Refer to NIST SP 800-53 (Rev. 4) [https://nvd.nist.gov/800-53] for the 18 candidate security control families and associated security controls.
Security Assessment must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process. Testing of selected security controls ensures that applications meet business requirements, function as planned, and protect associated data securely from attack. A security assessment of the targeted environment identifies vulnerabilities that may cause a security breach and specifies the security controls that mitigate the vulnerabilities.
For this assignment, use the organization you choose.
Part I: Mapping Vulnerabilities to Security Controls
Choose 5 distinct security control families as specified in NIST SP 800-53 (Rev. 4) that are most applicable to your organizations known vulnerabilities.
Create a 1-page spreadsheet in Microsoft® Excel® that identifies the following criteria for each family:
Recommended mitigation (refer to your Week 3 assignment; refine them for this mitigation)
Part II: Security Controls Testing
Provide a 2- to 3-page table in Microsoft Word including each family, and describe the testing procedure that will mitigate the vulnerability. Annotate whether the testing procedure is an interview, observation, technical test, or a combination.
Example of Security Controls Testing Table:
Part III: Penetration Testing and Vulnerability Scanning
Provide a 1-page description of penetration testing and vulnerability scanning processes.
Describe how they are used as part of the organizations testing and assessment strategy.
Format your citations according to APA guidelines.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more