You are a security professional for Blue Stripe Tech, an IT services provider wi

You are a security professional for Blue Stripe Tech an IT services provider with approximately 400 employees. Blue Stripe Tech partners with industry leaders to provide storage networking virtualization and cybersecurity to clients. Blue Stripe Tech recently won a large DoD contract which will add 30 percent to the revenue of the organization. It is a high-priority high-visibility project. Blue Stripe Tech will be allowed to make its own budget project timeline and tollgate decisions. As a security professional for Blue Stripe Tech you are responsible for developing security policies for this project. These policies are required to meet DoD standards for delivery of IT technology services to the U.S. Air Force Cyber Security Center (AFCSC) a DoD agency. To do this you must develop DoD-approved policies standards and control descriptions for your IT infrastructure (see the Tasks section in this document). The policies you create must pass DoD-based requirements. Currently your organization does not have any DoD contracts and thus has no DoD-compliant security policies standards or controls in place. Blue Stripe Techs computing environment includes the following: § 12 servers running the latest edition of Microsoft Server providing the following: o Active Directory (AD) o Domain Name System (DNS) o Dynamic Host Configuration Protocol (DHCP) o Enterprise resource planning (ERP) application (Oracle) o A research and development (R&D) engineering network segment for testing separate from the production environment o Microsoft Exchange Server for email o Email filter o Cloud-based secure web gateway (web security data loss protection next-generation firewall cloud application security advanced threat protection) § Two Linux servers running Apache Server to host your website § 400 PCs/laptops running Microsoft Windows 10 Microsoft 365 office applications and other productivity tools Tasks § Develop a list of compliance laws required for DoD contracts. § Determine which policy framework(s) will be used for this project. § List controls placed on domains in the IT infrastructure. § List required standards for common devices categorized by IT domain. § Develop DoD-compliant policies for the organizations IT infrastructure. § Describe the policies standards and controls that would make the organization DoD compliant. § Develop a high-level deployment plan for implementation of these polices standards and controls. § Write a professional report that includes all of the above content-related items and citations for all sources. Submission Requirements Format: Microsoft Word (or compatible) Font: Arial size 12 double-space Citation style: Your schools preferred style guide Length of context research: 2“4 pages Length of final report: 4 to 6 pages Total: 8 to 10 pages (excluding the Intro and references) Reference sources: § DoD instructions or directives https://www.esd.whs.mil/dd/ § Risk Management Framework (RMF) for DoD Information Technology (IT) https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/851001p.pdf?ver=2019-02-26-101520-300 § U.S. Department of Defense (DoD) Chief Information Office Library https://dodcio.defense.gov/Library/ § Department of Defense Information Security Program https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodm/501m_vol1.pdf?ver=2020-08-04-092500-203 § Department of Defense Internet Services and Internet-Based Capabilities https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/817001p.pdf