Implementing secure software to avoid flaws

Assignment Help Computer Network Security

Reference no: EM132945313

CT6042 Secure Coding

Learning Outcome 1: explain and evaluate the fundamental theories of a range of security failures that are due to software vulnerabilities.
Learning Outcome 2: apply techniques, tools and understanding for implementing secure software to avoid flaws.
Learning Outcome 3: critically evaluate security-enhanced programming models and use appropriate tools which help ensure security goals.
Learning Outcome 4: analyse security-critical code fragments and incorporate appropriate practices within a systems development methodology

The requirements for assessment 1:

Too many developers are prioritising functionality and performance over security. Either that, or they just don't come from a security background, so they don't have security in mind when they are developing the site, therefore leaving the business vulnerable.
Your task for this assignment is to write a secure software development framework/guideline that discusses five dangerous software errors such as Buffer Overruns. Your framework/guideline should include the following for each software error:
a) demonstrate how the vulnerability can be exploited with code examples?
b) demonstrate how the code was tested to identify vulnerability?
c) how to mitigate, what security measures were put into place?
d) test again to make sure the code is resilient to the chosen attack
Your framework should also include general discussion about:
a) the importance of Security Development Life Cycle
b) product risk assessment and risk analysis

You should include all implemented source code in the appendix of your report. Note that the appendix does not count towards your report word count.

You should carefully consider the following when writing your report:

• Style - suitable to be quickly read and comprehended.
• Content - relevant, clearly explained, logically organised.
• Authority - discussed concepts and ideas will need evidence in support.
• Practical understanding - your own practical examples, advice and demonstrations should be included.
• Technical understanding - understanding of the discussed system and consideration of comparison products.
• Comprehensiveness - you need to cover what you consider to be all the key topics.
• Helpfulness - practical examples, advice and demonstrations should be included

Attachment:- Secure Coding.rar

Reference no: EM132945313

Questions Cloud

Identifying personality profiles : Explain the benefits of understanding and identifying personality profiles.

Explain integrated dynamic trade approach : Explain Integrated Dynamic Trade Approach wrt to global business environment

Comprehension application of swot analysis : JBS is a well-established global chain of retail stores, which provides pre-packed food and goods at a low cost. There is a growing preference for fresh and org

Why expertise is such an important relationship builder : Explain why expertise is such an important relationship builder. Provide a detailed discussion and examples.

Implementing secure software to avoid flaws : Explain and evaluate the fundamental theories of a range of security failures that are due to software vulnerabilities and implementing secure software to avoid

Critically analyse and evaluate network security controls : Critically analyse and evaluate network security controls and mitigation techniques: network monitoring, firewalls and traffic filtering, intrusion detection

Principles of network security architectures : Demonstrate the ability to understand and synthesize the principles of network security architectures and security frameworks and models;

Framework for effective organisational leadership : Construct your own model/ framework for effective organisational leadership

Find whats total cost of ending inventory according to fifo : What is the total cost of the ending inventory according to FIFO? Beginning inventory39 units at $42. FIFO and LIFO Costs Under Perpetual Inventory System.

User Account

All Pages