Purpose This course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies. Learning Objectives and Outcomes Successful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following: Evaluate compliance laws relevant to the U.S. Department of Defense. Assess policy frameworks appropriate for an organization in a given scenario. Evaluate security controls and standards for the seven domains of a typical IT infrastructure. Develop DoD-compliant policies for an organization’s IT infrastructure. Required Source Information and Tools Web References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on January 4, 2022.   The following tools and resources will be needed to complete this project: Course textbook Internet access DoD instructions or directives https://www.esd.whs.mil/dd/ Risk Management Framework (RMF) for DoD Information Technology (IT) https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/851001p.pdf?ver=2019-02-26-101520-300 U.S. Department of Defense (DoD) Chief Information Office Library https://dodcio.defense.gov/Library/ Department of Defense Information Security Program https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodm/520001m_vol1.pdf?ver=2020-08-04-092500-203 Department of Defense Internet Services and Internet-Based Capabilities https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/817001p.pdf You may consult other relevant sources, if needed. If so, include citations for those sources in the final deliverable for this report. Scenario You are a security professional for Tech R Us, an IT services provider with approximately 400 employees. Tech R Us partners with industry leaders to provide storage, networking, virtualization, and cybersecurity to clients. Tech R Us recently won a large DoD contract, which will add 30 percent to the revenue of the organization. It is a high-priority, high-visibility project. Tech R Us will be allowed to make its own budget, project timeline, and tollgate decisions. As a security professional for Tech R Us, you are responsible for developing security policies for this project. These policies are required to meet DoD standards for delivery of IT technology services to the U.S. Air Force Cyber Security Center (AFCSC), a DoD agency. To do this, you must develop DoD-approved policies, standards, and control descriptions for your IT infrastructure (see the “Tasks” section in this document). The policies you create must pass DoD-based requirements. Currently, your organization does not have any DoD contracts and thus has no DoD-compliant security policies, standards, or controls in place. Tech R Us' computing environment includes the following: 12 servers running the latest edition of Microsoft Server, providing the following: Active Directory (AD) Domain Name System (DNS) Dynamic Host Configuration Protocol (DHCP) Enterprise resource planning (ERP) application (Oracle) A research and development (R&D) engineering network segment for testing, separate from the production environment Microsoft Exchange Server for email Email filter Cloud-based secure web gateway (web security, data loss protection, next-generation firewall, cloud application security, advanced threat protection) Two Linux servers running Apache Server to host your website 400 PCs/laptops running Microsoft Windows 10, Microsoft 365 office applications, and other productivity tools Question  1) develop a list of DoD-compliant policies, standards, and controls that affect the WAN, Remote Access, and System/Application Domains , and 2) provide a justification or discussion as to why your team selected these policies, standards, and controls 3) Submission includes: Format: Microsoft Word Font: Times New Roman, size 12, double-space Citation style: APA format using a hanging indentation of ½” Length of draft research documents: 2–3 pages Two references (not your textbook or case study) cited in APA.  All team member names should appear on the title page for this assignment.

Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
icon
Related questions
Question

Purpose
This course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.
Learning Objectives and Outcomes
Successful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:
Evaluate compliance laws relevant to the U.S. Department of Defense.
Assess policy frameworks appropriate for an organization in a given scenario.
Evaluate security controls and standards for the seven domains of a typical IT infrastructure.
Develop DoD-compliant policies for an organization’s IT infrastructure.
Required Source Information and Tools
Web References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on January 4, 2022.
 
The following tools and resources will be needed to complete this project:
Course textbook
Internet access
DoD instructions or directives
https://www.esd.whs.mil/dd/
Risk Management Framework (RMF) for DoD Information Technology (IT) https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/851001p.pdf?ver=2019-02-26-101520-300
U.S. Department of Defense (DoD) Chief Information Office Library
https://dodcio.defense.gov/Library/
Department of Defense Information Security Program
https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodm/520001m_vol1.pdf?ver=2020-08-04-092500-203
Department of Defense Internet Services and Internet-Based Capabilities
https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/817001p.pdf
You may consult other relevant sources, if needed. If so, include citations for those sources in the final deliverable for this report.
Scenario
You are a security professional for Tech R Us, an IT services provider with approximately 400 employees. Tech R Us partners with industry leaders to provide storage, networking, virtualization, and cybersecurity to clients.
Tech R Us recently won a large DoD contract, which will add 30 percent to the revenue of the organization. It is a high-priority, high-visibility project. Tech R Us will be allowed to make its own budget, project timeline, and tollgate decisions.
As a security professional for Tech R Us, you are responsible for developing security policies for this project. These policies are required to meet DoD standards for delivery of IT technology services to the U.S. Air Force Cyber Security Center (AFCSC), a DoD agency.
To do this, you must develop DoD-approved policies, standards, and control descriptions for your IT infrastructure (see the “Tasks” section in this document). The policies you create must pass DoD-based requirements. Currently, your organization does not have any DoD contracts and thus has no DoD-compliant security policies, standards, or controls in place.
Tech R Us' computing environment includes the following:
12 servers running the latest edition of Microsoft Server, providing the following:
Active Directory (AD)
Domain Name System (DNS)
Dynamic Host Configuration Protocol (DHCP)
Enterprise resource planning (ERP) application (Oracle)
A research and development (R&D) engineering network segment for testing, separate from the production environment
Microsoft Exchange Server for email
Email filter
Cloud-based secure web gateway (web security, data loss protection, next-generation firewall, cloud application security, advanced threat protection)
Two Linux servers running Apache Server to host your website
400 PCs/laptops running Microsoft Windows 10, Microsoft 365 office applications, and other productivity tools

Question 

1) develop a list of DoD-compliant policies, standards, and controls that affect the WAN, Remote Access, and System/Application Domains , and
2) provide a justification or discussion as to why your team selected these policies, standards, and controls
3) Submission includes:
Format: Microsoft Word
Font: Times New Roman, size 12, double-space
Citation style: APA format using a hanging indentation of ½”
Length of draft research documents: 2–3 pages
Two references (not your textbook or case study) cited in APA. 
All team member names should appear on the title page for this assignment.

Expert Solution
Introduction

A company's data and information are only as safe as its security team, thus they play a vital role. The security professional's duties include identifying and fixing security holes and giving suggestions for further strengthening the company's defenses. Tech R Us is an IT services provider with around 400 employees who work with market leaders to just provide storage, networking, configuration management, and cybersecurity to clients. The researcher will assume the role of a security specialist and identify, explain, as well as describe particular policy frameworks for the company. By analyzing compliance laws pertinent to the United States Department of Defense, evaluating policy frameworks suitable for Tech R Us, analyzing security controls and guidelines for such seven domains of a classic IT infrastructure, and constructing DoD-compliant policies for just an organization's IT infrastructure, the group activity will recognize, design, and organize IT security policies.

steps

Step by step

Solved in 2 steps

Blurred answer
Knowledge Booster
Maintenance
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Similar questions
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education