Incident Detection and Response Plan.

Incident Detection and Response Plan.

Write a document that establishes California Miramar University’s Incident Detection and Response Plan. This is to be based on a hypothetical CMU architecture. This document must include the following elements: 1) Executive Summary 2) Data Security Plan a) Identify and describe California Miramar University Data Types [i.e., the kind of records and information CMU keeps] b) Identify Records Management Requirements [Recommend https://www.archives.gov/records-mgmt/policy/universalermrequirements and its downloadable Excel spreadsheet) c) Identify relevant statutory and regulatory privacy requirements [e.g., the Privacy Act of 1974] 3) Security Risk Assessment a) Use FISMA Risk Management Framework process to evaluate overall security health of California Miramar University Network. [The intention here is to characterize CMU’s security posture as “weak.” [Recommend https://csrc.nist.gov/projects/risk-management/risk-management-framework-(rmf)-overview] b) Identify key interfaces (logical and physical) among systems in organizational enterprise [Recommend basing on an Enterprise Resource Planning (ERP) system] c) Describe how this “new” system will transform the organization in terms of capabilities and mission planning 4) Revised Network Design a) Identify LAN design for wired and wireless infrastructure b) Identify IP naming convention for LAN and element subnetworks c) Identify security control points across multiple subnetworks d) Identify integration of onsite IT assets with public cloud infrastructure 5) Incident Detection Concept of Operations (CONOPS) a) Define roles and responsibilities for security monitoring b) Identify tools to be used in incident monitoring c) Identify and describe automated and manual processes for incident monitoring d) Define process for reporting incidents including timeliness and prioritization 6) Governance Recommendations a) Define an appropriate Information Security Governance Structure for California Miramar University b) Identify recommended policy changes to protect California Miramar University data assets – each recommendation MUST include a discussion of why this recommendation is appropriate and reasonable 7) References This document should be no fewer than 15 (APA Format) including figures and tables (but excluding Title Page and references). Your submission must cover all sections identified above.