This document provides instructions for 5 assignments related to an IT security course (CMGT 430). The assignments cover topics like enterprise security concerns, responding to threats, cloud computing, and developing an enterprise security plan. For each assignment, students are asked to create deliverables like presentations, charts, infographics, and executive summaries analyzing security issues and recommendations for a fictional hospital organization called Auburn Regional.
Provided as is, without warranty, for businesses to consider as a very early starting point in the preparation of a business continuity plan. This work is based upon material delivered to University business students.
Provided as is, without warranty, for businesses to consider as a very early starting point in the preparation of a business continuity plan. This work is based upon material delivered to University business students.
CloudPay - Building a Business Case for Global PayrollCloudPay
When considering any enterprise technology switch, C-suite executives often find it difficult to see beyond the upfront costs of change management and implementation to the long-term benefits of a new solution... and nowhere is that more true than in payroll. This CloudPaper on ‘Building a Business Case for a Global Payroll Solution’ discusses how Payroll, HR, and IT teams can secure buy-in for new payroll solution by:
1. Outlining the true costs of their existing system;
2. Detailing their requirements of a more modern solution; and
3. Exposing the benefits and value of a move to the cloud.
To download the full report visit: https://www.cloudpay.net/resources/topic/cloudpaper
Streamline the traditional approach to make BCP development manageable and repeatable.
Your Challenge
Ineffective business continuity planning (BCP) leads to:
Regulators and customers demanding a functional BCP.
Progress is limited or stalled – no effective approach to make this a manageable project that can actually be completed.
No clear sense of appropriate recovery objectives or how to get there.
Do-It-Yourself Implementation
The slides in this our Best Practice Blueprint will walk you step-by-step through every phase of your project with supporting tools and templates ready for you to use.
Project Accelerator Workshop
You can also use this Best Practice Blueprint to facilitate your own project accelerator workshop within your organization using the workshop slides and facilitation instructions provided in the Appendix.
Let us help you plan your project
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops.
Onsite Expert Advice
Our expert analysts will come onsite to help you work through our project methodology in a 2-5 day workshop. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully. In some cases, we can even help you to complete the project while we are onsite!
Present current challenges in the vulnerability patching industry. Describe the persona and their pain points. Analysis of 2 competitors and its feature. Workflow of a patching process.
Risk Management - Business Continuity Planning and ManagementCody Shive
This presentation outlines the basics behind Business Continuity planning and management. Targeted to CEO's, CFO's and CIO's, this presentation emphasizes the processes and the need to make BCP/M part of the Enterprise's fabric.
Determining where and how to host your IT systems is largely a strategic business decision, even more so than an IT decision. It’s one that can have a large impact on your business, in regards to system performance, security and cost. Having a clear understanding of the true costs of it all to not only weigh all of your options, but to build a comprehensive cloud and IT outsourcing strategy is essential.
Business Continuity Planning: Documentation During EMR Downtime WebcastJulie Champagne
The headlines jump off the page: “Network Glitch Brings Down EMR,” “Nurses Want Probe Into EMR Failure,” “Setback After EMR Crashes,” “What to Do When IT Disaster Strikes,” and “Lessons Learned From an Extended EHR Outage.” When the EMR goes down what happens next is as important as what happened moments before, including a potential transition to manual documentation.
With patient care being intertwined, EMR technology is indispensable at many facilities. Unexpected downtime is rare, but when the EMR does go down, processes must be in place that enable staff to quickly access an alternative. This presentation will cover approaches to EMR business continuity including definition and documentation of workflows both within and between systems and workflows in a downtime situation. Further, most business continuity solutions will provide a copy of the patient’s chart, and the good ones will also allow for basic documentation that flows back into the patient’s electronic chart once the EMR is available again. Join us as we survey industry business continuity approaches and present best practices.
Introducing our content ready ITIL Incident Management Workflow PowerPoint Presentation Slides. Talk about the need for implementing incident management processes such as maintaining service levels, meeting service availability requirements and so on. The topic-specific incident resolution workflow PowerPoint presentation contains twenty-two editable PPT slides to serve all your business needs. Take advantage of the professionally designed problem management best practices PPT slideshow to discuss with your team the key issues of ITIL workflow like lack of transparency, decreased customer satisfaction, high risk of business etc. Demonstrate best practice of ITIL management like creating and maintaining a knowledge base and handling major incidents etc. Utilize the visually appealing ITIL framework PowerPoint compete deck to showcase benefits of ITIL e.g. maintain dashboard and reports etc. You can also use the PPT slides to represent stages of the IT incident management lifecycle. Thus, download the informative and interactive PowerPoint templates to list down the key performance indicators of IT incident management. From this day forward you won't look back. Our ITIL Incident Management Workflow PowerPoint Presentation Slides keep you focused ahead. https://bit.ly/2So2pXt
CMGT 442 Assignment Week 1 Three Dimensions of Risk Management (New Syllabus)
CMGT 442 Assignment Week 2 Risk Management and Mitigation Planning (New Syllabus)
CloudPay - Building a Business Case for Global PayrollCloudPay
When considering any enterprise technology switch, C-suite executives often find it difficult to see beyond the upfront costs of change management and implementation to the long-term benefits of a new solution... and nowhere is that more true than in payroll. This CloudPaper on ‘Building a Business Case for a Global Payroll Solution’ discusses how Payroll, HR, and IT teams can secure buy-in for new payroll solution by:
1. Outlining the true costs of their existing system;
2. Detailing their requirements of a more modern solution; and
3. Exposing the benefits and value of a move to the cloud.
To download the full report visit: https://www.cloudpay.net/resources/topic/cloudpaper
Streamline the traditional approach to make BCP development manageable and repeatable.
Your Challenge
Ineffective business continuity planning (BCP) leads to:
Regulators and customers demanding a functional BCP.
Progress is limited or stalled – no effective approach to make this a manageable project that can actually be completed.
No clear sense of appropriate recovery objectives or how to get there.
Do-It-Yourself Implementation
The slides in this our Best Practice Blueprint will walk you step-by-step through every phase of your project with supporting tools and templates ready for you to use.
Project Accelerator Workshop
You can also use this Best Practice Blueprint to facilitate your own project accelerator workshop within your organization using the workshop slides and facilitation instructions provided in the Appendix.
Let us help you plan your project
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops.
Onsite Expert Advice
Our expert analysts will come onsite to help you work through our project methodology in a 2-5 day workshop. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully. In some cases, we can even help you to complete the project while we are onsite!
Present current challenges in the vulnerability patching industry. Describe the persona and their pain points. Analysis of 2 competitors and its feature. Workflow of a patching process.
Risk Management - Business Continuity Planning and ManagementCody Shive
This presentation outlines the basics behind Business Continuity planning and management. Targeted to CEO's, CFO's and CIO's, this presentation emphasizes the processes and the need to make BCP/M part of the Enterprise's fabric.
Determining where and how to host your IT systems is largely a strategic business decision, even more so than an IT decision. It’s one that can have a large impact on your business, in regards to system performance, security and cost. Having a clear understanding of the true costs of it all to not only weigh all of your options, but to build a comprehensive cloud and IT outsourcing strategy is essential.
Business Continuity Planning: Documentation During EMR Downtime WebcastJulie Champagne
The headlines jump off the page: “Network Glitch Brings Down EMR,” “Nurses Want Probe Into EMR Failure,” “Setback After EMR Crashes,” “What to Do When IT Disaster Strikes,” and “Lessons Learned From an Extended EHR Outage.” When the EMR goes down what happens next is as important as what happened moments before, including a potential transition to manual documentation.
With patient care being intertwined, EMR technology is indispensable at many facilities. Unexpected downtime is rare, but when the EMR does go down, processes must be in place that enable staff to quickly access an alternative. This presentation will cover approaches to EMR business continuity including definition and documentation of workflows both within and between systems and workflows in a downtime situation. Further, most business continuity solutions will provide a copy of the patient’s chart, and the good ones will also allow for basic documentation that flows back into the patient’s electronic chart once the EMR is available again. Join us as we survey industry business continuity approaches and present best practices.
Introducing our content ready ITIL Incident Management Workflow PowerPoint Presentation Slides. Talk about the need for implementing incident management processes such as maintaining service levels, meeting service availability requirements and so on. The topic-specific incident resolution workflow PowerPoint presentation contains twenty-two editable PPT slides to serve all your business needs. Take advantage of the professionally designed problem management best practices PPT slideshow to discuss with your team the key issues of ITIL workflow like lack of transparency, decreased customer satisfaction, high risk of business etc. Demonstrate best practice of ITIL management like creating and maintaining a knowledge base and handling major incidents etc. Utilize the visually appealing ITIL framework PowerPoint compete deck to showcase benefits of ITIL e.g. maintain dashboard and reports etc. You can also use the PPT slides to represent stages of the IT incident management lifecycle. Thus, download the informative and interactive PowerPoint templates to list down the key performance indicators of IT incident management. From this day forward you won't look back. Our ITIL Incident Management Workflow PowerPoint Presentation Slides keep you focused ahead. https://bit.ly/2So2pXt
CMGT 442 Assignment Week 1 Three Dimensions of Risk Management (New Syllabus)
CMGT 442 Assignment Week 2 Risk Management and Mitigation Planning (New Syllabus)
erm Paper Managing an IT Infrastructure AuditDue Week 10 and woeleanorabarrington
erm Paper: Managing an IT Infrastructure Audit
Due Week 10 and worth 210 points
This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan.
You must submit all four (4) sections as separate files for the completion of this assignment.
Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.
Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.
In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:
They have a main office and 268 stores in the U.S.
They utilize a cloud computing environment for storage and applications.
Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.
They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.
They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.
They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.
They enable wireless access at the main office and the stores.
They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.
Section 1: Internal IT Audit Policy
Write a three to four (3-4) page paper in which you:
1. Develop an Internal IT Audit Policy, which includes at a minimum:
a. Overview
b. Scope
c. Goals and objectives
d. Compliance with applicable laws and regulations
e. Management oversight and responsibility
f. Areas covered in the IT audits
g. Frequency of the audits
h. Use at least two (2) quality resources in this assignment.
Note
: Wikipedia and similar Websites do not qualify as quality resources.
Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
2. Explain the management plan for conducting IT audits, including:
a. Risk management
b. System Software and Applications
c. Wireless Networking
d ...
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docxmanningchassidy
Term Paper: Managing an IT Infrastructure Audit
Due Week 10 and worth 210 points
This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan.
You must submit all four (4) sections as separate files for the completion of this assignment.
Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.
Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.
In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:
They have a main office and 268 stores in the U.S.
They utilize a cloud computing environment for storage and applications.
Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.
They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.
They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.
They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.
They enable wireless access at the main office and the stores.
They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.
Section 1: Internal IT Audit Policy
Write a three to four (3-4) page paper in which you:
1. Develop an Internal IT Audit Policy, which includes at a minimum:
a. Overview
b. Scope
c. Goals and objectives
d. Compliance with applicable laws and regulations
e. Management oversight and responsibility
f. Areas covered in the IT audits
g. Frequency of the audits
h. Use at least two (2) quality resources in this assignment.
Note
: Wikipedia and similar Websites do not qualify as quality resources.
Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
2. Explain the management plan for conducting IT audits, including:
a. Risk management
b. System Software and Applications
c. Wireless Networking
...
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
CMGT 442 Imagine Your Future/newtonhelp.com bellflower65
For more course tutorials visit
www.newtonhelp.com
CMGT 442 Assignment Week 1 Three Dimensions of Risk Management (New Syllabus)
CMGT 442 Assignment Week 2 Risk Management and Mitigation Planning (New Syllabus)
For more course tutorials visit
www.newtonhelp.com
CMGT 442 Assignment Week 1 Three Dimensions of Risk Management (New Syllabus)
CMGT 442 Assignment Week 2 Risk Management and Mitigation Planning (New Syllabus)
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Assignment 1: ERM Roadmap
Due Week 3 and worth 125 points
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
For more classes visit
www.snaptutorial.cm
Scenario: As an IT administrator for your organization, your supervisor has given you an assignment to review and evaluate ways for improving the network for International Plastics. Your task, as detailed below, includes reviewing the existing network services and configuration documents to seek ways to improve the network and to add greater seamless efficiency to the network serving the enterprise.
Create a 2-page Excel® spreadsheet that identifies areas
For more course tutorials visit
www.newtonhelp.com
Scenario: As an IT administrator for your organization, your supervisor has given you an assignment to review and evaluate ways for improving the network for International Plastics.
Similar to CMGT 430 V3 Start With a Dream /newtonhelp.com (20)
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
1. CMGT 430 All Assignments (New Syllabus)
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Assignment Week 1 IT Systems Connection Table
CMGT 430 Assignment Week 2 Enterprise Security Concerns
CMGT 430 Assignment Week 3 Responding to Threats
CMGT 430 Assignment Week 4 Cloud Computing
CMGT 430 Assignment Week 5 Enterprise Security Plan Strategic
Objectives
===============================================
CMGT 430 Assignment Week 2 Enterprise Security Concerns
For more course tutorials visit
www.newtonhelp.com
After reviewing the material your group has prepared so far, the
management team has returned with a list of five specific concerns.
They include:
Access control
2. Security enterprise
Impact of implementing a change management system
Mitigation
Risk management
Management has asked you to address concerns with a visual
presentation. Address concerns by providing the following
information:
An overview of the access control
Required mitigation steps for each concern
Prioritize concerns
Concerns with vendor relations from the enterprise security
standpoint
Description of how the organization can apply risk management
principles in its efforts
Description of iterative maintenance effort, including audits and
frequency
3. Include at least two references formatted according to APA
guidelines.
Present the information in one of the following ways:
A detailed chart along with a brief 1- to 2-page executive summary
explaining the decisions made
A 12- to 14-slide multimedia-rich presentation with speaker notes
Submit your assignment.
=========================================================
========
CMGT 430 Assignment Week 3 Responding to Threats
For more course tutorials visit
www.newtonhelp.com
A few Assignment Weeks ago, a nearby hospital, which is very
similar in operations and scale to Auburn Regional, was the target of a
ransomware attack. You have kept a close eye on this event. You
decide to complete a review of current material available regarding
ransomware attacks and especially ransomware and hospital
enterprise systems.
Develop a 1- to 2-page chart. Your chart should have four columns
for Authorization, Authentication, Roles, and Mitigation, as well as
three columns for Small, Medium, and Large businesses. The chart
4. should compare four attributes that are critical in enterprise systems
today. Populate and extrapolate what steps can be taken to mitigate
threats for small, medium, and large hospital enterprise systems.
Based on your chart, provide a final recommendation on how the
hospital can respond to the threat. Summarize your chart findings,
provide your recommendation, and answer the following questions in
a brief, 2- to 3-page executive summary to the Auburn Regional
management team:
How could changes to authorization, authentication, and roles help
mitigate and deal with these systems threats?
How do you verify people and security levels?
How will your recommendations alleviate the threat?
Include the chart in your executive summary.
Submit your assignment.
===============================================
CMGT 430 Assignment Week 4 Cloud Computing
For more course tutorials visit
www.newtonhelp.com
Your work so far has been well-received and the management team is
very interested in quickly bringing the rest of the organization into the
process. The management team has expressed interest in
incorporating cloud technology as part of the Auburn Regional's IT
architecture. To integrate both of these requests, you decide to create
an infographic that could, on a single diagram, give the reader an idea
of what cloud technology is and how it could be used by Auburn
5. Regional as these enterprise systems updates are in action. As you
might imagine, there is a wealth of information on the internet
involving the use of cloud computing.
Consider the following information and outline your answers:
What are the pros and cons of cloud computing?
Where could cloud computing fit in the organizational structure and
operations?
How do companies that enter cloud technology agreements pass on
those issues to their customers?
How do these companies really know where their data and the data of
their customers is really stored?
What precautions are being taken?
Using your outline, create an original infographic for a presentation to
the Auburn Regional management team that shows:
The basics of cloud computing
Overview of pros and cons of cloud computing
Where cloud computing could possibly fit into the organizational
structure and operations
At least two concerns that need to be addressed
Include your outline on a separate document to support your
infographic.
Submit your assignment.
===============================================
CMGT 430 Assignment Week 5 Enterprise Security Plan
Strategic Objectives
For more course tutorials visit
www.newtonhelp.com
6. An enterprise security plan is a document that explains the security
exposure that an entity would encounter in a specific marketplace. A
committee of people typically writes this document over a span of a
few months. Many times the drafts begin with developing a high-level
overview of strategic objectives that address how to secure the
enterprise inside and outside the enterprise.
The CEO asks you to explain the core principles of enterprise
security and respond to five strategic objectives as part of the overall
enterprise system security plan draft. They are:
Data loss prevention
Access controls
Data management
Risk management
Cloud technology
For each of the five strategic objectives, write a response that
addresses the following:
7. Key initiative: Why is this topic important to Auburn Regional?
Objectives: What is the desired outcome to this effort?
Description: What is the specific strategic objective? Provide a high-
level explanation.
Benefits: What will be the benefits of this effort?
Outcome: What will be done to meet this objective?
Include any charts, graphics, or infographics created in previous
Assignment Weeks that support your findings.
Compile your response with the following:
An updated executive summary
A final recommendation
At least three new references throughout your plan overview, cited
according to APA guidelines.
8. Incorporate feedback and use previous assignments as a resource. As
a guideline, an overview of this nature is typically 3 to 4 pages long.
Submit your assignment.
===============================================
CMGT 430 Discussion Due Diligence
For more course tutorials visit
www.newtonhelp.com
Respond to the following in a minimum of 175 words:
Just a few years ago, all IT processing took place in-house. Payroll
processing, human resources and benefits management, real estate
management, and investor relations were done by employees within
the parent organization. Even in the home environment, families kept
information activities in-house, including annual tax returns and
banking (through the writing of paper checks) and disagreements or
issues with vendors was taken care of personally. Now we have
online resources that push some of that overhead to external vendors.
Examples include organizations that will process payroll and benefits
administration, and stock brokerages that address investor traffic.
Working with vendors brings up a few concerns.
Discuss the following:
• Why is due diligence necessary when dealing with external
vendors?
• What is one suggestion you have regarding securing data as it is
in-transit to and from these vendors?
• What are two security protocols that should be part of the
vendor's data operations? For example, if the data includes
9. PII/SPII information, is adherence to external regulations and
guidelines the responsibility of the vendor or your
organization?
===============================================
CMGT 430 Discussion Mainframe And Client/Server
Environments
For more course tutorials visit
www.newtonhelp.com
Respond to the following in a minimum of 175 words:
Consider the following scenario:
Your manufacturing company has operated with a mainframe IBM
computer for more than 20 years. Recent technological advances have
brought opportunities to replace that mainframe-based computing
environment with a client/server environment. You have been tasked
with responding to the senior management group about the security
issues involved with replacing the existing mainframe computer
environment with a client/server platform. The salespeople you deal
with from each vendor believe that the current mainframe
environment costs about $500K a year to maintain from a security
standpoint, while a client/server environment would cost about $325K
a year. But cost is not the only consideration. No PII or SPII data is
contained in this manufacturing platform. It is strictly a final product
for sale application.
Outline and review a typical mainframe enterprise security footprint.
Do the same for a possible client/server environment. This could
include the use of the cloud for distributed computing, but that would
also include unique security concerns.
10. Discuss the following:
• Based on your outline, which of these environments is more
secure and why?
• Does your outline show commonalities that could permit both
the mainframe and the client/server environment to coexist from
an enterprise security perspective? If so, what are they?
===============================================
CMGT 430 Discussion Security Checkpoint
For more course tutorials visit
www.newtonhelp.com
Respond to the following in a minimum of 175 words:
At many security checkpoints where biometrics are used, only one
protocol is employed, such as a fingerprint reader, a hand-scanner, or
facial recognition. Other checkpoints use several biometric
checkpoint protocols in tandem to add a layer of security.
Complete an internet search for vendors of biometric products. Find
one vendor with a product designed to examine several characteristics
[i.e., facial recognition, hand scanner (incorporates hand pattern,
fingerprint reader), retina scan, and signature recognition].
Discuss the vendor you selected along with answers to the following
questions:
• Which characteristics would be more acceptable to users?
• Which would be preferred by security administrators?
===============================================
11. CMGT 430 Entire Course
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Week 1 Individual IT Systems Connection Table
CMGT 430 Week 2 Learning Team Vulnerabilities and Threat Pairs
CMGT 430 Week 2 Individual Applying Risk Management
Consulting
CMGT 430 Week 3 Learning Team Ranking the Pairs
CMGT 430 Week 3 Individual Using Roles
CMGT 430 Week 4 Team Draft of the Enterprise Security Plan and
Presentation
CMGT 430 Week 4 Individual Controlling Access
CMGT 430 Week 5 Team Enterprise Security Plan Paper
CMGT 430 Week 5 Individual An IT Security Department Profile
CMGT 430 Week 1 DQ 1
CMGT 430 Week 1 DQ 2
CMGT 430 Week 2 DQ 1
12. CMGT 430 Week 2 DQ 2
CMGT 430 Week 3 DQ 1
CMGT 430 Week 3 DQ 2
CMGT 430 Week 4 DQ 1
CMGT 430 Week 4 DQ 2
CMGT 430 Week 5 DQ 1
CMGT 430 Week 5 DQ 2
===============================================
CMGT 430 Ver 3 Week 1 DQ 1
For more course tutorials visit
www.newtonhelp.com
Delineate the difference between system architecture, software
architecture, and information architecture. Provide some examples
to illustrate what each represents.
==============================================
CMGT 430 Ver 3 Week 1 DQ 2
13. For more course tutorials visit
www.newtonhelp.com
Based on the Shaw (2009) article, why would you consider deploying
an intrusion prevention system (IPS) over an intrusion detection
system (IDS) to improve enterprise security? What are the major
factors to consider when employing this technology?
===============================================
CMGT 430 Ver 3 Week 2 DQ 1
For more course tutorials visit
www.newtonhelp.com
Why should an organization consider implementing role-based access
control (RBAC) over discretionary access controls (DAC) or
mandatory access controls (MAC)? Provide an example to put in
context the differences between the three approaches?
===============================================
CMGT 430 Ver 3 Week 2 DQ 2
For more course tutorials visit
14. www.newtonhelp.com
Based on the Barr article (2009), how can radio-frequency
identification (RFID) technology be applied to providing
enterprise security? What are the major factors to consider
when employing this technology?
===============================================
CMGT 430 Ver 3 Week 3 DQ 1
For more course tutorials visit
www.newtonhelp.com
In role-based systems, you want to establish mutually exclusive roles
to prevent assignment of conflicting permissions to a single role.
Provide examples of two similar job functions that have differing
access roles. What would be all of the types of systems for which you
would grant each role access?
===============================================
CMGT 430 Ver 3 Week 3 DQ 2
For more course tutorials visit
15. www.newtonhelp.com
Based on the Barr article (2010), what software must be considered
to provide adequate security management across the enterprise?
===============================================
CMGT 430 Ver 3 Week 4 DQ 1
For more course tutorials visit
www.newtonhelp.com
What is a virtual enterprise, and how is that different from a physical
one?
===============================================
CMGT 430 Ver 3 Week 4 DQ 2
For more course tutorials visit
www.newtonhelp.com
Based on the Drumheller article (2008), should biometrics be used
instead of passwords and pins to authenticate enterprise users, or
should they be used in conjunction with passwords and pins? What
factors should be considered?
16. ===============================================
CMGT 430 Ver 3 Week 5 DQ 1
For more course tutorials visit
www.newtonhelp.com
Based on the Ulasien article (2008), why is an IT security audit critical
in developing an enterprise security strategy? Should threats to the
enterprise be reviewed and assessed on regular basis?
===============================================
CMGT 430 Ver 3 Week 5 DQ 2
For more course tutorials visit
www.newtonhelp.com
Based on the Drumheller article (2007), why should the critical
business processes be identified, and their impact on the business be
evaluated along with the threats for developing the enterprise
security strategy? Should impact on business processes of the
enterprise be reviewed and assessed on a regular basis?
===============================================
CMGT 430 Week 1 Individual IT Systems Connection Table
17. For more course tutorials visit
www.newtonhelp.com
Refer to the course scenario.
IT systems do not operate alone in the modern enterprise, so securing
them will involve securing their interfaces with other systems, as well
as the system itself. It is important to know the different
interconnections each system may have.
During your review of the hospital's current documents and files, you
run across an IT systems connection table that was never completed
by your predecessors. This document has a table that shows the
relationship between multiple IT systems.
===========================================================
======
CMGT 430 Week 2 Individual Applying Risk Management
Consulting
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Week 2 Individual Applying Risk Management
Consulting
18. Note: This is the first of three assignments that will be completed for
this three-assignment project, ending with a final paper in Week
Four.
You have been hired as a consultant and asked to provide a
presentation on the company's risk management to the CIO.
Create a 5- to 7-slide narrated presentation on the following
information:
· Describe how the organization can apply risk management
principles in its efforts to secure their systems.
· Outline how protection efforts will vary over time.
· Include three different example sets, each with a vulnerability,
related risk, and way to mitigate (control) that item.
Use any slide presentation software of your choosing.
Submit your presentation to the Assignment Files tab above
===============================================
CMGT 430 Week 2 Learning Team Vulnerabilities and
Threat Pairs
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Week 2 Learning Team: Vulnerabilities and Threat
Pairs
Select an organization that you are familiar with or an organization
from a published case study.
Find case studies through the following sources or through a faculty-
approved source. Suggestions are as follows:
19. § Search within University Library for these periodicals
§ Information Week
§ CSO
§ SC Magazine
The CEO of your selected organization has requested an enterprise
security plan from your team. The first step to developing an
enterprise security plan is to identify the specific vulnerabilities and
related risks facing an organization. This list should be fairly
exhaustive. Many vulnerability and threat pairs will not make the final
cut for remediation, but an organization can only properly prioritize
these if it has fully covered all of the risks.
Create a list of 30 information security vulnerabilities with related
threats relevant to the organization. Keep in mind:
§ Most vulnerabilities will have more than one related threat.
§ Cover both physical and logical vulnerabilities.
Place your list in the first two columns of a table in a
Microsoft® Word or Excel® document. The table will resemble the
following:
===============================================
CMGT 430 Week 3 Individual Using Roles
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Week 3 Individual: Using Roles
Note: This is the second of three parts to this project. Refer back to
your organization used in the Week Two Applying Risk Management
Consulting assignment.
A better way to control user access to data is to tie data access to the
role a user plays in an organization. Some organizations are still
20. learning this. Your presentation this week persuades the CIO of your
target organization of the importance of controlling user access.
Create a 5- to 7-narrated slide presentation discussing the following:
§ The value of separating duties in the organization
§ The value of using roles to segregate the data and system access
needs of individuals in the organization
§ Why a role-based access control (RBAC) system would be the best
way to accomplish this, including both the advantages and
disadvantages of such a system
Use any slide presentation software of your choosing.
Submit your presentation to the Assignment Files tab above.
===============================================
CMGT 430 Week 3 Learning Team Ranking the Pairs
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Week 3 Learning Team: Ranking the Pairs
The CEO of your selected organization has requested an enterprise
security plan from your team. This week you will prioritize the threats
and vulnerabilities previously identified, and determine which need
attention and which may be left for another time. This is done by
determining the probability of the risk and the potential impact it may
have on the organization. Your objective is to address the risks with
the highest probability of happening, with the highest impact on the
organization.
Extend your table from Week Two to include columns for Probability
of Risk and Impact of Risk on the organization. Include mitigation
steps of the top 20 pairs.
21. Part 1
Fill out the final three columns in the table from the previous week.
Rate the probability and impact of each vulnerability-threat pair as
High, Medium, or Low. (These are independent of each other.)
Rank the pairs in the order they should be addressed by the
organization. (High/High rows will be at the top and Low/Low rows
at the bottom.) The team will have to decide where to rank rows
which are not at these extremes.
Suggest specific mitigation steps to take for the top 20 rows. You will
go into more detail for the final project due in Week Five.
Leave the Suggested Mitigation Steps column empty for rows below
the top 20.
Part 2
Prepare a brief explanation on the final rankings.
§ Describe how the team finally ranked the pairs and the reasoning
behind the suggested mitigation steps.
§ Focus on the top 20 rows, but cover why the others were ranked
lower and will not be addressed at this time.
§ Keep this explanation brief and clear but informative.
Submit your updated table and explanation to the Assignment Files
tab above.
===============================================
CMGT 430 Week 4 Individual Controlling Access
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Week 4 Individual Controlling Access
22. This is the third assignment of the series. Continue the Applying Risk
Management Consulting assignment for your chosen organization.
Refer to your Week Three individual assignment.
Write a 4- to 5-page business proposal in which you cover what
concerns and potential actions the organization should take for each
of the following areas:
§ How to manage and control the use of cloud resources and other
service providers that may be used for processing and data storage
outside the organization’s physical locations
§ Specific recommendations to control mobile access to
organizational system users (employees and customers)
§ Identify specific issues to be addressed with business partners and
inter-connection of systems.
Note: Brief the organization on the major issues involved but keep
each section succinct.
Format your business proposal consistent with APA guidelines.
Submit your assignment to the Assignment Files tab above.
===============================================
CMGT 430 Week 4 Team Draft of the Enterprise Security
Plan and Presentation
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Week 4 Learning Team: Draft of the Enterprise Security
Plan and Presentation
The CEO of your selected organization has requested an enterprise
security plan from your team. An enterprise security plan is more than
just a list of vulnerabilities and risks. It must present them in a
23. meaningful way along with suggestions for specific steps to mitigate
each of the most important vulnerabilities or risk pairs it finds.
The organization would like you to present an enterprise security plan
to their Board of Directors. This week your team will draft two
deliverables, an enterprise security plan and a presentation.
Part 1
Compile a full draft of the final enterprise security plan document.
This will not be complete, but will have at least a short paragraph
about each major section of the paper, including the suggested
controls.
Use the introduction and conclusion as an executive summary of the
entire paper’s content.
Research at least eight sources that validate the choices made in the
paper. This must go beyond basic definitions. The sources can be
changed in the final week, if needed.
Format your paper consistent with APA guidelines.
Part 2
Draft an 8- to 10-slide presentation on the findings in the Enterprise
Security Plan to present to senior management. Keep the slides
concise.
Include detailed speaker notes for the presentation.
Use any slide presentation software of your choice.
Submit a draft of both the enterprise security plan and slide
presentation to the Assignment File tabs above.
===============================================
CMGT 430 Week 5 Individual An IT Security Department
Profile
For more course tutorials visit
www.newtonhelp.com
24. CMGT 430 Week 5 Individual An IT Security Department Profile
The CEO asks you to create a presentation for the company about the
IT Security Department. She wants you to highlight the core
principles of enterprise security, and visually present the positions in
the IT Security Department that are responsible for which principles.
Create a 4- to 5-slide narrated presentation in response to the request
from the CEO. Include an organizational chart to help the audience
visualize how the security team functions. Include detailed speaker
notes or transcription of narration.
Submit presentation using the Assignment Files tab above.
===============================================
CMGT 430 Week 5 Team Enterprise Security Plan Paper
For more course tutorials visit
www.newtonhelp.com
CMGT 430 Week 5 Team Enterprise Security Plan Paper
The CEO of your selected organization has requested an enterprise
security plan from your team. Presenting an enterprise security plan to
senior management is an important task that faces every IT security
leader. It is your job to provide an appropriate overview and
encourage the team to invest in your plan.
Finalize the enterprise security plan and presentation using feedback
from your instructor.
Submit the enterprise security plan and presentation to the
Assignment Files tab above.