Take on the role of Risk Management Analyst for Capital One Finance. Using the attached Segregation of Duties Matrix, create a 6- to 8-page Security Risk Mitigation Plan for the Capital One Finance.
Policies and Controls (Passwords, Change Management, Acceptable Use) 35% of total grade
Excellent - 85 - 100% Deliverables are insightful and exceptional in their understanding and application of concepts and principles of password and authentication management, change management, and acceptable use of information resources.
Satisfactory - 75 - 84% Deliverables are clear and complete in their understanding and application of concepts and principles of password and authentication management, change management, and acceptable use of information resources.
Roles and responsibilities 10% of total grade
Excellent - 85 - 100% Deliverables are insightful and exceptional in their understanding and application of concepts and principles of administrator and user roles and responsibilities in protecting information resources.
Satisfactory - 75 - 84% Deliverables are clear and complete in their understanding and application of concepts and principles of administrator and user roles and responsibilities in protecting information resources.
Authentication strategy- 10% of total grade
Excellent 85 - 100% Deliverables are insightful and exceptional in their understanding and application of concepts and principles of single and multi factor authentication strategies.
Satisfactory 75 - 84% Deliverables are clear and complete in their understanding and application of concepts and principles of single and multi factor authentication strategies.
Virus detection and protection - 5% of total grade
Excellent 85 - 100% Deliverables are insightful and exceptional in their understanding and application of concepts and principles of virus detection and protection.
Satisfactory 75 - 84% Deliverables are clear and complete in their understanding and application of concepts and principles of virus detection and protection.
User training and awareness - 10% of total grade
Excellent 85 - 100% Deliverables are insightful and exceptional in their understanding and application of concepts and principles of user training and awareness.
Satisfactory – 75 – 84% Deliverables are clear and complete in their understanding and application of concepts and principles of user training and awareness.
Intrusion prevention and detection - 10% of total grade
Excellent 85 - 100% Deliverables do not show an understanding of the definition and application of concepts and principles of user training and awareness.
Satisfactory 75 - 84% Deliverables are clear and complete in their understanding and application of concepts and principles of intrusion prevention and detection.
Incident Response - 10% of total grade
Excellent - 85 - 100% Deliverables are insightful and exceptional in their understanding and application of concepts and principles of preparing for and managing a security incident.
Satisfactory 75 - 84% Deliverables are clear and complete in their understanding and application of concepts and principles of preparing for and managing a security incident.
Separation of duties - 10% of total grade
Excellent 85 - 100% Deliverables are insightful and exceptional in their understanding and application of concepts and principles of separation of duties.
Satisfactory 75 - 84% Deliverables are clear and complete in their understanding and application of concepts and principles of separation of duties.
