Network Security Plan

This course has been composed of a series of Individual Project assignments that have contributed to a Key
Assignment submission at the end of the course. Each week, you have completed a part of a network security plan.
The full Key Assignment should include the following tasks:

 Overview of Network and Existing Security (Week 1)

o Select an organization as the target for the analysis.
o Provide an overview of the organization's existing network architecture.
 The overview will include description of the network, the topology, protocols allowed,
connectivity methods and network equipment, number of routers, switches, and any
other network equipment, such as VPN concentrators, proxies, etc.
o Provide a summary of the current security devices currently in use on the network.
 List the type of device, the vendor, and give a brief description of how the device is
used.
 Risk Assessment (Week 2)
o Conduct an inventory of the devices within your network. Provide a summary of the number of
desktops, laptops, network printers, and servers.
 Identify key assets
 Assets also include records and sensitive information that requires special
protection.
 Prioritize each asset or group of assets, and assign a value to each.
o Identify and describe the risks within your environment.
o Do not forget natural disasters.
o Determine the likelihood that the risk could occur.
o Identify the tools and methodology that you would use to conduct the risk assessment.
 Security Architecture Plan (Week 3)
o Based upon the risk assessment and your analysis, create an action plan to mitigate the risks that
you have identified.
o Identify and select appropriate technologies to protect the network and the organization’s
information, and explain why you chose each technology.
 Describe where you plan to place these technologies in the network, and explain why.
 The plan should cover all layers of the OSI model.
o Identify additional software that will be required to monitor the network and protect key assets.
 Identify security controls that need to be implemented to assist in mitigating risks.
 Security Policies (Week 4)
o Create the Key Assignment first draft for peer review.
o Continue the development of the plan.
 Create a fourth section in the plan to list all of the policies you would have for your
organization and a brief description of what each policy will contain.
 Each policy will address how you plan to monitor the policy and what the appropriate
punishments should be for violators.
 Provide a timetable for when these policies should be reviewed and updated.
o Continue development of the Network Security Plan with an Incident Response Plan of 2–3
pages.
 Include the actions that need to occur when an incident is in progress.
 Include how your organization will identify and classify incidents, what the response will
be, and the plan to recover.
 Implementation and Incident Response (Week 5)
o Analyze previous submissions, and make changes as necessary to the final paper.
 Submit a detailed implementation plan of 4–5 pages that will describe your proposed
solution for the implementation of the Network Security Plan for the organization.
  This is the last and final section of the Key Assignment and should bring together all
aspects of the implementation in one cohesive paper.
 Revise the previous sections so that the entire plan flows and has a strong introduction
and conclusion.
o Submit the final Key Assignment.