Security Assessment and Recommendations
Overview
This course does involve a lot of technical information and theory but, what really matters is how this knowledge can be used to identify and remediate real-world security issues. What you learn in this course should be directly applicable to your work environment. The course project that you will complete is designed to further this goal. In the first part of the project you will choose an organization from one of two given scenarios (below), identify potential security weaknesses, and in the second part of the project, you will recommend solutions. The first part of the project is due in week 3, and the second part of the project, along with the first part (presumably revised based on instructor feedback) is due in week 7. This project constitutes a significant portion of your overall grade. This is an individual assignment and may not be completed in teams.
Phase I
In this phase you will choose either Aircraft Solutions or Quality Web Design as the company you will work with. You will then identify potential security weaknesses.
Security weaknesses – You must choose two from the following three areas: hardware software policy (excluding password policies) and identify an item that requires improved security. To clarify: you must identify
a) one hardware and one software weakness or,
b) one hardware and one policy weakness or,
c) one software and one policy weakness.
You must define the asset or policy with sufficient detail to justify your assessment. Your assessment must include: the vulnerability associated with the asset or policy the possible threats against the asset or policy the likelihood that the threat will occur (risk) the consequences to mission critical business processes should the threat occur how the organization’s competitive edge will be affected should