IT 3358 Information Security Concepts for the IT Professional Full Course Tasks
IT 3358 Information Security Concepts for the IT Professional Full Course Tasks
IT3358 Information Security Concepts for the IT Professional
Unit 1
Discussion
Security Vulnerabilities: Policies and Controls
When developing a network security strategy, you need to
make decisions on what security vulnerabilities need to be controlled in that
environment. In your own words, describe how you believe vulnerabilities for
global organizations differ from those that are non-local or domestic? Provide
at least one (1) example supporting your stance.
In the post-anesthesia care unit (PACU), the five components of the nursing process are utilized (Dean, 2018). An example of this would be a patient who presents to the PACU after a shoulder arthroscopy. An initial assessment of the patient shows the patient to be moaning, wincing, as well as tachycardia and hypertensive; this is the first step in the nursing process. The second step would be to provide a diagnosis. What is the problem? The patient reports pain (as 8 on a scale of 0-10) as a result of surgery as seen by increased heart rate and blood pressure as well as pain score. The third step is planning/outcomes, what can the nurse implement as far as interventions and possible pharmacologic strategies to alleviate the patient’s pain and what could the outcomes of said implementations be? The fourth step is implementation. The nurse carries out the intervention that was previously evaluated, in this case the nurse decides to dim the lights, quiet the room, and provide the patient with pain medication per orders given by provider. The last step is evaluation. Did the intervention work? Is the patient’s pain alleviated? This step often requires another assessment to determine the effectiveness of the intervention. The Standards of Practice set forth by the BON guides this nurse process in that the nurse is able to evaluate the problem, consider options for implementing interventions then evaluating the outcomes, all based on the appropriate standards of care put in place.
IT3358 Information
Security Concepts for the IT Professional
Unit 2
Discussion
AAA Framework and Cryptography
The concepts of auditing, authorization, and accountability
within the area of information security have helped to ease some burdens of IT
security professionals relating to the control of data flow and how data and
network security policies are managed. Describe the relationship between
auditing, authorization, and accountability within data and network security.
Additionally, describe at least one (1) tool that you believe can assist IT
professionals with the security of data and networks and explain how this tool
can be functional in organizations.
IT3358 Information
Security Concepts for the IT Professional
Unit 3
Discussion
Physical Security Controls
The assignment and readings for this week have included
various physical network security controls, practices, and policies. Discuss
why you believe systems and people can be (a) countermeasures, (b)
vulnerabilities, and (c) threats to your physical network assets? Provide at
least one (1) example on how this can be the case for each of these categories.
IT3358 Information
Security Concepts for the IT Professional
Unit 4
Discussion
OS and Application Vulnerability
One of the primary goals when selecting a particular
technology to implement and secure an IT infrastructure is to ensure that data,
operating systems, and applications are secured with competent security tools.
Based on your practical experience and research on this topic, identify a
vulnerability to a specific application and describe at least two (2)
countermeasures or tools you would consider recommending to an organization to
mitigate that vulnerability. In addition, explicate why you believe it is
important for organizations to protect against this vulnerability while
including the potential outcomes if this vulnerability were accepted or
ignored.
IT3358 Information
Security Concepts for the IT Professional
Unit 5
Discussion
Course Reflections
Reflecting on what you have learned in this course, explain
what you believe to be the most concerning security threat to organizations
today and why you believe that to be the case. Additionally, assume you were
implementing a security strategy for an organization that had no previous
security operations; determine the first three (3) security controls you would
consider implementing and explain why you believe these are the most important
to commence these efforts.
IT3358 Information
Security Concepts for the IT Professional
Unit 1 Assignment
Project Scope
For this assignment, you will develop an initial scope
document and proposal for deploying an Enterprise Security Infrastructure
Project. This is done by gathering facts about the selected organization and
identifying project needs.
First, select a global IT organization with which you are
currently affiliated, have worked for in the past, or one you would like to
learn more about. This organization should be relevant to your professional
goals and sufficient information about this organization should be available
through experience or research. You will use this same organization as a
foundation for all of your project assignments in this course.
Once you have selected your organization, you will evaluate
the existing security infrastructure and suggest improvements appropriate to
improving the cost and efficiency of managing the security. If assumptions need
to be made as part of your project, please list those assumptions so that your
instructor is aware.
For this assignment, use the suggested resources, the
Capella library, and the Internet to research the subject matter.
Instructions
Now that you have an understanding of the project and the
company’s needs, include the following in the initial scope document and
proposal:
Describe the scope of your project by providing an overview
to the selected organization: the reasons for your choice, its size, and the
location of the organization.
Describe the main business problems and goals as they relate
to information technology. Include information relative to organizational user,
organizational systems, and the security requirements.
Describe decision makers and stakeholders on whom you would rely
to develop a requirements analysis and traverse through the information
gathering phases of a security infrastructure deployment project.
Define a project timeline and outline that coincides with
the system and/or infrastructure component life cycle stages. Additionally,
identify the security components, requirements, and concerns that will need to
be addressed.
Explain the role of Availability, Confidentiality,
Authentication, and Integrity in identifying the project scope for the
organization.
Given the global nature of the organization, identify any
unique challenges that you anticipate facing from a regulatory, human
resources, and cultural standpoint.
You are encouraged to provide resources and citations. Any
references should be formatted according to APA (6th Edition) style and
formatting.
IT3358 Information
Security Concepts for the IT Professional
Unit 2 Assignment
AAA Framework and Cryptography Strategy
For this assignment, you will complete a data security
strategy. This is done by gathering facts about the selected organization and
identifying project needs. For this assignment, use the suggested resources,
the Capella library, and the Internet to research the subject matter.
Instructions
For this assignment, complete the following components for
your Perimeter Security Strategy:
Describe vulnerabilities and threats associated with data
being stored, in transit and in use.
Compare two cryptography tools and strategies for the
project that would be beneficial for protecting data being stored, in transit
and in use.
Describe at least three (3), non-cryptography strategies for
protecting stored data, data in transit and/or data in use for the company.
Describe strategies and identify at least two (2) tools for
supporting the AAA framework in your company’s security solution.
Determine how you would consider applying access control and
identify management to protect stored data, data in transit and/or data in use
in the company.
Define at least two (2) policies or guidelines that you
would include your organization’s data security manual. You are encouraged to
provide resources and citations. Any references should be formatted according
to APA (6th Edition) Style and Formatting.
Note: Make sure that you follow the scoring guide prior to
submitting. Submit your document to the assignment area once completed.
Resources
AAA Framework and Cryptography Strategy Scoring Guide.
IT3358 Information
Security Concepts for the IT Professional
Unit 3 Assignment
Physical Network Security Strategy
For this assignment, you will complete your Physical and
Network Security strategy. Each organization/company would need to show how
their data, assets, and networks are protected. In this assignment, you will
outline, address, and discuss your overall physical and network security
strategy where you plan, design, and implement your security strategy around
the organization’s global network infrastructure. For this assignment, use the
suggested resources, the Capella library, and the Internet to research the
subject matter.
Instructions
For this week, you are to complete the following components:
Describe at least three (3) threats and vulnerabilities
associated to physical security.
Define at least two (2) physical security strategies for
protecting each of the following categories in the company: (a) data, (b) human
resources and (c) hardware.
Describe strategies for protecting the company’s network
perimeter from external threats.
Describe strategies for protecting the company’s internal
and external network traffic and identify at least two (2) network security
tools you would consider utilizing.
Define at least two (2) policies or guidelines that you
would include in the organization’s physical security manual.
You are encouraged to provide resources and citations. Any
references should be formatted according to APA (6th Edition) style and formatting.
Ensure to follow the scoring guide prior to submitting and
submit your document to the assignment area.
IT3358 Information
Security Concepts for the IT Professional
Unit 4 Assignment
OS and Application Security Strategy
For this assignment, you will explain how to secure your
applications and operating systems through the use of various security tools.
For this assignment, use the suggested resources, the Capella library, and the
Internet to research the subject matter.
Instructions
For this assignment, complete the following components to
secure your applications and operating systems:
Describe threats and vulnerabilities associated with at
least two (2) operating systems.
Describe an anti-malware solution for the organization and
indicate on which operating systems it supports.
Select a suitable intrusion detection system (IDS) solution
for the organization and explain the reasoning for your suggestion.
Describe at least two (2) control strategies you would
consider implementing for securing the company’s web-based infrastructure.
Describe at least two (2) control strategies you would
consider implementing for securing the company’s database infrastructure.
Define two (2) items that you would include in the
organization’s operating system security hardening procedures.
You are encouraged to provide resources and citations. Any
references should be formatted according to APA (6th Edition) Style and
Formatting.
Follow the scoring guide and submit to the assignment
section once completed.
IT3358 Information
Security Concepts for the IT Professional
Unit 5 Assignment
Security Policy
As part of your course project, you are to develop, and
design your overall security policy strategy.
Instructions
Identify a complete list of security standards that must be
addressed in a comprehensive solution for the organization.
Discuss legal and regulatory issues that must be considered
in relation to the management of information assets.
Identify the steps that you took throughout the quarter to
ensure that your security solution will succeed internationally and describe
how you addressed globalization in your security design.
For your final submission, include all your previous work
for weeks 1–4 as part of this submission. Review the feedback that your
instructor provided throughout the quarter and use that to finalize the
security solution for your organization.
You are encouraged to provide resources and citations. Any
references should be formatted according to APA (6th Edition) style and
formatting.
Note: Make sure that your paper is professionally written
and free of errors, and that APA formatting is applied throughout. Once
complete, submit your document in the assignment area.
IT3358 Information
Security Concepts for the IT Professional
Unit 1
Discussion
Security Vulnerabilities: Policies and Controls
When developing a network security strategy, you need to
make decisions on what security vulnerabilities need to be controlled in that
environment. In your own words, describe how you believe vulnerabilities for
global organizations differ from those that are non-local or domestic? Provide
at least one (1) example supporting your stance.
IT3358 Information
Security Concepts for the IT Professional
Unit 2
Discussion
AAA Framework and Cryptography
The concepts of auditing, authorization, and accountability
within the area of information security have helped to ease some burdens of IT
security professionals relating to the control of data flow and how data and
network security policies are managed. Describe the relationship between
auditing, authorization, and accountability within data and network security.
Additionally, describe at least one (1) tool that you believe can assist IT
professionals with the security of data and networks and explain how this tool
can be functional in organizations.
IT3358 Information
Security Concepts for the IT Professional
Unit 3
Discussion
Physical Security Controls
The assignment and readings for this week have included
various physical network security controls, practices, and policies. Discuss
why you believe systems and people can be (a) countermeasures, (b)
vulnerabilities, and (c) threats to your physical network assets? Provide at
least one (1) example on how this can be the case for each of these categories.
IT3358 Information
Security Concepts for the IT Professional
Unit 4
Discussion
OS and Application Vulnerability
One of the primary goals when selecting a particular
technology to implement and secure an IT infrastructure is to ensure that data,
operating systems, and applications are secured with competent security tools.
Based on your practical experience and research on this topic, identify a
vulnerability to a specific application and describe at least two (2)
countermeasures or tools you would consider recommending to an organization to
mitigate that vulnerability. In addition, explicate why you believe it is
important for organizations to protect against this vulnerability while
including the potential outcomes if this vulnerability were accepted or
ignored.
IT3358 Information
Security Concepts for the IT Professional
Unit 5
Discussion
Course Reflections
Reflecting on what you have learned in this course, explain
what you believe to be the most concerning security threat to organizations
today and why you believe that to be the case. Additionally, assume you were
implementing a security strategy for an organization that had no previous
security operations; determine the first three (3) security controls you would
consider implementing and explain why you believe these are the most important
to commence these efforts.
IT3358 Information
Security Concepts for the IT Professional
Unit 1 Assignment
Project Scope
For this assignment, you will develop an initial scope
document and proposal for deploying an Enterprise Security Infrastructure
Project. This is done by gathering facts about the selected organization and
identifying project needs.
First, select a global IT organization with which you are
currently affiliated, have worked for in the past, or one you would like to
learn more about. This organization should be relevant to your professional
goals and sufficient information about this organization should be available
through experience or research. You will use this same organization as a
foundation for all of your project assignments in this course.
Once you have selected your organization, you will evaluate
the existing security infrastructure and suggest improvements appropriate to
improving the cost and efficiency of managing the security. If assumptions need
to be made as part of your project, please list those assumptions so that your
instructor is aware.
For this assignment, use the suggested resources, the
Capella library, and the Internet to research the subject matter.
Instructions
Now that you have an understanding of the project and the
company’s needs, include the following in the initial scope document and
proposal:
Describe the scope of your project by providing an overview
to the selected organization: the reasons for your choice, its size, and the
location of the organization.
Describe the main business problems and goals as they relate
to information technology. Include information relative to organizational user,
organizational systems, and the security requirements.
Describe decision makers and stakeholders on whom you would rely
to develop a requirements analysis and traverse through the information
gathering phases of a security infrastructure deployment project.
Define a project timeline and outline that coincides with
the system and/or infrastructure component life cycle stages. Additionally,
identify the security components, requirements, and concerns that will need to
be addressed.
Explain the role of Availability, Confidentiality,
Authentication, and Integrity in identifying the project scope for the
organization.
Given the global nature of the organization, identify any
unique challenges that you anticipate facing from a regulatory, human
resources, and cultural standpoint.
You are encouraged to provide resources and citations. Any
references should be formatted according to APA (6th Edition) style and
formatting.
IT3358 Information
Security Concepts for the IT Professional
Unit 2 Assignment
AAA Framework and Cryptography Strategy
For this assignment, you will complete a data security
strategy. This is done by gathering facts about the selected organization and
identifying project needs. For this assignment, use the suggested resources,
the Capella library, and the Internet to research the subject matter.
Instructions
For this assignment, complete the following components for
your Perimeter Security Strategy:
Describe vulnerabilities and threats associated with data
being stored, in transit and in use.
Compare two cryptography tools and strategies for the
project that would be beneficial for protecting data being stored, in transit
and in use.
Describe at least three (3), non-cryptography strategies for
protecting stored data, data in transit and/or data in use for the company.
Describe strategies and identify at least two (2) tools for
supporting the AAA framework in your company’s security solution.
Determine how you would consider applying access control and
identify management to protect stored data, data in transit and/or data in use
in the company.
Define at least two (2) policies or guidelines that you
would include your organization’s data security manual. You are encouraged to
provide resources and citations. Any references should be formatted according
to APA (6th Edition) Style and Formatting.
Note: Make sure that you follow the scoring guide prior to
submitting. Submit your document to the assignment area once completed.
Resources
AAA Framework and Cryptography Strategy Scoring Guide.
IT3358 Information
Security Concepts for the IT Professional
Unit 3 Assignment
Physical Network Security Strategy
For this assignment, you will complete your Physical and
Network Security strategy. Each organization/company would need to show how
their data, assets, and networks are protected. In this assignment, you will
outline, address, and discuss your overall physical and network security
strategy where you plan, design, and implement your security strategy around
the organization’s global network infrastructure. For this assignment, use the
suggested resources, the Capella library, and the Internet to research the
subject matter.
Instructions
For this week, you are to complete the following components:
Describe at least three (3) threats and vulnerabilities
associated to physical security.
Define at least two (2) physical security strategies for
protecting each of the following categories in the company: (a) data, (b) human
resources and (c) hardware.
Describe strategies for protecting the company’s network
perimeter from external threats.
Describe strategies for protecting the company’s internal
and external network traffic and identify at least two (2) network security
tools you would consider utilizing.
Define at least two (2) policies or guidelines that you
would include in the organization’s physical security manual.
You are encouraged to provide resources and citations. Any
references should be formatted according to APA (6th Edition) style and formatting.
Ensure to follow the scoring guide prior to submitting and
submit your document to the assignment area.
IT3358 Information
Security Concepts for the IT Professional
Unit 4 Assignment
OS and Application Security Strategy
For this assignment, you will explain how to secure your
applications and operating systems through the use of various security tools.
For this assignment, use the suggested resources, the Capella library, and the
Internet to research the subject matter.
Instructions
For this assignment, complete the following components to
secure your applications and operating systems:
Describe threats and vulnerabilities associated with at
least two (2) operating systems.
Describe an anti-malware solution for the organization and
indicate on which operating systems it supports.
Select a suitable intrusion detection system (IDS) solution
for the organization and explain the reasoning for your suggestion.
Describe at least two (2) control strategies you would
consider implementing for securing the company’s web-based infrastructure.
Describe at least two (2) control strategies you would
consider implementing for securing the company’s database infrastructure.
Define two (2) items that you would include in the
organization’s operating system security hardening procedures.
You are encouraged to provide resources and citations. Any
references should be formatted according to APA (6th Edition) Style and
Formatting.
Follow the scoring guide and submit to the assignment
section once completed.
IT3358 Information
Security Concepts for the IT Professional
Unit 5 Assignment
Security Policy
As part of your course project, you are to develop, and
design your overall security policy strategy.
Instructions
Identify a complete list of security standards that must be
addressed in a comprehensive solution for the organization.
Discuss legal and regulatory issues that must be considered
in relation to the management of information assets.
Identify the steps that you took throughout the quarter to
ensure that your security solution will succeed internationally and describe
how you addressed globalization in your security design.
For your final submission, include all your previous work
for weeks 1–4 as part of this submission. Review the feedback that your
instructor provided throughout the quarter and use that to finalize the
security solution for your organization.
You are encouraged to provide resources and citations. Any
references should be formatted according to APA (6th Edition) style and
formatting.
Note: Make sure that your paper is professionally written
and free of errors, and that APA formatting is applied throughout. Once
complete, submit your document in the assignment area.
APA Writing Checklist
Use this document as a checklist for each paper you will write throughout your GCU graduate program. Follow specific instructions indicated in the assignment and use this checklist to help ensure correct grammar and APA formatting. Refer to the APA resources available in the GCU Library and Student Success Center.
Also Read : IT 3358: Information Security Concepts for the IT Professional All Assignments Tasks
☐ APA paper template (located in the Student Success Center/Writing Center) is utilized for the correct format of the paper. APA style is applied, and format is correct throughout.
☐ The title page is present. APA format is applied correctly. There are no errors.
☐ The introduction is present. APA format is applied correctly. There are no errors.
☐ Topic is well defined.
☐ Strong thesis statement is included in the introduction of the paper.
☐ The thesis statement is consistently threaded throughout the paper and included in the conclusion.
☐ Paragraph development: Each paragraph has an introductory statement, two or three sentences as the body of the paragraph, and a transition sentence to facilitate the flow of information. The sections of the main body are organized to reflect the main points of the author. APA format is applied correctly. There are no errors.
☐ All sources are cited. APA style and format are correctly applied and are free from error.
☐ Sources are completely and correctly documented on a References page, as appropriate to assignment and APA style, and format is free of error.
Scholarly Resources: Scholarly resources are written with a focus on a specific subject discipline and usually written by an expert in the same subject field. Scholarly resources are written for an academic audience.
Examples of Scholarly Resources include: Academic journals, books written by experts in a field, and formally published encyclopedias and dictionaries.
Peer-Reviewed Journals: Peer-reviewed journals are evaluated prior to publication by experts in the journal’s subject discipline. This process ensures that the articles published within the journal are academically rigorous and meet the required expectations of an article in that subject discipline.
Empirical Journal Article: This type of scholarly resource is a subset of scholarly articles that reports the original finding of an observational or experimental research study. Common aspects found within an empirical article include: literature review, methodology, results, and discussion.
Adapted from “Evaluating Resources: Defining Scholarly Resources,” located in Research Guides in the GCU Library.
☐ The writer is clearly in command of standard, written, academic English. Utilize writing resources such as Grammarly, LopesWrite report, and ThinkingStorm to check your writing.