logo

Security Assessment in Software Development

9 Pages2231 Words42 Views
   

Added on  2023-01-19

About This Document

This document discusses the importance of security assessment in software development and provides measures to protect web infrastructure. It also explores the vulnerabilities in web applications and suggests countermeasures to mitigate them.

Security Assessment in Software Development

   Added on 2023-01-19

ShareRelated Documents
Running head: SECURITY ASSESSMENT IN SOFTWARE DEVELOPMENT
SECURITY ASSESSMENT IN SOFTWARE DEVELOPMENT
Name of the Student:
Name of the University:
Author Note:
Security Assessment in Software Development_1
1SECURITY ASSESSMENT IN SOFTWARE DEVELOPMENT
ANSWER TO QUESTION 1:
Web infrastructure plays an important role for a company as it is the fundamental
communication media for an organization to transmit their services, data and applications.
Some security measures are to be taken to protect their web infrastructure. They are-
Segregate and divide the methods and networks: Security architects should consider
the total infrastructure framework which includes both division and segregation. An
accurate web segmentation is an efficient and effective security method which protect
the infrastructure by preventing an attacker to propagate exploits and do not allow
him or her to move around the lateral internal networks. In poor network
segmentation the attacker easily get access to control the sensitive data and the
intellectual property of the organization. For example, User group to resource
relationship (N*M and N+M model)
Figure 1: N*M model
(Source: Ng et al. 2016.)
Security Assessment in Software Development_2
2SECURITY ASSESSMENT IN SOFTWARE DEVELOPMENT
Figure 2: N+M model
(Source: Ng et al. 2016)
Sensitive information should be kept separately: Various groups or domains should be
created and data of a particular domain should be kept in the related domain only.
Mismatch between domain and data critically impacts the company in various ways.
Each domain should be secure strongly. Domain and the network segments should be
configured. In virtual mode, networks should be isolated logically. Virtual separation
can be used to prevent an attacker to breach other internal network parts (Damiani
2015)
Network devices should be hardened: One of the efficient way to secure web
infrastructure is to harden the network devices with strong and secure configurations.
Remote control agreement which are not encrypted and are used to handle web
infrastructure should be disabled. Strong password encryption should be used.
Physical access to the switches of the network should be restricted. For example:
Attacks related to switch network data plan are VLAN hopping, CAM flooding, STP
spoofing and others (Hogg 2014)
Security Assessment in Software Development_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Internet of Things Information Security
|8
|1630
|308

Security Testing and Implementation Assignment 2022
|5
|1010
|15

Access Control TABLE OF CONTENTS
|7
|1683
|344

Sample Assignment on Cyber Security
|9
|2344
|38

IT Networking Designing
|12
|2502
|1

IT Network Security
|68
|3007
|50