The graduation proposal contains at least the following components:
A cover page with:
The name of the student and the student number
The name of the company
The company/personal data (i.e. name, email address,phone number of phone number). If available for it LinkedIn account of the company supervisor to be listed
· A concise summary of the completed graduation assignment and, if that part of a bigger project, part of a bigger project it bigger project
· The issue (reason for the assignment with: the problem to be solved, of the to want, or the opportunity to seize)
· The objective of the assignment (possibly two smaller problems) must be realized?)
· A description of the innovative in the context of the assignment (why is the assignment innovative?)
· Security past and present: internal security / need to know / least privilege
· Zero Trust model / ZTA
· All layers on system administration
· Securing data (innovative)
· Indicate which professional tasks are required to produce the professional product.
· There must be at least one professional task at level 2 and one professional task level 3 are performed.
“Level 2” likes the student to work independently and methods applies in an unpredictable exploitation context.
“Level 3” love that the student initiative shows and innovative applying methods in an unpredictable context.
· The professional tasks for each specialization are as follows:
· CSC: Analyzing, advising and designing infrastructure
TI: Designing and Realizing Hardware Interfacing
· The production / professional products expected to be supplies
Ethical aspects in relation to the assignment, the context of the work (when relevant)
· A substantiation that the company supervisor(s) is/are able to supervising the content of a student at a minimum of HBO level.
The HBO (Hoger beroepsonderwijs; literally “higher professional education”) is oriented towards higher learning and professional training. HBO is therefore the equivalent of college education in the United States.
Assessment graduation proposal – professional product
Organizational context: insightful
· What kind of organization? (species, size and structure)
· I have already described. It is a health insurance organization
· Within which part of the organization does the assignment take place?
· The assignment takes place within the Infrastructure team. The team consists of two system administrators, a network administrator and three service desk employees.
· Student position within organization?
· Mister IT works as a system administrator / IT consultant at ENO Zorgverzekeraar . He will be involved in conducting the investigation in the coming months. This research concludes with a company product.
Issue: clearly and concisely described
· What’s the matter?
There are currently no established guidelines for hardening services/components/systems within Eno. Systems in this context means: servers such as Microsoft Windows Server 2019, but also think of Firewalls e.d. . In order to have more control over these systems, the demand has arisen to harden / standardize multiple systems.
The temporary main question is:
How can server hardening be applied so that the organization is less susceptible to cyber attacks, vulnerabilities can be monitored and customer data is/is guaranteed?
· Who is it a matter for?
· Not answered yet
· Is the issue a problem or an opportunity?
· In case of problem: possible causes and consequences?
· By opportunity: what must be achieved and how will it be achieved realised?
The problem: too little security / You don’t know what you have in the environment. What exactly is needed and what is not needed?
Opportunity = control, achievable Ensuring an environment that is predictable…etc
Objective of assignment: clear, guiding and delineated
· What is the objective (goal)?
The goal of the organization is to be less prone to cyber attacks/intrusions.
To be in control
In short: customer feeling safe with organization…. Data is also safe (including medical data)
· How is the objective achieved?
· Using standards (CIS controls ?)
· Policy management?
· Keeping a server’s operating system patched and updated
· Regularly updating third-party software essential to the operation of the server and removing third-party software that doesn’t conform to established cybersecurity standards
· Using strong and more complex passwords and developing strong password policies for users
· Locking user accounts if a certain number of failed login attempts are registered and removing needless accounts
· Implementing multi-factor authentication
· Using self-encrypting drives or AES encryption to conceal and protect sensitive information
· Using firmware resilience technology, memory encryption, antivirus and firewall protection, and advanced cybersecurity suites specific to your operating system, such as Titanium Linux
Assignment: relevant, precise and defined at the level of the HBO-ICT specialization
· Problem not solved yet?
· No yet
· Desired result specifically described?
· Complexity level sufficiently high?
· one professional task at level 2
· one professional task at level 3 (within specialization)
Professional product in relation to the ICT professional tasks: clear
· Which professional tasks are in line with the assignment and goals?
Supervisor (study): meets the HBO level criteria Minimum HBO level?
· Michael (supervisor/ IT manager) is a university graduate
· Role student in daily work?
· Role student in the graduation assignment?
· Sufficient time and opportunity to complete an assignment during working hours to work? Concrete agreements with the manager?
· At least two days a week to work on the assignment. This can be extended to three days a week if necessary.
· Plan at least 1 hour a week to discuss the progress of the graduation assignment.
· This can be extended to possibly two hours a week
· The client expects a certain degree of independence
· Space / posibility for independent advice?
· I was hired by the client as an IT consultant. They give me the opportunity to carry out the assignment independently. Where necessary, I get support from colleagues