Security Audit & Infrastructure Enhancement
Categories
Skills
Project scope
What is the main goal for this project?
Project Duration: 6 Weeks
Project Hours: 150
Project Hours Per Learner: 30
Organization Description: [Please share any context around your organization and how this project coincides with wider Organizational goals]
Project Overview:
The project aims to evaluate and enhance our cybersecurity infrastructure by assessing security measures, networks, and systems, identifying vulnerabilities, and implementing best practices to strengthen overall protection. The primary objective is to analyze existing security protocols, pinpoint weaknesses, and provide a strategic report with actionable recommendations for improving cybersecurity measures.
The project is structured for a team of five learners, each dedicating 30 hours over six weeks (totaling 150 hours).
Project Scope & Expectations:
Learners will engage in:
- Conducting a full cybersecurity audit of existing IT infrastructure, developing a comprehensive assessment of the employer’s IT infrastructure to identify vulnerabilities.
- Identifying potential vulnerabilities in systems and networks, then documenting potential threats.
- Researching and recommending industry best practices for improved security measures.
- Assisting in the development or refinement of security policies and protocols.
- Documenting findings and presenting recommendations in a final report.
Project Duration: 6 Weeks
Project Hours: 150
Project Hours Per Learner: 30
Organization Description: [Please share any context around your organization and how this project coincides with wider Organizational goals]
Project Overview:
The project aims to evaluate and enhance our cybersecurity infrastructure by assessing security measures, networks, and systems, identifying vulnerabilities, and implementing best practices to strengthen overall protection. The primary objective is to analyze existing security protocols, pinpoint weaknesses, and provide a strategic report with actionable recommendations for improving cybersecurity measures.
The project is structured for a team of five learners, each dedicating 30 hours over six weeks (totaling 150 hours).
Project Scope & Expectations:
Learners will engage in:
- Conducting a full cybersecurity audit of existing IT infrastructure, developing a comprehensive assessment of the employer’s IT infrastructure to identify vulnerabilities.
- Identifying potential vulnerabilities in systems and networks, then documenting potential threats.
- Researching and recommending industry best practices for improved security measures.
- Assisting in the development or refinement of security policies and protocols.
- Documenting findings and presenting recommendations in a final report.
What tasks will learners need to complete to achieve the project goal?
Project Timeline & Deliverables:
Week 1: Onboarding & Project Initiation (~2 hours per learner)
- Employer and Learner team introductions.
- Overview of project scope, tools, and expectations.
- Onboarding exercises conducted
- Review of cybersecurity compliance standards relevant to the industry.
Week 2: Access & Initial Assessments (~4 hours per learner)
- Employer provides necessary systems and/or collateral access.
- Learners conduct initial research on the company’s security measures.
- Identify key cybersecurity risks and map out the project approach.
- Deliverable: Initial Security Assessment Report.
Week 3: Vulnerability Assessment & Risk Identification (~6 hours per learner)
- Conduct in-depth vulnerability scans and manual security checks.
- Analyze system access controls, password policies, and authentication mechanisms.
- Identify and document potential threats, misconfigurations, or weak points.
- Deliverable: Vulnerability & Risk Identification Report. (Document listing vulnerabilities, categorized by severity, screenshots where applicable).
Week 4: Security Policy Review & Compliance Analysis (~6 hours per learner)
- Research industry best practices and compliance frameworks (NIST, ISO 27001, CIS Controls).
- Compare employer security policies against industry standards.
- Identify gaps in security protocols and recommend enhancements.
- Draft updated security policies and procedural recommendations.
- Deliverable: Security Policy Gap Analysis Report.
Week 5: Security Hardening & Recommendations (~6 hours per learner)
- Develop a prioritized action plan for security improvements.
- If permitted, implement basic security measures (e.g., password policy updates, access control refinements, encryption setup).
- Provide structured recommendations for ongoing security enhancements.
- Deliverable: Security Hardening Checklist & Improvement Plan.
Week 6: Finalization & Deliverable Submission (~4 hours per learner)
- Compile findings into a full audit report with actionable recommendations.
- Present key insights and security improvement strategies to the employer.
- Deliverables: Final Cybersecurity Audit & Security Best Practices Recommendation Report (Document/Slide Deck)
Final Deliverables:
- Comprehensive Cybersecurity Audit Report with risk analysis and recommendations.
- Security Best Practices Guide tailored to the employer’s needs.
- Policy & Procedure Documentation outlining suggested security enhancements.
- Presentation Deck summarizing findings and proposed actions.
Working Expectations:
Learners are expected to receive practical real-world job experience in exchange for the completion of tangible deliverables of a successfully completed project. Employers are expected to provide mentorship, guidance, clear expectations to students, and regular communication with the AscentUP team.
Project Timeline & Deliverables:
Week 1: Onboarding & Project Initiation (~2 hours per learner)
- Employer and Learner team introductions.
- Overview of project scope, tools, and expectations.
- Onboarding exercises conducted
- Review of cybersecurity compliance standards relevant to the industry.
Week 2: Access & Initial Assessments (~4 hours per learner)
- Employer provides necessary systems and/or collateral access.
- Learners conduct initial research on the company’s security measures.
- Identify key cybersecurity risks and map out the project approach.
- Deliverable: Initial Security Assessment Report.
Week 3: Vulnerability Assessment & Risk Identification (~6 hours per learner)
- Conduct in-depth vulnerability scans and manual security checks.
- Analyze system access controls, password policies, and authentication mechanisms.
- Identify and document potential threats, misconfigurations, or weak points.
- Deliverable: Vulnerability & Risk Identification Report. (Document listing vulnerabilities, categorized by severity, screenshots where applicable).
Week 4: Security Policy Review & Compliance Analysis (~6 hours per learner)
- Research industry best practices and compliance frameworks (NIST, ISO 27001, CIS Controls).
- Compare employer security policies against industry standards.
- Identify gaps in security protocols and recommend enhancements.
- Draft updated security policies and procedural recommendations.
- Deliverable: Security Policy Gap Analysis Report.
Week 5: Security Hardening & Recommendations (~6 hours per learner)
- Develop a prioritized action plan for security improvements.
- If permitted, implement basic security measures (e.g., password policy updates, access control refinements, encryption setup).
- Provide structured recommendations for ongoing security enhancements.
- Deliverable: Security Hardening Checklist & Improvement Plan.
Week 6: Finalization & Deliverable Submission (~4 hours per learner)
- Compile findings into a full audit report with actionable recommendations.
- Present key insights and security improvement strategies to the employer.
- Deliverables: Final Cybersecurity Audit & Security Best Practices Recommendation Report (Document/Slide Deck)
Final Deliverables:
- Comprehensive Cybersecurity Audit Report with risk analysis and recommendations.
- Security Best Practices Guide tailored to the employer’s needs.
- Policy & Procedure Documentation outlining suggested security enhancements.
- Presentation Deck summarizing findings and proposed actions.
Working Expectations:
Learners are expected to receive practical real-world job experience in exchange for the completion of tangible deliverables of a successfully completed project. Employers are expected to provide mentorship, guidance, clear expectations to students, and regular communication with the AscentUP team.