Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Option A: Security PlanningIf you choose this option, you are to develop an information security plan to enhance the security of our campus information environment.
Option A: Security PlanningIf you choose this option, you are to develop an information security plan to enhance the security of our campus information environment. The plan should cover both managerial and technical issues, including but not limited to the following:Describing the information environment of our campus. Information environment is a general term, which addresses information security questions such as what datainformation are important, who create these datainformation who use these datainformation who have access to the datainformation what systems are associated with the datainformation what procedures are required to process the datainformation the connection between the campus and the external untrusted environment eg the Internet and so on You may use the framework of information asset identification, classification and prioritization see page of our textbookNote: physical security can be included in your discussion here.Discussing the potential threats to our information environment and proposing solutions. Here, you may apply the framework of risk management, ie risk identification, risk assessment, and risk control Chapter of our textbookProposing a set of security policies, including the Enterprise Information Security Policy EISPthis should be a general policy for our campus IssueSpecific Security Policy ISSPeg how to use email and SystemsSpecific Policy SysSPeg how to use the Canvas learning management system These policies are discussed in Chapter of our textbook.Note: The assignment asks you to designpropose the three policies based on your analysis of our information environment and faced threats. Explaining the meaning or the importance of the policies will NOT get you any credit. Discussing how to implement the security policies from a technical perspective you may consider antivirus software, firewall, and intrusion detection and prevention systemsDiscussing how to implement the security policies from a managerial perspective eg forming a special committee, getting support from the campus administrationDiscussing how to implement the security policies from a behavioral perspective eg training and educationNote:In this assignment, you may assume that you were a CISO chief information security official of UMDearborn and planned for a new security program. Some disparity between your analysis and the real environment of our campus is acceptable.The grading rubrics are provided here for your reference.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started