User Account

All Pages

Describe required tools needed for effective assessment

Assignment Help Basic Computer Science
Reference no: EM132671919

The Questions:

1. List and describe the required tools needed for an effective assessment. What are some common mistakes and errors that occur when preparing for a security assessment?

2. Describe in depth the role in which organizational risk tolerance plays in relation to systems under assessment.

3. Identify and describe what threat agents should be avoided in preparation for an assessment. How do we effectively screen out irrelevant threats and attacks in this preparation?

4. Identify when to use architecture representation diagrams and communication flows. Define and illustrate when decomposing of architecture would be used. Provide an example of architecture risk assessment and threat modeling.

The Concepts:

What follows is a summary of the major concepts from the first six chapters of the textbook. You will use these concepts in answering the questions. The first five chapters of the textbook set the context and foundation for the security assessment and threat modeling for any type of system. System as defined is not only the implementation of software (code) but any type of digital system integration and deployment.Architecture risk assessment is mandated within standards and by organizations.

A continuing increase in sophistication and complexity of attackers means that flaws in architecture, missed security features and weak designs continue to put digital systems at risk.

Chapter 1-Architecture Risk Assessment (ARA) threat modeling has been defined as it applies to security architecture. Also addressed is a body of knowledge and a practice for applying security to systems of all types and sizes.

Chapter 2- defines what a system assessment for security is. It shows multiple examples and addresses the 3 Ss, namely Strategy,Structures, and Specification.

Chapter 3- explores the art of security architecture as a practice. Narrowly defined security architecture to the confines of the task at hand: ARA and threat modeling.

Chapter 4- addresses risk as it relates to the attack, breach, or compromise of digital systems. Providing concepts and constructs with direct applicability to system assessment and threat models. Also credible attack vectors (CAV), a construct for quickly understanding whether an attack surface is relevant or not.

Chapter 5- is devoted to the lightweight ARA/threat modeling methodology ATASM. The acronym stands for architecture, threats,attack surfaces, and mitigations. Chapter 5 demonstrates how to apply ATASM to a fictional e-commerce website.

Chapter 6- finishes examining the security architecture and the ATASM process for the fictional e-commerce website.

Reference no: EM132671919

Questions Cloud

Difference between continuous and partial reinforcement : a. Explain the difference between continuous and partial reinforcement
How should policy resistance be dealt with : Continue developing your Organizational Change Action Plan. Based upon the course readings, supplementary materials, and your own literature search via the.
What is the adjusted profit : Ellis Ltd accumulates the following adjustment data at 31 December. Assume profit before the adjustments listed was $16,500. What is the adjusted profit?
Calculate the current year annual depreciation expense : On January 1, 2020, purchase equipment costing $20,200 with an estimated life of five years. Calculate the current year annual depreciation expense
Describe required tools needed for effective assessment : Describe the required tools needed for an effective assessment. What are some common mistakes and errors that occur when preparing for a security assessment?
How the financial asset is recognised : Discuss how the financial asset is recognised and measured in the year ended 30 September 2020, with calculations.
Evaluate the academic and practitioner literature : Evaluate the academic and practitioner literature as it applies to the client organization. Create a detailed outline and implementation of the Action Plan.
How transaction has been treated in the financial statements : There are a number of customers that have ordered, How the transaction has been treated in the financial statements, for year ended June 2020?
What are the pros and cons for children playing outside : What are the pros and cons for children playing outside? What are the pros and cons for children playing inside with technology?

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Differences between virtualisation architecture

Research virtualisation architecture and explain how it is different from client/server architecture. focus on virtualisation architecture and client/server architecture. Reflect on the differences between virtualisation architecture and client/ser..

  How many randomly selected adults must they test

Hearing this, some medical researchers decide to conduct a large-scale study, hoping to estimate the proportion to within 4% with 98% confidence. How many randomly selected adults must they test?

  Aware of some of these legal differences

Ramon and Class, what do you think the consequences might be if you were not aware of some of these legal differences? What penalties would you impose if given that power?

  Recent rise of china and india on the global stage

What trade theories support the recent rise of China and India on the global stage? How?

  Discover the current state of ieee posix standards

Research current literature to discover the current state of IEEE POSIX Standards and find out if the version of Windows on the computer.

  Manufactures mufflers for cars offers a lifetime warranty

A company that manufactures mufflers for cars offers a lifetime warranty on its products, provided that ownership of the car does not change.

  Understand the best strategy

Can a tutor please help understand the best strategy that an investor can use in the bull markets either by using option or by using the futures.

  Documenting the ideal customer

Can you explain ERP (enterprise resource planning) in layman terms and how can I explain to management how recommended steps such as documenting

  What you believe to be the main business purpose of charts

Explain what you believe to be the main business purpose of charts in Excel. Next, discuss whether or not you believe Excel would still be a useful tool if the charting features were removed from the application.

  Why security architecture is important to organization

Explain why security architecture is important to an organization? and what does an assessor need to understand before she or he can perform an assessment?

  Fraction with a denominator

Simplify each of the following algebraic expressions. All sets are assumed to be subsets of a universal set U.

  Prove that the algorithm does not add duplicates

Suppose that you want to generate a random permutation of N distinct items drawn from the range 1, 2, ..., M.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd