Security Administrator Handbook

Security Administrator Handbook

Term Paper: Security Administrator Handbook
Due Week 10 and worth 200 points

One of the responsibilities of a Security Administrator is to create and document policies that protect the organization and guide users to making smart decisions. In this assignment you will build a handbook that can be used for such a purpose. The NIST’s Special Publications Website, a government operated Website, provides several documents for you to review in order to see examples that may be helpful to start this assignment (http://csrc.nist.gov/publications/PubsSPs.html).

Other helpful Websites for this assignment include:

Publications from the Strayer Learning Resource Center are also available. Additional resources should be used when necessary. Write a twelve to eighteen (12-18) page Security Administrator’s handbook including policies tailored to your work environment or for a business environment with which you are familiar. You may select a fictitious name for your organization for the purpose of this paper. Do not duplicate your company’s existing handbook. Create your own unique work based on what you have learned in this course. There will be two (2) major sections of the handbook: Main Body and Policies.

Section 1: Main Body
In four to six (4-6) pages total, develop the basic procedures and guidelines that the organization must address to properly secure its corporate network and information assets in the followings seven (7) items:

  1. Network Architecture and Security Considerations
  2. Wireless Security
  3. Remote Access Security
  4. Laptop and Removable Media Security
  5. Vulnerability and Penetration Testing
  6. Physical Security
  7. Guidelines for Reviewing and Changing Policies

Section 2: Policies
Develop the policies section of the handbook and include two to three (2-3) pages for each policy in which you define the policies used by the organization identifying the unique requirements of your industry. It must include, at a minimum, the following four (4) security policies:

  1. Acceptable Use Policy
  2. Password Policy
  3. Incident Response Policy
  4. User Awareness and Training Policy

To organize your policies and to give your policies structure, follow this sequential format:

  1. Policy Statement
  2. Purpose
  3. Objectives
  4. Standards
  5. Procedures and Guidelines
  6. Responsibilities
  7. Review and Change Management
  • Use at least four (4) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the title of the company and industry, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required page length.

The specific course learning outcomes associated with this assignment are:

  • Formulate a security planning model that addresses and solves a security problem at an agency or corporate entity.
  • Explain the process of developing and implementing an enterprise-wide information security policy.
  • Summarize the methods and practices related to perimeter security.
  • Use technology and information resources to research issues in security assessment and solutions.
  • Write clearly and concisely about topics related to security assessment and solutions using proper writing mechanics and technical style conventions.

 

 

Solution Preview

Corporate Network Security

Information security is one of the most important security issues the modern organizations need to address while developing the organizational security standards at the company. A handbook developed with the intention of providing guidelines on appropriate practices should always include the appropriate measures that would provide guidance to the personnel at the company, on appropriate practice under different circumstances. Notably, the information becomes even more important, whenever the organization in question needs to protect pivotal data stored at the company’s central server. Realizing such importance, Marisol Inc., a company involved in online retail of vehicle spare parts, has been keen to ensure that the security infrastructure at the firm is efficient enough in the protection of both the consumer and company information.

(1,512 words)

Open chat
Hello
Contact us here via WhatsApp