IT 380: Final Project Milestone 1 Correct Answers
IT 380: Milestone One Guidelines and Rubric
Overview: For this milestone, you will prepare an initial security planning report. This document will become the foundation for the final risk assessment and mitigation strategy (due in Module Seven). For scenario details, refer to the Final Project Guidelines and Rubric document.
The report should include the following elements:
- Network Diagram. Create a diagram of the topology of the network layout for the airport scenario.
- Stakeholder Information. Identify the roles or groups you would consider stakeholders. Identify key responsibilities and relationships.
- Relevant Laws and Regulations. Summarize legal issues that need to be considered. Identify relevant laws and regulations that pertain to this scenario.
- Preliminary Risk Assessment. Outline identified IT security risks. Be sure to address the following areas:
o Viruses and Malicious Software
o Web Strategies and Protocols (browsers, cryptographic posture, and server and protocol securities)
o External Threats (firewalls, intrusion detection, and intrusion prevention systems)
- Operational and Technical Controls. Outline proposed controls to mitigate the risks identified in the preliminary risk assessment. You will elaborate on these controls in the final report.
- References. Create a reference page in APA format of resources you tentatively plan to use. Include 7 to 10 resources, including professional journals. Recommendations for resources include NIST documents and course text.
Format: The initial security planning milestone should follow these formatting guidelines: four to six pages, double spacing, 12-point Times New Roman font, one-inch margins, and a minimum of six resources. Citations and references must follow APA guidelines.
Instructor feedback: Students can find their feedback in the Grade Center.
Rubric
Critical Elements
Exemplary
Proficient
Needs Improvement
Not Evident
Value
Network Diagram
Meets the criteria for “proficient,” and the diagram is professional in appearance
(20)
Provides an accurate diagram of the topology of the network
(17)
Provides an incomplete or partially inaccurate diagram of the topology of the network
(11)
Does not include a diagram of the network
(0)
20
Stakeholder Information
Meets the criteria for “proficient” and includes meaningful examples of key responsibilities and relationships
(20)
Provides a list of stakeholders and identifies their main responsibilities and relationships
(17)
Provides an incomplete or partially inaccurate list of stakeholders and their responsibilities
(11)
Does not provide a list of stakeholders and their responsibilities
(0)
20
Relevant Laws and Regulations
Meets the criteria for “proficient” and includes an insightful discussion of less obvious issues
(20)
Effectively summarizes key legal issues and relevant laws and regulations
(17)
Provides an incomplete or cursory explanation of legal issues and laws and relevant laws and regulations
(11)
Does not summarize legal issues or relevant laws or regulations
(0)
20
Preliminary Risk Assessment
Meets the criteria for “proficient” and considers a broad range of risks to the airport, internal organizations, and guest users
(20)
Identifies major IT security risks that accurately reflect the provided scenario
(17)
Identifies a partial list of security risks that do not fully reflect the provided scenario
(11)
Does not include a preliminary risk assessment
(0)
20
Operational and Technical Controls
Meets the criteria for “proficient” and addresses broad range of mitigation strategies designed to protect the airport, internal organizations, and guest users
(10)
Identifies operational and technical controls that mitigate identified IT security risks
(8.5)
Identifies a limited range of operational and technical controls that partially mitigate identified IT security risks
(5.5)
Does not identify operational and technical controls that mitigate identified risks
(0)
10
References
Provides varied and appropriate citations and references that meet all project requirements, including APA formatting
(10)
Provides appropriate citations and references that generally meet project requirements, including APA formatting
(8.5)
Provides citations and references that do not adequately meet project requirements
(5.5)
Does not include relevant citations and references
(0)
10
Earned Total
Comments:
100%