Kaplan IT541 unit 6 assignment

Assignment Grading Rubric

Course: IT541 Unit: 6 Points: 120

Unit 6 Assignment

Outcomes addressed in this activity:

Unit Outcomes:

• Identify risks to key assets.
• Prioritize IT assets in terms of importance.
• Identify risk exposures.

Course Outcomes:

IT541-4: Apply basic information security Best Practices to business scenarios.

IT541-5: Explain the return on investment of various security implementations.

Assignment Instructions

This Assignment provides a "hands on" element to your studies. It gives you the opportunity to work with the procedures and see how they operate in real-world environments. Read and perform the lab entitled “IT 541 Assignment 6 Lab" found in Doc Sharing; use the lab sheet included at the end of the lab file to submit your results.

Directions for Submitting Your Assignment:

Use the Lab #6 Worksheet document found at the back of the lab instructions as a guide for what to submit, and save it as a Word document entitled Username-IT541 Assignment-Unit#.doc (Example: TAllen- IT541 Assignment-Unit6.doc). Submit your file by selecting the Unit 6: Assignment Dropbox by the end of Unit 6.

Assignment Requirements:

• Answers contain sufficient information to adequately answer the questions
• No spelling errors
• No grammar errors

*Two points will be deducted from your grade for each occurrence of not meeting these requirements.

For more information and examples of APA formatting, see the resources in Doc Sharing or visit the KU Writing Center from the KU Homepage.

Also review the KU Policy on Plagiarism. This policy will be strictly enforced on all applicable assignments and discussion posts. If you have any questions, please contact your professor.

Review the grading rubric below before beginning this activity.

Unit 6 Assignment Grading Rubric = 120 points

Assignment Requirements	Points Possible	Points Earned
Document demonstrates that the student was able to correctly create a high-level IT asset inventory list.	0–30
Document demonstrates that the student was able to correctly prioritize the IT assets in terms of importance to a business' operations.	0–30
Document demonstrates that the student was able to correctly identify the top five risk exposures found in the high-level IT asset assessment.	0–30
Document demonstrates that the student was able to recommend appropriate IT security policies that would mitigate the identified risk exposures.	0–30
Total (Sum of all points)	0–120
Points deducted for spelling, grammar, and APA errors
Adjusted total points

Lab #9 - Assessment Worksheet

Recommending IT Security Policies to Help Mitigate Risk

Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, you created a high-level IT asset inventory list, you prioritized those assets, you identified the risk exposures, and you made recommendations for policies that can mitigate the risk exposures.

Lab Assessment Questions & Answers

1. Which IT assets did you prioritize as critical to administrative or student computing?

2. List your top five (5) risk exposures for which you believe this school should have specific risk-mitigation strategies.

3. Given the potential risks that you identified, what IT security policies would you recommend that the school create to help mitigate each of the identified risk exposures you listed in question #2?

4. True or false: FERPA compliance law is about protecting students’ privacy data, including personal information, grades, and transcripts. The law itself defines a privacy requirement but it does not specifically address security controls and security countermeasures.

5. Given that student privacy data is typically housed within administrative computers, systems, and databases, what can you do to mitigate the risk exposure that a student or someone on the student or school’s network can access these systems?

6. For a school under FERPA compliance law, do you think the administrative computing or student computing network infrastructure is more important from a business and delivery of education perspective?

7. The school monitors the use of student social networking on Facebook™, MySpace™, and Twitter™. What should the school define and implement if it wants to define acceptable and unacceptable use of school IT assets, Internet, e-mail, and use of personal laptop computers on the school’s network?