COM 590 Term Project

Project Guidelines

Purpose

This course project is intended to assess your ability to identify, design, and organize information technology security policies.

Learning Objectives and Outcomes

You will be able to develop draft IT security policies for an organization and apply learning constructs from the course.

This assignment is worth 15 percent of your total grade for this course. You will receive an individual assignment grade ranging from 0 to 100 points, which will then be weighted by the 15%.

Scenario

You work for a high-tech company with approximately 400 employees. Your firm recently won a large Department of Defense (DoD) contract, which will add 30% to the revenue of your organization. It is a high-priority, high-visibility project. You will be allowed to make your own budget, project timeline, and tollgate decisions.

This course project will require you to develop the proper DoD security policies required to meet DoD standards for delivery of technology services to the U.S. Air Force Cyber Security Center (AFCSC), a DoD agency. To do this, you must develop DoD-approved policies and standards for your IT infrastructure (see the “Tasks” section below). The policies you create must pass DoD-based requirements. Currently, your organization does not have any DoD contracts and thus has no DoD- compliant security policies or controls in place.

Your firm’s computing environment includes the following:

• 12 servers running Microsoft Server 2008 R2, providing the following: o Active Directory (AD)

o Domain Name System (DNS)
o Dynamic Host Configuration Protocol (DHCP)
o Enterprise Resource Planning (ERP) application (Oracle)
o A Research and Development (R&D) Engineering network segment for testing, separate

from the production environment
o Microsoft Exchange Server for e-mail o Symantec e-mail filter
o Websense for Internet use

• Two Linux servers running Apache Server to host your Web site
  § 390 PCs/laptops running Microsoft Windows 7, Microsoft Office 2007, Microsoft Visio, Microsoft

Project, and Adobe Reader

COM 590 Term Project Guidelines

Tasks

You should:

• Create policies that are DoD compliant for the organization’s IT infrastructure. § Develop a list of compliance laws required for DoD contracts.
  § List controls placed on domains in the IT infrastructure.
  § List required standards for all devices, categorized by IT domain.
• Develop a deployment plan for implementation of these polices, standards, and controls. § List all applicable DoD frameworks in the final delivery document.
  § Write a professional report that includes all of the above content-related items.

This project is due at the end of Week 7. Submission Requirements:

1. A Word Document 9 to 12 pages (font size – Times New Roman 12)
   2. Single spaced with one-inch margins all around, all figures and diagrams must be labelled
2. All citations and the reference list in the paper should be formatted in accordance with APA 6th edition (or later) guidelines
3. References are NOT included in the page count.