Your Perfect Assignment is Just a Click Away
We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!


Module 01 Content

Module 01 Content

Module 01 Content

Module 01 Content

  1. For the first part of your project, you have been given a partial audit, performed by a NASA Blue Team. This audit was part of their Certification and Authorization (C&A) process to ensure Country Roads Space Systems (CRSS) has authorization to operate as a 3rd party entity to NASA and allowed to work with NASA assets. The C&A process includes a line-by-line review of all security controls identified within NIST 800-53b documentation, and their sub-sections. During the initial review process, NASA reviewed the existing security controls employed by CRSS and evaluated their compliance to the identified security controls. All items that were found to be non-compliant are documented for review, and a Plan of Action & Milestones (POAM) document was generated as a guideline to correct or evaluate any exemptions found in the initial C&A audit.


    You will be responsible for reviewing the POAM and familiarizing yourself with the findings. However, you will only be responsible for auditing two security controls that are found to be non-compliant for the audit that you will perform during this course. Please be aware that once you choose your two specific security controls in this Module, you will continue to build on your analysis of these two controls throughout this course. Therefore, you should be take time to consider which controls you choose. In addition, for your two choices, you must choose:

    • One security control from the group of IA-2, IA-3 or IA-5. (NOTE: IA-5 is a common control that often requires remediation in actual security settings. Student who choose IA-5 will be presented with a challenge, but will also find greater documentation when researching remediation.)
    • One other security control from the group of AC-5, PE-13, RA-5.
    • For your Module One Project, start by taking the time to familiarize yourself with the POAM and understand how various systems are evaluated against a common set of compliance frameworks. Study the controls in the POAM and review them against NIST and COBIT frameworks for similar type of controls. In addition, review these security controls against the standards in ISO 27000.Take note on how security controls can be met in diverse ways and still meet overall compliance. With your review of these controls and standards complete, you should feel confident in picking two security control identified in the POAM listed as being compliant. As part you audit, you should also review the company’s network. Please review the CRSS Network Diagram.

      CRSS Network Diagram.pptx

      NOTE: The various frameworks are usually very similar, though differences exist relevant to their industry focus. ISO 27000 and COBIT are meant to focus on private sector compliance, while NIST is focused on public sector.

      You can review each framework at:
      ISO 2700

      For this week, you will use the IA security control you chose and in a brief report address the following:

    • Explain the significance of this control and, in your own words, how it protects CRSS and NASA assets. Do you agree with the assessment of the vulnerability described in Column E “Weakness Description”?
    • Next, look up your IA security control in NIST and summarize the NIST standard for one of your controls.
    • Now find the similar standards in ISO27000 and COBIT. Once you find references to security controls that that are closest to the security controls you chose in ISO27000 and COBIT, write a brief explaining the similarities and/or differences between the three standards with regard to one of your security controls.
    • Highlight if you think NIST is the most appropriate set of regulations for CRSS, when compared to the other standards. Which do you this is the most appropriate standard?
    • Do you agree with how the control is remediated in Column K “Overall Remediation Plan”? If so, explain why. If not, please provide an alternative to the Overall Remediation Plan.
    • Submit your completed assignment by following the directions linked below. Please check the Course Calendar for specific due dates.

We offer the best custom essay writing services at an affordable rate. We have done this assignment before, we can also do it for you.

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: Essay Pillars only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Essay Pillars are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Essay Pillars is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Essay Pillars, we have put in place a team of experts who answer to all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.