Overview: For this milestone, you will prepare an initial security planning report. This document will become the foundation for the final risk assessment and mitigation strategy (due in Module Seven). For scenario details, refer to the Final Project Guidelines and Rubric document.
The report should include the following elements:
• Network Diagram. Create a diagram of the topology of the network layout for the airport scenario.
• Stakeholder Information. Identify the roles or groups you would consider stakeholders. Identify key responsibilities and relationships.
• Relevant Laws and Regulations. Summarize legal issues that need to be considered. Identify relevant laws and regulations that pertain to this scenario.
• Preliminary Risk Assessment. Outline identified IT security risks. Be sure to address the following areas:
o Viruses and Malicious Software
o Web Strategies and Protocols (browsers, cryptographic posture, and server and protocol securities)
o External Threats (firewalls, intrusion detection, and intrusion prevention systems)
• Operational and Technical Controls. Outline proposed controls to mitigate the risks identified in the preliminary risk assessment. You will elaborate on these controls in the final report.
• References. Create a reference page in APA format of resources you tentatively plan to use. Include 7 to 10 resources, including professional journals. Recommendations for resources include NIST documents and course text.
Format: The initial security planning milestone should follow these formatting guidelines: four to six pages, double spacing, 12-point Times New Roman font, one-inch margins, and a minimum of six resources. Citations and references must follow APA guidelines.
Submit your initial security planning report for the fictional airport described in the Final Project Guidelines and Rubric document. This preliminary draft report should include the following elements:
1. Network diagram
2. Team identification
3. Relevant laws and regulations
4. Preliminary risk assessment
5. Identification of operational and technical controls