Explain secure software development life cycle (SecSDLC).

-

 SECURE SOFTWARE DEVELOPMENT LIFE CYCLE (SECSDLC)

The SecSDLC entails identifying specific threats and the risks they represent, then designing and implementing specific controls to fight those threats and aid in controlling the risks they pose to the company and/or its customers. The SecSDLC must be consistent, repeatable, and conformant. The SDLC is divided into six phases, each of which includes processes unique to the SecSLDC: 

Phase1. Investigation: Define project processes and objectives and include them in the program security policy.

Phase 2. Analysis: Analyze current security policies and programs, current threats and controls, legal challenges, and risk analysis. 

Phase3. Logical design: Create a security blueprint, prepare incident response activities, business catastrophe responses, and assess the viability of continuing and/or outsourcing the project.

Phase4. Physical design: Develop a definition of a successful solution, establish physical security measures to support technical solutions, and evaluate and approve plans. 

Phase5. Implementation: Purchase or create security solutions. Present a tested package to management for approval at the end of this phase.

Phase6. Maintenance: To respond to evolving dangers, constantly monitor, test, adjust, update, and repair.




Comments

Post a Comment

Popular posts from this blog

Suppose that a data warehouse consists of the four dimensions; date, spectator, location, and game, and the two measures, count and charge, where charge is the fee that a spectator pays when watching a game on a given date. Spectators may be students, adults, or seniors, with each category having its own charge rate. a) Draw a star schema diagram for the data b) Starting with the base cuboid [date; spectator; location; game], what specific OLAP operations should perform in order to list the total charge paid by student spectators at GM Place in 2004?

-
Image
  b) The specific OLAP operations to be performed are: 1. Roll-up on date from date id to year. 2. Roll-up on spectator from spectator id to status. 3. Roll-up on location from location id to location name. 4. Roll-up on the game from game id to all. 5. Dice with status= “students”, location name= “GM Place”, and year=2004
Read more

Define Business ethics . Explain its significance.

-
Image
Business ethics   Business ethics are moral principles that guide the way a business behaves, wrong Acting in an ethical way involves distinguishing between right and then making the right choice. Business ethics are applied or professional ethics. They may take the form of actions within written and unwritten codes of principles, and values and are determined by an organization's culture. They largely govern the decisions in the organization. However, determining what practices are ethical or not is more difficult since the lines between ethical and unethical can become blurred. The following are some of the notable definitions of business ethics Decenzo & Robbins Ethics commonly refers to a set of rules or principles that defined right and wrong conduct. Ricky W. Griffin Ethics is an individual's personal beliefs about whether a behavior, action o decision is right or wrong. Managerial ethics are the standard of behavior the guides individual managers in their work. Clara...
Read more

Short Note on Security Architecture of E-governance

-
Image
 Security Architecture The security architecture of E-governance is a high-level document that sets the security goals of the e-governance project and describes the procedure that needs to be followed by all the e-governance hierarchies such as users, businesses, operators, etc. An appropriate legal framework is absolutely essential for the systematic and sustained growth of e-governance. Protection of Public Order and Decency  The internet is highly capable of being a saturated and versatile medium at the same time. Its reach is very vast and due to its multimedia capability, its impact can be immediate and profound. So the government has to beware of its potential to create a negative impact on society through the promotion of terrorism, pornography, communalism, violence, etc. Section 67 of the IT Act 2000 of India makes it a punishable offense to “publish or transmit or cause to be published it the electronic form, a material which is lascivious or appeals to the prurient ...
Read more