Recommended
Recommended
More Related Content
Similar to IT 549 Milestone Three Guidelines and Rubric In order .docx
Similar to IT 549 Milestone Three Guidelines and Rubric In order .docx (20)
More from vrickens
More from vrickens (20)
Recently uploaded
Recently uploaded (20)
IT 549 Milestone Three Guidelines and Rubric In order .docx
- 1. IT 549 Milestone Three Guidelines and Rubric In order to effectively respond to applicable threats, information technology administrators must be able to accurately evaluate the threat environment. The ability to engage in this evaluation originates from the performance of a risk assessment. Performing a risk assessment can take on many forms. One recent method of engaging in risk assessment has come in the form of utilizing firewalls and firewall audit tools. Through these mea sures, IT administrators can map the network and critically analyze where any potential vulnerabilities may lie. The outcomes of these measures results in increased awareness of the most likely types of threats that may materialize, and enables administrators to configure the network in order to mitigate and address these weaknesses and vulnerabilities. Prompt: In Module F ive, you will submit the risk assessment portion of the information assurance plan. You will provide the organization with an assessment of the threat environment and the risks within, as well as methods designed to mitigate these risks. Based on your analysis and evaluation, what are the best approaches for implementing information assurance principles? Where do you see the most important areas for improvement to current protocols and policies? Specifically, the following critical elements must be addressed:
- 2. III. Risk Assessment a) Analyze the environment in which the organization operates, including the current protocols and policies in place relat ed to information assurance. b) Evaluate the threat environment of the organization. c) Based on your analysis and evaluation, what are the best approaches for implementing information assurance principles? Where do you see the most important areas for improvement to current protocols and policies? d) Assess the threats to and vulnerabilities of the organization by creating a risk matrix to outline the threats and vulnerabilities found and determine possible methods to mitigate the identified dangers. Rubric Guidelines for Submission: Your paper must be submitted as a three- to four-page Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format. Critical Elements Proficient (100%) Needs Improvement (75%) Not Evident (0%) Value
- 3. Analysis of Environment Anal yzes the envi ronment i n whi ch the organi zati on operates , i ncl udi ng the current protocol s and pol i ci es i n pl ace rel ated to i nformati on as s urance Anal yzes the envi ronment i n whi ch the organi zati on operates but does not i ncl ude the current protocol s and pol i cies i n pl ace rel ated to i nformati on as surance Does not anal yze the envi ronment i n whi ch the organi zati on operates 20 Threat Environment Eval uates the threat envi ronment of the organi zati on Eval uates the threat envi ronment of the organi zati on but mi s s es cruci al threats or vul nerabi liti es , or the eval uati on i s i naccurate Does not eval uate the threat
- 4. envi ronment of the organi zati on 20 Best Approaches Di s cus s es bes t approaches for i mpl ementi ng i nformati on as s urance pri nciples , i ncluding areas of i mprovement to current protocol s and pol i cies Di s cus s es bes t approaches for i mpl ementi ng i nformati on as s urance pri nciples , but does not ful l y devel op i deas rel ated to areas of i mprovement to current protocol s and pol i cies Does not di s cus s bes t approaches for i mpl ementi ng i nformati on as s urance pri nciples 20 Risk Matrix Creates a ri s k matri x to comprehens i vel y and accuratel y as s es s the threats to and vul nerabi l ities of the organi zati on, i ncluding pos s ible methods to mi ti gate the i denti fi ed dangers
- 5. Creates a ri s k matri x to as s es s the threats to and vul nerabi l iti es of the organi zati on but does not i ncl ude pos s i ble methods to mi ti gate the i denti fi ed dangers , or as s es sment i s i ncompl ete or i naccurate Does not create a ri s k matri x to as s es s the threats to and vul nerabi l ities of the organi zation 20 Articulation of Response Submi s s i on has no major errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on Submi s s i on has major errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on that negati vel y i mpact readabi l ity and arti cul ation of mai n i deas Submi s s i on has criti cal errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on
- 6. that prevent unders tandi ng of i deas 20 Earned Total 100% IT 549 Scenario Assignment Module Six Guidelines and Rubric For the Module Six assignment, students will be placed into the role of an IT consultant whose task is to evaluate an existin g organization’s security protocols. Once the protocols have been anal yzed, students will synthesize this knowledge to provide insight into the likelihood of certain threats occurring. The skills acquired from this exercise will prove to be beneficial during the final stages of designing the information assurance plan. Prompt: In your role as a highly paid consultant, you are given a list of potential threats to and vulnerabilities of the current communication security protocols of an organization. You are asked to provide quantitative data to measure the likelihood that any of these threats will actually occur for the information assets of the client. Conduct research and describe resources you found that might provide insight into measuring the likelihood that some of the threats would actually occur. In the explanation, include whether you see a trend in resources that might indicate a specific industry is particularly involved
- 7. in gathering this kind of data. Additionally, evaluate which communication security protocols are more effective and provide an explanation. Guidelines for Submission: Your responses for the prompt must be submitted as two to three paragraphs and as a Microsoft Word document with double spacing, 12-point Times New Roman font, one -inch margins, and at least three sources cited in APA format. Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value Quantitative Data Meets “Profi ci ent” cri teri a and the quanti tati ve data i s s ubs tanti ated wi th res earch bas ed evi dence Res pons e provi des quanti tati ve data to meas ure the l i kel i hood that any of thes e threats wi l l actual l y occur Res pons e attempts to provi de quanti tati ve data ; however, the data requi res more s ubs tanti al evi dence to prove the l i kel i ness of the threats occurri ng or not Res pons e does not provi de any quanti tati ve data
- 8. 20 Insight Meets “Profi ci ent” cri teri a and expl anati on us es content bas ed vocabul ary and res earch based evi dence to s upport the ans wer Res pons e expl ai ns and provi des i ns i ght i nto meas uri ng the l i kel i hood that s ome of the threats woul d actual l y occur Res pons e provi des i ns ight i nto meas uri ng the l i kel i hood that s ome of the threats woul d actual l y occur but does not expl ai n the l i kel i hood of the threats Res pons e does not provi de i ns i ght i nto meas uri ng the l i kel i hood that s ome of the threats woul d actual l y occur 20 Trend in Resources Meets “Profi ci ent” cri teri a and the trend that i s i denti fi ed i s s ubs tanti ated wi th res earch bas ed evi dence
- 9. Res pons e s peci fi es a trend i n res ources that mi ght i ndi cate a s peci fi c i ndus try i s parti cularly i nvol ved i n gatheri ng thi s ki nd of data Res pons e s peci fi es a trend i n res ources that mi ght i ndi cate a s peci fi c i ndus try i s parti cularly i nvol ved i n gatheri ng the data but does not us e content bas ed vocabul ary to s upport the concl us i on Res pons e does not s peci fy a trend i n res ources 20 http://snhu- media.snhu.edu/files/course_repository/graduate/it/it549/it_549 _list_of_possible_threats.docx Evaluation Meets “Profi ci ent” cri teri a and the eval uati on us es content bas ed vocabul ary and res earch bas ed evi dence to s upport the
- 10. ans wer Res pons e eval uates whi ch communi cati on s ecuri ty protocol s are more effecti ve and provi des an expl anati on Res pons e eval uates whi ch communi cati on s ecuri ty protocol s are more effecti ve but does not expl ai n the eval uati on Res pons e does not eval uate the mos t effecti ve communi cati on s ecuri ty protocol s 20 Articulation of Response Submi s s i on i s free of errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, and organi zati on and i s pres ented in a profes s i onal and eas y-to-read format
- 11. Submi s s i on has no major errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on Submi s s i on has major errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on that negati vel y i mpact readabi l ity and arti culati on of mai n i deas Submi s s i on has criti cal errors rel ated to ci tati ons , grammar, s pel l i ng, s yntax, or organi zati on that prevent unders tandi ng of i deas 20 Earned Total 100%