Now that the After Action Reports have been analyzed, the consultants must develop a plan for improving the security posture at Sifers-Grayson. This will be documented in a Security Strategy Recommendations document. The security strategy will be based upon multiple layers of policies, processes, and technologies that, when implemented, will be used to defend the Information Technology enterprise from both internal and external threats and attacks.
Note: see https://www.techrepublic.com/blog/it-security/understanding-layered-security-and-defense-in-depth/ for a discussion of the differences between these two security strategies: layered security and defense-in-depth. You will need this information for the Security Strategies section of your paper.
Two defensive security strategies have been chosen by the senior members of the team.
Defense Strategy #1: Build a DMZ for the R&D Center. The DMZ will host servers accessed by the engineers while teleworking and while reaching back to the R&D center from the test range. The DMZ will require the following: (a) business class routers, (b) business class firewalls, and (c) intrusion detection and prevention system.
Demilitarized Zone (DMZ). For definitions and diagrams see https://www.us-cert.gov/ics/Control_System_Security_DMZ-Definition.html and https://fedvte.usalearning.gov/courses/Security+_v401/course/videos/pdf/Security+_v401_D02_S04_T04_STEP.pdf
Defense Strategy #2: Implement Enterprise-wide Protective and Detective Measures to defend against both internal and external attackers. These measures will include (a) controlling access to software documentation and source code, (b) implementing enterprise-wide identity management, and (c) implementing either a Security Information and Event Management (SIEM) tool or a Unified Threat Management (UTM) tool.
You have been assigned to research products which will be used to implement the two Defense Strategies. You will need to research suitable products and then write a report recommending a set of products and services which can be used to implement the selected strategies. Your report will include summary information and explanations about defense in depth and the two selected strategies.
Note: You may need to do additional reading and research to find the information required to support your explanations of defense in depth and the selected defense strategies. Make sure that you cite authoritative sources for this information.
Products to Implement Defense Strategy #1 (Build a DMZ for the R&D Center). You must choose one product for each of the following categories (router, firewall, intrusion detection and prevention).
Business Class Router with WAP and VPN capability (choose one of the following brands)
Other (must get instructor’s approval first)
Business Class Firewall (Network Based) (choose one of the following brands)
Other (must get instructor’s approval first)
Intrusion Detection and Prevention System (network based – not cloud)
Other (must get instructor’s approval first)
Products to Implement Defense Strategy #2 (Implement enterprise-wide protection, detection, and prevention capabilities). These tools or applications will be installed or used on Sifers-Grayson servers (cloud hosting NOT allowed). Select one tool in each of the categories listed below. Your product recommendations must include all of the listed categories.
Application Lifecycle Management (ALM) Tool
Identity & Access Management (IAM) Tool
Security Information and Event Management (SIEM) OR Unified Threat Management (UTM)
Forensic Image Capture Utility (e.g. FTK Imager, Belkasoft, Paladin/Sumuri, SIFT)
Note: Make sure that you are using appropriate resources to find information to support your analysis and product recommendations. Vendor websites, industry or trade publication websites, and government websites are usually acceptable sources of information about the defensive strategies and products you will write about in this assignment.
An Introduction section which presents the security strategies being recommended in your report. You should explain what how these strategies will improve the overall security posture of Sifers-Grayson.
A Security Strategies section in which you present an analysis of the defensive security strategies and then provide an explanation as to how each of the two selected defensive strategies will improve the security posture for Sifers-Grayson. Include a comparison of the two primary types of strategies – layered security and defense in depth. Then, explain how the selected security strategies use one or both of these approaches. Use information from Project #1 and the Red Team’s penetration tests to support your justification for implementing the selected security strategies.
A Product Evaluations section in which you present and discuss the technologies and products which will be used to implement each strategy. You must have a separate sub-section for each defense in depth strategy. Under each sub-section, you will name and describe the individual products (i.e. describe firewalls and then describe your chosen firewall product). Your presentation of each product should be in the form of a recommendation to purchase / implement.
A Summary Implementation Recommendations section in which you summarize your product recommendations for products and technologies to be used in implementation the two defensive security strategies. Be sure to explain the benefits of implementing the two strategies (e.g. protection, detection, prevention of incidents caused by attacks).
Submit For Grading
Submit your paper in MS Word format (.docx or .doc file) using the Project #2 assignment in your assignment folder. (Attach the file.)
You should NOT use any student written papers as sources for your research for this paper. Doing so may violate the university’s Academic Integrity policy and result in an Academic Dishonesty Allegation and referral to the Office of Academic Integrity and Accountability for investigation and adjudication.
You will need between 5-8 pages to cover all of the required content. There is no penalty for writing more than 8 pages but, clarity and conciseness are valued. If your paper is shorter than 5 pages, you may not have sufficient content to meet the assignment requirements (see the rubric).
As you write your strategy paper, make sure that you address security issues using standard cybersecurity terminology (e.g. protection, detection, prevention, “governance,” confidentiality, integrity, availability, nonrepudiation, assurance, etc.). See the ISACA glossary https://www.isaca.org/pages/glossary.aspx if you need a refresher on acceptable terms and definitions.
You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file.
You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).
Consult the grading rubric for specific content and formatting requirements for this assignment.
Why Work with Us
Top Quality and Well-Researched Papers
We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.
Professional and Experienced Academic Writers
We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.
Free Unlimited Revisions
If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.
Prompt Delivery and 100% Money-Back-Guarantee
All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.
Original & Confidential
We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.
24/7 Customer Support
Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.
No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.
Admission Essays & Business Writing Help
An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.
Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.
If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.