Overview

An information security review of an existing business or organization will be performed by you and the rest of the group. My hope is that you and your group will be able to identify a business of convenience to you fairly quickly. You will also need to receive approval from the business, of course.

Obviously, this assignment will not be on the order of a full-fledged technology audit that can take months to complete and usually requires technology for testing and full access to the network infrastructure. This will be more along the lines of a general control review, and information will be gathered using less technical means, such as observation, inquiry, and possible inspection (if allowed). We are also not in a position to make security recommendations.

In addition to a couple of midterm deliverables, you will prepare a white paper and a presentation detailing policies, procedures, risk assessment, preventative hardware/software, etc. that will be given at a yet-to-be-determined time around the final week of the course. Links to the deliverable details can be found below and also under the Assignments menu option.

First Deliverable (due January 30)

Second Deliverable (due February 27)

Wardriving

Network Address Translation

Shodan

Overview

Deliverable 1

Deliverable 2

Day 1 - Introduction

Day 2 - Chapter 1

Day 3 - Chapter 13

Day 4 - Ch13 cont. & Ch 11

Exam 2 notes

Overview