Security Policy-ITT-307
A well-written security policy will clearly define the limits of computing infrastructure to the end users. Security policies should be simple, explicit, and avoid hidden implicit elements that are controlled by the system, which users may misunderstand.
- First, research any computer security threat or a recent attack. Select one element of the threat or attack (e.g., “complex passwords“).
- Then, write a policy for your selected element and explain basic security implications of a specified security threat or a recent attack, as well as how the implementation of the policy will protect the system with supportive information.
Your policy should be no longer than 500 words and written using an industry-standard policy format, including the following details:
- At minimum, your policy should include a title, the purpose of the policy, scope, details of the policy, compliance, author, and review date.
- Your policy should explain how any user interface (user experience [UX]) issues could affect the implementation and perception of security mechanisms, as well as the behavioral impacts of the policy.
- Your policy should explore the tension between user security and convenience (human computer interface [HCI]), which results in user behaviors that undermine system security. How can you develop the right balance?
APA format is not required, but solid academic writing is expected.
This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.
Answer Preview-Security Policy-ITT-307
$10.00