Scribd Logo
Upload

Welcome to Scribd!

  • 46 views

    SEC310 Project Module 5

    Uploaded by

    Peninah Rukungu
    The document provides instructions for a student to research and analyze examples of two cybersecurity policies - a physical and environmental protection policy and a secure system development life cycle standard - from real-world organizations. For each policy, the student is asked to identify the organization and industry sector, compare the example to the relevant NIST template, and answer questions about the purpose, applicability, and customizations of the example policy.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    SEC310 Project Module 5

    Uploaded by

    Peninah Rukungu
    46 views2 pages
    The document provides instructions for a student to research and analyze examples of two cybersecurity policies - a physical and environmental protection policy and a secure system development life cycle standard - from real-world organizations. For each policy, the student is asked to identify the organization and industry sector, compare the example to the relevant NIST template, and answer questions about the purpose, applicability, and customizations of the example policy.

    Original Description:

    Original Title

    SEC310 Project Module 5 (3)

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides instructions for a student to research and analyze examples of two cybersecurity policies - a physical and environmental protection policy and a secure system development life cycle standard - from real-world organizations. For each policy, the student is asked to identify the organization and industry sector, compare the example to the relevant NIST template, and answer questions about the purpose, applicability, and customizations of the example policy.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    46 views2 pages

    SEC310 Project Module 5

    Uploaded by

    Peninah Rukungu
    The document provides instructions for a student to research and analyze examples of two cybersecurity policies - a physical and environmental protection policy and a secure system development life cycle standard - from real-world organizations. For each policy, the student is asked to identify the organization and industry sector, compare the example to the relevant NIST template, and answer questions about the purpose, applicability, and customizations of the example policy.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 2

    Student Name:

    Date:

    Part 1: Physical and Environmental Protection Policy


    Locate and read the Physical and Environmental Protection Policy in the NIST Cybersecurity
    Framework Policy Template Guide. Research online for a real-world implementation example of
    the policy and compare it with the NIST policy template side by side.

    Answer the following questions clearly and systemically in this Word document. Make sure to
    include a References section toward the end of the document.

    1. The Physical and Environmental Protection Policy is implemented for which NIST function
    and sub-categories? [5 points]

    Answer:

    2. Which organization is the implementation example you identified for? Which industry sector
    (e.g., education, government, etc.) is the organization in? [5 points]

    Answer:

    3. What is the purpose of the example policy? Which party (parties) does the policy apply to?
    Who is/are responsible for implementing this policy? [5 points]

    Answer:

    4. As compared to the NIST policy template, how is the example policy customized to fit the
    needs of the organization? Describe three occurrences of customization in detail. [15 points]

    Answer:

    Part 2: Secure System Development Life Cycle Standard


    Locate and read the Secure System Development Life Cycle Standard in the NIST Cybersecurity
    Framework Policy Template Guide. Research online for a real-world implementation example of
    the standard/policy and compare it with the NIST policy template side by side.

    Answer the following questions clearly and systemically in this Word document. Make sure to
    include a References section toward the end of the document.
    1. The Secure System Development Life Cycle Standard is implemented for which NIST
    functions and sub-categories? [5 points]

    Answer:

    2. Which organization is the implementation example you identified for? Which industry sector
    (e.g., education, government, etc.) is the organization in? [5 points]

    Answer:

    3. What is the purpose of the example standard/policy? Which party (parties) does the
    standard/policy apply to? Who is/are responsible for implementing this policy? [5 points]

    Answer:

    4. As compared to the NIST policy template, how is the example standard/policy customized to
    fit the needs of the organization? Describe two occurrences of the customization in detail.
    [10 points]

    Answer:

    5. If specified in the example standard/policy, how frequent is the policy reviewed for potential
    modifications? If not specified in the example standard/policy, what are your
    recommendations? [5 points]

    Answer:

    References
    1.
    2.
    3.

    You might also like