User Account

All Pages

Describe the description of penetration testing

Assignment Help Computer Engineering
Reference no: EM132589444

Assignment: Refer to NIST SP 800-53 (Rev. 4) for the 18 candidate security control families and associated security controls.

Security Assessment must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process. Testing of selected security controls ensures that applications meet business requirements, function as planned, and protect associated data securely from attack. A security assessment of the targeted environment identifies vulnerabilities that may cause a security breach and specifies the security controls that mitigate the vulnerabilities.

For this assignment, use the organization you chose in Week 1.

Part I: Mapping Vulnerabilities to Security Controls

Choose 5 distinct security control families as specified in NIST SP 800-53 (Rev. 4) that are most applicable to your organization's known vulnerabilities.

Create a 1-page spreadsheet in Microsoft Excel that identifies the following criteria for each family:

• Control ID

• Control Name

• Vulnerability

• Recommended mitigation (refer to your Week 3 assignment; refine them for this mitigation)

Part II: Security Controls Testing

Provide a 2- to 3-page table in Microsoft Word including each family, and describe the testing procedure that will mitigate the vulnerability. Annotate whether the testing procedure is an interview, observation, technical test, or a combination.

Part III: Penetration Testing and Vulnerability Scanning

Provide a 1-page description of penetration testing and vulnerability scanning processes.

Describe how they are used as part of the organization's testing and assessment strategy.

Format your citations according to APA guidelines.

Reference no: EM132589444

Questions Cloud

Create income statements for the year ended Dec : Bio Tech manufactures and sells surgical mask. Create income statements for the year ended Dec 31, 2018 based on both marginal and absorption costing
How should purchase the bond at the current market price : What is the value of the bonds to you given your required rate of return? Should you purchase the bond at the current market price?
Dscribe the data collection techniques : Summarize 3 data collection techniques (Interviews, Surveys, Observations, Focus Groups, etc.). Compare and contrast the 3 data collection techniques.
Calculate the discounted selling price : Pete's Wheels n' Spokes has a rate of markup on cost of 25% on a model of bikes. Calculate the discounted selling price
Describe the description of penetration testing : Security Assessment must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process. Testing of selected.
How does that item impacted net income : How does that item impacted net income (or net loss) and why is there an adjustment necessary to determine cash from operations
Draw the graph breakeven point of capital structure : What is your recommendation in relation to EPS and capital structure based on the given data. draw the graph breakeven point of capital structure
Show the journal entries for the mentioned transactions : On April 1, 2017, XYZ Limited sold a freehold property to another company, STU Limited. Show the journal entries for the mentioned transactions
Explain differences between the direct and indirect methods : Question - Explain the differences between the direct and indirect methods for preparing the statement of cash flows

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd