COMPETENCIES
4058.1.1 : Security Architecture and Engineering Requirements
The graduate designs technical specifications based on an organizations security requirements.
4058.1.2 : Threat Identification
The graduate identifies threats and vulnerabilities applicable to business systems and assets.
INTRODUCTION
As technology companies continue to move business services to the cloud, many companies are finding a need to upgrade the technological infrastructure. When implementing new architecture, IT companies will consult with IT security firms to identify current vulnerabilities in the system and plan how to avoid those vulnerabilities in the new information system.
For this task, you will use the attached Healthy Body Wellness Center Case Study, Healthy Body Wellness Center Security Assessment Report, and the Business Requirements Document Template to analyze, assess, and prioritize existing threats to the current architecture and design technical specifications to address identified threats.
SCENARIO
You are the newly hired LAN administration and security manager at Healthy Body Wellness Center (HBWC). The HBWC includes the Office of Grants Giveaway (OGG), a growing department responsible for distributing hospital research grants.
The HBWC currently relies on a local area network (LAN), but plans to expand their services and hire more employees this year. It is evident the current cybersecurity architecture is limited and unable to meet current needs. In addition, HBWCs cybersecurity architecture will need to transition to a wide area network (WAN).
Using the attached Healthy Body Wellness Center Case Study and Healthy Body Wellness Center Security Assessment Report, conduct a security analysis of HBWCs current technologies and applications and identify threats to the companys existing architecture. You will use the findings from your analysis to complete the attached Business Requirements Document Template.
REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of a submission can be directly quoted or closely paraphrased from sources, even if cited correctly. Use the report provided when submitting your task as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt).
Requirements:
Analyze HBWCs existing architecture using the attached Healthy Body Wellness Center Case Study and Healthy Body Wellness Center Security Assessment Report. Consider common security needs and functionalities necessary to meet the needs of the target network as part of your analysis. Record all responses in the appropriate section of the attached Business Requirements Document Template.
A. Introduction – Summarize each aspect of the project summary, project scope, and system perspective based on the attached Healthy Body Wellness Center Case Study and Healthy Body Wellness Company Security Assessment Report. Use the “Introduction” of the attached Business Requirements Document Template to record your responses.
B. Business Process Overview – Describe the current business processes at HBWC and the proposed processes, including the interactions between systems and various business units. Include visual process flow diagrams to further illustrate the processes the new product will replace or enhance. Use the “Business Process Overview” section of the attached Business Requirements Document Template to record your responses for each aspect.
C. Business Requirements – Record the business requirements for the project, categorized by both priority and area of functionality addressing the needs from the Healthy Body Wellness Center Case Study and Healthy Body Wellness Center Security Assessment Report. Provide functional and nonfunctional requirements that can be followed throughout the project for the recorded business requirements. Use the Business Requirements Document (BRD) template to record your responses for each aspect of the document in the “Business Requirements” section.
D. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
E. Demonstrate professional communication in the content and presentation of your submission.
File Restrictions
File name may contain only letters, numbers, spaces, and these symbols: ! – _ . * ‘ ( )
File size limit: 200 MB
File types allowed: doc, docx, rtf, xls, xlsx, ppt, pptx, odt, pdf, txt, qt, mov, mpg, avi, mp3, wav, mp4, wma, flv, asf, mpeg, wmv, m4v, svg, tif, tiff, jpeg, jpg, gif, png, zip, rar, tar, 7z
RUBRIC
A:INTRODUCTION
NOT EVIDENT
The submission does not summarize each aspect of the project summary, the project scope, and the system perspective.
APPROACHING COMPETENCE
The submission summarizes each aspect of the project summary, the project scope, and the system perspective, but the information provided is inaccurate or does not provide details from the case study and security assessment report, or the responses are not recorded in the “Introduction” section of the Business Requirements Document (BRD) template.
COMPETENT
The submission accurately summarizes each aspect of the project summary, the project scope, and the system perspective using details provided in the case study and security assessment report. All responses are recorded in the “Introduction” section of the Business Requirements Document Template.
B:BUSINESS PROCESS OVERVIEW
NOT EVIDENT
The submission does not include current and proposed processes or required flow diagrams.
APPROACHING COMPETENCE
The submission describes current and proposed business processes, but the proposed processes do not accurately reflect the case study or security assessment report. Current and proposed interactions between systems and various business units are included, but the information provided contains errors or not all aspects are covered. Process flow diagrams illustrating the proposed new processes are provided but are not viable, or all responses are not recorded in the “Business Process Overview” section of the attached Business Requirements Document Template.
COMPETENT
The submission accurately describes current business processes at HBWC and proposed processes derived from the case study and security assessment report. The submission includes interactions between systems and various business units and includes viable process flow diagrams illustrating the processes the new project will replace or enhance. All responses are recorded in the “Business Process Overview” section of the Business Requirements Document Template.
C:BUSINESS REQUIREMENTS
NOT EVIDENT
The submission does not include business requirements for the project.
APPROACHING COMPETENCE
The submission includes business requirements, but information provided does not address the information from the case study or assessment report or contains errors; or the requirements are not categorized by priority and areas of functionality. All responses are not recorded in the Business Requirements section of the Business Requirements Document Template.
COMPETENT
The submission includes viable business requirements based on the case study and assessment report and are categorized by priority and areas of functionality. Both functional and nonfunctional requirements accurately represent the business requirements provided and can be followed throughout the project. All responses are recorded in the Business Requirements section of the Business Requirements Document Template.
D:SOURCES
NOT EVIDENT
The submission does not include both in-text citations and a reference list for sources that are quoted, paraphrased, or summarized.
APPROACHING COMPETENCE
The submission includes in-text citations for sources that are quoted, paraphrased, or summarized and a reference list; however, the citations or reference list is incomplete or inaccurate.
COMPETENT
The submission includes in-text citations for sources that are properly quoted, paraphrased, or summarized and a reference list that accurately identifies the author, date, title, and source location as available.
E:PROFESSIONAL COMMUNICATION
NOT EVIDENT
Content is unstructured, is disjointed, or contains pervasive errors in mechanics, usage, or grammar. Vocabulary or tone is unprofessional or distracts from the topic.
APPROACHING COMPETENCE
Content is poorly organized, is difficult to follow, or contains errors in mechanics, usage, or grammar that cause confusion. Terminology is misused or ineffective.
COMPETENT
Content reflects attention to detail, is organized, and focuses on the main ideas as prescribed in the task or chosen by the candidate. Terminology is pertinent, is used correctly, and effectively conveys the intended meaning. Mechanics, usage, and grammar promote accurate interpretation and understanding.