CIS336/CIS 336 WEEK 8 ASSIGNMENT

CIS 336
WEEK 8
Assignment 2: Identifying Potential Risk, Response, and Recovery
Due Week 8 and worth 75 points
In Assignment 1, a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization.
After reviewing your report, the CIO requests that you develop a follow-up plan detailing a strategy for addressing all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified.
Write a four to five (4-5) page paper in which you:
1.	For each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1, choose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Explain your rationale.
2.	For each of the three (3) or more malicious attacks and / or threats identified in Assignment 1, develop potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk.
3.	Explain in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization.
4.	Draft a one (1) page Executive Summary that details your strategies and recommendations to the CIO (Note: The Executive Summary is included in the assignment- length requirements).
5.	Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
•	Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA or school-specific format. Check with your professor for any additional instructions.
•	Include a cover page containing the title of the assignment, the student- name, the professor- name, the course title, and the date. The cover page and the reference page are not included in the required page length.
The specific course learning outcomes associated with this assignment are:
Explain the concepts of information systems security as applied to an IT infrastructure.
Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems.
Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
Explain the means attackers use to compromise systems and networks, and defenses used by organizations.
Use technology and information resources to research issues in information systems security.
Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.
Points: 75	Assignment 2: Identifying Potential Risk, Response, and Recovery
Criteria	Unacceptable
Below 60% F	Meets Minimum Expectations
60-69% D	Fair
70-79% C	Proficient
80-89% B	Exemplary
90-100% A
1. For each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1, choose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Explain your rationale.
Weight: 20%	Did not submit or incompletely chose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) for each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1. Did not submit or incompletely explained your rationale.	Insufficiently chose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) for each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1. Insufficiently explained your rationale.	Partially chose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) for each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1. Partially explained your rationale.	Satisfactorily chose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) for each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1. Satisfactorily explained your rationale.	Thoroughly chose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) for each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1. Thoroughly explained your rationale.
2. For each of the three (3) or more malicious attacks and / or threats identified in Assignment 1, develop potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk.
Weight: 20%	Did not submit or incompletely developed potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk for each of the three (3) or more malicious attacks and / or threats identified in Assignment 1.	Insufficiently developed potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk for each of the three (3) or more malicious attacks and / or threats identified in Assignment 1.	Partially developed potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk for each of the three (3) or more malicious attacks and / or threats identified in Assignment 1.	Satisfactorily developed potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk for each of the three (3) or more malicious attacks and / or threats identified in Assignment 1.	Thoroughly developed potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk for each of the three (3) or more malicious attacks and / or threats identified in Assignment 1.
3. Explain in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization.
Weight: 20%	Did not submit or incompletely explained in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization.	Insufficiently explained in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization.	Partially explained in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization.	Satisfactorily explained in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization.	Thoroughly explained in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization.
4. Draft a one (1) page Executive Summary that details your strategies and recommendations to the CIO.
Weight: 25%	Did not submit or incompletely drafted a one (1) page Executive Summary that details your strategies and recommendations to the CIO.	Insufficiently drafted a one (1) page Executive Summary that details your strategies and recommendations to the CIO.	Partially drafted a one (1) page Executive Summary that details your strategies and recommendations to the CIO.	Satisfactorily drafted a one (1) page Executive Summary that details your strategies and recommendations to the CIO.	Thoroughly drafted a one (1) page Executive Summary that details your strategies and recommendations to the CIO.
5. 3 references
Weight: 5%	No references provided	Does not meet the required number of references; all references poor quality choices.	Does not meet the required number of references; some references poor quality choices.	Meets number of required references; all references high quality choices.	Exceeds number of required references; all references high quality choices.
6. Clarity, writing mechanics, and formatting requirements
Weight: 10%	More than 8 errors present	7-8 errors present	5-6 errors present	3-4 errors present	0-2 errors present

Answer Detail

Get This Answer

Save Time & improve Grades

  • Questions Asked 685049
  • Experts 5361
  • Total Answered 659177

Start Excelling in your courses, Ask an Expert and get answers for your homework and assignments!!

Our Amazing Features

  • Plagiarism Free Work

    Our experts provide 100 % original and customized work On time Delivery

  • 24*7 Customer Support

    We provide 24*7 online customer supports via online chat or email

  • Cover All Subject

    JQA is one stop solution for all subject’s Assignment. We can provide assignment help for almost all subjects.

  • Best Industry experts

    We have 1000+ PHD and Post Graduate experts.

Refer Just 5 Friends to Earn More than $1000

  • Your Approx Earning

    USD 2350/year

Your Custom Referral Link:

Hire a tutor

Assignment hero

USA

I am an experienced tutor of 7+ years in all math, physics, and Spanish, SAT, and ACT tutoring. I love working with students and seeing them improve on and grasp concepts!

Guru

USA

Need help in Maths and science ? Look no further . contact me so i can help you . i have been a academic tutor for 10 years . Hire me for help in assignments.

Vikas

USA

After 13 years of working with students across the country, we have the experience and knowledge to provide the best possible academic support for your academics.

Rgaurav

India

I have experience teaching AP Calculus AB and BC, Algebra I, Algebra II, Trigonometry, SAT Math Preparation, and Geometry. I have tutored students ranging from 8th grade to college students.

Invite Tutor