IT 380: Milestone One Guidelines and Rubric
Overview: For this milestone, you will prepare an initial security planning report. This document will becom... [Show More] e the foundation for the final risk assessment and mitigation strategy (due in Module Seven). For scenario details, refer to the Final Project Guidelines and Rubric document.
The report should include the following elements:
Network Diagram. Create a diagram of the topology of the network layout for the airport scenario.
Stakeholder Information. Identify the roles or groups you would consider stakeholders. Identify key responsibilities and relationships.
Relevant Laws and Regulations. Summarize legal issues that need to be considered. Identify relevant laws and regulations that pertain to this scenario.
Preliminary Risk Assessment. Outline identified IT security risks. Be sure to address the following areas:
o Viruses and Malicious Software
o Web Strategies and Protocols (browsers, cryptographic posture, and server and protocol securities)
o External Threats (firewalls, intrusion detection, and intrusion prevention systems)
Operational and Technical Controls. Outline proposed controls to mitigate the risks identified in the preliminary risk assessment. You will elaborate on these controls in the final report.
References. Create a reference page in APA format of resources you tentatively plan to use. Include 7 to 10 resources, including professional journals. Recommendations for resources include NIST documents and course text.
Format: The initial security planning milestone should follow these formatting guidelines: four to six pages, double spacing, 12-point Times New Roman font, one-inch margins, and a minimum of six resources. Citations and references must follow APA guidelines.
Instructor feedback: Students can find their feedback in the Grade Center.
Meets the criteria for “proficient,” and the diagram is professional in appearance
Provides an accurate diagram of the topology of the network
Provides an incomplete or partially inaccurate diagram of the topology of the network
Does not include a diagram of the network
Meets the criteria for “proficient” and includes meaningful examples of key responsibilities and relationships
Provides a list of stakeholders and identifies their main responsibilities and relationships
Provides an incomplete or partially inaccurate list of stakeholders and their responsibilities
Does not provide a list of stakeholders and their responsibilities
Relevant Laws and Regulations
Meets the criteria for “proficient” and includes an insightful discussion of less obvious issues
Effectively summarizes key legal issues and relevant laws and regulations
Provides an incomplete or cursory explanation of legal issues and laws and relevant laws and regulations
Does not summarize legal issues or relevant laws or regulations
Preliminary Risk Assessment
Meets the criteria for “proficient” and considers a broad range of risks to the airport, internal organizations, and guest users
Identifies major IT security risks that accurately reflect the provided scenario
Identifies a partial list of security risks that do not fully reflect the provided scenario
Does not include a preliminary risk assessment
Operational and Technical Controls
Meets the criteria for “proficient” and addresses broad range of mitigation strategies designed to protect the airport, internal organizations, and guest users
Identifies operational and technical controls that mitigate identified IT security risks
Identifies a limited range of operational and technical controls that partially mitigate identified IT security risks
Does not identify operational and technical controls that mitigate identified risks
Provides varied and appropriate citations and references that meet all project requirements, including APA formatting
Provides appropriate citations and references that generally meet project requirements, including APA formatting
Provides citations and references that do not adequately meet project requirements
Does not include relevant citations and references
100% [Show Less]