Plan of Action and Milestones
I’m trying to learn for my Computer Science class and I’m stuck. Can you help?
Resource: POA&M Template
Your company recently reviewed the results of a penetration test on your network. Several vulnerabilities were identified, and the IT security management team has recommended mitigation. The manager has asked you to construct a Plan of Action and Milestones (POA&M) given that the following vulnerabilities and mitigations were identified:
- The penetration test showed that not all systems had malware protection software in place. The mitigation was to write a malware defense process to include all employees and retest the system after the process was implemented.
- The penetration test indicated that the data server that houses employee payroll records had an admin password of “admin.” The mitigation was to perform extensive hardening of the data server.
- The penetration test also identified many laptop computers that employees brought to work and connected to the internal network some of which were easily compromised. The mitigation was to write a Bring Your Own Device (BYOD) policy for all employees and train the employees how to use their devices at work.
Complete the 1- to 2-page POA&M using the form provided.
Compile one file for the team.
Note: This POA&M will help you develop your individual assignment this week.
Cite all sources using APA guidelines.