Cybersecurity Architecture & Engineering
Expected result
Threat Identification
Identify threats and vulnerabilities applicable to business systems and assets.
Countering Threats and Vulnerabilities
Assesses the vulnerabilities with the Internet of Things (IoT) and web-based, mobile, and embedded systems.
Security Architecture in Practice
Design a multi-level target security architecture to support the organization’s security policy and technology choices and to include applicable policy guidance.
INTRODUCTION
Many organizations have legacy systems that are no longer meeting the organization’s requirements with regards to business processes and security. Laws such as the Health Insurance Portability and Accountability Act (HIPAA) require higher security standards since these laws were implemented, and new technology is now available that was not an option previously. A LAN administration and security manager may need to design a new system that will increase security and automate business processes more efficiently than the current legacy system.
Using the attached “Business Systems Design Report Template,” you will design and document a multilevel target security architecture to address cybersecurity threats to the Healthy Body Wellness Center (HBWC). You will also use the “Business Systems Design Report Template” to conduct, record, and audit your design, and provide justification to defend each aspect of your multilevel network architecture. You will then complete the attached “DREAD Workbook” and submit it as a separate attachment.
The “Healthy Body Wellness Center Case Study” and “Healthy Body Wellness Center Security Assessment Report” are attached for your reference; you may also refer to the “Business Requirements Document Template” you created in Task 1 to assist in the completion of this task.
SCENARIO
As the newly promoted LAN administration and security manager for Healthy Body Wellness Center’s (HBWC) IT Department, you are tasked with designing a multilevel target security architecture using the “Business Requirements Document Template” you created in Task 1. Then you will need to conduct a DREAD analysis on your multilevel architecture design.
The technical requirements and specifications for the multilevel target security architecture should be based on the business, functional, and security requirements you documented in the “Business Requirements Document Template.” The target multilevel architecture should include the Small Hospital Grants Tracking System (SGHTS), payroll system, and research data that meet the standards and regulations of the National Institute of Health (NIH) and the federal government, including HIPAA and industry best practices.
REQUIREMENTS
Current Systems: Summarize the systems currently being used at the Healthy Body Wellness Center using details from attached case study and assessment report. (HBWC) You may use the information you provided in the BRD template from your Task 1 submission. Record your summary in the “Current Systems” section of the attached “Business Systems Design Report Document.”
Expected result: This part is intended to accurately summarize the systems currently being used at the Healthy Body Wellness Center (HBWC) using details from the case study and security assessment report. The summary is recorded in the “Current Systems” section of the “Business Systems Design Report Document.”
B. Goals, Objectives, and Rationale for New System: Outline the purpose, goals, objectives, and rationale for the proposed system, including a clear statement of the problem using the information provided from the “Healthy Body Wellness Center Case Study” and the “Healthy Body Wellness Center Security Assessment Report” to justify your claims. Record your responses in each subsection of the “Goals, Objectives, and Rationale for New or Significantly Modified System” section of the attached “Business Systems Design Report Document.”
Expected result: This part is intended to accurately outline the purpose, goals, objectives, and rationale for the proposed new system, using details from the case study and security assessment report to substantiate claims. All responses are recorded in the “Goals, Objectives, and Rationale for New or Significantly Modified System” section of the “Business Systems Design Report Document.”
C. Factors Influencing Technical Design: Explain the relevant standards, assumptions, dependencies, constraints, and design goals that influence the technical design of the proposed new system. Record your responses in the “Factors Influencing Technical Design” section of the attached “Business Systems Design Report Template.”
Expected result: This part is intended accurately explain relevant standards, assumptions, and dependencies based on the proposed system, including constraints and design goals. All responses are recorded in the “Factors Influencing Technical Design” section of the “Business Systems Design Report Document.”
D. Proposed System: Determine the necessary requirements to achieve the proposed system and its associated technical design, including the multilevel architecture specifications and design. Include all required tables and diagrams as part of your submission. Record your responses in all subsections of the “Proposed System” section of the attached “Business Systems Design Report Document.”
Expected result: This part is intended provide accurate representation of the proposed systems requirements and associated architectural design documentation. All information provided reflects the proposed design and addresses requirements represented in the case study and the security assessment report. All responses are recorded in the “Proposed System” section of the “Business Systems Design Report Document.”
E. DREAD Analysis: Conduct an analysis of your multilevel architecture using the attached “DREAD Workbook.” Record your results in the “DREAD Workbook” and include the workbook as an attachment. Your workbook should include a minimum of ten threats.
Expected result: This part is intended contain the completed attached “DREAD Workbook that includes an accurate prioritized list of a minimum of ten threats or risks to both hardware and applications.
F. Analysis of Proposed System: Summarize your findings from the DREAD analysis by prioritizing and describing the top five risks identified in the “Listing of Threats” worksheet, including mitigation, risk acceptance, and justification for your decisions. Record your responses in the “Analysis of the Proposed System” section of the attached “Business Systems Design Report Document.”
Expected result: This part is intended to include the prioritization of the top five risks represented in the DREAD analysis with a description of each risk, and the associated risk mitigation or acceptance for each risk. The mitigation or acceptance of the risks are supported with details to justify the information provided. All responses are recorded in the “Analysis of the Proposed System” section of the “Business Systems Design Report Document.”
G. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
Expected result: This part is intended to include in-text citations for sources that are properly quoted, paraphrased, or summarized and a reference list that accurately identifies the author, date, title, and source location as available.
H. Demonstrate professional communication in the content and presentation of your submission.
Expected result: Content reflects attention to detail, is organized, and focuses on the main ideas as prescribed in the task or chosen by the candidate. Terminology is pertinent, is used correctly, and effectively conveys the intended meaning. Mechanics, usage, and grammar promote accurate interpretation and understanding.
File Restrictions
File name may contain only letters, numbers, spaces, and these symbols: ! – _ . * ‘ ( )
File size limit: 200 MB
File types allowed: doc, docx, rtf, xls, xlsx, ppt, pptx, odt, pdf, txt, qt, mov, mpg, avi, mp3, wav, mp4, wma, flv, asf, mpeg, wmv, m4v, svg, tif, tiff, jpeg, jpg, gif, png, zip, rar, tar, 7z
Last Completed Projects
topic title | academic level | Writer | delivered |
---|