Assignment 3: Access Control Strategy Report
Due Week 7 and worth 150 points
Your recent endeavors to convince upper management at LOTR Experience not to cut the security budget have paid off. After hearing your rationale, management agreed to keep the existing budget intact.
As you have consistently proven your value to leadership, you and your team have now been asked to determine the best approach for mapping access controls. For this scenario, your goal is to assess the necessary requirements and provide guidelines that will sufficiently meet the organization’s current needs.
Write a report to management in which you:
- Analyze access control best practices and determine the best strategy for LOTR to implement. Provide three sites or links within the analysis that could be used as guidelines for your team.
- After assessing the LOTR diagrams, define all subjects and objects. Explain how they relate to the access control strategy you recommend.
- Outline how your team will approach the implementation phase of the access control strategy.
- Describe administrative strategies related to the creation and deletion of new accounts.
- Use at least three quality resources in this assignment. Note: Wikipedia and similar websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date.
The specific course learning outcomes associated with this assignment are:
- Examine methods that mitigate risk to an IT infrastructure with confidentiality, integrity, availability, and access controls.
- Determine appropriate access controls for information systems within IT infrastructures.
- Diagnose risk from unauthorized access to IT systems through proper testing and reporting.