Operations Security DoD Project Paper

Operations Security DoD Project Paper


This course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.

Learning Objectives and Outcomes

Successful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:

Evaluate compliance laws relevant to the U.S. Department of Defense.

Assess policy frameworks appropriate for an organization in a given scenario.

Evaluate security controls and standards for the seven domains of a typical IT infrastructure.

Develop DoD-compliant policies for an organization’s IT infrastructure.

Required Source Information and Tools

Web References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on August 26, 2020.


The following tools and resources will be needed to complete this project:

· Course textbook

Internet access

DoD instructions or directives

Risk Management Framework (RMF) for DoD Information Technology (IT)

U.S. Department of Defense (DoD) Chief Information Office Library

Department of Defense Information Security Program

Department of Defense Internet Services and Internet-Based Capabilities

You may consult other relevant sources, if needed. If so, include citations for those sources in the final deliverable for this report.


This project is divided into several parts, each with a deliverable. The first three parts are research drafts, which should include organized lists and notes gathered during research, sources, and in some cases policy drafts. These documents should be organized and readable, but are not polished reports.


Item Deliverables
Project Part 1 U.S. Compliance Laws Research

Submit a draft of your research of DOD-specific requirements for an organization’s IT infrastructure and U.S. compliance laws that may affect the firm.

Project Part 2 Infrastructure Research A

Submit a draft of (1) which policy framework(s) will be followed for the project and (2) DoD-compliant policies, standards, and controls that affect the User, Workstation, LAN, and LAN-to-WAN Domains.

Project Part 3 Infrastructure Research B

Submit a bulleted list of DoD-compliant policies, standards, and controls that affect the WAN, Remote Access, and System/Application Domains.

Project Part 4 Final Report

Submit the final report of your class project.



Note: Your instructor may require that this project be completed in groups. If so, select a team leader and hold weekly team meetings as a group to be sure the work is proceeding on schedule.


You are a security professional for Blue Stripe Tech, an IT services provider with approximately 400 employees. Blue Stripe Tech partners with industry leaders to provide storage, networking, virtualization, and cybersecurity to clients.

Blue Stripe Tech recently won a large DoD contract, which will add 30 percent to the revenue of the organization. It is a high-priority, high-visibility project. Blue Stripe Tech will be allowed to make its own budget, project timeline, and tollgate decisions.

As a security professional for Blue Stripe Tech, you are responsible for developing security policies for this project. These policies are required to meet DoD standards for delivery of IT technology services to the U.S. Air Force Cyber Security Center (AFCSC), a DoD agency.

To do this, you must develop DoD-approved policies, standards, and control descriptions for your IT infrastructure (see the “Tasks” section in this document). The policies you create must pass DoD-based requirements. Currently, your organization does not have any DoD contracts and thus has no DoD-compliant security policies, standards, or controls in place.

Blue Stripe Tech’s computing environment includes the following:

12 servers running the latest edition of Microsoft Server, providing the following:

Active Directory (AD)

Domain Name System (DNS)

Dynamic Host Configuration Protocol (DHCP)

Enterprise resource planning (ERP) application (Oracle)

A research and development (R&D) engineering network segment for testing, separate from the production environment

Microsoft Exchange Server for email

Email filter

Cloud-based secure web gateway (web security, data loss protection, next-generation firewall, cloud application security, advanced threat protection)

Two Linux servers running Apache Server to host your website

400 PCs/laptops running Microsoft Windows 10, Microsoft 365 office applications, and other productivity tools


Develop a list of compliance laws required for DoD contracts.

Determine which policy framework(s) will be used for this project.

List controls placed on domains in the IT infrastructure.

List required standards for common devices, categorized by IT domain.

Develop DoD-compliant policies for the organization’s IT infrastructure.

Describe the policies, standards, and controls that would make the organization DoD compliant.

Develop a high-level deployment plan for implementation of these polices, standards, and controls.

Write a professional report that includes all of the above content-related items and citations for all sources.

Submission Requirements

· Format: Microsoft Word (or compatible)

· Font: Arial, size 12, double-space

· Citation style: Your school’s preferred style guide

· Length of draft research documents: 2–4 pages

· Length of final report: 14–18 pages

Self-Assessment Checklist for Final Report

I developed a list of compliance laws required for DoD contracts.

I listed controls placed on domains in typical IT infrastructure.

I listed required standards for common devices, categorized by IT domain.

I developed DoD-compliant policies and standards for my organization’s IT infrastructure

I described the policies, standards, and controls that would make my organization DoD compliant.

I listed all applicable DoD frameworks in the final report.

I developed a high-level deployment plan for implementation of these polices, standards, and controls.

I created a professional, well-developed report with proper documentation, grammar, spelling, and punctuation.

I included citations for all sources used in the report.

I followed the submission guidelines.

© 2022 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. Page 1

Oder Solution Now

Why Use Our Services

1. Professional & Expert Writers: AResearchers only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by AResearchers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. AResearchers is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses. First time customer will receive three free pages on their first order. 

6. 24/7 Customer Support: At AResearchers, we have put in place a team of experts who answer to all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.