For this presentation, you will prepare a System Security Plan (SSP) presentation slide deck to present your system security plan for CMI. The SSP may include artifacts discovered from the CMI risk assessment, the security policy report, and/or the ROE. This SSP presents the current security posture to the organization’s stakeholders and employees by describing security controls, procedures, & techniques to deter, detect, prevent cyberattacks. You may include technical, administrative, and operational controls to harden the network operations and bolster the enterprise security in your plan.
This assignment is based on the Cyber Marketing Inc. Case Study provided in this course.
Procedures
You will prepare an SSP slide presentation to convey your findings of the CMI security posture and a proposed solution. Your SSP should include best security practices to build strong enterprise security for CMI from the areas of securing wireless systems, secure web content/access, perimeter security, audit, authentication, encryption, incident response, mobile device security, data hiding/forensics, reverse engineering, social engineering, cyber threat intelligence, cyber awareness/training and written security policy. Utilize what you have learned in the areas of network host/server/communications device port scanning, malware & threat detection, vulnerability assessment, packet components & flows, risk assessment, application of security policy, and penetration testing. As you are presenting this SSP to your client in a presentation format, you will summarize your solutions with highlighted prioritized security controls to build a strong enterprise security.
While you are free to create your own SSP to best prevent cyber vulnerabilities and improve the CMI security posture, and build a defense in depth, you will, at a minimum, include the following sections.
1) Executive Summary
2) Brief Descriiption of the organization
3)Brief Descriiption of the system(s) or technology(s) under review and their requirements in Confidentiality, Integrity & Availability (CI&A).
4)Summary of Systems Threat, Vulnerability, Impact and Likelihood (TVIL) findings,
5)Selection of Controls to be applied to their systems for CI&A given their TVIL, and
6) Brief outlook on expected implementation timetable and resources for maintaining assurance.
our system security presentation should incorporate a slide deck of between 10-20 slides, with annotation in the Notes section and take about 10 minutes to deliver. The presentation should be a deliverable to CMI who will make decisions about hardening the CMI network operations and enforcing the security policy to improve the CMI enterprise security posture. A typical SSP would include many pages of documents. You will present your solutions in a Slide-based presentation to convey your security controls and solutions for CMI.
This will be 13 slides not including cover and reference page
USE THE DOWNLOADED GUIDE FOR MORE GUIDELINES
