Application Security to Software development

 

  1. How does Application Security relate to software development?
    1. Define application and software development
    2. Briefly describe the role of application security in software development
  2. Discuss two software development approaches
    1. For each briefly discuss the high-level principles/approach
    2. Discuss how Application Security should be included in each phase/step of the approaches
    3. Discuss what elements of the application should be addressed and how.  Examples: data at rest, data in motion, identity management, etc.
  3. Discuss the potential downfalls that can occur if Application Security is not integrated with application development

For all writing assignments ensure that you do the following:

  • Write 1000 to 1500 words in APA format.
  • Utilize at least five scholarly references. 
  • Note that scholarly references do not include Wikipedia, .COM websites, blogs, or other non-peer reviewed sources. 
  • Utilize Google Scholar and/or the university library. 
  • Do not copy and paste bulleted lists.  Instead, read the material and in your words, describe the recommendation citing the source. 
  • Review the rubric to see how you will be graded.
  • Plagiarism will result in a zero for the assignment. 
  • The second instance of plagiarism will result in your failure of this class.
  • If you use a source, cite it.  If you do not, it is plagiarism.

cloud computing

 

Describe in 500 words the shared security responsibility model that a dba must be aware of  when moving to the cloud.

Use at least three sources. Use the Research Databases available from the Danforth Library not Google. Include at least 3 quotes from your sources enclosed in quotation marks and cited in-line by reference to your reference list.  Example: “words you copied” (citation) These quotes should be one full sentence not altered or paraphrased. Cite your sources using APA format. Use the quotes in your paragaphs.  Stand alone quotes will not count toward the 3 required quotes.

Copying without attribution or the use of spinbot or other word substitution software will result in a grade of 0. 

Write in essay format not in bulleted, numbered or other list format. 

Do not use attachments as a submission. 

Reply to two classmates’ posting in a paragraph of at least five sentences by asking questions, reflecting on your own experience, challenging assumptions, pointing out something new you learned, offering suggestions. These peer responses are not ‘attaboys’.   You should make your initial post by Thursday evening so your classmates have an opportunity to respond before Sunday.at midnight when all three posts are due. 

It is important that you use your own words, that you cite your sources, that you comply with the instructions regarding length of your post and that you reply to two classmates in a substantive way (not ‘nice post’ or the like).  Your goal is to help your colleagues write better. Do not use spinbot or other word replacement software. It usually results in nonsense and is not a good way to learn anything. . I will not spend a lot of my time trying to decipher nonsense. Proof read your work or have it edited. Find something interesting and/or relevant to your work to write about.  Please do not submit attachments unless requested.

scenario 4

Due Week 4 and worth 100 points

Suppose you are a security director for a consulting firm that implements, secures, investigates, and supports point-of-sale (POS) for small and medium businesses (SMBs) in the retail industry.

Read the article titled, “If you shopped at these 16 stores in the last year, your data might have been stolen” located at https://www.businessinsider.com/data-breaches-2018-4 Choose 2 stores from the list and research the specific attack or breach.

Write a paper in which you:

  1. Summarize the attacks, providing details on the effects of the breach. 
  2. Identify the common purpose of attacks on point-of-sale (POS) systems. 
  3. Assess why and how these POS systems have become a prime target for hacking groups. 
  4. Examine the forensics challenges that exist for investigations on POS systems.
  5. Use at least two (2) quality resources in this assignment other than the article linked above. Note: Wikipedia and similar websites do not qualify as quality resources. 

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. 

SQL DATABASE SECURITY (CYBERSECURITY)

 For this week’s discussion, talk about why a database needs to be secured. In your initial post, answer at least two of the items in the bulleted list below:

  • Identify three actions that can be applied to a database environment to manage user access.
  • Is there such a thing as “overkill” with security? If so, how? (Provide an example)
  • Explain who should be in charge of making the security decisions for an organization’s database? Why?
  • Define and explain the difference between the authentication modes of at least two of the three database vendors mentioned in the chapter (SQL Server, MySQL, and Oracle).
  • Identify at least five best practices when adding and removing users.
  • Explain the principle of least privilege and how it should be applied within a database environment.

Research document

 Please go through the attached document with instructions and requirements completely before providing the answer

Module 7 – Course Insights & Reflections

Each of the Weekly Module assignments presented a picture of the network security control requirements to maintain a secured network – it’s a “lot” of work!  In an essay, provide your thoughts and comments on the issues and decisions you had to make on the following:

Module 1:  Network security design and tools

Module 2:  Security policies and programs to support the C.I.A. Triad (Confidentiality, Integrity and Availability)

Module 3:  Security procedures for each of the security tools in your network design

Module 4:  Creating a Risk Assessment and Business Impact Analysis

Module 5:  Creating an Incident Response Plan (IRP)

Module 6:  Creating a Disaster Recovery Plan (DRP)

Operation Security

 

A tenet of telecommunications says the more people who access a network, the more valuable the network becomes.  This is called Metcalfe’s Law.  When organizations implement security policies, there are pressures and trade-offs ~~ Chapter nine examines different types of users on networks as it reviews an individual’s need for access & how those needs can lead to risks.

  • How can the use of security policies reduce risk? Explain
  • How can a SAP reduce risk?  Explain
  • Why are end-users considered the “weakest” link in regards to implementing security policies and controls? Explain

Data Science Case Analysis

Final Case Analysis:

There are several CSV files attached , start with the word document to understand the nature of the data and broad expectations for the final case analysis. You are expected to explore and perform exploratory data analysis and the final analysis.

Data Details: You are given six years of lending data (2012 – 2017) in csv format. The data files are relatively larger than what you have used during this course so far. The size of each file is different and depends upon the number of loans the company issued in a year. It can be noted that the file size are relatively larger 2015 onward, which is when the company went public and started lending more loans. Each file has 31 columns (variables) and the description of each column is provided in the DataDictionary.xls file. 

In addition to that, you are also given the states characteristics in a file called states.csv. This file contains demographic information like population size, median income, unemployment rate etc. 

Lastly, you are given a regions file called states_regions.csv that contains larger regions and divisions that each state falls in. For example, New Hampshire is in the Northeast region and New England division. 

There are three sections to this case: Merging and cleaning (15 points), Data Analysis (60 points), Visualization (25 points) totaling 100 points. 

Merging and Cleaning 

Stack all six Lending Club files together on top of each other. Now join the states.csv file with the stacked file using state name as the primary key. Finally, merge the state_regions file with the combined file so that you have one large file containing lending club and states geographic and demographic information. 

Analysis 

Use the above file to analyze and answer the following questions:

1) Find the distribution of number of loans by state, regions and divisions. Describe in your own words the geographic differences in the number of loans. Also, analyze your results by comparing number of loans per capita. Did you notice any missing states in the Lending Club data? If yes, then find out why. 

2) Compare the average amount of loans granted by all states and divisions. Which states and divisions have the highest and lowest average loan amounts?

3) Compare the average interest rate charged and average loan amount by the loan Grade. Do you notice any patterns? 

4) Run a frequency distribution of number of loans, average loan amount and average interest rate for each state by year (2012 through 2017). Describe the changing patterns in those numbers. 

5) Is there a relationship with the population size of a state and the average loan amount given? Is there a relationship between Grade of loans and median income level in a state?

6) This is an open-ended question where you are asked to share an interesting fact that you found through data analysis. 1) 

Visualization

1) Create a plot of interest rates and Grade or a loan and describe the pattern. 

2) Create a map of US states and color code the map with the average amount of loans given. 

3) Show visually the relationship between the annual income of the recipient and the loan amount obtained from Lending Club

4) Create a plot that shows the relationship between the length of employment and amount of loan obtained. 

5) Create a “regional” map and show an interesting relationship of your liking.