For each of the assignments in the course, you will be grouped in 2-3 (depending on class size). Each member will have a specific role as follows:
- fact finding/data collection
- analysis/collecting key points
- write/presentation and /document the milestones
In the Module 3 assignment you created:
- Enterprise (network and system) architectures
- Application architectures
Assignment #3 included the following components:
- Formal Strategic Plan
- Requirements Specifications
- System Boundaries
- System Constraints
- Development and Release Process (applicable only to Application Architecture)
Assignment Instructions:For Module 4 assignment, you will create a logical architecture using the SABSA framework. You must complete the following:
- Review your business scenario in detail.
In particular, review the following: existing security infrastructure, security components, controls, policies, security organization etc. Also, review the following:
- What “raw materials” for security planning are needed?
- What documentation is needed to create a security plan?
- What architectural tools can be used (Visio, for example) to document security design?
- What exists already in the organization (your current scenario) that you can incorporate into your plans and otherwise draw from
- What resources are available to you and when as a designer?
Your report must include the following:
- Business Information Model (showing all functions of Information System)
- Security Policy statements (for example, policy statement about data exfiltration)
- Proposed Security Services (for example, SSO, MFA etc.)
- Entity schema and privilege profile (user classification, access type, groups etc.)
- Security domain definitions and associations (trusted domain, DMZ, front-ending web clients etc.)
- Security processing cycle (renew password, update firewall, update OS, – match security policy with security processing cycle)
Submit the assignment in one Word document, including a cover/title page, and reference page, and review the rubric to ensure you are meeting all requirements.