Application Security in software development

Discuss the following, supplying citations to support any information that you provide.  Do not include your opinion, only what you can support with a citation.  Address the following topics.

  1. How does Application Security relate to software development?
    1. Define application and software development
    2. Briefly describe the role of application security in software development
  2. Discuss two software development approaches
    1. For each briefly discuss the high-level principles/approach
    2. Discuss how Application Security should be included in each phase/step of the approaches
    3. Discuss what elements of the application should be addressed and how.  Examples: data at rest, data in motion, identity management, etc.
  3. Discuss the potential downfalls that can occur if Application Security is not integrated with application development

For all writing assignments ensure that you do the following:

  • Write 1000 to 1500 words in APA format.
  • Utilize at least five scholarly references. 
  • Note that scholarly references do not include Wikipedia, .COM websites, blogs, or other non-peer reviewed sources. 
  • Utilize Google Scholar and/or the university library. 
  • Do not copy and paste bulleted lists.  Instead, read the material and in your words, describe the recommendation citing the source. 
  • Review the rubric to see how you will be graded.
  • Plagiarism will result in a zero for the assignment. 
  • The second instance of plagiarism will result in your failure of this class.
  • If you use a source, cite it.  If you do not, it is plagiarism.

Case Study

 Public Sector Case Study In November 2012, South Carolina state officials disclosed a massive data breach at the Department of Revenue. Few details on the breach were disclosed. But it involved exposing more than 3.6 million taxpayers’ personal information records and 650,000 business tax–related records. The breach occurred in September 2012. It’s clear that massive amounts of personal information were stolen. A former top official with the FBI estimated the cost to the state at more than $350 million, based upon past FBI experience, including the cost of offering free credit monitoring to affected individual taxpayers and businesses. 

The root cause of the breach cited in news reports was the lack of mandatory security policies across 100 state agencies, boards, commissions, and colleges and universities. 

All state agencies have some type of computer security system in place. It’s fair to assume they all have some level of security policy in place. But it is clear these policies were discretionary. That meant an approach to information security across state government that was at best inconsistent. Nor did the state appear to have a comprehensive approach to sharing best practices for information security or for coordinating response to these types of data breaches. 

In the case of the South Carolina Department of Revenue, the policies clearly were neither adequate nor consistent. Additionally, reports indicate the source of the hack was in Eastern Europe. The hacker or hackers gained access through a phishing e-mail. Phishing e-mails try to trick a user to open an e-mail and execute a link or program with malware. Security awareness is a strong control that educates users on how to protect themselves from such attacks, including how to recognize such attacks and why not to open suspect links. If a phishing e-mail was a source of the attack, it might be an indication that the security awareness program at this state agency was inadequate  

write a paper not more than 300-400 words on the following

  1. Do you think that the attack could have been prevented? If so, how? Alternatively, if you disagree that the attack couldn’t have been prevented, provide your analysis as well.
  2. What is your takeaway from the attack? And how does it prepared you to prevent future attacks in your organization?
  3. All papers must adhere to APA format. Please, don’t forget to use double spacing, and create in-text citations before making any references.

Job search 3.0

Research project manager’s positions and please post the following. Please do not copy and paste from web sites.

  1. Find three different job postings in the area you live in for a Project Manager. What are the items in the three job ads that are the same? Are there any major differences? Also, look up how much a project manager earns in your area. 
  2. In your opinion was any of the information that you uncovered in your search interesting or surprising?
  3. 1000 words

Operation Security

 Many types of systems are networked together, and the number of devices that are added to this network increases every year. With this explosive growth of networked systems, companies are now working harder to bring more sophisticated security systems online for greater protection from outside attacks.  For this Discussion, you will analyze a security breach caused by an employee or third party from inside an organization. Search the web or the University of the Cumberlands library for a news article concerning a security breach that occurred inside an organization.

  • Could the security breach have been prevented?  Explain
  • What business drivers were impacted from the breach

    TextBook:  Security Policies and Implementation Issues, Authors: Robert Johnson, Publisher: Jones & Bartlett Publishers, Publication Date: 2014-07-03 

Data Gathering Instrument

 

Data Gathering Instrument

Task: Create one (1) instrument that could be used to gather data for your mock dissertation topic. (cyber secuirty)
The instrument should be designed to be exactly how it would be deployed to collect data. Since instrumentation usually goes through several steps of field testing, for purposes of this assignment you can submit a deployment-ready draft of your instrument without field testing it. Be sure the instrument collects data appropriately to measure your research question.  If your study will not use an instrument to collect data because your data is archival and already exists, you will discuss your process for data retrieval. 

Ladder of Abstraction

  1. Read pp. 82-95 from Language in Thought and Action by S. I. Hayakawa and Alan R. Hayakawa. (OCLS)
  2. Create a ladder of abstraction for your operating paradigm as described by Hawakaya and Hayakawa. 
  3. Post your ladder for class review and comment.

Read from this link: https://medium.com/@tombarrett/up-and-down-the-ladder-of-abstraction-cb73533be751

450 words with in-text and 3 main references

A3

Attached is the document contains the question. Include at least 4 APA formatted references (and APA in-text citations). The assignment is 3 pages in length. Go through the word document for further details.

software antivirus

  

Make sure to explain and backup your responses with facts and examples. This assignment should be in APA format and have to include at least two references. In-text citations as required.

Question: 

Since it is so dangerous, why would designers install software into the kernel at all (or make use of kernel software)? If you were an antivirus designer or maker, what other methods do you utilize to prevent virus?[700 words]