term-paper-security-administrator-handbook-2

One of the responsibilities of a Security Administrator is to create and document policies that protect the organization and guide users to making smart decisions. In this assignment you will build a handbook that can be used for such a purpose. The NIST’s Special Publications Website, a government operated Website, provides several documents for you to review in order to see examples that may be helpful to start this assignment (http://csrc.nist.gov/publications/PubsSPs.html).

Other helpful Websites for this assignment include:

• DISA.mil (http://iase.disa.mil/)
• TechRepublic (http://www.techrepublic.com/search?q=Security+Administrator+handbook&e=1)
• ACM (http://www.acm.org/search?SearchableText=security+administration)

Additional resources should be used when necessary. Write a thirteen to twenty (13-20) page Security Administrator’s handbook including policies tailored to your work environment or for a business environment with which you are familiar. You may select a fictitious name for your organization for the purpose of this paper. Do not duplicate your company’s existing handbook. Create your own unique work based on what you have learned in this course. There will be two (2) major sections of the handbook: Main Body and Policies.

Section 1: Main Body

In five to seven (5-7) pages total, develop the basic procedures and

guidelines that the organization must address to properly secure its

corporate network and information assets in the followings seven (7)

items:

1. Network Architecture and Security Considerations
2. Wireless Security
3. Remote Access Security
4. Laptop and Removable Media Security
5. Vulnerability and Penetration Testing
6. Physical Security
7. Guidelines for Reviewing and Changing Policies

Section 2: Policies
Develop the policies section of the handbook and include three to four (3-4) pages for each policy in which you define the policies used by the organization identifying the unique requirements of your industry. It must include, at a minimum, the following four (4) security policies:

1. Acceptable Use Policy
2. Password Policy
3. Incident Response Policy
4. User Awareness and Training Policy

To organize your policies and to give your policies structure, follow this sequential format:

1. Policy Statement
2. Purpose
3. Objectives
4. Standards
5. Procedures and Guidelines
6. Responsibilities
7. Review and Change Management

• Use at least five (5) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.