11/11/23, 4:17 AM Assignment Information

https://snhu.brightspace.com/d2l/le/content/1394612/view Content/27121078/View 1/7

IT 643 Final Project Guidelines and Rubric

Overview

You work for Strategic Security Consulting Group (SSCG). Recently, one of your clients located in Los Angeles, North Star Software Developers (NSSD), called with a big problem. NSSD’s

strategic security goals include protecting the software development process and code as well as sensitive client information from internal and external breaches. Some of its network servers

were compromised, resulting in the possible loss of personal information and credit card numbers of purchasers of the company’s software products. It is not presently known whether this

attack came from inside or outside of the company. NSSD is currently dealing with this problem as best as it can, but it needs your company to help prevent this from happening again in the

future.

You have been assigned to create a training manual for NSSD’s IT personnel in which you test, describe, and recommend a variety of network security tools that, when used properly, will

mitigate both the risk of future breaches and the effects of a breach when it takes place.

Given the above scenario, you will also create an executive overview that describes the appropriate areas of concern from your research in this course. This should be written in language that

can be understood by a nontechnical audience of company management and stakeholders.

In this assignment, you will demonstrate your mastery of the following course outcomes:

Interpret results of network and vulnerability scans for identifying security vulnerabilities

Implement appropriate methods that protect against and address network threats and vulnerabilities using appropriate risk mitigation techniques

Categorize the severity of security incidents using industry best practices for determining the appropriate immediate response

Recommend timely countermeasures that minimize the consequences of current security incidents

Communicate response and mitigation strategies that align with an organization’s strategic goals

Prompt

Speci�cally, the following critical elements must be addressed:

Network Assessment and Defense Training Manual:

I. Executive Overview

A. Create a brief description of the purpose of the manual that is in consumable terms for the stakeholders. Be sure you address the company’s strategic security goals and the value of

the policy changes or updates.

B. Assess the role of network defense methods and strategies for securing the network. Support your �ndings with research and experience from the lab exercises.

C. Evaluate the role of mitigation methods and strategies in reducing security risk. Support your �ndings with research and experience from the lab exercises.



11/11/23, 4:17 AM Assignment Information

https://snhu.brightspace.com/d2l/le/content/1394612/view Content/27121078/View 2/7

D. Summarize the role of incident response methods and strategies in minimizing the impact of breaches. Support your �ndings with research and experience from the lab exercises.

II. Training Manual

For each section of the training manual, develop guidelines for employees to select and employ speci�c software, tools, and methods to address the elements of the section topic. Your

guidelines serve as recommendations of speci�c tools and criteria for determining when to use these tools. Each section should include relevant screenshots to support the instructions.

A. Traf�c Analysis: Based on the labs used for traf�c analysis, address the tools, methods, and techniques related to traf�c analysis. Be sure to provide screenshots for the output

elements that support the following areas:

i. Create guide materials for identifying vulnerabilities and potential threats through interpreting output from packet capturing tools.

ii. Recommend the alert response procedures required for traf�c anomalies identi�ed through monitoring network traf�c and examining logs.

B. Firewalls: Based on the labs associated with �rewalls, address the tools, methods, and techniques related to perimeter defense using �rewalls. Be sure to provide screenshots for the

output elements that support the following areas:

i. Illustrate the process of rule creation and �rewall con�guration.

ii. Outline the steps for segmenting networks. Be sure to describe the bene�ts of the segmenting strategies.

iii. Explain the process and criteria for blocking, allowing, and �ltering traf�c.

iv. Create guidelines for the implementation of methods for detecting attacks.

C. Intrusion Detection: Describe the con�guration of intrusion detection systems, speci�cally addressing the following:

i. Whitelisting and blacklisting

ii. IDS placement

iii. Summarize the key aspects of monitoring, logging (auditing), and alerting using intrusion detection systems

D. Vulnerability Assessment

i. Illustrate the proper implementation of port scanning, device scanning, and penetration testing and detection for conducting vulnerability assessments.

ii. Explain how to interpret the output of a vulnerability scan to identify weaknesses.

E. Network Assessment

i. Illustrate the processes of detecting rogue devices, detecting malicious connections, and viewing network topologies to identify network weakness.

ii. Explain how to interpret the output of network scans to identify weaknesses.

F. Auditing and Log Collection

i. Recommend appropriate company-approved tools that minimize the consequences of incident events, and include appropriate rationale and justi�cation.

11/11/23, 4:17 AM Assignment Information

https://snhu.brightspace.com/d2l/le/content/1394612/view Content/27121078/View 3/7

G. Tools Overview: Provide a brief summary of the key company-approved tools, represented by those used in the lab exercises. In your summary, identify the importance of and

rationale for selecting these tools.

What to Submit

Make sure to incorporate all of the feedback you have received throughout the course, along with adding your executive overview to your submission. For this assignment, you must follow

these formatting guidelines: 12-point Times New Roman font, and APA references and citations.

Final Project Rubric

Criteria Exemplary (100%) Pro�cient (90%) Needs Improvement (70%) Not Evident (0%) Value

Executive Overview: Purpose Meets “Pro�cient” criteria and

description demonstrates a

perceptive recognition of the

language and relevant issues in

communicating with the

stakeholders

Creates a brief description of

the purpose of the manual in

consumable terms for the

stakeholders and includes

company’s strategic security

goals and the value of the policy

changes or updates

Creates a brief description of

the purpose of the manual, but

the description is not written in

consumable terms for the

stakeholders or does not

include company’s strategic

security goals and the value of

the policy changes or updates

Does not create a description of

the purpose of the manual

4.5

Executive Overview:

Network Defense

Assessment

Meets “Pro�cient” criteria and

response provides keen insight

into the role of network defense

in the organization

Assesses the role of network

defense methods and strategies

for securing the network and

supports �ndings

Assesses the role of network

defense methods and strategies

for securing the network, but

the assessment is

inappropriate, lacks key details,

lacks clarity, or is not supported

Does not assess the role of

network defense methods and

strategies

4.5

Executive Overview:

Mitigation Assessment

Meets “Pro�cient” criteria and

evaluation demonstrates a

nuanced understanding of the

mitigation methods and

strategies

Evaluates the role of mitigation

methods and strategies in

reducing security risk and

supports �ndings

Evaluates the role of mitigation

methods and strategies in

reducing security risk, but the

assessment is inappropriate,

lacks key details, lacks clarity, or

is not supported

Does not evaluate the role of

mitigation methods and

strategies in reducing security

risk

4.5

11/11/23, 4:17 AM Assignment Information

https://snhu.brightspace.com/d2l/le/content/1394612/view Content/27121078/View 4/7

Criteria Exemplary (100%) Pro�cient (90%) Needs Improvement (70%) Not Evident (0%) Value

Executive Overview: Incident

Response Assessment

Meets “Pro�cient” criteria and

summary provides keen insight

into the role of incident

response

Summarizes the role of incident

response methods and

strategies in minimizing the

impact of breaches and

supports �ndings

Summarizes the role of incident

response methods and

strategies in minimizing the

impact of breaches, but the

summary is inappropriate, lacks

key details, lacks clarity, or is

not supported

Does not summarize the role of

incident response methods and

strategies in minimizing the

impact of breaches

4.5

Training Manual: Traf�c

Analysis: Captured Packets

Meets “Pro�cient” criteria and

materials evidence a nuanced

insight into the process of

identifying vulnerabilities and

potential threats

Guide materials clearly explain

the process of identifying

vulnerabilities and potential

threats through interpreting

output from packet capturing

tools and are supported by

appropriate screenshots

Guide materials explain the

process of identifying

vulnerabilities and potential

threats through interpreting

output from packet capturing

tools, but the explanation is

inaccurate, lacks key details,

lacks clarity, or is not supported

Does not clearly explain the

process of identifying

vulnerabilities and potential

threats through interpreting

output from packet capturing

tools

4.5

Training Manual: Traf�c

Analysis: Alert Response

Meets “Pro�cient” criteria and

materials evidence a nuanced

insight into the process of

identifying vulnerabilities and

potential threats

Recommendations accurately

describe alert response

procedures and are properly

aligned with identi�cation of

traf�c anomalies through

monitoring network traf�c and

examining logs, supported by

appropriate screenshots

Recommendations describe

alert response procedures, but

the procedures are not

properly aligned with

identi�cation of traf�c

anomalies through monitoring

network traf�c and examining

logs, or the recommendations

are inaccurate, lack key details,

lack clarity, or are not

supported

Does not recommend alert

response procedures

4.5

Training Manual: Perimeter

Defense Firewalls:

Con�guration and Rule

Creation

Meets “Pro�cient” criteria and

materials evidence a nuanced

insight into the process of

identifying vulnerabilities and

potential threats

Accurately illustrates the

process of rule creation and

�rewall con�guration and

includes all relevant

screenshots and procedures

Illustrates the process of rule

creation and �rewall

con�guration, but the

illustration is inaccurate, lacks

key details, lacks clarity, or is

not supported

Does not illustrate the process

of rule creation and �rewall

con�guration

4.5

11/11/23, 4:17 AM Assignment Information

https://snhu.brightspace.com/d2l/le/content/1394612/view Content/27121078/View 5/7

Criteria Exemplary (100%) Pro�cient (90%) Needs Improvement (70%) Not Evident (0%) Value

Training Manual: Perimeter

Defense Firewalls:

Segmenting Networks

Meets “Pro�cient” criteria and

materials evidence a nuanced

insight into the process of

identifying vulnerabilities and

potential threats

Outlines the steps for

segmenting networks and

includes supporting

screenshots and a description

of the bene�ts of the

segmenting strategies

Outlines the steps for

segmenting networks but does

not include a description of the

bene�ts of the segmenting

strategies, is inaccurate, or is

not supported

Does not outline of the steps for

segmenting networks

4.5

Training Manual: Perimeter

Defense Firewalls: Blocking,

Allowing, and Filtering Traf�c

Meets “Pro�cient” criteria and

materials evidence a nuanced

insight into the process of

identifying vulnerabilities and

potential threats

Accurately describes the

process and criteria for

blocking, allowing, and �ltering

traf�c and includes screenshots

to support the description

Describes the process and

criteria for blocking, allowing,

and �ltering traf�c, but the

description is inaccurate, lacks

key details, lacks clarity, or is

not supported

Does not describe the process

and criteria for blocking,

allowing, and �ltering traf�c

4.5

Training Manual: Perimeter

Defense Firewalls: Detecting

Attacks

Meets “Pro�cient” criteria and

materials evidence a nuanced

insight into the implementation

of methods for detecting

attacks

Accurately provides guidelines

for the implementation of

methods for detecting attacks

and includes supporting

screenshots

Provides guidelines for the

implementation of methods for

detecting attacks, but they are

inaccurate, lack key details, lack

clarity, or are not supported

Does not provide guidelines for

the implementation of methods

for detecting attacks

4.5

Training Manual: Intrusion

Detection: Con�guration:

Whitelisting and Blacklisting

Meets “Pro�cient” criteria and

materials demonstrate an

insightful grasp of the

con�guration of intrusion

detection systems

Accurately describes

con�guration of intrusion

detection systems including

whitelisting and blacklisting and

includes supporting

screenshots

Describes con�guration of

intrusion detection systems,

including whitelisting and

blacklisting, but the description

is inaccurate, lacks key details,

lacks clarity, or is not supported

Does not describe the

con�guration of intrusion

detection systems

4.5

Training Manual: IDS

Placement

Meets “Pro�cient” criteria and

description evidences an acute

knowledge of IDS placement

practices

Accurately describes IDS

placement practices and

includes supporting

screenshots

Describes IDS placement

practices, but the description is

inaccurate, lacks key details,

lacks clarity, or is not supported

Does not describe IDS

placement practices

4.5

Training Manual: Intrusion

Detection: Monitoring,

Logging (Auditing) and

Alerting

Meets “Pro�cient” criteria and

summary evidences an

insightful understanding of the

key aspects of monitoring,

logging (auditing), and alerting

using intrusion detection

systems

Accurately summarizes the key

aspects of monitoring, logging

(auditing), and alerting using

intrusion detection systems and

supports with appropriate

screenshots

Summarizes the key aspects of

monitoring, logging (auditing),

and alerting using intrusion

detection systems, but the

explanation is inaccurate, lacks

key details, lacks clarity, or is

not supported

Does not summarize the key

aspects of monitoring, logging

(auditing), and alerting using

intrusion detection systems

4.5

11/11/23, 4:17 AM Assignment Information

https://snhu.brightspace.com/d2l/le/content/1394612/view Content/27121078/View 6/7

Criteria Exemplary (100%) Pro�cient (90%) Needs Improvement (70%) Not Evident (0%) Value

Training Manual:

Vulnerability Assessment:

Implementation

Meets “Pro�cient” criteria and

materials evidence a

comprehensive understanding

of conducting vulnerability

assessments

Correctly documents

implementation of port

scanning, device scanning, and

penetration testing and

detection for conducting

vulnerability assessments and

includes supporting

screenshots

Documents implementation of

port scanning, device scanning,

and penetration testing and

detection for conducting

vulnerability assessments, but

the documentation is

inaccurate, lacks key details,

lacks clarity, or is not supported

Does not illustrate the

implementation of port

scanning, device scanning, and

penetration testing and

detection for conducting

vulnerability assessments

4.5

Training Manual:

Vulnerability Assessment:

Identify Weaknesses

Meets “Pro�cient” criteria and

explanation evidences a

nuanced insight into the

interpretation of the output of

vulnerability scans

Accurately explains how to

interpret the output of

vulnerability scans to identify

weaknesses and supports with

appropriate screenshots

Explains how to interpret the

output of vulnerability scans to

identify weaknesses, but the

explanation is inaccurate, lacks

key details, lacks clarity, or is

not supported

Does not explain the

interpretation of the output of

vulnerability scans

4.5

Training Manual: Network

Assessment: Processes

Meets “Pro�cient” criteria and

materials evidence a nuanced

comprehension of processes of

detecting rogue devices,

detecting malicious

connections, and viewing

network topologies

Accurately illustrates the

processes of detecting rogue

devices, detecting malicious

connections, and viewing

network topologies to identify

network weakness and includes

supporting screenshots

Illustrates the processes of

detecting rogue devices,

detecting malicious

connections, and viewing

network topologies to identify

network weakness, but the

illustration is inaccurate, lacks

key details, lacks clarity, or is

not supported

Does not illustrate the

processes of detecting rogue

devices, detecting malicious

connections, and viewing

network topologies

4.5

Training Manual: Network

Assessment: Interpretation

Meets “Pro�cient” criteria and

materials evidence perceptive

insight into the interpretation

of the output of network scans

Accurately describes

interpretation of the output of

network scans to identify

weaknesses and includes

proper screenshot

documentation

Describes interpretation of the

output of network scans to

identify weaknesses, but the

description is inaccurate, lacks

key details, lacks clarity, or is

not supported

Does not describe the

interpretation of the output of

network scans to identify

weaknesses

4.5

Training Manual: Auditing

and Log Collection:

Company-Approved Tools

Meets “Pro�cient” criteria, and

rationale demonstrates astute

knowledge of tools' capabilities

Recommends appropriate tools

that minimize the

consequences of incident

events, and includes

appropriate rationale and

justi�cation

Selects and recommends tools

but needs additional support to

justify rationale of choices

Does not address network tool

rationale and support

4.5

11/11/23, 4:17 AM Assignment Information

https://snhu.brightspace.com/d2l/le/content/1394612/view Content/27121078/View 7/7

Criteria Exemplary (100%) Pro�cient (90%) Needs Improvement (70%) Not Evident (0%) Value

Training Manual: Tools

Overview

Meets “Pro�cient” criteria and

the summary evidences astute

recognition of the relevant

details for the audience

Summarizes the key company-

approved tools and includes

the importance of and rationale

for selecting these tools

Summarizes the key company-

approved tools, but the

explanation is inaccurate, lacks

key details, lacks clarity, or is

not supported

Does not summarize the key

company-approved tools

4.5

Articulation of Response Submission is free of errors

related to citations, grammar,

spelling, syntax, and

organization and is presented

in a professional and easy-to-

read format

Submission has no major errors

related to citations, grammar,

spelling, syntax, or organization

Submission has major errors

related to citations, grammar,

spelling, syntax, or organization

that negatively impact

readability and articulation of

main ideas

Submission has critical errors

related to citations, grammar,

spelling, syntax, or organization

that prevent understanding of

ideas

14.5

Total: 100%