1. CMGT 430 All Assignments (New Syllabus)
For more classes visit
www.snaptutorial.com
CMGT 430 Assignment Week 1 IT Systems Connection Table
CMGT 430 Assignment Week 2 Enterprise Security Concerns
CMGT 430 Assignment Week 3 Responding to Threats
CMGT 430 Assignment Week 4 Cloud Computing
CMGT 430 Assignment Week 5 Enterprise Security Plan Strategic
Objectives
*********************
CMGT 430 Assignment Week 2 Enterprise
Security Concerns
For more classes visit
2. www.snaptutorial.com
After reviewing the material your group has prepared so far, the
management team has returned with a list of five specific concerns.
They include:
Access control
Security enterprise
Impact of implementing a change management system
Mitigation
Risk management
Management has asked you to address concerns with a visual
presentation. Address concerns by providing the following information:
An overview of the access control
Required mitigation steps for each concern
Prioritize concerns
Concerns with vendor relations from the enterprise security standpoint
Description of how the organization can apply risk management
principles in its efforts
Description of iterative maintenance effort, including audits and
frequency
Include at least two references formatted according to APA guidelines.
Present the information in one of the following ways:
A detailed chart along with a brief 1- to 2-page executive summary
explaining the decisions made
A 12- to 14-slide multimedia-rich presentation with speaker notes
Submit your assignment.
3. *********************
CMGT 430 Assignment Week 3 Responding to
Threats
For more classes visit
www.snaptutorial.com
A few Assignment Weeks ago, a nearby hospital, which is very similar
in operations and scale to Auburn Regional, was the target of a
ransomware attack. You have kept a close eye on this event. You decide
to complete a review of current material available regarding ransomware
attacks and especially ransomware and hospital enterprise systems.
Develop a 1- to 2-page chart. Your chart should have four columns for
Authorization, Authentication, Roles, and Mitigation, as well as three
columns for Small, Medium, and Large businesses. The chart should
compare four attributes that are critical in enterprise systems today.
Populate and extrapolate what steps can be taken to mitigate threats for
small, medium, and large hospital enterprise systems.
Based on your chart, provide a final recommendation on how the
hospital can respond to the threat. Summarize your chart findings,
provide your recommendation, and answer the following questions in a
4. brief, 2- to 3-page executive summary to the Auburn Regional
management team:
How could changes to authorization, authentication, and roles help
mitigate and deal with these systems threats?
How do you verify people and security levels?
How will your recommendations alleviate the threat?
Include the chart in your executive summary.
*********************
Submit your assignment.
CMGT 430 Assignment Week 4 Cloud
Computing
For more classes visit
www.snaptutorial.com
Your work so far has been well-received and the management team is
very interested in quickly bringing the rest of the organization into the
process. The management team has expressed interest in incorporating
cloud technology as part of the Auburn Regional's IT architecture. To
integrate both of these requests, you decide to create an infographic that
could, on a single diagram, give the reader an idea of what cloud
5. technology is and how it could be used by Auburn Regional as these
enterprise systems updates are in action. As you might imagine, there is
a wealth of information on the internet involving the use of cloud
computing.
Consider the following information and outline your answers:
What are the pros and cons of cloud computing?
Where could cloud computing fit in the organizational structure and
operations?
How do companies that enter cloud technology agreements pass on
those issues to their customers?
How do these companies really know where their data and the data of
their customers is really stored?
What precautions are being taken?
Using your outline, create an original infographic for a presentation to
the Auburn Regional management team that shows:
The basics of cloud computing
Overview of pros and cons of cloud computing
Where cloud computing could possibly fit into the organizational
structure and operations
At least two concerns that need to be addressed
Include your outline on a separate document to support your infographic.
Submit your assignment.
*********************
CMGT 430 Assignment Week 5 Enterprise
Security Plan Strategic Objectives
6. For more classes visit
www.snaptutorial.com
An enterprise security plan is a document that explains the security
exposure that an entity would encounter in a specific marketplace. A
committee of people typically writes this document over a span of a few
months. Many times the drafts begin with developing a high-level
overview of strategic objectives that address how to secure the enterprise
inside and outside the enterprise.
The CEO asks you to explain the core principles of enterprise security
and respond to five strategic objectives as part of the overall enterprise
system security plan draft. They are:
Data loss prevention
Access controls
Data management
Risk management
Cloud technology
For each of the five strategic objectives, write a response that addresses
the following:
Key initiative: Why is this topic important to Auburn Regional?
Objectives: What is the desired outcome to this effort?
Description: What is the specific strategic objective? Provide a high-
level explanation.
Benefits: What will be the benefits of this effort?
Outcome: What will be done to meet this objective?
7. Include any charts, graphics, or infographics created in previous
Assignment Weeks that support your findings.
Compile your response with the following:
An updated executive summary
A final recommendation
At least three new references throughout your plan overview, cited
according to APA guidelines.
Incorporate feedback and use previous assignments as a resource. As a
guideline, an overview of this nature is typically 3 to 4 pages long.
Submit your assignment.
*********************
CMGT 430 Discussion Due Diligence
For more classes visit
www.snaptutorial.com
Respond to the following in a minimum of 175 words:
Just a few years ago, all IT processing took place in-house. Payroll
processing, human resources and benefits management, real estate
management, and investor relations were done by employees within the
parent organization. Even in the home environment, families kept
8. information activities in-house, including annual tax returns and banking
(through the writing of paper checks) and disagreements or issues with
vendors was taken care of personally. Now we have online resources
that push some of that overhead to external vendors. Examples include
organizations that will process payroll and benefits administration, and
stock brokerages that address investor traffic. Working with vendors
brings up a few concerns.
Discuss the following:
Why is due diligence necessary when dealing with external
vendors?
What is one suggestion you have regarding securing data as it is in-
transit to and from these vendors?
What are two security protocols that should be part of the vendor's
data operations? For example, if the data includes PII/SPII
information, is adherence to external regulations and guidelines the
responsibility of the vendor or your organization?
*********************
CMGT 430 Discussion Mainframe And
Client/Server Environments
For more classes visit
www.snaptutorial.com
Respond to the following in a minimum of 175 words:
9. Consider the following scenario:
Your manufacturing company has operated with a mainframe IBM
computer for more than 20 years. Recent technological advances have
brought opportunities to replace that mainframe-based computing
environment with a client/server environment. You have been tasked
with responding to the senior management group about the security
issues involved with replacing the existing mainframe computer
environment with a client/server platform. The salespeople you deal
with from each vendor believe that the current mainframe environment
costs about $500K a year to maintain from a security standpoint, while a
client/server environment would cost about $325K a year. But cost is not
the only consideration. No PII or SPII data is contained in this
manufacturing platform. It is strictly a final product for sale application.
Outline and review a typical mainframe enterprise security footprint. Do
the same for a possible client/server environment. This could include the
use of the cloud for distributed computing, but that would also include
unique security concerns.
Discuss the following:
Based on your outline, which of these environments is more secure
and why?
Does your outline show commonalities that could permit both the
mainframe and the client/server environment to coexist from an
enterprise security perspective? If so, what are they?
*********************
CMGT 430 Discussion Security Checkpoint
For more classes visit
www.snaptutorial.com
10. Respond to the following in a minimum of 175 words:
At many security checkpoints where biometrics are used, only one
protocol is employed, such as a fingerprint reader, a hand-scanner, or
facial recognition. Other checkpoints use several biometric checkpoint
protocols in tandem to add a layer of security.
Complete an internet search for vendors of biometric products. Find one
vendor with a product designed to examine several characteristics [i.e.,
facial recognition, hand scanner (incorporates hand pattern, fingerprint
reader), retina scan, and signature recognition].
Discuss the vendor you selected along with answers to the following
questions:
Which characteristics would be more acceptable to users?
Which would be preferred by security administrators?
Respond to the following in a minimum of 175 words:
At many security checkpoints where biometrics are used, only one
protocol is employed, such as a fingerprint reader, a hand-scanner, or
facial recognition. Other checkpoints use several biometric checkpoint
protocols in tandem to add a layer of security.
Complete an internet search for vendors of biometric products. Find one
vendor with a product designed to examine several characteristics [i.e.,
facial recognition, hand scanner (incorporates hand pattern, fingerprint
reader), retina scan, and signature recognition].
Discuss the vendor you selected along with answers to the following
questions:
Which characteristics would be more acceptable to users?
Which would be preferred by security administrators?
*********************
CMGT 430 Entire Course
11. For more classes visit
www.snaptutorial.com
CMGT 430 Week 1 Individual IT Systems Connection Table
CMGT 430 Week 2 Learning Team Vulnerabilities and Threat Pairs
CMGT 430 Week 2 Individual Applying Risk Management Consulting
CMGT 430 Week 3 Learning Team Ranking the Pairs
CMGT 430 Week 3 Individual Using Roles
CMGT 430 Week 4 Team Draft of the Enterprise Security Plan and
Presentation
CMGT 430 Week 4 Individual Controlling Access
CMGT 430 Week 5 Team Enterprise Security Plan Paper
CMGT 430 Week 5 Individual An IT Security Department Profile
CMGT 430 Week 1 DQ 1
CMGT 430 Week 1 DQ 2
CMGT 430 Week 2 DQ 1
CMGT 430 Week 2 DQ 2
12. CMGT 430 Week 3 DQ 1
CMGT 430 Week 3 DQ 2
CMGT 430 Week 4 DQ 1
CMGT 430 Week 4 DQ 2
CMGT 430 Week 5 DQ 1
CMGT 430 Week 5 DQ 2
*********************
CMGT 430 Ver 3 Week 1 DQ 1
For more classes visit
www.snaptutorial.com
Delineate the difference between system architecture, software
architecture, and information architecture. Provide some examples to
illustrate what each represents.
*********************
CMGT 430 Ver 3 Week 2 DQ 1
13. For more classes visit
www.snaptutorial.com
Why should an organization consider implementing role-based access
control (RBAC) over discretionary access controls (DAC) or mandatory
access controls (MAC)? Provide an example to put in context the
differences between the three approaches?
*********************
CMGT 430 Ver 3 Week 2 DQ 1
For more classes visit
www.snaptutoria.com
Based on the Shaw (2009) article, why would you consider deploying an
intrusion prevention system (IPS) over an intrusion detection system
(IDS) to improve enterprise security? What are the major factors to
consider when employing this technology?
*********************
CMGT 430 Ver 3 Week 2 DQ 2
14. For more classes visit
www.snaptutorial.com
Based on the Barr article (2009), how can radio-frequency identification
(RFID) technology be applied to providing enterprise security? What are
the major factors to consider when employing this technology?
*********************
CMGT 430 Ver 3 Week 3 DQ 1
For more classes visit
www.snaptutorial.com
In role-based systems, you want to establish mutually exclusive roles to
prevent assignment of conflicting permissions to a single role. Provide
examples of two similar job functions that have differing access roles.
What would be all of the types of systems for which you would grant
each role access?
*********************
CMGT 430 Ver 3 Week 3 DQ 2
15. For more classes visit
www.snaptutorial.com
Based on the Barr article (2010), what software must be considered to
provide adequate security management across the enterprise?
*********************
CMGT 430 Ver 3 Week 4 DQ 1
For more classes visit
www.snaptutorial.com
What is a virtual enterprise, and how is that different from a physical
one?
*********************
CMGT 430 Ver 3 Week 4 DQ 2
For more classes visit
www.snaptutorial.com
16. Based on the Drumheller article (2008), should biometrics be used
instead of passwords and pins to authenticate enterprise users, or should
they be used in conjunction with passwords and pins? What factors
should be considered?
*********************
CMGT 430 Ver 3 Week 5 DQ 1
For more classes visit
www.snaptutorial.com
Based on the Ulasien article (2008), why is an IT security audit critical
in developing an enterprise security strategy? Should threats to the
enterprise be reviewed and assessed on regular basis?
*********************
CMGT 430 Ver 3 Week 5 DQ 2
For more classes visit
www.snaptutorial.com
17. Based on the Drumheller article (2007), why should the critical business
processes be identified, and their impact on the business be evaluated
along with the threats for developing the enterprise security strategy?
Should impact on business processes of the enterprise be reviewed and
assessed on a regular basis?
*********************
CMGT 430 Week 1 Individual IT Systems
Connection Table
For more classes visit
www.snaptutorial.com
CMGT 430 Week 1 Individual: IT Systems Connection Table
Enterprise systems consist of multiple IT systems. It is important to
know the different interconnections each system may have. IT systems
do not operate alone in the modern enterprise, so securing them will
involve securing their interfaces with other systems, as well as the
system itself.
Complete the University of Phoenix Material: IT System Connection
Table for four different IT systems. The table is located in the Materials
section to the right.
Complete the directions within the document. They are as follows:
Note two systems they connect with and their connection type.
Note two security vulnerabilities the system may have and two to four
ways each vulnerability could be potentially exploited.
Submit your assignment to the Assignment Files tab above.
IT System Connection Table
18. When securing the modern enterprise, consider that IT systems do not
operate alone. Securing them involves securing their interfaces with
other systems as well. It is important to know the different
interconnections each system may have.
Fill out the following table for four different IT systems.
Note two enterprise systems they connect with and their connection
type.
Note two security vulnerabilities the connection may have and two to
four ways each vulnerability could be potentially
Additional Comments:
An example row has been entered into the table in blue. This is only
an example and should not limit what you do.
Keep in mind that enterprise systems cover a certain task in the
enterprise (HR, CRM, Identity Management, etc.). They are not the
components of a system (such as servers).
Connections can often be a direct connection/pipe, a file, a common
database, or something else.
The vulnerability is what would make the connection vulnerable to an
attack.
The related risk is an attack that could target the weakness.
CMGT 430 Week 2 Individual Applying Risk
Management Consulting
For more classes visit
19. www.snaptutorial.com
CMGT 430 Week 2 Individual Applying Risk Management Consulting
Note: This is the first of three assignments that will be completed for this
three-assignment project, ending with a final paper in Week Four.
You have been hired as a consultant and asked to provide a presentation
on the company's risk management to the CIO.
Create a 5- to 7-slide narrated presentation on the following information:
• Describe how the organization can apply risk management principles
in its efforts to secure their systems.
• Outline how protection efforts will vary over time.
• Include three different example sets, each with a vulnerability, related
risk, and way to mitigate (control) that item.
Use any slide presentation software of your choosing.
Submit your presentation to the Assignment Files tab above
*********************
CMGT 430 Week 2 Learning Team
Vulnerabilities and Threat Pairs
For more classes visit
www.snaptutorial.com
20. CMGT 430 Week 2 Learning Team: Vulnerabilities and Threat Pairs
Select an organization that you are familiar with or an organization from
a published case study.
Find case studies through the following sources or through a faculty-
approved source. Suggestions are as follows:
Search within University Library for these periodicals
Information Week
CSO
SC Magazine
The CEO of your selected organization has requested an enterprise
security plan from your team. The first step to developing an enterprise
security plan is to identify the specific vulnerabilities and related risks
facing an organization. This list should be fairly exhaustive. Many
vulnerability and threat pairs will not make the final cut for remediation,
but an organization can only properly prioritize these if it has fully
covered all of the risks.
Create a list of 30 information security vulnerabilities with related
threats relevant to the organization. Keep in mind:
Most vulnerabilities will have more than one related threat.
Cover both physical and logical vulnerabilities.
Place your list in the first two columns of a table in a Microsoft® Word
or Excel® document. The table will resemble the following:
*********************
CMGT 430 Week 3 Individual Using Roles
For more classes visit
www.snaptutorial.com
21. CMGT 430 Week 3 Individual: Using Roles
Note: This is the second of three parts to this project. Refer back to your
organization used in the Week Two Applying Risk Management
Consulting assignment.
A better way to control user access to data is to tie data access to the role
a user plays in an organization. Some organizations are still learning
this. Your presentation this week persuades the CIO of your target
organization of the importance of controlling user access.
Create a 5- to 7-narrated slide presentation discussing the following:
The value of separating duties in the organization
The value of using roles to segregate the data and system access needs
of individuals in the organization
Why a role-based access control (RBAC) system would be the best
way to accomplish this, including both the advantages and disadvantages
of such a system
Use any slide presentation software of your choosing.
Submit your presentation to the Assignment Files tab above.
*********************
CMGT 430 Week 3 Learning Team Ranking the
Pairs
For more classes visit
www.snaptutorial.com
22. CMGT 430 Week 3 Learning Team: Ranking the Pairs
The CEO of your selected organization has requested an enterprise
security plan from your team. This week you will prioritize the threats
and vulnerabilities previously identified, and determine which need
attention and which may be left for another time. This is done by
determining the probability of the risk and the potential impact it may
have on the organization. Your objective is to address the risks with the
highest probability of happening, with the highest impact on the
organization.
Extend your table from Week Two to include columns for Probability of
Risk and Impact of Risk on the organization. Include mitigation steps of
the top 20 pairs.
Part 1
Fill out the final three columns in the table from the previous week.
Rate the probability and impact of each vulnerability-threat pair as High,
Medium, or Low. (These are independent of each other.)
Rank the pairs in the order they should be addressed by the organization.
(High/High rows will be at the top and Low/Low rows at the bottom.)
The team will have to decide where to rank rows which are not at these
extremes.
Suggest specific mitigation steps to take for the top 20 rows. You will go
into more detail for the final project due in Week Five.
Leave the Suggested Mitigation Steps column empty for rows below the
top 20.
Part 2
Prepare a brief explanation on the final rankings.
Describe how the team finally ranked the pairs and the reasoning
behind the suggested mitigation steps.
Focus on the top 20 rows, but cover why the others were ranked lower
and will not be addressed at this time.
Keep this explanation brief and clear but informative.
Submit your updated table and explanation to the Assignment Files tab
above.
*********************
23. CMGT 430 Week 4 Individual Controlling
Access
For more classes visit
www.snaptutorial.com
CMGT 430 Week 4 Individual Controlling Access
This is the third assignment of the series. Continue the Applying Risk
Management Consulting assignment for your chosen organization.
Refer to your Week Three individual assignment.
Write a 4- to 5-page business proposal in which you cover what
concerns and potential actions the organization should take for each of
the following areas:
How to manage and control the use of cloud resources and other
service providers that may be used for processing and data storage
outside the organization’s physical locations
Specific recommendations to control mobile access to organizational
system users (employees and customers)
Identify specific issues to be addressed with business partners and
inter-connection of systems.
Note: Brief the organization on the major issues involved but keep each
section succinct.
Format your business proposal consistent with APA guidelines.
Submit your assignment to the Assignment Files tab above.
*********************
24. CMGT 430 Week 4 Team Draft of the Enterprise
Security Plan and Presentation
For more classes visit
www.snaptutorial.com
CMGT 430 Week 4 Learning Team: Draft of the Enterprise Security
Plan and Presentation
The CEO of your selected organization has requested an enterprise
security plan from your team. An enterprise security plan is more than
just a list of vulnerabilities and risks. It must present them in a
meaningful way along with suggestions for specific steps to mitigate
each of the most important vulnerabilities or risk pairs it finds.
The organization would like you to present an enterprise security plan to
their Board of Directors. This week your team will draft two
deliverables¬, an enterprise security plan and a presentation.
Part 1
Compile a full draft of the final enterprise security plan document. This
will not be complete, but will have at least a short paragraph about each
major section of the paper, including the suggested controls.
Use the introduction and conclusion as an executive summary of the
entire paper’s content.
Research at least eight sources that validate the choices made in the
paper. This must go beyond basic definitions. The sources can be
changed in the final week, if needed.
Format your paper consistent with APA guidelines.
Part 2
25. Draft an 8- to 10-slide presentation on the findings in the Enterprise
Security Plan to present to senior management. Keep the slides concise.
Include detailed speaker notes for the presentation.
Use any slide presentation software of your choice.
Submit a draft of both the enterprise security plan and slide presentation
to the Assignment File tabs above.
*********************
CMGT 430 Week 5 Individual An IT Security
Department Profile
For more classes visit
www.snaptutorial.com
CMGT 430 Week 5 Individual An IT Security Department Profile
The CEO asks you to create a presentation for the company about the IT
Security Department. She wants you to highlight the core principles of
enterprise security, and visually present the positions in the IT Security
Department that are responsible for which principles.
Create a 4- to 5-slide narrated presentation in response to the request
from the CEO. Include an organizational chart to help the audience
visualize how the security team functions. Include detailed speaker notes
or transcription of narration.
Submit presentation using the Assignment Files tab above.
*********************
26. CMGT 430 Week 5 Team Enterprise Security
Plan Paper
For more classes visit
www.snaptutorial.com
CMGT 430 Week 5 Team Enterprise Security Plan Paper
The CEO of your selected organization has requested an enterprise
security plan from your team. Presenting an enterprise security plan to
senior management is an important task that faces every IT security
leader. It is your job to provide an appropriate overview and encourage
the team to invest in your plan.
Finalize the enterprise security plan and presentation using feedback
from your instructor.
Submit the enterprise security plan and presentation to the Assignment
Files tab above.
*********************