Explore BrainMass

Security Assessment for Countermeasures and Mitigation

I have a paper that is due in four weeks, I have come up with a propasl but i am not sure how to put it togather or where to start. I am asking for help to put my on propsoal to begin this project. Any anyone could give me some pointers would been very helpfull thanks. I proposal to this Project is attached

Week 8 - Final Project Paper

The deliverables for your Project Paper Assignment includes a Word document that answers the questions described below. Your final paper should be between 10 to 15 pages long. Be sure the report is in MS Word, Arial 12-pt font, with double spacing and 1 inch margins all-around, no additional spaces allowed. Cover page and references pages are also requird. The

Company Z provides telephony services to customers. These services include VoIP. You are hired to create a security assessment for company Z for an upcoming audit by the counties authoritative agents to certify company Z compliant to ISO 17799 Standard for The professional Practices for the Business Continuity Planner. In this security assessment you are asked to conduct a complete
a) network security threat assessment (3%)
b) network security vulnerability assessment (3%)
c) risk assessment (3%)
d) countermeasures and mitigation (3%)
e) the last part of your work will include your personal experiences and what you have learned in this class reflected towards securing your system's network (3%)

You may use web resources as references, however make sure to include all your resources and cite from them with author, year of publication, and the corresponding page or paragraph numbers.


Solution Preview

Hello Mr. Fields. Thank you for the chance to work with you. This is an interesting subject.
ISO 17799 Is titled Information technology - Security techniques - Code of practice for information security management. It is an information security standard published by ISO-The International Organization for Standardization and the IEC-The International Electrotechnical Commission.
ISO 17799 was actually changed to IOS/IEC 27002 in 2007. It provides best practices for initiating, implementing or maintaining Information Management Systems. Information Security according to IOS 27002 is defined according to the CIA standard. CIA stands for Confidentiality, Integrity and Availability. ISO 27002 contains 12 sections:
1. Risk Assessment
2. Security Policy
3. Organization of Information Security
4. Asset ...

Solution Summary

Security assessments for countermeasures and mitigations are examined.