You are the Information Security manager of a regional bank based in Abu Dhabi. Your team has been funded to develop a customer-facing, cognitive system that interactively answers customer questions online. The conditions of funding include that the SDLC must incorporate security best practices in all phases of the life cycle.
Write a paper that includes the following:
- A description of the four SDLC stages of your end-to-end project
- A detailed explanation of the security measures you would incorporate into each stage of the SDLC in order to ensure security best practices are followed all along the life cycle of the project
- Include a description of under what circumstances you would employ HTTP protocol versus an SSL protocol.
Keep in mind, the paper should focus on the ability to describe the SDLC (software development life cycle) stage and the steps taken to enforce security during each stage. Use diagrams, where appropriate.
- Paper should be 2-3 pages in length, not including the title and reference pages.
- You must include a minimum of two (2) credible sources.
- Paper must follow APA style guidelines, as appropriate.
We use many different types of risk management methodologies and tools. A part of the process involves identifying the threats to our system, generally by attackers who would harm our systems and data (assets). I’ve included a project that walks you through a simple threat modeling exercise, using STRIDE, which you will apply using a scenario, to understand the basic process.
1. Read the threat modeling article using STRIDE and complete a threat model and risk management plan
2. Read the attached Project description. you will create a report for your “boss” identifying the threats to your systems/assets in the scenario, who the attackers are, how they will attack (using STRIDE), and will make recommendations for security controls (use your textbook, too).
Do you need help with this assignment? Or a different one? We got you covered.