Group Theory

Scenario: WBS Cybersecurity Audit

 Assignment 4.1: WBS 
1Internal/external penetration testing1-Nov-20
1.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 11/1/2020: 6 AM – 8 AM
1.2b.    Perform (perform internal/external penetration testing- attempt to access locked or unauthorized locations, determine visibility of unauthorized material)11/1/2020: 8 AM – 12 PM (lunch) 1 PM – 4 PM
1.3c.    Report (compile results of internal/external penetration testing into a report)11/1/2020: 4 PM – 6 PM
2Firewall (hardware/software/network) testing2-Nov-20
2.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 11/2/2020: 6 AM – 8 AM
2.2b.    Perform (perform firewall (hardware/software/network) testing- attempt to penetrate and edit firewall, test for effectiveness)11/2/2020: 8 AM – 12 PM (lunch) 1 PM – 4 PM
2.3c.    Report (compile results of firewall (hardware/software/network) testing into a report)11/2/2020: 4 PM – 6 PM
3External IP address testing3-Nov-20
3.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 11/3/2020: 6 AM – 8 AM
3.2b.    Perform (perform external IP address testing- attempt to bypass, alter, delete external IP addresses, audit existing external IPs)11/3/2020: 8 AM – 12 PM (lunch) 1 PM – 4 PM
3.3c.    Report (compile results of external IP address testing  into a report)11/3/2020: 4 PM – 6 PM
4Wireless/wired device auditing4-Nov-20
4.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 11/4/2020 > 11/5/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch)
4.2b.    Perform (perform wireless/wired device auditing-rogue access points, unused devices, network settings, etc.)11/6/2020 > 11/9/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch)
4.3c.    Report (compile results of wireless/wired device auditing into a report)11/10/2020: 6 AM – 6 PM (12 PM – 1 PM lunch)
5Internal/external vulnerability testing10-Nov-20
5.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 11/11/2020, 11/12/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch)
5.2b.    Perform (perform internal/external vulnerability testing- attempt to attack internal/external resources)11/13/2020, 11/14/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch)
5.3c.    Report (compile results of internal/external vulnerability testing into a report)11/15/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch)
6Data governance policy review15-Nov-20
6.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 11/15/2020 > 11/18/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch)
6.2b.    Perform (perform data governance policy review- review current policies, protocols, regulations)11/19/2020 > 11/23/2020 : 6 AM – 4PM (12 PM – 1 PM lunch)
6.3c.    Report (compile results of data governance policy review into a report)11/24/2020 :  6 AM – 4PM (12 PM – 1 PM lunch)
7Phishing tests of staff members and students25-Nov-20
7.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, emails, malicious USBs, allocate resources/manpower) 11/26/2020: 6 AM – 8 AM
7.2b.    Perform (perform phishing tests of staff members and students using hardware/software, emails, malicious USBs, phone calls, etc.)11/26/2020: 8 AM – 12 PM (lunch) 1 PM – 4 PM, 11/27/2020, 11/28/2020: 6 AM – 6 PM (12 PM – 1 PM lunch)
7.3c.   Report (compile results of phishing tests of staff members and students into a report)11/29/2020 : 6 AM – 6 PM (12 PM – 1 PM lunch)
8Physical security testing29-Nov-20Ran Parallel (At Same Time)
8.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 11/29/2020: 6 AM – 8 AM 
8.2b.    Perform (perform physical security testing- unauthorized entry into each door, find gaps in video surveillance, test social engineering attacks, etc.)11/29/2020: 8 AM – 12 PM (lunch) 1 PM – 3 PM  
8.3c.   Report (compile results of physical security testing into a report)11/29/2020 : 3 PM – 6 PM 
9Internal control testing29-Nov-20Ran Parallel (At Same Time)
9.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 11/29/2020: 6 AM – 8 AM 
9.2b.    Perform (perform internal control testing- testing/evaluation of the management, operational, and technical security controls of the organization)11/29/2020: 8 AM – 12 PM (lunch) 1 PM – 3 PM  
9.3c.    Report (compile results of internal control testing into a report)11/29/2020 : 3 PM – 6 PM 
10Analysis of staffing requirements30-Nov-20Time Buffer
10.1a.    Plan (allocate resources/manpower, gather data from previous tests to determine the effectiveness of the skill and number of security personnel)11/30/2020: 6 AM – 8 AMExtra time for delays
10.2b.    Perform (perform analysis of staffing requirements- using data from all previous tests and comparing to security standards)11/30/2020: 8 AM – 12 PM (lunch) 1 PM – 3 PM and final edits
10.3c.    Report (compile results of analysis of staffing requirements into a report)11/30/2020 : 3 PM – 6 PM 
11First Audit Completion 20-Dec-20 
11.1a.    Compile (allocate resources/manpower, gather data from previous tests to determine the effectiveness the audit, compile all data)12/21/2020 > 1/7/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
11.2b.    Review (review all data obtained from the audit, find errors)1/8/2021 > 1/19/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
11.3c.    Final Touches  (make any improvements to the audit’s results)1/20/2021 : 6 AM – 2 PM (12 PM – 1 PM lunch)
12First Audit Report Completion 20-Jan-21
12.1a.    Compile (allocate resources/manpower, gather data from previous tests to determine the effectiveness the audit, compile all data)1/22/2021 > 2/22/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
12.2b.    Review (review all data obtained from the audit, find errors, make improvements)2/23/2021 > 3/19/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
12.3c.    Deliver to client (once finalized, deliver audit report to client)3/20/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
13Recommended Changes Completion 20-Mar-21
13.1a.    Compile (gather recommended changes using audit’s data, gather different vendors, prices, and establish timeframes)3/21/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
13.2b.    Review (review the recommended changes)3/22/2021 > 3/23/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
13.3c.    Deliver to client (once finalized, deliver recommended changes to client)3/24/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
14(Optional Second Audit) Internal/external penetration testingMarch 24th, 2021
14.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 3/25/2021: 6 AM – 8 AM
14.2b.    Perform (perform internal/external penetration testing- attempt to access locked or unauthorized locations, determine visibility of unauthorized material)3/25/2021: 8 AM – 12 PM (lunch) 1 PM – 4 PM
14.3c.    Report (compile results of internal/external penetration testing into a report)3/25/2021: 4 PM – 6 PM
15(Optional Second Audit) Firewall (hardware/software/network) testing25-Mar-21
15.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 3/26/2021: 6 AM – 8 AM
15.2b.    Perform (perform firewall (hardware/software/network) testing- attempt to penetrate and edit firewall, test for effectiveness)3/26/2021: 8 AM – 12 PM (lunch) 1 PM – 4 PM
15.3c.    Report (compile results of firewall (hardware/software/network) testing into a report)3/26/2021: 4 PM – 6 PM
16(Optional Second Audit) External IP address testing26-Mar-21
16.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 3/27/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
16.2b.    Perform (perform external IP address testing- attempt to bypass, alter, delete external IP addresses, audit existing external IPs)3/27/2021 > 3/28/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
16.3c.    Report (compile results of external IP address testing  into a report)3/29/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
17(Optional Second Audit) Wireless/wired device auditing30-Mar-21
17.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 3/30/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
17.2b.    Perform (perform wireless/wired device auditing-rogue access points, unused devices, network settings, etc.)3/31/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch)
17.3c.    Report (compile results of wireless/wired device auditing into a report)4/1/2021: 6 AM – 3 PM (12 PM – 1 PM lunch)
18(Optional Second Audit) Internal/external vulnerability testing1-Apr-21
18.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 4/1/2021: 3 PM – 6 PM
18.2b.    Perform (perform internal/external vulnerability testing- attempt to attack internal/external resources)4/2/2021 > 4/3/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
18.3c.    Report (compile results of internal/external vulnerability testing into a report)4/4/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
19(Optional Second Audit) Data governance policy review5-Apr-21
19.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 4/6/2021: 6 AM – 9 AM
19.2b.    Perform (perform data governance policy review- review current policies, protocols, regulations)4/6/2021: 9 AM – 12 PM ( lunch) 1 PM – 6 PM) 4/7/2021 6 AM – 6 PM (12 PM – 1 PM lunch)
19.3c.    Report (compile results of data governance policy review into a report)4/8/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
20(Optional Second Audit) Phishing tests of staff members and students8-Apr-21
20.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, emails, malicious USBs, allocate resources/manpower) 4/9/2021, 4/10/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
20.2b.    Perform (perform phishing tests of staff members and students using hardware/software, emails, malicious USBs, phone calls, etc.)4/11/2021 > 4/14/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
20.3c.   Report (compile results of phishing tests of staff members and students into a report)4/15/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
21(Optional Second Audit) Physical security testing15-Apr-21
21.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 4/16/2021 : 6 AM – 9 AM
21.2b.    Perform (perform physical security testing- unauthorized entry into each door, find gaps in video surveillance, test social engineering attacks, etc.)4/16/2021:  9 AM – 6 PM (12 PM – 1 PM lunch) 
21.3c.   Report (compile results of physical security testing into a report)4/17/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
22(Optional Second Audit) Internal control testing17-Apr-21
22.1a.    Plan (coordinate with on-site staff for testing window, prepare hardware/software, allocate resources/manpower) 4/18/2021 : 6 AM – 9 AM
22.2b.    Perform (perform internal control testing- testing/evaluation of the management, operational, and technical security controls of the organization)4/18/2021:  9 AM – 6 PM (12 PM – 1 PM lunch) 
22.3c.    Report (compile results of internal control testing into a report)4/19/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
23(Optional Second Audit) Analysis of staffing requirements19-Apr-21
23.1a.    Plan (allocate resources/manpower, gather data from previous tests to determine the effectiveness of the skill and number of security personnel)4/20/2021 > 5/01/2020 : 6 AM – 9 AM
23.2b.    Perform (perform analysis of staffing requirements- using data from all previous tests and comparing to security standards)5/2/2021 > 5/18/2021 9 AM – 6 PM (12 PM – 1 PM lunch) 
23.3c.    Report (compile results of analysis of staffing requirements into a report)5/19/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
24Second Audit Completion 20-May-21
24.1a.    Compile (allocate resources/manpower, gather data from previous tests to determine the effectiveness the audit, compile all data)5/21/2021 > 6/1/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) 
24.2b.    Review (review all data obtained from the audit, find errors)6/2/2021 > 6/18/2021 :  9 AM – 6 PM (12 PM – 1 PM lunch) 
24.3c.    Final Touches  (make any improvements to the audit’s results)6/19/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
25Second Audit Report Completion (per client’s optional involvement in the second audit involvement)20-Jun-21
25.1a.    Compile (allocate resources/manpower, gather data from previous tests to determine the effectiveness the audit, compile all data)6/20/2021 > 7/1/2021 : 6 AM – 6 PM (12 PM – 1 PM lunch) 
25.2b.    Review (review all data obtained from the audit, find errors, make improvements)7/2/2021 > 7/18/2021 :  9 AM – 6 PM (12 PM – 1 PM lunch) 
25.3c.    Deliver to client (once finalized, deliver audit report to client)7/19/2021: 6 AM – 6 PM (12 PM – 1 PM lunch)
26Final Comparison (of both audits) of All Work Completed. General Satisfaction of Client Completion (per client’s optional involvement in the second audit)20-Jul-21

Categories: Group Theory

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s