· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx

· THE INDUSTRY AND THE COMPANY AND ITS
PRODUCT(S) OR SERVICE(S)
A. The industry.- Tamara
B. The company and the concept- Tamara
C. The product(s) or service(s).- Tamara
D. Entry and growth strategy.- Arturo
· MARKET RESEARCH AND ANALYSIS
A. Customers.- Richard
B. Market size and trends.- Arturo
C. Competition and competitive edges.- Arturo
D. Estimated market share and sales.- Richard
E. Ongoing market evaluation.- Richard
· MARKETING PLAN
A. Overall marketing strategy.- Ryan
B. Pricing.- Ryan
C. Sales tactics.- Ryan
D. Service and warranty policies.- Ade
E. Advertising and promotion.- Ade
F. Distribution.- Ade
Deadline sent to Team Fileshare due- Saturday of each week by
4p.
Team Members in attendance-
Ryan, Richard, Arturo, Tamara, Ade
I. System Design Principles

A network system is a collection of integrated components that
works together, to
achieve a common objective. A system design is a process of
defining the system architecture,
modules, interfaces, data, and components of a system, to a
specified requirement.
Design principles describe the procedures that software
developers, system analyst, and
system architect designers, create through the distribution of
colors, texture, and the weight of
objects. This union describes the use of assets, so that there is
a structured and stable system
design, including system appearance, and security against
unauthorized access. Security design
principles are essential when designing any system to make sure
security and integrity is tamper
proof.
Various security design principles exist and designed by the
system developer, listed
below include security design principles:
1. The Principle of Least Privilege requires the system
developers to
limit user access rights to use specific tools and informatio n in
a system, this

privilege gives rights to access data and applications, only to
special users, with
limited access to other users.
The orientation of this design principle limits the system from
damaging
attacks from users of the system; whether they are intentional or
not, it also limits
the changes or damages a user can make on the system, and it
reduces interactions
with the system.
2. Fail Safe Defaults Principle administered by the system
developer
in charge of security, and authorizes users, to access system
resources, based on
granted access, rather than exclusion; this design principle
permits, the users, to
access resources, if permission is granted. By default, the users
do not have
access, to system resources, until authorization is given. This
design principle
prevents unauthorized users, from viewing resources. (Dennis &
Wixom, 2000)

3. Defense In-depth Principle is a concept used by system
developers
use security layers on system resources. This principle requires
users to provide
credentials when accessing a system resource. The security
experts because of
the operational results and effectiveness advocate defense In-
depth security
design principle. This principle manages the security risk with
diverse strategies
of defending; a good example is, if the first layer of security is
breached e.g.
firewall, the next layer will withstand the security breach, and
stop the security
breached.
4. Separate design principle authorizes each user with different
levels
of access into the system. An example: Administrator can
access the system
resources and root privileges, but the normal user cannot. This
design principle
denies an attacker, the ability to grant himself one privilege ,
but not a second

privilege, which will make it impossible, for the attacker, to
attack the system,
successively.
5. The Promote Privacy Principle advocates when one should
consider the privacy of the users of the system; the system
should not collect the
personal identification information of the users, and instead
protect and encrypt
information, and concealed from view. This design principle
ensures that the
users of the system, information protected, and not
compromised.
1
Security Management Plan

2
Contents
I. Project O utline (Week 1)
...............................................................................................
..... 3
II. Security Requirements (Week 1) .......................................
Error! Bookmark not defined.
III. Security Business Requirements (Week 2)
......................................................................... 7
IV. Security Business Requirements (Week 2) ........................
Error! Bookmark not defined.
V. Security Policy (Week 3)
...............................................................................................
..... 8
VI. System Design Principles (Week 4)
................................................................................... 9
VII. The Training Model (Week 5)
.......................................................................................... 10
VIII. References

.......................................................................... Error!
Bookmark not defined.
3
I. Project Outline (Week 1)
American Airlines developed in New York in nine-teen thirty
and become public in the
stock exchange in nineteen thirty nine. The company relocated
to Fort Worth Texas in nineteen
seventy-nine. The company created AMR Holdings in nineteen
eighty-two, this company gained
joint ownership in American Airlines and American Eagle.
AMR produced the financial backing
without taking part in operations. American Airlines is
formerly US Air; the airline currently is
worth billions of dollars. American Airlines is the largest
airline and connects with one thousand
airports worldwide; in one hundred fifty countries. The
passenger annual revenue averages one
hundred million dollars in the United States and internationally.
The company’s aircraft

inventory is thirty three hundred. American Airlines initiated
the first online booking, which
includes, flight information arrival, departure, seat information,
city, connecting flights, boarding
tickets, flight status, etc. In the year twenty fifteen, American
Airlines merged with US Air to
form the largest airline conglomerate in the world. The
company contributes to more than nine
hundred thousand jobs in the United States and Internationally.
A. Organizational Structure
The Program Manager; manages the projects financial,
organizational, and schedules.
This individual makes sure, project activities, achieved on
schedule, and within budget
restrictions. Certifies that established program, project criteria,
and practices met; confirms
quality of products. Categorizes, monitors, and manages risks,
within acknowledged constraints.
The Senior Enterprise Architect certifies continuous integration
of architectures. The
individual in this position performs impact analyses with,
upkeep from domain architects, and

maintenance development of business cases for IT projects.
Incumbent suggests architecture
4
strategy and planning guidance to the project team. Implements
an active role in recognizing
evaluations and needs of need for new technologies.
The Technology Architect cultivates and retains the Technical
Reference Model and
Standards identification correspondence. This individual
evaluates, investigates, suggests, and
identifies system environments, such as networks, nodes,
operating systems, servers, and
middleware.
The Business Architect evaluates data documents, business
processes, states, and
information flow. This individual supports, the progress of
business cases of projects, certifies
that business goals and strategies documented.
The Information and Data Architect evaluates and makes
documentation of business
processes and information; which includes physical and logical,
documentation of relationships.

This individual suggests, data architecture improvements,
related to, information use
requirements. Certifies data standard compliance administered.
The Applications Architect evaluates system documents,
external and internal modules,
control, and data movement. This individual evaluates and
suggests standards and tools, used in
application development. Also suggests, strategies for system
architecture.
The Chief Security Officer (CFO) plays a huge role in the
advancement of a secured
system architecture. This individual manages documents,
security features of the enterprise
architecture system, financial budgeting costs, vulnerability
calculations, access, design, and
authentication. Makes sure security summaries identified and
sustained for all application
processes.
5
The Technical Writer oversees and creates, documentation
regarding the repository

making sure content is understandable, usable, and follow
content management standards.
Repository and Configuration Manager oversees the
maintenance of documents and
performs audits, content management tools, and report
configurations.
B. Memo
TO: Security Team
FROM: Project Manager
DATE: August 22, 2016
SUBJECT: Work Group Communication Flows
Managing information across the network consists of handling
the logical and
physical network architecture. A comprehensive strategy and
plan for the security of the
network infrastructure includes policy and standard
requirements for network assets.
Development of policies for accountability of risks, logs,
authorization, users, and
monitoring, for potential risks;
Identify threats & breaches in the system applications, network,

and equipment;
Define routing and firewalls to identify network structure;
Define data centers, communication branches, and delimited
zones;
Define encryption, integrity, and confidentiality standards;
Define network architecture structure.
The communication flow and analysis includes voice, data, and
video signaling
across the network infrastructure. A strategic plan of the
security management needed
6
for data to travel over the intranets and extranets. Organized
internet policies, standards,
controls, and policies developed to provide a secured network
system. System devices
includes, cabling, topologies, network services, and devices.
The Project Manager oversees a structured approach and the
CSO is responsible
for all directives of the Security Management Plan. I look
forward to all input of
strategies and a scheduled timeline of all events pertinent in the

security development of
the system infrastructure.
7
II. Security Business Requirements (Week 2)
8
III. Security Policy (Week 3)
9
IV. System Design Principles (Week 4)
10

V. The Training Model (Week 5)
11
VI. References

· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx

Recommended

Recommended

More Related Content

Similar to · THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx

Similar to · THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx (20)

More from oswald1horne84988

More from oswald1horne84988 (20)

Recently uploaded

Recently uploaded (20)

· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx