User Account

All Pages

Report on software and web security tools and technologies

Assignment Help Software Engineering
Reference no: EM133849246 , Length: word count:1000

Software Fortress and Web Protection

Assessment Task - Investigative report -software and web security tools and technologies.

Learning Outcome 1: Plan secure software and web applications to mitigate threats and risks given technical and financial constraints.

Learning Outcome 2: Construct resilient and secure software and web applications using emerging threat management systems and internal code control. Get top assignment help at pocket friendly prices!

Assessment Task
In a group of 3-4 students, develop a vulnerability assessment and risk mitigation plan based on the potential risks and vulnerabilities of a website or web server. Present it as a 1000-word report.

Context
Software security, also known as code security, is essential to web application security. It involves identifying and addressing potential security vulnerabilities in the code of a web application to prevent malicious attacks. For any organisation, web application security is crucial because they are vulnerable to attacks and can expose sensitive data if not adequately secured. In addition, web applications can be accessed by anyone with an internet connection, making them an attractive target for hackers and other malicious actors.

For this assessment task, you will understand the importance of planning and conducting regular risk assessments to identify appropriate security controls that must be implemented on the server using emerging threat management systems and internal code control.

Instructions
In this assessment task, you will outline the potential risk and vulnerabilities of a website or web server. In addition, you need to devise and perform simple penetrating testing to determine the website's vulnerabilities.
To complete this assessment task successfully, you must complete the following tasks:

Form and register a group
Form a group of 3-4 students. Send a registration email to the Learning Facilitator before the registration deadline. Note: the deadline for team registration is 11:45 pm AEST Friday, end of Module 5.
The registration email must be sent by a group member with the subject line "[SFW541] Team Registration". In the body of the email, please list all the group members' names and student ID numbers.
After the registration deadline, those students who are not in a group will be allocated to groups by the Learning Facilitator.
Please refer to the Assessment tasks 2 and 3 Group Formation Guidelines in the Assessment Section on Blackboard for more information.

Read the Group Contract
Please read the attached SFW541 Assessment tasks 2 and 3 Group Contract. This document outlines the rules and conditions that each group must follow for all parts of Assessment task 2, as well as the roles and responsibilities of each group member. Each group is required to complete the group contract and include it as an appendix to Assessment task 2. As per the assessment rubric, the group contract accounts for 10% of the assessment task grade.

For assessment tasks where students are expected to work in groups, the workload must be shared equitably among all group members. Please refer to sections 6.1 and 6.2 of the Student Conduct Policy.

When submitting the group contract, you are reminded not to ‘recycle' (self- plagiarise) contracts from other assessment tasks. Sections on deliverables, timelines and expectations should be unique to each part of the assessment task. Self- plagiarism constitutes a breach of Academic Integrity and can lead to penalties being applied to the assessment task or the subject.

For Assessment task 2, you should keep records of communications and drafts. Any serious concerns about an individual group member's contribution should be brought to the attention of your Learning Facilitator as soon as they occur or at least two weeks before the assessment task due date, whichever is earlier. Teams may also be required to produce these records as evidence of group members' contributions.

If a student has been accused of not contributing equally or fairly to a group assessment task, the Learning Facilitator will contact the student. He/she will be given three working days to respond to the allegation and provide supporting evidence. If the student does not respond within three working days of having been contacted, the Learning Facilitator will determine an appropriate mark based on available evidence. This may differ from the mark awarded to other group members and will reflect the individual student's contribution regarding the quantity and quality of work completed.

Review the case study
Access the case scenario from the Learning Facilitator via Class Announcements on Blackboard in Module 5.
Carefully review it to understand the cybersecurity requirements for the organisation.

Complete a Group Report (1000 words)
You will present your penetration testing, vulnerability assessment and risk mitigation plan in a Report format with visual diagrams where applicable. You must also cite current (from the past five years) secondary research using APA referencing 7th edition guidelines to support your results. The sources must be included in a reference list.

The Report must include the following sections:

Introduction [150 words]
Select and describe two recent (from the last two years) cyber-attacks on business websites related to the case scenario; for example, session hijacking and other forms of phishing.
Outline the nature of the attack mechanisms on the selected cybersecurity attacks.
Penetration testing and vulnerability assessment [350 words]
Prepare a penetration testing and vulnerability assessment for the online business using appropriate tools and techniques:
Choose one web application from the table below to identify vulnerabilities.

Use at least two tools, such as vulnerability scanners, to identify the vulnerabilities in the web application. For example, you can use OWASP ZAP, Burp Suite, or Nessus.
Attempt to exploit identified vulnerabilities to assess their severity and potential impact.
Provide a detailed description of the potential vulnerabilities and their associated risks, including those related to the website, the web server, and any other third-party plugins or applications that may be in use.
Investigate the risks associated with the identified vulnerabilities and prioritise them based on their potential impact on the site's security and the confidentiality, integrity and availability of customer information.
Consolidate your findings.

Risk mitigation plan [400 words]
Develop a risk mitigation plan as part of a threat management system that includes specific steps to address the identified vulnerabilities and reduce the risk of future cyberattacks:
Propose a set of specific steps to address each vulnerability, including timelines, responsible parties and internal code control procedures.
Determine a set of recommendations for improving the website's overall security, including suggestions for implementing best practices for secure web development, internal code management as part of security measures, software mature model, user authentication and authorisation, data encryption and data backup and recovery.
Verify security tools and technologies to secure the online business.

Conclusion [100 words]
Summarise your results and recommendations. Do not include new information.

Reference List
List the sources you quoted in the ‘References' section at the end of the report.
Please adhere to the APA 7th edition style guidelines.

Referencing
It is essential that you use the current APA style for citing and referencing.Introduction
In industry, you will work in groups to achieve goals and objectives. Successful collaboration relies on groups being clear on what is expected of participants as well as when and how tasks will be completed. The purpose of the group contract is to ensure that all group members are clear on what is expected of them for Assessment tasks 2 and 3 and to support the effective and successful working of the group to complete the tasks required for both assessment tasks. Assessment tasks 2 and 3 can only be completed if all the students in the group collaborate and work as a team.

All students are expected to share ideas and points of view and allocate the work required to complete the group project in a fair and equitable manner.

For the assessment tasks to have a consistent strategy and coherent continuity, the students will need to work together as a group over the majority of the subject to ensure that they complete the tasks required in Assessment tasks 2 and 3. Working independently in silos and ‘stitching' poorly connected ideas together at the end does not achieve the same quality outcome.
The group contract must be completed, signed and dated.
The group must submit the completed group contract at the end of Module 5.
The group contract must also be attached to the Word document on the software development life cycle (Assessment task 2) as an appendix with any updates that may have been made to the contract.

Reference no: EM133849246

Questions Cloud

Identify the target population : Identify the target population (who you will be focusing on teaching or providing your brochure next week to) of your Healthy People 2020 topic (STDs)
Why did the nurse do extensive health history : Why did the nurse do an extensive health history when Thomas came in with a specific complaint? What cultural considerations are there in this case?
What information will you provide : Who should you leave in charge of the change after you leave and why? What information will you provide?
Identify a creative famous person or fictional character : Define the anxiety disorder in 1-2 sentences. Identify a creative famous person or fictional character and why they are considered creative.
Report on software and web security tools and technologies : Construct resilient and secure software and web applications using emerging threat management systems and internal code control
What clinical manifestations of variceal bleeding : What clinical manifestations of variceal bleeding? What is the purpose of beta blockers in the treatment of varices?
Create evacuation plan for family members in house hold : Create an evacuation plan for a family members in house hold for coming disaster, when would you evacuate?,,where would you go?
DNP prepared nurses enhance their collaboration : How can DNP prepared nurses enhance their collaboration with PhD prepared nurses within and outside of academic institutions?
Interview techniques for building health history : How would your communication and interview techniques for building a health history differ with each patient?

Reviews

Write a Review

Software Engineering Questions & Answers

  Research report on software design

Write a Research Report on software design and answer diffrent type of questions related to design. Report contain diffrent basic questions related to software design.

  A case study in c to java conversion and extensibility

A Case Study in C to Java Conversion and Extensibility

  Create a structural model

Structural modeling is a different view of the same system that you analyzed from a functional perspective. This model shows how data is organized within the system.

  Write an report on a significant software security

Write an report on a significant software security

  Development of a small software system

Analysis, design and development of a small software system.

  Systems analysis and design requirements

Systems Analysis and Design requirements

  Create a complete limited entry decision table

Create a complete limited entry decision table

  Explain flow boundaries map

Explain flow boundaries map the dfd into a software architecture using transform mapping.

  Frame diagrams

Prepare a frame diagram for the software systems.

  Identified systems and elements of the sap system

Identify computing devices, which could be used to support Your Improved Process

  Design a wireframe prototype

Design a wireframe prototype to meet the needs of the personas and requirements.

  Explain the characteristics of visual studio 2005

Explain the characteristics of Visual Studio 2005.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd