You work for a high- tech company with approximately 390 employees. Your firm recently won a large DoD contract, which will add 30% to the revenue of your organization. It is a high-priority, high-vis

You work for a high- tech company with approximately 390 employees. Your firm recently won a large DoD contract, which will add 30% to the revenue of your organization. It is a high-priority, high-visibility project. You will be allowed to make your own budget, project timeline, and tollgate decisions.

This course project will require you to form a team of 2 to 3 coworkers (fellow students) and develop the proper DoD security policies required to meet DoD standards for delivery of technology services to the U.S. Air Force Cyber Security Center (AFCSC), a DoD agency. To do this, you must develop DoD-approved policies and standards for your IT infrastructure (see the “Tasks” section below). The policies you create must pass DoD-based requirements. Currently, your organization does not have any DoD contracts and thus has no DoD-compliant security policies or controls in place.

Your firm's computing environment includes the following:

▪ 12 servers running Microsoft Server 2012 R2, providing the following:

o Active Directory (AD)

o Domain Name System (DNS)

o Dynamic Host Configuration Protocol (DHCP)

o Enterprise Resource Planning (ERP) application (Oracle)

o A Research and Development (R&D) Engineering network segment for testing, separate from the production environment

o Microsoft Exchange Server for e-mail

o Symantec e-mail filter

o Websense for Internet use

▪ Two Linux servers running Apache Server to host your Web site

▪ 390 PCs/laptops running Microsoft Windows 7 or Windows 8, Microsoft Office 2013, Microsoft Visio, Microsoft Project, and Adobe Reader