Prepare a System Security Plan (SSP) presentation slide deck to present your system security plan for CMI. The SSP may include artifacts discovered from the CMI risk assessment, the security policy report, and/or the ROE. This SSP presents the current security posture to the organization’s stakeholders and employees by describing security controls, procedures, & techniques to deter, detect, prevent cyberattacks. You may include technical, administrative, and operational controls to harden the network operations and bolster the enterprise security in your plan.
This assignment is based on the Cyber Marketing Inc. Case Study provided in this course. The CMI network diagramLinks to an external site. (opens in a new browser window) is shown below for your convenience but is also available in the CMI Case Study.
Procedures
You will prepare an SSP slide presentation to convey your findings of the CMI security posture and a proposed solution. Your SSP should include best security practices to build strong enterprise security for CMI from the areas of securing wireless systems, secure web content/access, perimeter security, audit, authentication, encryption, incident response, mobile device security, data hiding/forensics, reverse engineering, social engineering, cyber threat intelligence, cyber awareness/training and written security policy. Utilize what you have learned in the areas of network host/server/communications device port scanning, malware & threat detection, vulnerability assessment, packet components & flows, risk assessment, application of security policy, and penetration testing. As you are presenting this SSP to your client in a presentation format, you will summarize your solutions with highlighted prioritized security controls to build a strong enterprise security.
While you are free to create your own SSP to best prevent cyber vulnerabilities and improve the CMI security posture, and build a defense in depth, you will, at a minimum, include the following sections.
1. Executive Summary
2. Brief Description of the organization
3. Brief Description of the system(s) or technology(s) under review and their requirements in Confidentiality, Integrity & Availability (CI&A).
4. Summary of Systems Threat, Vulnerability, Impact and Likelihood (TVIL) findings,
5. Selection of Controls to be applied to their systems for CI&A given their TVIL, and
6. Brief outlook on expected implementation timetable and resources for maintaining assurance.
Use the document System Security Plans (SSP) Guidelines for CMI Presentation Links to an external site.in Module 8 of the Google drive as a directive.
Slide Deck & Presentation
Your system security presentation should incorporate a slide deck of between 10-20 slides, with annotation in the Notes section and take about 10 minutes to deliver. The presentation should be a deliverable to CMI who will make decisions about hardening the CMI network operations and enforcing the security policy to improve the CMI enterprise security posture. A typical SSP would include many pages of documents. You will present your solutions in a Slide-based presentation to convey your security controls and solutions for CMI.
Post your slide presentation to the Discussions Section once you are ready for others to view it.
The following are recommended tool options for creating and sharing your presentation:
· You may use VoiceThreadLinks to an external site. to create a slide-based presentation to share. For information about creating slides in VoiceThread, please click hereLinks to an external site..
· You may upload a video to YouTube Links to an external site.and post a link to it in the discussion forum.
· You may record your video using Screen-cast-o-maticLinks to an external site. and post a link to it in the forum.
· You may record your video directly in the forum or upload directly to the forum by clicking reply and then selecting the Media icon.Links to an external site.
For more detailed instructions regarding how to create and share a video using the content editor in the discussion board, click hereLinks to an external site..