Develop a plan for conducting an infrastructure assessment. Create a risk assessment plan. Create a plan for implementing role-based access control (RBAC). Research single sign-on (SS
Purpose
This course project is intended to assess your ability to comprehend and apply the basic concepts related to information security management, access controls, and identity management.
Required Source Information and Tools
Web References: Links to web references in the Instructor Guide and related materials are subject to change without prior notice. These links were last verified on March 21, 2024.
The following tools and resources will be needed to complete this project:
- Course textbook
- Access to the Internet
Learning Objectives and Outcomes
Successful completion of this project will ensure that you can design an access control and identity management system. To be able to do so, you need to be able to do the following:
- Develop a plan for conducting an infrastructure assessment.
- Create a risk assessment plan.
- Create a plan for implementing role-based access control (RBAC).
- Research single sign-on (SSO) solutions.
- Describe a solution for remote access.
- Develop procedures for the physical security of facilities, including biometrics.
- Create a plan for testing access controls.
- Create a plan for monitoring access controls.
Overall Project Scenario
Big Tire Transport is a U.S. logistics company that operates a large fleet of trucks and is responsible for the movement of goods across the 48 contiguous states. Big Tire has accounts with companies of all sizes, as well as the U.S. federal government and several U.S. state government agencies.
The Big Tire headquarters is centrally located in Kansas City, Missouri. After a recent merger with a competitor, the company has employees in the following locations:
- Kansas City, Missouri, 500 employees
- Minneapolis, Minnesota, 200 employees
- Memphis, Tennessee, 150 employees
- Reno, Nevada, 175 employees
- El Paso, Texas, 250 employees
Due to the merger, the systems in each location differ. The headquarters location has fairly new computing equipment (workstations and servers) and runs Windows 10 on client computers and the latest edition of Windows Server on most servers. The other locations run a mix of current and outdated Windows-based software, and much of the hardware is outdated.
The main assets at the Big Tire headquarters location are housed in a data center. The assets consist of:
Four Microsoft Windows Server application servers (the current version of Windows Server)
- Two email servers running Microsoft Exchange
- Two Linux web servers
- Microsoft Active Directory
- Accounting and financial software
- Logistics software
Other software, such as customer relationship management (CRM), are cloud services that Big Tire subscribes to each month.
Last year, Big Tire suffered two network compromises at the headquarters location that led to the disclosure of sensitive and strategic information on contracts and mergers. More recently, the Minneapolis location dealt with an insider destroying corporate data that could not be restored because the backup media contained errors. The Memphis location experienced a 4-day network outage due to a successful ransomware attack.
You play the role of an IT security architect. Your boss, the company chief information office (CIO), relies on you for infrastructure planning and input on proposals to senior management.
Your goals for this project are to:
- Develop a plan for assessing infrastructure assets and risks.
- Develop a plan to implement role-based access control (RBAC) to ensure confidentiality, integrity, and availability.
- Research and describe single sign-on (SSO) and determine whether it is feasible for implementation for Big Tire locations.
- Address secure remote access requirements for users and physical security for facilities.
- Recommend RBAC tests and a plan for ongoing network monitoring to ensure RBAC is working properly.
- Develop and submit reports to the CIO that address all requirements within each scenario.
Deliverables
This project is divided into several parts, as follows:
- Project Part 1: Infrastructure Assessment and Risk Assessment
- Project Part 2: Role-Based Access Control (RBA) and Single Sign-On (SSO)
- Project Part 3: Remote Access and Physical Security
- Project Part 4: Testing and Monitoring
Project Part 1: Infrastructure Assessment and Risk Assessment
Scenario
The CIO recently made a strategic presentation to the executive management team to assess the infrastructure assets (hardware, software, databases, and types of sensitive information) and risks. Funding has been approved for both assessments. The CIO wants you to create a high-level plan for the infrastructure assessment and the risk assessment.
Tasks
Create a two-part report to the CIO that addresses the following:
1. A plan for conducting an infrastructure assessment of all company locations
2. A plan for conducting an IT risk assessment of all company locations
Each plan should include the following:
- Purpose and importance
- The scope and boundaries of the plan
- (Risk assessment only) At least five issues the plan will address upon completion
- A list of typical threats and vulnerabilities
- A high-level outline of major steps to be taken
- A proposed schedule
Required Resources
- Internet access
- Course textbook
Submission Requirements
- Format: Microsoft Word (or compatible)
- Font: Arial, size 12, double-spaced
- Citation Style: Follow your school’s preferred style guide (The latest version of APA style)
- Length: 2 to 4 pages
Self-Assessment Checklist
- I developed an effective plan to assess the infrastructure of all company locations.
- I developed an effective plan to assess the IT risk of all company locations.
- I created a professional, well-developed report with proper documentation, grammar, spelling, and punctuation.
- I followed the submission guidelines.
Project Part 2: Role-Based Access Control (RBAC) and Single Sign-On (SSO)
Scenario
Big Tire currently relies on access control lists (ACLs) for control over what users can access and what actions they can carry out. As the company has grown, ACLs have proven to be very time-consuming for IT staff to maintain.
You believe RBAC, used as a company-wide access control system, is superior to ACLs in terms of security and administrative overhead. RBAC user roles and permissions make it easy to perform role assignments because individual users no longer have unique access rights. Instead, they have privileges that conform to the permissions assigned to their specific role or job function.
Your CIO also asked you to research and report on the feasibility of SSO.
Tasks
Create a two-part report to the CIO that addresses the following:
1. A high-level plan for implementing RBAC or an RBAC-like solution at each Big Tire location
2. A description of SSO and a determination of whether it is feasible for implementation at Big Tire
The RBAC plan should include the following:
- Purpose and importance
- A description of the technology
- Advantage of RBAC over ACLs
- How RBAC can mitigate risks to the IT infrastructure’s confidentiality, integrity, and availability
- A high-level outline of major implementation steps
- A scheme for RBAC roles
- Create a simple scheme that maps roles to applications in the data center
- Assume a more granular scheme will be created in the future
- Create a simple scheme that maps roles to applications in the data center
- Some roles to consider in your scheme are Administrative, Accounting, HR, Manager, Sales and Marketing, Driver, and Technical, although you can use other roles if desired
- Any related projects that may need to run before, during, or after the implementation
- A proposed schedule
- The SSO section should include the following:
- Purpose and importance
- A description of the technology
- Your recommendation as to whether SSO is feasible
- If so, the type of solution do you recommend
Required Resources
- Internet access
- Course textbook
Submission Requirements
- Format: Microsoft Word (or compatible)
- Font: Arial, size 12, double-spaced
- Citation Style: Follow your school’s preferred style guide (The latest version of APA style)
- Length: 2 to 4 pages
Self-Assessment Checklist
- I developed a high-level plan for implementing RBAC or an RBAC-like solution at each Big Tire location.
- I wrote a description of SSO and determined whether it is feasible for implementation at Big Tire.
- I created a professional, well-developed report with proper documentation, grammar, spelling, and punctuation.
- I followed the submission guidelines.
Project Part 3: Remote Access and Physical Security
Scenario
The Big Tire CIO wants users at all company locations and trusted business partners to be able to access applications hosted in the data center, such as the logistics and accounting applications. A remote access solution that provides a good user experience working with the logistics application would be ideal. A previous attempt to access the application over a virtual private network (VPN) connection was abandoned due to very slow response time.
The CIO also wants improved and uniform physical security at all locations, which should include some type of smart card and/or programmable locks for all office buildings and garages.
Finally, the CIO wants all employees, including drivers using mobile devices, to use biometrics, tokens, fobs, or authenticator apps for access to all websites that offer it as a factor in multifactor authentication. The chosen access control should be convenient for employees and cost-effective.
Tasks
Create a three-part report to the CIO that addresses the following:
- A high-level plan for implementing remote access to applications hosted in the data center
- A high-level plan for implementing physical security at Big Tire locations
- A high-level plan for cost-effective multifactor authentication for websites
Required Resources
- Internet access
- Course textbook
Submission Requirements
- Format: Microsoft Word (or compatible)
- Font: Arial, size 12, double-spaced
- Citation Style: Follow your school’s preferred style guide (The latest version of APA style)
- Length: 2 to 4 pages
Self-Assessment Checklist
- I developed a high-level plan for implementing remote access to applications hosted in the data center.
- I developed a high-level plan for implementing physical security at Big Tire locations.
- I developed a high-level plan for cost-effective multifactor authentication for websites.
- I created a professional, well-developed report with proper documentation, grammar, spelling, and punctuation.
- I followed the submission guidelines.
Project Part 4: Testing and Monitoring
Scenario
Access control systems are constantly under surveillance and attack. An attacker who gains control of an access control system can leverage that access to gain entry to other systems in the enterprise. Frequent testing of access control systems ensures that weaknesses are found and can be dealt with before they are exploited.
Network monitoring is a critical IT process where all networking components, such as routers, switches, firewalls, and servers, are monitored for faults, performance, and anomalies to detect possible intruders or attacks.
Tasks
Create a two-part report to the CIO that addresses the following:
- A high-level plan for testing RBAC and physical security (building access)
- Include the type of tests to be performed and the frequency
- A high-level plan for ongoing network monitoring to ensure the RBAC solution is working properly
- Network monitoring is to be performed at each Big Tire location
Required Resources
- Internet access
- Course textbook
Submission Requirements
- Format: Microsoft Word (or compatible)
- Font: Arial, size 12, double-spaced
- Citation Style: Follow your school’s preferred style guide (The latest version of APA style)
- Length: 2 to 4 pages
Self-Assessment Checklist
- I developed an effective plan to test RBAC and physical security controls at Big Tire.
- I developed an effective plan for network monitoring at Big Tire.
- I created a professional, well-developed report with proper documentation, grammar, spelling, and punctuation.
- I followed the submission guidelines.
ISM 650 Final Project Access Control and Identity Management Plan
Page 1
Purpose
This course project is intended to assess your ability to comprehend and apply the basic concepts related
to information security management, access controls, and identity management.
Required Source Information and Tools
Web References: Links to web references in the Instructor Guide and related materials are subject to
change without prior notice. These links were last verified on March 21, 2024.
The following tools and resources will be needed to complete this project:
▪ Course textbook
▪ Access to the Internet
Learning Objectives and Outcomes
Successful completion of this project will ensure that you can design an access control and identity
management system. To be able to do so, you need to be able to do the following:
▪ Develop a plan for conducting an infrastructure assessment.
▪ Create a risk assessment plan.
▪ Create a plan for implementing role-based access control (RBAC).
▪ Research single sign-on (SSO) solutions.
▪ Describe a solution for remote access.
▪ Develop procedures for physical security of facilities, including biometrics.
▪ Create a plan for testing access controls.
▪ Create a plan for monitoring access controls.
Overall Project Scenario
Big Tire Transport is a U.S. logistics company that operates a large fleet of trucks and is responsible for
the movement of goods across the 48 contiguous states. Big Tire has accounts with companies of all
sizes, as well as the U.S. federal government and several U.S. state government agencies.
The Big Tire headquarters is centrally located in Kansas City, Missouri. After a recent merger with a
competitor, the company has employees in the following locations:
▪ Kansas City, Missouri, 500 employees
▪ Minneapolis, Minnesota, 200 employees
▪ Memphis, Tennessee, 150 employees
▪ Reno, Nevada, 175 employees
▪ El Paso, Texas, 250 employees
Due to the merger, the systems in each location differ. The headquarters location has fairly new
computing equipment (workstations and servers) and runs Windows 10 on client computers and the latest
edition of Windows Server on most servers. The other locations run a mix of current and outdated
Windows-based software, and much of the hardware is outdated.
The main assets at the Big Tire headquarters location are housed in a data center. The assets consist of:
▪ Four Microsoft Windows Server application servers (current version of Windows Server)
▪ Two email servers running Microsoft Exchange
ISM 650 Final Project Access Control and Identity Management Plan
Page 2
▪ Two Linux web servers
▪ Microsoft Active Directory
▪ Accounting and financial software
▪ Logistics software
Other software, such as customer relationship management (CRM), are cloud services that Big Tire
subscribes to each month.
Last year, Big Tire suffered two network compromises at the headquarters location that led to the
disclosure of sensitive and strategic information on contracts and mergers. More recently, the
Minneapolis location dealt with an insider destroying corporate data that could not be restored because
the backup media contained errors. The Memphis location experienced a 4-day network outage due to a
successful ransomware attack.
You play the role of an IT security architect. Your boss, the company chief information office (CIO), relies
on you for infrastructure planning and input on proposals to senior management.
Your goals for this project are to:
▪ Develop a plan for assessing infrastructure assets and risks.
▪ Develop a plan to implement role-based access control (RBAC) to ensure confidentiality, integrity,
and availability.
▪ Research and describe single sign-on (SSO) and determine whether it is feasible for
implementation for Big Tire locations.
▪ Address secure remote access requirements for users and physical security for facilities.
▪ Recommend RBAC tests and a plan for on-going network monitoring to ensure RBAC is working
properly.
▪ Develop and submit reports to the CIO that address all requirements within each scenario.
Deliverables
This project is divided into several parts, as follows:
▪ Project Part 1: Infrastructure Assessment and Risk Assessment
▪ Project Part 2: Role-Based Access Control (RBA) and Single Sign-On (SSO)
▪ Project Part 3: Remote Access and Physical Security
▪ Project Part 4: Testing and Monitoring
ISM 650 Final Project Access Control and Identity Management Plan
Page 3
Project Part 1: Infrastructure Assessment and Risk Assessment
Scenario
The CIO recently made a strategic presentation to the executive management team to assess the
infrastructure assets (hardware, software, databases, and types of sensitive information) and risks.
Funding has been approved for both assessments. The CIO wants you to create a high-level plan for the
infrastructure assessment and the risk assessment.
Tasks
Create a two-part report to the CIO that addresses the following:
1. A plan for conducting an infrastructure assessment of all company locations
2. A plan for conducting an IT risk assessment of all company locations
Each plan should include the following:
▪ Purpose and importance
▪ The scope and boundaries for the plan
▪ (Risk assessment only) At least five issues the plan will address upon completion
▪ A list of typical threats and vulnerabilities
▪ A high-level outline of major steps to be taken
▪ A proposed schedule
Required Resources
▪ Internet access
▪ Course textbook
Submission Requirements
▪ Format: Microsoft Word (or compatible)
▪ Font: Arial, size 12, double-space
▪ Citation Style: The latest APA Formatting and Style
▪ Length: 2 to 4 pages
Self-Assessment Checklist
▪ I developed an effective plan to assess the infrastructure of all company locations.
▪ I developed an effective plan to assess the IT risk of all company locations.
▪ I created a professional, well-developed report with proper documentation, grammar, spelling,
and punctuation.
▪ I followed the submission guidelines.
ISM 650 Final Project Access Control and Identity Management Plan
Page 4
Project Part 2: Role-Based Access Control (RBAC) and Single Sign-On
(SSO)
Scenario
Big Tire currently relies on access control lists (ACLs) for control over what users can access and what
actions they can carry out. As the company has grown, ACLs have proven to be very time-consuming for
IT staff to maintain.
You believe RBAC, used as a company-wide access control system, is superior to ACLs in terms of
security and administrative overhead. RBAC user roles and permissions make it easy to perform role
assignments because individual users no longer have unique access rights. Instead, they have privileges
that conform to the permissions assigned to their specific role or job function.
Your CIO also asked you to research and report on the feasibility of SSO.
Tasks
Create a two-part report to the CIO that addresses the following:
1. A high-level plan for implementing RBAC or an RBAC-like solution at each Big Tire location
2. A description of SSO and a determination whether it is feasible for implementation at Big Tire
The RBAC plan should include the following:
▪ Purpose and importance
▪ A description of the technology
▪ Advantage of RBAC over ACLs
▪ How RBAC can mitigate risks to the IT infrastructure’s confidentiality, integrity, and availability
▪ A high-level outline of major implementation steps
▪ A scheme for RBAC roles
o Create a simple scheme that maps roles to applications in the data center
▪ Assume a more granular scheme will be created in the future
o Some roles to consider in your scheme are Administrative, Accounting, HR, Manager,
Sales and Marketing, Driver, and Technical, although you can use other roles if desired
▪ Any related projects that may need to run before, during, or after the implementation
▪ A proposed schedule
The SSO section should include the following:
▪ Purpose and importance
▪ A description of the technology
▪ Your recommendation as to whether SSO is feasible
▪ If so, the type of solution you recommend
Required Resources
▪ Internet access
▪ Course textbook
ISM 650 Final Project Access Control and Identity Management Plan
Page 5
Submission Requirements
▪ Format: Microsoft Word (or compatible)
▪ Font: Arial, size 12, double-space
▪ Citation Style: The latest APA Formatting and Style
▪ Length: 2 to 4 pages
Self-Assessment Checklist
▪ I developed a high-level plan for implementing RBAC or an RBAC-like solution at each Big Tire
location.
▪ I wrote a description of SSO and determined whether it is feasible for implementation at Big Tire.
▪ I created a professional, well-developed report with proper documentation, grammar, spelling,
and punctuation.
▪ I followed the submission guidelines.
ISM 650 Final Project Access Control and Identity Management Plan
Page 6
Project Part 3: Remote Access and Physical Security
Scenario
The Big Tire CIO wants users at all company locations and trusted business partners to be able to access
applications hosted in the data center, such as the logistics and accounting applications. A remote access
solution that provides a good user experience working with the logistics application would be ideal. A
previous attempt to access the application over a virtual private network (VPN) connection was
abandoned due to very slow response time.
The CIO also wants improved and uniform physical security at all locations, which should include some
type of smart card and/or programmable locks for all office buildings and garages.
Finally, the CIO wants all employees, including drivers using mobile devices, to use biometrics, tokens,
fobs, or authenticator apps for access to all websites that offer it as a factor in multifactor authentication.
The chosen access control should be convenient for employees and cost-effective.
Tasks
Create a three-part report to the CIO that addresses the following:
▪ A high-level plan for implementing remote access to applications hosted in the data center
▪ A high-level plan for implementing physical security at Big Tire locations
▪ A high-level plan for cost-effective multifactor authentication for websites
Required Resources
▪ Internet access
▪ Course textbook
Submission Requirements
▪ Format: Microsoft Word (or compatible)
▪ Font: Arial, size 12, double-space
▪ Citation Style: The latest APA Formatting and Style
▪ Length: 2 to 4 pages
Self-Assessment Checklist
▪ I developed a high-level plan for implementing remote access to applications hosted in the data
center.
▪ I developed a high-level plan for implementing physical security at Big Tire locations.
▪ I developed a high-level plan for cost-effective multifactor authentication for websites.
▪ I created a professional, well-developed report with proper documentation, grammar, spelling,
and punctuation.
▪ I followed the submission guidelines.
ISM 650 Final Project Access Control and Identity Management Plan
Page 7
Project Part 4: Testing and Monitoring
Scenario
Access control systems are constantly under surveillance and attack. An attacker who gains control of an
access control system can leverage that access to gain entry to other systems in the enterprise. Frequent
testing of access control systems ensures that weaknesses are found and can be dealt with before they
are exploited.
Network monitoring is a critical IT process where all networking components, such as routers, switches,
firewalls, and servers, are monitored for faults, performance, and anomalies in order to detect possible
intruders or attacks.
Tasks
Create a two-part report to the CIO that addresses the following:
▪ A high-level plan for testing RBAC and physical security (building access)
o Include type of tests to be performed and frequency
▪ A high-level plan for on-going network monitoring to ensure the RBAC solution is working
properly
o Network monitoring to be performed at each Big Tire location
Required Resources
▪ Internet access
▪ Course textbook
Submission Requirements
▪ Format: Microsoft Word (or compatible)
▪ Font: Arial, size 12, double-space
▪ Citation Style: The latest APA Formatting and Style
▪ Length: 2 to 4 pages
Self-Assessment Checklist
▪ I developed an effective plan to test RBAC and physical security controls at Big Tire.
▪ I developed an effective plan for network monitoring at Big Tire.
▪ I created a professional, well-developed report with proper documentation, grammar, spelling,
and punctuation.
▪ I followed the submission guidelines.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.