CMGT 431 Week 3 Learning Team Assignment Testing and Assessment Strategies
Instructions: Security Assessment for an enterprise must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process. Testing of selected security controls ensures that applications meet business requirements, function as planned, and protect associated data securely from attack. A security assessment of the targeted environment identifies vulnerabilities that may cause a security breach and specifies the security controls that mitigate the vulnerabilities. Refer to NIST SP 800-53 rev 4 for identification of the eighteen candidate security control families and associated security controls. Choose five distinct security control families as specified in SP 800-53 rev 4, click on the chosen familites, and create a summary for each one that identifies the following criteria for each family:
- Control ID
- Control Name
- Vulnerability Provide a short paragraph in Word for each family describing the testing procedure that will mitigate the vulnerability. Example: Family - Identification and Authentication Control ID - IA-2 Control Name - Identification and Authentication (Organizational Users) Vulnerability - Illegal user access
Submit your assignment and related Turnitin report using the Assignment Files tab.
The criteria that I use to assign grades for this assignment are as follows:
- Was the material thoroughly covered?
- Addressed many of the points (10%)
- Addressed some of the points (20%)
- Did the paper follow APA format?
Deduction Examples - minor APA non-compliance (5%)
- major APA non-compliance (10%)
- Was the paper error free?
Deduction Examples –
Minor typos/grammatical mistakes (5%)
- Significant typos/grammatical mistakes (10%)
- Was a reference list included of appropriate resources?
Deduction Examples - Inappropriate references (5%)
- No references included (10%)
- Was a Turnitin report included?
– No Turnitin report (10%)
Questions & Answers
Have a Question?
Be the first to ask a question about this.