be unable to achieve the purpose of a secure design and ultimately, fail the customer.

Note: Your assignment will be checked for originality via the Turnitin plagiarism tool.

Page 2 of 2

Explanation & Answer

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Order Now and we will direct you to our Order Page at Litessays. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.

Do you need an answer to this or any other questions?

Similar Posts