Good afternoon,

I need the attached Executive proposal done with respect to all the requirements, I don't want a modification of the Executive proposal I see on course Hero, Chegg, or other tutor website, I want something original, and with respect of all the rules required by the instructor. I would like a tutor that is flexible and willing to make the changes as I get corrections from the intructor.

 

I am not going to cherry pick the most important items from the Executive Proposal document to place
here. They are listed clearly and concisely in the document itself.
PLEASE READ IT THOROUGHLY BEFORE YOU BEGIN WORKING.
READ IT AGAIN!
I recommend that you choose something that is COTS (commercial off-the-shelf-). Random tools that are
inside Kali, and pen testing “frameworks” are not ideal candidates for this type of work. Not that you
couldn’t choose those, but I can almost promise you that you will run into problems, and you won’t be
getting a strong grade because you realized too late. Again, you don’t have to choose COTS, but
understand what a Senior Exec in a company needs: Consider not just your recommendation of a tool to
the organization, but that it’s an investment by said organization. Basically don’t make me waste half a
million dollars on something that’s a glorified script.
As always, you should ask your questions in the general discussion area. However, DO NOT assume that
I will get to your question(s) in time if you wait until the 11th hour. I may simply not be at my computer, and
if the paper is due, or you need to change path, I cannot help you at that point and will NOT be providing
a makeup/giving extra credit or any other such “dog ate my homework” assistance. You have time, start
now.
Yes, you may ask me privately about a specific tool, and I will say whether or not I think it’s a good idea,
but do understand that even if I said it’s a good option, I am NOT automatically suggesting, or otherwise
implying that your grade will be good simply because I sanctioned the tool you chose. The QUALITY of
your WORK will determine your grade. If you can find a 3-line piece of Python code that will save the
world, feel free to write about it. If you do a good job, you get a good grade. However, that would be
difficult, and is unlikely to happen. CMIT 321 Executive Proposal Project
The purpose of this project is to evaluate the student’s ability to research and evaluate security
testing software and present a proposal for review by executive team members. By completing
the document the student will also gain practical knowledge of the security evaluation
documentation and proposal writing process. The project will enable the student to identify and
understand the required standards in practice, as well as the details that should be covered
within a proposal.
Project Deliverable Using the Case Study presented in this document, complete an executive proposal.
Provide a three to five page proposal summarizing purpose and benefit of chosen security
software to the executive management team.
The student will evaluate and test security testing software for purposes of testing
corporate network security. The purpose of the software is to measure the security posture of the organization by identifying vulnerabilities and help prevent future attacks
and deter any real-time unknown threats.
The proposal should effectively describe the software in a manner that will allow the
executive team members to understand the purpose and benefits of the software to
approve purchase. Guidelines Evaluate and select a security tool for recommendation that you learned about in the iLabs
modules or the EC-Council text books.
The proposal document must be 3 to 5 pages long, conforming to APA standards. See
"Writing Guideline" in WebTycho where you'll find help on writing for research projects.
At least three authoritative, outside references are required (anonymous authors or web
pages are not acceptable). These should be listed on the last page titled "References."
Appropriate citations are required. See the syllabus regarding plagiarism policies.
This will be graded on quality of research topic, quality of paper information, use of
citations, grammar and sentence structure, and creativity.
The paper is due during Week 7 of this course. Project Description
The purpose of project is to write an executive proposal for a fictitious company called Charter
Medical Research Group (CMRG). The goal of the proposal is to persuade the executive
management team to approve purchase of security testing software that can benefit the
company’s corporate network security by testing and identifying vulnerabilities before they are
exploited by hackers. The proposal must include a detailed description of the software, its
purpose, and benefits. Suggested Approach
1. Research a security testing software tool that you practiced using in the EC-Council iLabs
or from the textbook.
2. Determine whether the tool would be beneficial in testing the security of a corporate
network.
3. Use the vendor’s website to collect necessary information about the tool to be able to
explain its purpose and benefit.
4. Include 3rd party endorsements and case studies about the tool.
5. Integrate the information from your own experience with the tool into your proposal.
This may include results from the iLab exercises or your own test lab.
Company Description Charter Medical Research Group
CMRG is a startup medical research and development company. After five years of extraordinary
success in the development of innovative medical and pharmaceutical products, CMRG is on its
way to becoming a major player in the medical research and development industry. However,
due to its success, CMRG has also become a major target of cybercriminals. CMRG has been the
victim of cybercriminal attempts to steal intellectual property and sell it to CMRG competitors. It
is suspected that the corporate network has been infiltrated from unauthorized sources more
than once. In 2012, CMRG was falsely accused of unethical research and development practices.
The false allegations resulted in the defacement of CMRG’s public website and several Denial of
Service attacks at different times over a 10-month period that brought the corporate network to
its knees. These attacks had a major impact on CMRG’s ability to conduct business and resulted
in undesirable publicity for the company.
Regardless of its security problems, CMRG has continued to grow as a company. Its research and
development departments have grown over the years, due to the expansion of the company, in
proportion to the increase in its business making up over 40% of the human resources. CMRG’s
innovative research and development information is paramount to its continued success as a
company. Although, no known attacks have occurred in last 15 months, the security of its
network and intellectual property is still a major concern for the company. Because CMRG is a
still fairly young company, management has been hesitant to budget for expensive security
projects. However, this point of view is beginning to change. Particularly, because one of
CMRG’s competitors, a major player in the medical research and development industry for over
40 years, experienced a loss of hundreds of millions of dollars in research data that was stolen
from its corporate network by cyber thieves.
Background and your role
You are the IT Manager hired in 2013 to manage the physical and operational security of
CMRG’s corporate information system. You understand information security issues better than
anyone else in the company. You also know that the network is vulnerable to outside threats
because it has experienced attacks in the past and because you haven’t had the resources to
properly test the corporate information system to identify the vulnerabilities that might exist
and take action prevent possible attacks. You have a responsibility to bring these concerns to
the attention of the executive team and ask for approval to purchase the necessary testing
software.
Your education and training have introduced you to variety of security tools for testing
computer and network security. The majority of these tools you either only read about or have practiced using in lab environment. You have decided to research some of these tools and test
them out in your own lab environment and choose one for recommendation to executive team.
You will need to present information that proves the chosen tool will be beneficial to the
security of corporate information system. To accomplish this you will need to research the
product, if possible, test the product in a virtual lab environment. If the tool is part of your iLab
exercise, it is recommended that you practice using and testing the tool beyond the scope of the
lab exercise. Based on your research and analysis, you will include this information in your
proposal in way that the executive staff can understand and allowing them to make an informed
decision to approve purchase of the product.
The executive management team of CMRG: The proposal should include: Detailed description of the software and benefits.
Include reviews, case studies and customer recommendations
Include your own hands-on experience with the tool and test results
Cost of product. Include additional costs such as training or hardware software that
might be needed in order to properly deploy manage and maintain the software.
How will the software impact the production environment? For example, the software
may test for Denial of Service attacks. You need to explain any interruptions the test may have on business operations. You need to justify the need for such a test. Also explain
how to you plan to minimize or prevent possible production outages. The software should test for one or more of the following types of attacks: Denial of Service (DoS)
Cross Site Scripting (XSS)
Authentication Bypass
Directory Traversal
Session Management
SQL injection
Database Attacks
Password Attacks
Firewall/Router Attacks
Operating System Attacks Corporate Office Network Topology
The CMRG main research and development facility is located in Atlanta, Georgia. You have
concerns about the sensitive information that is stored at this location as well as data that
transmitted over the WAN to CMRG’s Seattle, Washington headquarters location, business
partners and clients. The Atlanta facility is also where the CMRG data center is located. The data
center is where CMRG’s public website, email, databases and corporate intranet are hosted. The
environment contains a mix of Microsoft and *NIX technologies. 45 Windows 2016 Servers
13 Windows 2008 Servers
15 UNIX Servers
2200 Windows 8.1 and 10 Desktops
Web Servers: Apache and IIS
Services: FTP, SMTP, DNS, DHCP, VPN
Database: SQL, Oracle and MySQL
Network: Cisco Routers and Firewalls Grading Rubrics
Final Deliverable
Category
Points
Documentation and
10
Formatting
Software Research
20
Software Analysis
20
Executive Proposal
50
Total %
10%
20%
20%
50% 100 100% Description
Appropriate APA citations/referenced sources and
formats of characters/content.
Accurate Completion of Software Research
Accurate Completion of Software Analysis
Provide proposal for purchase
A quality paper will meet or exceed all of the
above requirements.

Attachments:

• 1493168611-Executive Proposal CMIT 321.docx