CMGT 430 Entire Course

CMGT 430 Entire Course Link 
https://uopcourses.com/category/cmgt-430/

CMGT/430
ENTERPRISE SECURITY
 
The Latest Version A+ Study Guide
 
**********************************************
CMGT 430 Entire Course Link
https://uopcourses.com/category/cmgt-430/
**********************************************
 
CMGT 430 Week 1 Individual: IT Systems Connection Table
Enterprise systems consist of multiple IT systems.  It is important to know the different interconnections each system may have.  IT systems do not operate alone in the modern enterprise, so securing them will involve securing their interfaces with other systems, as well as the system itself.
Complete the University of Phoenix Material: IT System Connection Table for four different IT systems. The table is located in the Materials section to the right.
Complete the directions within the document.  They are as follows:

  • Note two systems they connect with and their connection type.

  • Note two security vulnerabilities the system may have and two to four ways each vulnerability could be potentially exploited.


Submit your assignment to the Assignment Files tab above.
IT System Connection Table
 
When securing the modern enterprise, consider that IT systems do not operate alone. Securing them involves securing their interfaces with other systems as well. It is important to know the different interconnections each system may have.
 
Fill out the following table for four different IT systems.
 
· Note two enterprise systems they connect with and their connection type. 
· Note two security vulnerabilities the connection may have and two to four ways each vulnerability could be potentially exploited.
 
Additional Comments:
· An example row has been entered into the table in blue.  This is only an example and should not limit what you do.
· Keep in mind that enterprise systems cover a certain task in the enterprise (HR, CRM, Identity Management, etc.).  They are not the components of a system (such as servers).
· Connections can often be a direct connection/pipe, a file, a common database, or something else.
· The vulnerability is what would make the connection vulnerable to an attack.
· The related risk is an attack that could target the weakness.
 
Student Name:  ________________________
 




IT System


Target System


Connection Type


Possible Security Vulnerability


Related Risk




EXAMPLE:  HR System


Identity Management System


Feeder File


File could be modified.


User rights might not be correctly updated.




 


1.
2.


1.
2.


1.
2.


1.
2.
3.
4.




 


 


 


 


 




 


 


 


 


 




 


 


 


 


 




 
 
CMGT 430 Week 2 Learning Team: Vulnerabilities and Threat Pairs
Select an organization that you are familiar with or an organization from a published case study. 
Find case studies through the following sources or through a faculty-approved source.  Suggestions are as follows:

  • Search within University Library for these periodicals


    • Information Week

    • CSO

    • SC Magazine 



The CEO of your selected organization has requested an enterprise security plan from your team. The first step to developing an enterprise security plan is to identify the specific vulnerabilities and related risks facing an organization. This list should be fairly exhaustive. Many vulnerability and threat pairs will not make the final cut for remediation, but an organization can only properly prioritize these if it has fully covered all of the risks.
Create a list of 30 information security vulnerabilities with related threats relevant to the organization.  Keep in mind:

  • Most vulnerabilities will have more than one related threat.

  • Cover both physical and logical vulnerabilities. 


Place your list in the first two columns of a table in a Microsoft® Word or Excel® document. The table will resemble the following: 
 




Vulnerability


Threat


Probability


Impact


Suggested Mitigation Steps




 


 


 


 


 




 


 


 


 


 




 
Include at least 15 vulnerabilities in your list involving physical security and at least 15 involving logical security.
Note:  The other three columns will be used next week. Each row in the table should be a specific vulnerability with a related threat, though it is most likely that some vulnerabilities will have more than one possible threat in the table.
Submit your assignment to the Assignment Files tab above.
 
 
CMGT 430 Week 2 Individual: Applying Risk Management Consulting
Note: This is the first of three assignments that will be completed for this three-assignment project, ending with a final paper in Week Four. 
You have been hired as a consultant and asked to provide a presentation on the company's risk management to the CIO.
Create a 5- to 7-slide narrated presentation on the following information:

  • Describe how the organization can apply risk management principles in its efforts to secure their systems.

  • Outline how protection efforts will vary over time.

  • Include three different example sets, each with a vulnerability, related risk, and way to mitigate (control) that item.


Use any slide presentation software of your choosing.
Submit your presentation to the Assignment Files tab above.
 
 
CMGT 430 Week 3 Learning Team: Ranking the Pairs
The CEO of your selected organization has requested an enterprise security plan from your team. This week you will prioritize the threats and vulnerabilities previously identified, and determine which need attention and which may be left for another time.  This is done by determining the probability of the risk and the potential impact it may have on the organization.  Your objective is to address the risks with the highest probability of happening, with the highest impact on the organization.  
Extend your table from Week Two to include columns for Probability of Risk and Impact of Risk on the organization.  Include mitigation steps of the top 20 pairs.
Part 1 
Fill out the final three columns in the table from the previous week. 
Rate the probability and impact of each vulnerability-threat pair as High, Medium, or Low. (These are independent of each other.)
Rank the pairs in the order they should be addressed by the organization. (High/High rows will be at the top and Low/Low rows at the bottom.) The team will have to decide where to rank rows which are not at these extremes.
Suggest specific mitigation steps to take for the top 20 rows. You will go into more detail for the final project due in Week Five. 
Leave the Suggested Mitigation Steps column empty for rows below the top 20.
Part 2
Prepare a brief explanation on the final rankings.

  • Describe how the team finally ranked the pairs and the reasoning behind the suggested mitigation steps.

  • Focus on the top 20 rows, but cover why the others were ranked lower and will not be addressed at this time.

  • Keep this explanation brief and clear but informative.


Submit your updated table and explanation to the Assignment Files tab above.
 
 
CMGT 430 Week 3 Individual: Using Roles
Note: This is the second of three parts to this project.  Refer back to your organization used in the Week Two Applying Risk Management Consulting assignment.
A better way to control user access to data is to tie data access to the role a user plays in an organization. Some organizations are still learning this. Your presentation this week persuades the CIO of your target organization of the importance of controlling user access.
Create a 5- to 7-narrated slide presentation discussing the following:

  • The value of separating duties in the organization

  • The value of using roles to segregate the data and system access needs of individuals in the organization

  • Why a role-based access control (RBAC) system would be the best way to accomplish this, including both the advantages and disadvantages of such a system


Use any slide presentation software of your choosing.
Submit your presentation to the Assignment Files tab above.
 
 
CMGT 430 Week 4 Learning Team: Draft of the Enterprise Security Plan and Presentation
The CEO of your selected organization has requested an enterprise security plan from your team. An enterprise security plan is more than just a list of vulnerabilities and risks. It must present them in a meaningful way along with suggestions for specific steps to mitigate each of the most important vulnerabilities or risk pairs it finds.
The organization would like you to present an enterprise security plan to their Board of Directors. This week your team will draft two deliverables­, an enterprise security plan and a presentation.
 Part 1
Compile a full draft of the final enterprise security plan document. This will not be complete, but will have at least a short paragraph about each major section of the paper, including the suggested controls.
Use the introduction and conclusion as an executive summary of the entire paper's content.
Research at least eight sources that validate the choices made in the paper. This must go beyond basic definitions. The sources can be changed in the final week, if needed.
Format your paper consistent with APA guidelines.
 Part 2
Draft an 8- to 10-slide presentation on the findings in the Enterprise Security Plan to present to senior management. Keep the slides concise.
Include detailed speaker notes for the presentation.
Use any slide presentation software of your choice.
Submit a draft of both the enterprise security plan and slide presentation to the Assignment File tabs above.
 
 
CMGT 430 Week 4 Individual: Controlling Access
This is the third assignment of the series.  Continue the Applying Risk Management Consulting assignment for your chosen organization.
Refer to your Week Three individual assignment.
Write a 4- to 5-page business proposal in which you cover what concerns and potential actions the organization should take for each of the following areas:

  • How to manage and control  the use of cloud resources and other service providers that may be used for  processing and data storage outside the organization's physical locations

  • Specific recommendations to control mobile access to organizational system users (employees  and customers)

  • Identify specific issues to be addressed with business partners and inter-connection of systems.


Note: Brief the organization on the major issues involved but keep each section succinct.
Format your business proposal consistent with APA guidelines.
Submit your assignment to the Assignment Files tab above.
 
 
CMGT 430 Week 5 Learning Team: Enterprise Security Plan Paper
The CEO of your selected organization has requested an enterprise security plan from your team. Presenting an enterprise security plan to senior management is an important task that faces every IT security leader.  It is your job to provide an appropriate overview and encourage the team to invest in your plan.
Finalize the enterprise security plan and presentation using feedback from your instructor.
Submit the enterprise security plan and presentation to the Assignment Files tab above.
 
 
CMGT 430 Week 5 Individual: An IT Security Department Profile
The CEO asks you to create a presentation for the company about the IT Security Department. She wants you to highlight the core principles of enterprise security, and visually present the positions in the IT Security Department that are responsible for which principles.
Create a 4- to 5-slide narrated presentation in response to the request from the CEO. Include an organizational chart to help the audience visualize how the security team functions. Include detailed speaker notes or transcription of narration.
Submit presentation using the Assignment Files tab above.
 
Powered by