InstructionsThe purpose of this homework assignment is to identify the requirements and hardening guides that provide a frame to which a government network and business should adhere. You will assess the available sites under the Department of Defense (DoD) and identify agencies in charge of providing security guidelines, and you will review the hardening and best practice guidelines provided by DoD’s Defense Information Systems Agency (DISA) and Information Assurance Support Environment (IASE). Participate in each section of the homework assignment and follow the instructions for the exercises in each section. You will use a Word document to develop your homework assignment by completing the sections listed below: Lab 2.1a
- Review the following scenario:
You work for a governmental unit of DoD, and your manager has asked you to write a brief paper outlining the importance of having the proper DoD-approved frameworks in place when an organization wants to conduct business with a governmental unit. Your task is to evaluate all the available DoD, IASE, and NIST hardening guides on the Internet and to write a brief analysis of the technical controls and hardening guides that should be implemented as a minimum guideline for divisions of government agencies such as yours.Launch your Web browser and navigate to the following website: https://dod.defense.gov/About/Military-Departments/DoD-Websites/. Review the DoD list of registered websites and review the content of some of the information assurance sites. In your document, list three of the DoD-registered websites that provide guidelines and documents related to information assurance. Lab 2.1b
- Launch your Web browser and navigate to the following website: https://www.disa.mil/
- Review the Defense Information Systems Agency (DISA) website, focusing on the agency’s services and capabilities. Evaluate which services and capabilities are relevant to the task of formulating a framework for secure government operations.
- In your document, note those services and capabilities that were relevant to secure government operations.
Lab 2.1c
- Launch your Web browser and navigate to the following website: https://www.stigviewer.com/
- Review the DISA’s Information Assurance Support Environment. Click the link for Security Technical Implementation Guides (STIGS) in the left-hand column on the page. Click on the STIGs Master List (A-Z) in the left-hand column on the page.
- Review the STIGs available, focusing on the following topics:
Lab 2.2
In your document, write an executive summary that identifies two common auditing frameworks used for DoD. Discuss these and be sure to include a discussion of the hardening guidelines and security checklists used by DoD. NOTE: When you submit your homework assignment, you can combine the assignments into one document for grading. Please clearly mark the answers for Lab 2.1a, Lab 2.1b, Lab 2.1c, and Lab 2.2 within your submission by labeling those sections within your assignment. Your homework assignment should be a minimum of two pages in APA format. Include a minimum of two sources with at least one source from the CSU Online Library in addition to your textbook. Adhere to APA Style when constructing this assignment, including in-text citations and references for all sources that are used. Please note that no abstract is needed.
Question 2. Describe the relationship between compliance and governance. Why should your organization be concerned with compliance and governance?Your response must be at least 75 words in length.
Question 3. Summarize the components of IT assessments and audits. When would you perform an IT assessment over an IT audit? Why?Your response must be at least 75 words in length.
Question 4. Choose the IT infrastructure domain that you think is the most important in your organization. Explain why it is important to audit that domain and what the audit might involve. 50 words or more.
Question 5. Part I: Sarbanes-Oxley Act compliance is especially important in publicly traded companies. If you become a compliance manager, what are some controls you would implement to ensure compliance? Why is compliance important for CEOs? 50 words or more.