2173 Salk Avenue, Suite 250 Carlsbad, CA

support@assignmentprep.info

This is the Risk Management Framework Exercise that measures competencies in imp

May 17, 2024

This is the Risk Management Framework Exercise that measures competencies in implementing this framework to support the Authorization and Risk Management for an information system and/or mission application. The NIST documents students use in this assessment are used not only in DoD but throughout the Federal government and NIST’s approach is consistent with how this is done throughout industry as well. 
During HCC engagement with employers in the area, the need for students to understand RMF was clearly identified. 
Students are required to review the following two videos before the exercise:
RMF that is presented by Frank Mayer, CISSP using a Creative Commons Licensed presentation by Professor Pinto of Old Dominion University. 
NIST Risk Management Framework Introduction l NIST Certification l ARECyber LLC 
The creator of this video licensed it under the Creative Commons so we can use it without restrictions and this is the link to this Video on You Tube https://www.youtube.com/watch?v=SBrBmSfUz2Y&feature=youtu.be
Review the attached RMF Slides to this assignment as well.
College-level writing is expected on all assignments; refer to assignment rubric.   This course capstone assignment is worth 10 percent of your grade and it will be a Three Part exercise that is only here in Blackboard, NOT in your course textbook and is outside of the virtual labs used for the other exercises
Part 1 – Properly Categorize a System  First Step in class you will go to this quick start link on The Risk Management Framework from NIST URL =   https://csrc.nist.gov/Projects/Risk-Management/Risk-Management-Framework-Quick-Start-Guides   and then you will use the National Institute of Standards and Technology  (NSIT) documents that are attached to this assessment here in Blackboard to complete this exercise. You will need to use all the documents just as references since you will not have the time to read all of them.
Your organization has competed the preparation  stage of the risk management  process and it is going to make sure that its new unmanned vehicle that is used to deliver parts and tools to units throughout the organization’s depot is secure and can securely perform its mission.  
You will Categorize the information system based on FIPS 199, NIST SP 800-60, and organizational guidance and then Document the categorization recommendation with your rationale and provide that as a document that is uploaded to Blackboard. You will upload your work for this assignment in Blackboard.   List the other members of your team on your input.
Second Step for Part 1 for the Student Team:  Go to Figure 1: NIST Risk Management Framework, on page 7 in the NIST Special Publication 800-60 Volume I, Revision 1. Study the figure.  In this exercise you will just be doing the categorization for the system described in the “System Description” document attached to this assessment in Blackboard.  You will use the High Water Mark of impact and Categorize this information system based on the potential impact to an organization and its ability to accomplish its mission, protect assets, fulfill its legal responsibilities, and maintain day-to-day functions; The generalized format for expressing the security category ( SC ) of an information system is: SC information system = {(confidentiality, impact) , (integrity, impact) , (availability, impact) }, where the acceptable values for potential impact are low, moderate, or high.
Write a brief paragraph that identifies what the impact level for this system should be for confidentiality, integrity, and availability and then based on your analysis determine what the overall system categorization should be, that is low, moderate, or high. 
Part 2 – Developing  Policy – Use the National Institute of Standards and Technology,  NISTR 7621, Small Business Information Security The Fundamentals, guide that is attached to this assignment and go to Appendix  E—Sample Policy & Procedure Statements, then create concise policy statements for the system described in the “System Description” document to address access control, both physical and access to the control laptop via password control and issuance, training requirements, contingency actions in case the system suddenly fails, and acceptable use of the system by the operators.  You are not expected to write a complete policy but you are expected to come up with what should be the top six policy statements that need to be used for the policy that is being developed. 
For example, one policy statement could be: All users of the laptop computer that controls the drone will have their own account and password that will be at least ten characters long and will consist of both letters, numbers, and special characters.  This password will be changed every three months. 
Part 3 – Case Study – You are in a security working group that is responsible to ensure that the system described in the “System Description” document attached to this assessment in Blackboard meets security requirements, that is security controls, in a manner that will not introduce significant risk to depot operations. The chief  network engineer, who has been working at the depot for thirty years, insists during the working group that the wireless link used to control the drone should not be encrypted as this would be a waste of time and resources.  He also argues that using encryption for this link could cause issues in the future as this system is being maintained.  The security control that applies to the requirement for wireless encryption is referenced by the Security Control Number AC-18(1) in Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations.   
Based on your analysis completed  in part 1 of this assessment, what recommendation would you make as a team to the Senior Executive in charge of the depot and to the Senior Executive who is the Authorization Official at higher headquarters?  Your team must be able to rigorously defend your recommendation before Senior Executives who have a stake in this system’s operations so you must provide a strong and concise recommendation paragraph that your team can defend. 
Submit responses on a single three part Word Document through Blackboard, no later than xxxx (DUE DATE).  (Provide APA Style References on your submissions to refer to the NIST publications you cite in your team’s responses.)
PLEASE TEXT ME IF YOU HAVE ANY QUESTIONS! 
READ THE RUBRIC! 
I HAVE LINKS TO ALL OF THE INFORMATION! 
IT IS NOT REALLY AN ESSAY BUT RATHER RESPONSES ON A SINGLE THREE PART DOCUMENT! 
PLEASE READ RUBRIC CAREFULLY! 

Struggling With a Similar Paper? Get Reliable Help Now.

Delivered on time. Plagiarism-free. Good Grades.

What is this?

It’s a homework service designed by a team of 23 writers based in Carlsbad, CA with one specific goal – to help students just like you complete their assignments on time and get good grades!

Why do you do it?

Because getting a degree is hard these days! With many students being forced to juggle between demanding careers, family life and a rigorous academic schedule. Having a helping hand from time to time goes a long way in making sure you get to the finish line with your sanity intact!

How does it work?

You have an assignment you need help with. Instead of struggling on this alone, you give us your assignment instructions, we select a team of 2 writers to work on your paper, after it’s done we send it to you via email.

What kind of writer will work on my paper?

Our support team will assign your paper to a team of 2 writers with a background in your degree – For example, if you have a nursing paper we will select a team with a nursing background. The main writer will handle the research and writing part while the second writer will proof the paper for grammar, formatting & referencing mistakes if any.

Our team is comprised of native English speakers working exclusively from the United States. 

Will the paper be original?

Yes! It will be just as if you wrote the paper yourself! Completely original, written from your scratch following your specific instructions.

Is it free?

No, it’s a paid service. You pay for someone to work on your assignment for you.

Is it legit? Can I trust you?

Completely legit, backed by an iron-clad money back guarantee. We’ve been doing this since 2007 – helping students like you get through college.

Will you deliver it on time?

Absolutely! We understand you have a really tight deadline and you need this delivered a few hours before your deadline so you can look at it before turning it in.

Can you get me a good grade? It’s my final project and I need a good grade.

Yes! We only pick projects where we are sure we’ll deliver good grades.

What do you need to get started on my paper?

* The full assignment instructions as they appear on your school account.

* If a Grading Rubric is present, make sure to attach it.

* Include any special announcements or emails you might have gotten from your Professor pertaining to this assignment.

* Any templates or additional files required to complete the assignment.

How do I place an order?

You can do so through our custom order page here or you can talk to our live chat team and they’ll guide you on how to do this.

How will I receive my paper?

We will send it to your email. Please make sure to provide us with your best email – we’ll be using this to communicate to you throughout the whole process.

Getting Your Paper Today is as Simple as ABC

No more missed deadlines! No more late points deductions!

}

You give us your assignments instructions via email or through our order page.

Our support team selects a qualified writing team of 2 writers for you.

l

In under 5 minutes after you place your order, research & writing begins.

Complete paper is delivered to your email before your deadline is up.

Want A Good Grade?

Get a professional writer who has worked on a similar assignment to do this paper for you