Week 2 Assignment – Network Vulnerability Assessment and policy

In this assignment, you step into the role of a cybersecurity analyst. In Part 1, you will evaluate a healthcare organization’s network vulnerabilities. In Part 2, you write a policy designed to mitigate them.

Scenario
Choose one of the following scenarios in the CIS598 Project Scenarios [PDF] Download CIS598 Project Scenarios [PDF] document to focus on for this assignment and the remainder of the course. Below is a snapshot of each:

HealthSure Alliance – A multi-state healthcare network faces growing risks from weak physical security, poor password policies, and unregulated AI pilots.
CareFirst Medical Group – A nonprofit healthcare system launching a new mobile health app, and that struggles with third-party risk, cloud security, and AI tool governance.
MediSure Partners – A healthcare management firm with a distributed remote workforce and contractor access struggles with BYOD security, insider threats, and unregulated use of AI-generated content.
Instructions
Consider your chosen scenario and complete the following:

Part 1: Identify Network Vulnerabilities
Describe 5 types of network vulnerabilities found in your selected scenario. For each vulnerability, your description must include:

Vulnerable system(s): Clearly identify the system(s) at risk (e.g., cloud-hosted EMR, HR database, shared workstation, physical access point).
Potential intrusion point(s): Describe how an attacker could exploit the vulnerability (e.g., phishing, weak password, outdated patch, etc.).
Responsible party: Identify which role or department (e.g., IT, HR, Compliance) should be accountable for addressing the issue.
Impact on operations or compliance: Explain how this vulnerability affects patient care, data integrity, legal compliance, or business continuity.
NIST CSF Mapping: Correctly assign one of the NIST Cybersecurity Framework (CSF) core functions to each vulnerability:
Identify.
Protect.
Detect.
Respond.
Recover.
Part 2: Vulnerability Mitigation Security Policy
Note: Work completed here will be used in your Week 10 assignment, Cybersecurity Policy Manual.

Craft 3 distinct policies that effectively mitigate 3 of the 5 vulnerabilities identified in Part 1. Each policy should:

State a purpose and scope.
Be realistic for the organization’s structure and technical environment.
Comprehensively define enforceable practices, procedures, protocols, and safeguards for vulnerability mitigation.
Be written as a formal policy statement (e.g., “All remote devices must use Mobile Device Management (MDM) enforced encryption”) that includes its goals and purposes.
Reference regulatory, procedural, or technology-based solutions (i.e., ISO2700, NIST, HIPAA, etc.).

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.