Create a software assurance guidelines document shell in Word. It should include the following:
· Create a title page
· Course number and name
· Project name
· Student name
· Date
· Table of contents (TOC)
· Use autogenerated TOC
· Separate page
· Maximum of 3 levels deep
· Update the TOC before submitting your project
· Section headings (create each heading on a new page with "TBD" as content, except for sections listed under New Content below)
· Project Outline
· Security in the Development Life Cycle
· Software Assurance Techniques
· Security in Nontraditional Development Models
· Security Static Analysis
· Software Assurance Policies and Processes
· Project outline and requirements
· Brief description of the organization (can be hypothetical) and where the guidelines will be implemented
· Company size, location(s), and other pertinent information
· List of the software applications provided by the company for the government
· The software list must include at least 1 desktop and 1 Web application.
· A database must be used with one of the applications.
· A summary of the software development organization within the company, employees and reporting structure, systems and technologies used for software development, testing, source control, and document storage
· Material can be taken from the approved proposal that was submitted to the instructor (ensure that this project is approved by the instructor).
· Security in the development life cycle
· Provide an outline of the SDLC model that is used in your organization, including each of the major phases.
· This should be a traditional SDLC. Extended models, such extreme programming, will be covered in a later section.
· Identify specific components of the security development model that can be applied to each of the phases of your SDLC model.
· For each pairing of security development model component to SDLC model phase, describe how the security model is applied and the major tasks that are involved.
Complete the Software Assurance Techniques section.
· Analysis:
· List and describe at least 3 software applications that are produced by the organization. The applications must include at least 1 desktop application and 1 Web application.
· One of the applications must use a database for data storage.
· Identify at least 2 areas of each application that are at security risk, and describe the possible threats and their implications to the organization and to the client (in this case, the government).
· For each security risk, identify at least 1 software assurance technique that can be applied to reduce the security threat.
· Guidelines:
· Based on the analysis that was performed in the previous step, prepare a set of software assurance guidelines that the organization can use for all of the applications that it creates.
· Guidelines should be categorized by the type of software application and if the application is using a database for data storage or not.
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Create a software assurance guidelines document shell in Word. I.docx
1. Create a software assurance guidelines document shell in Word.
It should include the following:
· Create a title page
· Course number and name
· Project name
· Student name
· Date
· Table of contents (TOC)
· Use autogenerated TOC
· Separate page
· Maximum of 3 levels deep
· Update the TOC before submitting your project
· Section headings (create each heading on a new page with
"TBD" as content, except for sections listed under New Content
below)
· Project Outline
· Security in the Development Life Cycle
· Software Assurance Techniques
· Security in Nontraditional Development Models
· Security Static Analysis
· Software Assurance Policies and Processes
· Project outline and requirements
· Brief description of the organization (can be hypothetical) and
where the guidelines will be implemented
· Company size, location(s), and other pertinent information
· List of the software applications provided by the company for
the government
· The software list must include at least 1 desktop and 1 Web
application.
· A database must be used with one of the applications.
· A summary of the software development organization within
the company, employees and reporting structure, systems and
2. technologies used for software development, testing, source
control, and document storage
· Material can be taken from the approved proposal that was
submitted to the instructor (ensure that this project is approved
by the instructor).
· Security in the development life cycle
· Provide an outline of the SDLC model that is used in your
organization, including each of the major phases.
· This should be a traditional SDLC. Extended models, such
extreme programming, will be covered in a later section.
· Identify specific components of the security development
model that can be applied to each of the phases of your SDLC
model.
· For each pairing of security development model component to
SDLC model phase, describe how the security model is applied
and the major tasks that are involved.
Complete the Software Assurance Techniques section.
· Analysis:
· List and describe at least 3 software applications that are
produced by the organization. The applications must include at
least 1 desktop application and 1 Web application.
· One of the applications must use a database for data storage.
· Identify at least 2 areas of each application that are at security
risk, and describe the possible threats and their implications to
the organization and to the client (in this case, the government).
· For each security risk, identify at least 1 software assurance
technique that can be applied to reduce the security threat.
· Guidelines:
· Based on the analysis that was performed in the previous step,
prepare a set of software assurance guidelines that the
organization can use for all of the applications that it creates.
· Guidelines should be categorized by the type of software
application and if the application is using a database for data
storage or not.
· Guidelines should identify the software assurance technique to
be applied, and they should provide sufficient detail to allow
3. the software development group to implement the technique.
Security in Nontraditional Development Models section:
· Identify a non-traditional software development model that
could be used by your company.
· Provide a summary of the major steps in the development
model, and describe the potential security threats for each step.
· Using the security development model as the foundation for
analysis, develop and document appropriate policies and
processes for each security risk that will minimize the threat.
· Association with the security development model should be
demonstrated in the policies and processes.
Complete the Security Static Analysis section:
· Prepare a design for an application your organization might
produce.
· Include appropriate diagrams to identify the major components
of the application.
· Describe the major components and potential security issues
where appropriate and as related to the security development
model.
· Create code samples in C, C++, or Java to illustrate the tenets
of the security development model.
· Identify at least 3 security static-analysis tools, and prepare
guidelines for how they would be used in the sample code and
throughout the software development in the company
· Prepare a plan for the training of the software developers in
the organization on the new software assurance guidelines.
· Define the metrics that will be collected to track the
effectiveness of software assurance in the company.
· Include a description of how each of the metrics will be
obtained and used.
· Identify the roles and responsibilities of the members of the
security team with respect to software assurance in the
organization.
· Review the entire document for any changes and
4. improvements you would like to make.
· Ensure that this final version of the plan is sufficiently
detailed to allow the organization to confidently move forward
with software assurance based on your findings.
· Any previous instructor feedback should be addressed with
appropriate changes.
·
A Word about the Thesis – EH 1302
An underlined thesis will be required in almost every EH 1302
essay and the research
paper. Prior to writing a paper, read the points below about
developing a thesis (also
called an argument, opinion, or claim). For further help with
understanding a thesis, refer
to Chapters 1, 4, 17, and pp. 98-102 of the textbook.
• The thesis (argument, opinion, or claim) is the main point of
the essay or research
paper. It is the primary argument upon which the entire essay or
research paper will
focus.
5. • In EH 1302, the thesis must be placed in the introductory
paragraph.
• The thesis must be one, underlined declarative sentence.
• The thesis must be stated as your argument from an omniscient
point of view, and the
thesis must be a debatable opinion developed after completion
of the reading
assignment. Leave yourself out of the thesis. In other words, do
not use personal
pronouns I, me, my, mine, us, ours, or we in the thesis.
• Avoid the use of quotations and clichés in the thesis.
• The thesis must be supported in all paragraphs of the essay or
research paper.
• Do not include forms of the verb “be” in the thesis (be, is, am,
was, being, are, been,
were).
• The thesis must be restated (not in the same words) in the
concluding paragraph of
the essay or research paper. Nothing in the concluding
paragraph should be
6. underlined.
• Use this document as the primary guidance to develop a thesis
for this class.
Mike Wright
English Composition Instructor
[email protected]
251-533-3119
Braithwaite 1
Quinetta Braithwaite,
Mr. Mike Wright
EH 1302
16 October 2017
Research Paper Topic and Thesis
I have read and understand “A Word about the Thesis.” My
thesis and research paper topic are
submitted for consideration.
7. Topic: Child Abuse
Thesis: Child abuse has become a big problem in our society.
Child abuse can be classified as
Sexual abuse, physical abuse, neglect and emotional abuse. If
an abused child gets help earlier,
the chances are high that they will likely break the cycle and
heal.
The Works Cited page below contains the source of my online
research that supports my thesis.
Your thesis has some grammar problems, but the major problem
is that it is three
sentences. Review “A Word about the Thesis.” The thesis must
be how many sentences?
The word highlighted in yellow should not be capitalized.
Forms of the verb “be” (circled) are not permitted in the thesis.
See my comments below.
Commented [MW1]: Do not bold anything in EH 1302.
Commented [MW2]: Serial comma needed.
8. Braithwaite 2
Work Cited
Kleinman, P. K. (Ed.). (2015). Diagnostic imaging of child
abuse. Cambridge University Press.
The citation is incomplete, and the information is not correctly
ordered.
Certain information is required in a citation, and there is a
specific order in which to list
the components of a citation. I provided a handout entitled
“Additional Example of a
Works Cited Page,” and that document lists the information and
the order. Here it is
again.
Last name, first name of the author followed by a period
The title of the article in quotation marks
The date of the article (day, month, and year) followed by a
period
The name of the Website (italicized) followed by a period
The full Web page address (URL) without the protocol https://
and the host www
Place a period at the end of the URL.
The date the student accessed the Web page followed by a
period
9. If there is no author of the article, begin the citation with the
title of the article.
If the article is not dated, use the abbreviation n.d. in place of
the date.
If the article has no date and no author, seriously question its
credibility.
For additional help with the Works Cited page and citations,
review the model essay and
the examples in the Handouts and Course Documents section.
Also see the “How To”
section for examples of citing the Bible and other variations of
multiple authors of one
source and multiple sources with one author.
The grade below is temporary contingent upon your
resubmission of this assignment.
After your topic and thesis are finally approved by the
instructor, a permanent grade will
be assigned.
After reading my comments above and revising this assignment,
please resubmit it NLT
October 23, 2017, so that the grade below can be changed to
something decent.
Mike Wright 59/F
Create a software assurance guidelines document shell in Word.
It should include the following:
· Create a title page
10. · Course number and name
· Project name
· Student name
· Date
· Table of contents (TOC)
· Use autogenerated TOC
· Separate page
· Maximum of 3 levels deep
· Update the TOC before submitting your project
· Section headings (create each heading on a new page with
"TBD" as content, except for sections listed under New Content
below)
· Project Outline
· Security in the Development Life Cycle
· Software Assurance Techniques
· Security in Nontraditional Development Models
· Security Static Analysis
· Software Assurance Policies and Processes
· Project outline and requirements
· Brief description of the organization (can be hypothetical) and
where the guidelines will be implemented
· Company size, location(s), and other pertinent information
· List of the software applications provided by the company for
the government
· The software list must include at least 1 desktop and 1 Web
application.
· A database must be used with one of the applications.
· A summary of the software development organization within
the company, employees and reporting structure, systems and
technologies used for software development, testing, source
control, and document storage
· Material can be taken from the approved proposal that was
submitted to the instructor (ensure that this project is approved
by the instructor).
· Security in the development life cycle
11. · Provide an outline of the SDLC model that is used in your
organization, including each of the major phases.
· This should be a traditional SDLC. Extended models, such
extreme programming, will be covered in a later section.
· Identify specific components of the security development
model that can be applied to each of the phases of your SDLC
model.
· For each pairing of security development model component to
SDLC model phase, describe how the security model is applied
and the major tasks that are involved.
Complete the Software Assurance Techniques section.
· Analysis:
· List and describe at least 3 software applications that are
produced by the organization. The applications must include at
least 1 desktop application and 1 Web application.
· One of the applications must use a database for data storage.
· Identify at least 2 areas of each application that are at security
risk, and describe the possible threats and their implications to
the organization and to the client (in this case, the government).
· For each security risk, identify at least 1 software assurance
technique that can be applied to reduce the security threat.
· Guidelines:
· Based on the analysis that was performed in the previous step,
prepare a set of software assurance guidelines that the
organization can use for all of the applications that it creates.
· Guidelines should be categorized by the type of software
application and if the application is using a database for data
storage or not.
· Guidelines should identify the software assurance technique to
be applied, and they should provide sufficient detail to allow
the software development group to implement the technique.
Security in Nontraditional Development Models section:
· Identify a non-traditional software development model that
could be used by your company.
· Provide a summary of the major steps in the development
model, and describe the potential security threats for each step.
12. · Using the security development model as the foundation for
analysis, develop and document appropriate policies and
processes for each security risk that will minimize the threat.
· Association with the security development model should be
demonstrated in the policies and processes.
Complete the Security Static Analysis section:
· Prepare a design for an application your organization might
produce.
· Include appropriate diagrams to identify the major components
of the application.
· Describe the major components and potential security issues
where appropriate and as related to the security development
model.
· Create code samples in C, C++, or Java to illustrate the tenets
of the security development model.
· Identify at least 3 security static-analysis tools, and prepare
guidelines for how they would be used in the sample code and
throughout the software development in the company
· Prepare a plan for the training of the software developers in
the organization on the new software assurance guidelines.
· Define the metrics that will be collected to track the
effectiveness of software assurance in the company.
· Include a description of how each of the metrics will be
obtained and used.
· Identify the roles and responsibilities of the members of the
security team with respect to software assurance in the
organization.
· Review the entire document for any changes and
improvements you would like to make.
· Ensure that this final version of the plan is sufficiently
detailed to allow the organization to confidently move forward
with software assurance based on your findings.
· Any previous instructor feedback should be addressed with
appropriate changes.