Case Study 2: Developing the Forensics, Continuity, Incident Management, and Security Training Capacities for the Enterprise
Case Study 2: Developing the Forensics, Continuity, Incident Management, and Security Training Capacities for the Enterprise
Due Week 7 and worth 100 points
Access the ACM Digital Library by following the steps below:
Students:
Login to iCampus.
From iCampus, click STUDENT SERVICES>> Learning Resources Center >> Databases
Scroll down to “Information Systems/Computing”.
Select “ACM Digital Library” below the heading.
Enter your library username and password.
Faculty:
Login to Blackboard: bb.strayer.edu.
Click the “Resource Center” tab at top right of page.
From the list on the left, click “Databases”
Scroll down to “Information Systems/Computing”.
Select “ACM Digital Library” below the heading.
Enter your library username and password.
Download and read the following articles available in the ACM Digital Library:
Arduini, F., & Morabito, V. (2010, March). Business continuity and the banking industry. Communications of the ACM, 53(3), 121-125
Dahbur, K., & Mohammad, B. (2011). The anti-forensics challenge. Proceedings from ISWSA ’11: International Conference on Intelligent Semantic Web-Services and Applications. Amman, Jordan.
Write a five to seven (5-7) page paper in which you:
Consider that Data Security and Policy Assurance methods are important to the overall success of IT and Corporate data security.
Determine how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity.
Explain how computer security policies and data retention policies help maintain user expectations of levels of business continuity that could be achieved.
Determine how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts. Give an example with your response.
Suggest at least two (2) models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts. Describe how these could be implemented.
Explain the essentials of defining a digital forensics process and provide two (2) examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article.
Provide a step-by-step process that could be used to develop and sustain an enterprise continuity process.
Describe the role of incident response teams and how these accommodate business continuity.
There are several awareness and training efforts that could be adopted in order to prevent anti-forensic efforts.
Suggest two (2) awareness and training efforts that could assist in preventing anti-forensic efforts.
Determine how having a knowledgeable workforce could provide a greater level of secure behavior. Provide a rationale with your response.
Outline the steps that could be performed to ensure continuous effectiveness.
- Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Describe and apply the 14 areas of common practice in the Department of Homeland Security (DHS) Essential Body of Knowledge.
Describe best practices in cybersecurity.
Explain data security competencies to include turning policy into practice.
Describe digital forensics and process management.
Evaluate the ethical concerns inherent in cybersecurity and how these concerns affect organizational policies.
Create an enterprise continuity plan.
Describe and create an incident management and response plan.
Describe system, application, network, and telecommunications security policies and response.
Use technology and information resources to research issues in cybersecurity.
Write clearly and concisely about topics associated with cybersecurity using proper writing mechanics and technical style conventions.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.
| Points: 100 | Case Study 2: Developing the Forensics, Continuity, Incident Management, and Security Training Capacities for the Enterprise | ||||
| Criteria | Unacceptable Below 60% F | Meets Minimum Expectations 60-69% D | Fair 70-79% C | Proficient 80-89% B | Exemplary 90-100% A |
| 1a. Determine how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity. Weight: 10% | Did not submit or incompletely determined how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity. | Insufficiently determined how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity. | Partially determined how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity. | Satisfactorily determined how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity. | Thoroughly determined how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity. |
|
1b. Explain how computer security policies and data retention
policies help maintain user expectations of levels of business continuity
that could be achieved. Weight: 5% | Did not submit or incompletely explained how computer security policies and data retention policies help maintain user expectations of levels of business continuity that could be achieved. | Insufficiently explained how computer security policies and data retention policies help maintain user expectations of levels of business continuity that could be achieved. | Partially explained how computer security policies and data retention policies help maintain user expectations of levels of business continuity that could be achieved. | Satisfactorily explained how computer security policies and data retention policies help maintain user expectations of levels of business continuity that could be achieved. | Thoroughly explained how computer security policies and data retention policies help maintain user expectations of levels of business continuity that could be achieved. |
| 1c. Determine how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts. Give an example with your response. Weight: 10% | Did not submit or incompletely determined how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts; did not submit or incompletely gave an example with your response. | Insufficiently determined how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts; insufficiently gave an example with your response. | Partially determined how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts; partially gave an example with your response. | Satisfactorily determined how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts; satisfactorily gave an example with your response. | Thoroughly determined how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts; thoroughly gave an example with your response. |
| 2. Suggest at least two (2) models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts. Describe how these could be implemented. Weight: 10% | Did not submit or incompletely suggested at least two (2) models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts; did not submit or incompletely described how these could be implemented. | Insufficiently suggested at least two (2) models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts; insufficiently described how these could be implemented. | Partially suggested at least two (2) models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts; partially described how these could be implemented. | Satisfactorily suggested at least two (2) models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts; satisfactorily described how these could be implemented. | Thoroughly suggested at least two (2) models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts; thoroughly described how these could be implemented. |
| 3. Explain the essentials of defining a digital forensics process and provide two (2) examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article. Weight: 10% | Did not submit or incompletely explained the essentials of defining a digital forensics process; did not submit or incompletely provided two (2) examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article. | Insufficiently explained the essentials of defining a digital forensics process; insufficiently provided two (2) examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article. | Partially explained the essentials of defining a digital forensics process; partially provided two (2) examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article. | Satisfactorily explained the essentials of defining a digital forensics process; satisfactorily provided two (2) examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article. | Thoroughly explained the essentials of defining a digital forensics process; thoroughly provided two (2) examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article. |
| 4. Provide a step-by-step process that could be used to develop and sustain an enterprise continuity process. Weight: 10% | Did not submit or incompletely provided a step-by-step process that could be used to develop and sustain an enterprise continuity process. | Insufficiently provided a step-by-step process that could be used to develop and sustain an enterprise continuity process. | Partially provided a step-by-step process that could be used to develop and sustain an enterprise continuity process. | Satisfactorily provided a step-by-step process that could be used to develop and sustain an enterprise continuity process. | Thoroughly provided a step-by-step process that could be used to develop and sustain an enterprise continuity process. |
| 5. Describe the role of incident response teams and how these accommodate business continuity. Weight: 5% | Did not submit or incompletely described the role of incident response teams and how these accommodate business continuity. | Insufficiently described the role of incident response teams and how these accommodate business continuity. | Partially described the role of incident response teams and how these accommodate business continuity. | Satisfactorily described the role of incident response teams and how these accommodate business continuity. | Thoroughly described the role of incident response teams and how these accommodate business continuity. |
| 6a. Suggest two (2) awareness and training efforts that could assist in preventing anti-forensic efforts. Weight: 10% | Did not submit or incompletely suggested two (2) awareness and training efforts that could assist in preventing anti-forensic efforts. | Insufficiently suggested two (2) awareness and training efforts that could assist in preventing anti-forensic efforts. | Partially suggested two (2) awareness and training efforts that could assist in preventing anti-forensic efforts. | Satisfactorily suggested two (2) awareness and training efforts that could assist in preventing anti-forensic efforts. | Thoroughly suggested two (2) awareness and training efforts that could assist in preventing anti-forensic efforts. |
| 6b. Determine how having a knowledgeable workforce could provide a greater level of secure behavior. Provide a rationale with your response. Weight: 10% | Did not submit or incompletely determined how having a knowledgeable workforce could provide a greater level of secure behavior; did not submit or incompletely provided a rationale with your response. | Insufficiently determined how having a knowledgeable workforce could provide a greater level of secure behavior; insufficiently provided a rationale with your response. | Partially determined how having a knowledgeable workforce could provide a greater level of secure behavior; partially provided a rationale with your response. | Satisfactorily determined how having a knowledgeable workforce could provide a greater level of secure behavior; satisfactorily provided a rationale with your response. | Thoroughly determined how having a knowledgeable workforce could provide a greater level of secure behavior; thoroughly provided a rationale with your response. |
| 6c. Outline the steps that could be performed to ensure continuous effectiveness. Weight: 5% | Did not submit or incompletely outlined the steps that could be performed to ensure continuous effectiveness. | Insufficiently outlined the steps that could be performed to ensure continuous effectiveness. | Partially outlined the steps that could be performed to ensure continuous effectiveness. | Satisfactorily outlined the steps that could be performed to ensure continuous effectiveness. | Thoroughly outlined the steps that could be performed to ensure continuous effectiveness. |
| 7. 3 references Weight: 5% | No references provided | Does not meet the required number of references; all references poor quality choices. | Does not meet the required number of references; some references poor quality choices. | Meets number of required references; all references high quality choices. | Exceeds number of required references; all references high quality choices. |
| 8. Clarity, writing mechanics, and formatting requirements Weight: 10% |
