The worm will then be able to infect the devices within the new network.

Many of you have learned about the OSI and many do not get how this is applicable beyond foundational knowledge.  I would like you to take another look at the OSI model and each layer discuss a possible security risk you see in each layer.  You will see a common theme by the end of the discussion.
Example:  Use only as example!
This week we discuss the security vulnerabilities that are found in each layer of the OSI model.  The physical layer is up first.  Vulnerabilities in the physical layer have been discussed extensively in previous weeks.  One possible security risk is for an adversary to infect a USB drive and then physically plug it in to a networked device.
The next layer is the data link layer.  It is the layer responsible for the transmission of data between nodes.  A security threat in this layer would be for a potential adversary to corrupt or alter data that is about to be sent through the node.  This would subsequently alter the data that is transmitted form its original and intended form.
The network layer is responsible for routing messages through different networks.  A vulnerability here could be a data worm that has infected a device in one network, being transported via the network layer to another network.  The worm will then be able to infect the devices within the new network.
The transport layer is the first in the upper layer and is responsible for breaking messages down in to pieces before sending them onward.  A potential vulnerability here is for the interception of unencrypted messages being sent through the transport layer by an adversary.
Session layer is next and is responsible for passwords exchanges, log offs, and termination of connections.  A vulnerability here would be an adversary keeping the gateway open and preventing the session layer from terminating the connection.  This would allow the adversary access to the data protected beyond the password gateway.
The presentation layer provides conversion service which cause character change sequences.  A vulnerability here could be an adversary corrupting the change sequence which would produce the incorrect data once it has been converted.
The final layer, the application layer is the layer most responsible for communication of the various applications being utilized.  One of the vulnerabilities present here would be the potential for a virus to cause the application layer to redirect data that flows through it.  
One of the common themes I see running through here is the spread of corruption and viruses.  Each layer has the potential to spread malicious content.  The conclusion this brings me to is that each layer must be properly defended with modern security protocols.
Jacobs, S. (2015) Engineering Information Security : The Application of Systems Engineering Concepts to Achieve Information Assurance

Compose a 1-page well documented paper that proposes your plan on the paper.

Instructions
Compose a 1-page well documented paper that proposes your plan on the paper. Your proposal should be based on the following scenario.
Heavy Metal Engineering (HME), a manufacturing organization that creates metal shell casings for very high-end washer and dryer products has suppliers and customers world-wide, as well as world-wide offices. HME the US Corporate office in NY hires you as a professional Information Assurance consultant.
HME is looking to receive some significant third party funding for an international joint venture but was told they would be denied because they do not have any kind of Information Assurance plan to keep all data assets secure. You are required to create a comprehensive IA strategy that includes the following:
A detailed overview of what Information Assurance entails covering all the basics for an IA strategy (what will be protected and from what)
A plan or strategy for IA implementation including a framework
A complete risk mitigation strategy that completely outlines your plans to mitigate risks associated with operating in the 21st century workplace.
Select an accrediting body to ensure IA is not only a process but a part of organizational culture going forward
An incident response and disaster recovery plan in the event of intrusion and disaster
All sections should be clearly labeled and a separate section in each area specifically for justifications of your selection/proposal.
Your thoughts must be solidified with viable sources consistent with graduate level work. No more than 2 sources may be used with ND or no author. Scholarly and Peer reviewed sources are expected to be used throughout the bulk of this paper.

Hello class,

Week 2 Discussion – Question #2 
As the demand for systems and applications continue to grow, organizations are striving to get things correct the first time as barriers are high and alternatives are plentiful.  Review the elements systems engineering discussed in Chapter 2 and select the most critical element and one you see commonly overlooked.
Use only as example!
Example:
Hello class,
I hope this week finds you all doing well. This week we are discussing the elements of system engineering. I will admit I have not delved into the systems engineering process in my previous studies too extensively before this course. From my previous life experiences though I would have to be one of the more critical steps that is often overlooked would be the process of investigating alternative solutions (Jacobs, 2015). I know it sounds like this should be something done all of the time, but I know from what little project experience I do have people tend to focus in on one main plan and not want to budge. Meanwhile an alternative solution could make the system implementation go much smoother, or there are more cost effective options available to the team. In reality this task is paired with another in our reading which seems to walk hand in hand and that is modeling the system (Jacobs, 2015). By modeling the system the systems engineers can lay out a roadmap of the system, and see where potential alternatives may be helpful.
By investigating alternative systems, and modeling each one the systems engineers can lay out each of the models and see the value of each in different functionality areas, as well as lay out the cost of the individual models, and performance based information. This side by side comparison of alternatives will allow the management to decide which option is the best fit overall and thus save time in the long run by not having to continuously go back to the drawing board as they say. In the words of this week’s reading exploring the alternatives will help examine the performance, cost-benefit, and trade-off analysis for each of the alternative designs (Jacobs, 2015). I thought the reading from this week was extremely interesting, and I am working a bit ahead because of my operational requirements while deployed, but I look forward to reading what you all have to say about the reading. Best of luck to you all.
Mike
References
Jacobs, S. (2015). Engineering information security: The application of systems engineering concepts to achieve information assurance. John Wiley & Sons, Incorporated.