Refer to NIST SP 800-53 (Rev. 4) for the 18 candidate security control families and associated security controls.
Security Assessment must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process. Testing of selected security controls ensures that applications meet business requirements, function as planned, and protect associated data securely from attack. A security assessment of the targeted environment identifies vulnerabilities that may cause a security breach and specifies the security controls that mitigate the vulnerabilities.
For this assignment, use the organization you chose in Week 1.
Part I: Mapping Vulnerabilities to Security Controls
Choose 5 distinct security control families as specified in NIST SP 800-53 (Rev. 4) that are most applicable to your organization’s known vulnerabilities.
Create a 1-page spreadsheet in Microsoft® Excel® that identifies the following criteria for each family:
Recommended mitigation (refer to your Week 3 assignment; refine them for this mitigation)
Part II: Security Controls Testing
Provide a 2- to 3-page table in Microsoft Word including each family, and describe the testing procedure that will mitigate the vulnerability. Annotate whether the testing procedure is an interview, observation, technical test, or a combination.
Example of Security Controls Testing Table:Example of Security Controls Testing Table
Part III: Penetration Testing and Vulnerability Scanning
Provide a 1-page description of penetration testing and vulnerability scanning processes.
Describe how they are used as part of the organization’s testing and assessment strategy.
Format your citations according to APA guidelines.
Submit your assignment.
Center for Writing Excellence
Reference and Citation Generator
Grammar and Writing Guides
|Control ID||Name||Vulnerability||Recommended Mitigation||Testing Procedure|
|AC-3||Access Enforcement||Accessing the system Determining the devices that access the system||Restricting access to privileged functions||Technical Test
The system will be tested through dummy tests that will involve scenarios used to determine the devices that will have the privilege of accessing the system.
We value our customers and so we ensure that what we do is 100% original..
With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.
At homeworkcheg.com, You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.Read more
The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.Read more
The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.Read more
By placing an order with at HomeworkCheg, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.Read more