Categories
Other

Outcomes addressed in this activity:

Looking for some help? We have it all. Great price and impressive quality

For This or a Similar Paper Click To Order

Unit 3 Assignment: Reducing the Attack Surface
Outcomes addressed in this activity:
Unit Outcomes:
Distinguish secure software development practices.
Discover secure software development practices.
Analyze appropriate steps for developing strategy and policies related to creating secure software.
Course Outcome:
Analyze the cybersecurity software development life cycle (SDLC).
Purpose
You recently took a position as a cybersecurity analyst for a small software company. The software company currently has three commercially available off-the-shelf software products that are sold to businesses and/or organizations (B2B). They can range from small companies to very large companies, including those in the Fortune 500. One of their products has been identified by CERT to have several vulnerabilities. Since this event occurred, the chief cybersecurity officer (CCSO) suspects that not enough security is built into the software development process used at the company. You have been asked by the CCSO to conduct a cyber attack surface analysis on one of their Web-based products in an effort to improve the software development process.
Assignment Instructions
For Assignment purposes, select a multi-layered (presentation layer, business layer, and database layer) Web-based open source project in place of the software company’s Web-based product. In place of the open source project, if you are familiar with another Web-based system that meets the requirements, then discuss using it with your instructor.
Assume that the presentation layer resides on a dedicated server in the company’s DMZ. The other two layers of the software are behind the corporate firewall and can reside on one or two dedicated servers. The Web application is accessible from the Internet and is browser based. Firefox, Chrome, Internet Explorer, and Safari are the supported browsers.
You will conduct a cyberattack surface analysis on the system/application you selected. Focus your analysis from an external cyberattack point of view. It is not necessary to focus on end user cyberattacks (social engineering attacks, etc.). You will define the cyberattack surface (do not forget to consider the OSs used and Web server), and you will identify and map the cyberattack vectors, categorize what was identified, and pick at least three use cases that validate your understanding of the attack surface. Finally, determine if the attack surface can be reduced (You can make assumptions to help support your position). All of this analysis will help the CCSO understand the cyberattack surface for the product. To help with your analysis, you can use an open source or commercially available attack surface analyzer. Finally, this Assignment should also include a graphical representation of the attack surface with descriptions (Consider using Visio for this part of the Assignment.).
Assignment Requirements:
3–4 pages of content (exclusive of title page etc.), double-spaced in 12pt Times New Roman font, using correct APA formatting and including a title page and reference page(s).
At least 3 credible sources.
No spelling error
No grammar error
No APA errors.
For more information on APA style formatting, refer to the resources in the Academic Tools area of this course.

Looking for some help? We have it all. Great price and impressive quality

For This or a Similar Paper Click To Order

Leave a Reply