Assignment 2: LASA 1: Presentation of Organizational Security Threats and Vulnerabilities
For this assignment, you will read a scenario and then prepare a presentation of approximately 6–8 slides with detailed speaker’s notes discussing the potential security threats and vulnerabilities of a fictitious organization, Open Water Diving and Scuba Institute (OWDSI).
OWDSI is a training center located in the United States. The school offers training and certification programs for scuba and deep-sea diving. OWDSI is a premier training school in the area of diving and scuba and has developed a wealth of proprietary training resources, videos, guides, and manuals. The school suspects that competitors have tried to breach the school’s computer systems to gain access to these training materials.
The network is composed of two web servers, two file servers, one e-mail server, fifty employee workstations, and a fifty-workstation student computer lab. The school also has public and private WiFi availability throughout the campus.
You have been hired as the Information Technology (IT) security analyst to review, evaluate, and maintain the security of the organization’s computer and network systems.
You have been given the responsibility to determine the top five threats that the OWDSI faces. Management has asked your supervisor for support in this task, and the supervisor has given you the following resources that might be useful in your research and analysis:
- Common Vulnerabilities and Exposure. (2014). News & events. Retrieved from http://cve.mitre.org/find/index.html
- Help Net Security. (2013). Top 10 security threats for 2011. Retrieved from http://www.net-security.org/secworld.php?id=10154
- Secunia. (2013). Retrieved from http://secunia.com/
Your supervisor has also asked you to consider the following questions as you shortlist the threats:
- What are some new threats this year that might pose a security risk to this organization?
- What do you believe are the greatest threats to and vulnerabilities of this organization?
- What threats do you believe will become more critical in the next twelve months? Why?
- What information is required for a nontechnical audience?
Utilizing scholarly resources, prepare a Microsoft PowerPoint presentation that includes a network diagram of how the network structure should be configured for optimum security. In 6–8 slides (including detailed speaker’s notes), include the following for a nontechnical audience:
- A title slide
- A table of contents
- An executive summary
- Provide a project overview for a nontechnical audience
- Describe the role of ethical hacking in a business setting
- Vulnerabilities and threats
- Identify operating system vulnerabilities
- Consider your supervisor’s questions listed above and explain which threats and vulnerabilities pose the greatest risk to the organization over the next twelve months
- Develop a series of at least five questions that the management team at OWDSI should consider
- Countermeasures and prevention
- Explain early identification tools to alert the business about potential attacks
- Explain how you would apply security techniques to mitigate computer and network attacks
- A network diagram
- Create a network diagram showing how the network should be reconfigured for optimum security
- A references slide
Note: Utilize at least three scholarly or professional sources (beyond your textbook) in your paper. Your paper should be written in a clear, concise, and organized manner; demonstrate ethical scholarship in accurate representation and attribution of sources (i.e., in APA format); and display accurate spelling, grammar, and punctuation.
- Save the presentation as M3_A2_Lastname_Firstname.ppt.
- By the due date assigned, submit your presentation to the Submissions Area.
LASA 1 Grading Criteria and Rubric
All LASAs in this course will be graded using a rubric. This assignment is worth 200 points. Download the rubric and carefully read it to understand the expectations.
Assignment 2 Grading CriteriaMaximum PointsDeveloped an executive summary of the project for a nontechnical audience.16Identified and explained any vulnerabilities and threats over the next twelve months.40Developed a series of at least five questions that the management team at OWDSI should consider.20Determined countermeasures and prevention tactics. Explained early identification tools to alert the business about potential attacks and how to apply the security techniques to mitigate computer and network attacks.40Created a network diagram for the company.40Wrote in a clear, concise, and organized manner; demonstrated ethical scholarship in accurate representation and attribution of sources; and displayed accurate spelling, grammar, and punctuation.44Total:200