| Assignment 4.1: WBS | |||
| 1 | Internal/external penetration testing | 1-Nov-20 | |
| 1.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 11/1/2020: 6 AM – 8 AM | |
| 1.2 | b. Perform (perform internal/external penetration testing- attempt to access locked or unauthorized locations, determine visibility of unauthorized material) | 11/1/2020: 8 AM – 12 PM (lunch) 1 PM – 4 PM | |
| 1.3 | c. Report (compile results of internal/external penetration testing into a report) | 11/1/2020: 4 PM – 6 PM | |
| 2 | Firewall (hardware/software/network) testing | 2-Nov-20 | |
| 2.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 11/2/2020: 6 AM – 8 AM | |
| 2.2 | b. Perform (perform firewall (hardware/software/network) testing- attempt to penetrate and edit firewall, test for effectiveness) | 11/2/2020: 8 AM – 12 PM (lunch) 1 PM – 4 PM | |
| 2.3 | c. Report (compile results of firewall (hardware/software/network) testing into a report) | 11/2/2020: 4 PM – 6 PM | |
| 3 | External IP address testing | 3-Nov-20 | |
| 3.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 11/3/2020: 6 AM – 8 AM | |
| 3.2 | b. Perform (perform external IP address testing- attempt to bypass, alter, delete external IP addresses, audit existing external IPs) | 11/3/2020: 8 AM – 12 PM (lunch) 1 PM – 4 PM | |
| 3.3 | c. Report (compile results of external IP address testing into a report) | 11/3/2020: 4 PM – 6 PM | |
| 4 | Wireless/wired device auditing | 4-Nov-20 | |
| 4.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 11/4/2020 > 11/5/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 4.2 | b. Perform (perform wireless/wired device auditing-rogue access points, unused devices, network settings, etc.) | 11/6/2020 > 11/9/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 4.3 | c. Report (compile results of wireless/wired device auditing into a report) | 11/10/2020: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 5 | Internal/external vulnerability testing | 10-Nov-20 | |
| 5.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 11/11/2020, 11/12/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 5.2 | b. Perform (perform internal/external vulnerability testing- attempt to attack internal/external resources) | 11/13/2020, 11/14/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 5.3 | c. Report (compile results of internal/external vulnerability testing into a report) | 11/15/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 6 | Data governance policy review | 15-Nov-20 | |
| 6.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 11/15/2020 > 11/18/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 6.2 | b. Perform (perform data governance policy review- review current policies, protocols, regulations) | 11/19/2020 > 11/23/2020 : 6 AM – 4PM (12 PM – 1 PM lunch) | |
| 6.3 | c. Report (compile results of data governance policy review into a report) | 11/24/2020 : 6 AM – 4PM (12 PM – 1 PM lunch) | |
| 7 | Phishing tests of staff members and students | 25-Nov-20 | |
| 7.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, emails, malicious USBs, allocate resources/manpower) | 11/26/2020: 6 AM – 8 AM | |
| 7.2 | b. Perform (perform phishing tests of staff members and students using hardware/software, emails, malicious USBs, phone calls, etc.) | 11/26/2020: 8 AM – 12 PM (lunch) 1 PM – 4 PM, 11/27/2020, 11/28/2020: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 7.3 | c. Report (compile results of phishing tests of staff members and students into a report) | 11/29/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 8 | Physical security testing | 29-Nov-20 | Ran Parallel (At Same Time) |
| 8.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 11/29/2020: 6 AM – 8 AM | |
| 8.2 | b. Perform (perform physical security testing- unauthorized entry into each door, find gaps in video surveillance, test social engineering attacks, etc.) | 11/29/2020: 8 AM – 12 PM (lunch) 1 PM – 3 PM | |
| 8.3 | c. Report (compile results of physical security testing into a report) | 11/29/2020 : 3 PM – 6 PM | |
| 9 | Internal control testing | 29-Nov-20 | Ran Parallel (At Same Time) |
| 9.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 11/29/2020: 6 AM – 8 AM | |
| 9.2 | b. Perform (perform internal control testing- testing/evaluation of the management, operational, and technical security controls of the organization) | 11/29/2020: 8 AM – 12 PM (lunch) 1 PM – 3 PM | |
| 9.3 | c. Report (compile results of internal control testing into a report) | 11/29/2020 : 3 PM – 6 PM | |
| 10 | Analysis of staffing requirements | 30-Nov-20 | Time Buffer |
| 10.1 | a. Plan (allocate resources/manpower, gather data from previous tests to determine the effectiveness of the skill and number of security personnel) | 11/30/2020: 6 AM – 8 AM | Extra time for delays |
| 10.2 | b. Perform (perform analysis of staffing requirements- using data from all previous tests and comparing to security standards) | 11/30/2020: 8 AM – 12 PM (lunch) 1 PM – 3 PM | and final edits |
| 10.3 | c. Report (compile results of analysis of staffing requirements into a report) | 11/30/2020 : 3 PM – 6 PM | |
| 11 | First Audit Completion | 20-Dec-20 | |
| 11.1 | a. Compile (allocate resources/manpower, gather data from previous tests to determine the effectiveness the audit, compile all data) | 12/21/2020 > 1/7/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 11.2 | b. Review (review all data obtained from the audit, find errors) | 1/8/2021 > 1/19/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 11.3 | c. Final Touches (make any improvements to the audit’s results) | 1/20/2021 : 6 AM – 2 PM (12 PM – 1 PM lunch) | |
| 12 | First Audit Report Completion | 20-Jan-21 | |
| 12.1 | a. Compile (allocate resources/manpower, gather data from previous tests to determine the effectiveness the audit, compile all data) | 1/22/2021 > 2/22/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 12.2 | b. Review (review all data obtained from the audit, find errors, make improvements) | 2/23/2021 > 3/19/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 12.3 | c. Deliver to client (once finalized, deliver audit report to client) | 3/20/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 13 | Recommended Changes Completion | 20-Mar-21 | |
| 13.1 | a. Compile (gather recommended changes using audit’s data, gather different vendors, prices, and establish timeframes) | 3/21/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 13.2 | b. Review (review the recommended changes) | 3/22/2021 > 3/23/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 13.3 | c. Deliver to client (once finalized, deliver recommended changes to client) | 3/24/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 14 | (Optional Second Audit) Internal/external penetration testing | March 24th, 2021 | |
| 14.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 3/25/2021: 6 AM – 8 AM | |
| 14.2 | b. Perform (perform internal/external penetration testing- attempt to access locked or unauthorized locations, determine visibility of unauthorized material) | 3/25/2021: 8 AM – 12 PM (lunch) 1 PM – 4 PM | |
| 14.3 | c. Report (compile results of internal/external penetration testing into a report) | 3/25/2021: 4 PM – 6 PM | |
| 15 | (Optional Second Audit) Firewall (hardware/software/network) testing | 25-Mar-21 | |
| 15.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 3/26/2021: 6 AM – 8 AM | |
| 15.2 | b. Perform (perform firewall (hardware/software/network) testing- attempt to penetrate and edit firewall, test for effectiveness) | 3/26/2021: 8 AM – 12 PM (lunch) 1 PM – 4 PM | |
| 15.3 | c. Report (compile results of firewall (hardware/software/network) testing into a report) | 3/26/2021: 4 PM – 6 PM | |
| 16 | (Optional Second Audit) External IP address testing | 26-Mar-21 | |
| 16.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 3/27/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 16.2 | b. Perform (perform external IP address testing- attempt to bypass, alter, delete external IP addresses, audit existing external IPs) | 3/27/2021 > 3/28/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 16.3 | c. Report (compile results of external IP address testing into a report) | 3/29/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 17 | (Optional Second Audit) Wireless/wired device auditing | 30-Mar-21 | |
| 17.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 3/30/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 17.2 | b. Perform (perform wireless/wired device auditing-rogue access points, unused devices, network settings, etc.) | 3/31/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 17.3 | c. Report (compile results of wireless/wired device auditing into a report) | 4/1/2021: 6 AM – 3 PM (12 PM – 1 PM lunch) | |
| 18 | (Optional Second Audit) Internal/external vulnerability testing | 1-Apr-21 | |
| 18.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 4/1/2021: 3 PM – 6 PM | |
| 18.2 | b. Perform (perform internal/external vulnerability testing- attempt to attack internal/external resources) | 4/2/2021 > 4/3/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 18.3 | c. Report (compile results of internal/external vulnerability testing into a report) | 4/4/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 19 | (Optional Second Audit) Data governance policy review | 5-Apr-21 | |
| 19.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 4/6/2021: 6 AM – 9 AM | |
| 19.2 | b. Perform (perform data governance policy review- review current policies, protocols, regulations) | 4/6/2021: 9 AM – 12 PM ( lunch) 1 PM – 6 PM) 4/7/2021 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 19.3 | c. Report (compile results of data governance policy review into a report) | 4/8/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 20 | (Optional Second Audit) Phishing tests of staff members and students | 8-Apr-21 | |
| 20.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, emails, malicious USBs, allocate resources/manpower) | 4/9/2021, 4/10/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 20.2 | b. Perform (perform phishing tests of staff members and students using hardware/software, emails, malicious USBs, phone calls, etc.) | 4/11/2021 > 4/14/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 20.3 | c. Report (compile results of phishing tests of staff members and students into a report) | 4/15/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 21 | (Optional Second Audit) Physical security testing | 15-Apr-21 | |
| 21.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 4/16/2021 : 6 AM – 9 AM | |
| 21.2 | b. Perform (perform physical security testing- unauthorized entry into each door, find gaps in video surveillance, test social engineering attacks, etc.) | 4/16/2021: 9 AM – 6 PM (12 PM – 1 PM lunch) | |
| 21.3 | c. Report (compile results of physical security testing into a report) | 4/17/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 22 | (Optional Second Audit) Internal control testing | 17-Apr-21 | |
| 22.1 | a. Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) | 4/18/2021 : 6 AM – 9 AM | |
| 22.2 | b. Perform (perform internal control testing- testing/evaluation of the management, operational, and technical security controls of the organization) | 4/18/2021: 9 AM – 6 PM (12 PM – 1 PM lunch) | |
| 22.3 | c. Report (compile results of internal control testing into a report) | 4/19/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 23 | (Optional Second Audit) Analysis of staffing requirements | 19-Apr-21 | |
| 23.1 | a. Plan (allocate resources/manpower, gather data from previous tests to determine the effectiveness of the skill and number of security personnel) | 4/20/2021 > 5/01/2020 : 6 AM – 9 AM | |
| 23.2 | b. Perform (perform analysis of staffing requirements- using data from all previous tests and comparing to security standards) | 5/2/2021 > 5/18/2021 9 AM – 6 PM (12 PM – 1 PM lunch) | |
| 23.3 | c. Report (compile results of analysis of staffing requirements into a report) | 5/19/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 24 | Second Audit Completion | 20-May-21 | |
| 24.1 | a. Compile (allocate resources/manpower, gather data from previous tests to determine the effectiveness the audit, compile all data) | 5/21/2021 > 6/1/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 24.2 | b. Review (review all data obtained from the audit, find errors) | 6/2/2021 > 6/18/2021 : 9 AM – 6 PM (12 PM – 1 PM lunch) | |
| 24.3 | c. Final Touches (make any improvements to the audit’s results) | 6/19/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 25 | Second Audit Report Completion (per client’s optional involvement in the second audit involvement) | 20-Jun-21 | |
| 25.1 | a. Compile (allocate resources/manpower, gather data from previous tests to determine the effectiveness the audit, compile all data) | 6/20/2021 > 7/1/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 25.2 | b. Review (review all data obtained from the audit, find errors, make improvements) | 7/2/2021 > 7/18/2021 : 9 AM – 6 PM (12 PM – 1 PM lunch) | |
| 25.3 | c. Deliver to client (once finalized, deliver audit report to client) | 7/19/2021: 6 AM – 6 PM (12 PM – 1 PM lunch) | |
| 26 | Final Comparison (of both audits) of All Work Completed. General Satisfaction of Client Completion (per client’s optional involvement in the second audit) | 20-Jul-21 |
Categories: Group Theory
Securing The Universe 