Saint COM520 Module 8 Written Assignment Latest November 2018

COM520 Systems Security Management

Module 8 Written Assignment

Having Trouble Meeting Your Deadline?

Get your assignment on Saint COM520 Module 8 Written Assignment Latest November 2018 completed on time. avoid delay and – ORDER NOW

COM520 Written Assignment 8

Assignment: Best Procedures to Secure Windows Applications

Assignment Requirements

Part of implementing Ken 7 Windows Limited new enterprise resource planning (ERP) software is

ensuring all workstations and servers run secure applications. Since the ERP software is new, Ken 7

Windows Limited needs a new policy to set security requirements for the software. This policy will guide

administrators in developing procedures to ensure all client and server software is as secure as possible.

The goal is to minimize exposure to threats to any part of the new ERP software or resources related to it.

Using the format below, describe the goals that define a secure application. Specifically, you will write two

policies to ensure Web browsers and Web servers are secure. All procedures and guidelines will be

designed to fulfill the policies you create.

Answer the following questions for Web browser and Web server software:

1. What functions should this software application provide?

2. What functions should this software application prohibit?

3. What controls are necessary to ensure this applications software operates as intended?

4. What steps are necessary to validate that the software operates as intended?

Once you have answered the questions above, fill in the following details to develop your policies to

secure application software. Remember, you are writing policies, not procedures. Focus on the high-level

tasks, not the individual steps.

? Type of application software

? Description of functions this software should allow

? Description of functions this software should prohibit

? Known vulnerabilities associated with software

? Controls necessary to ensure compliance with desired functionality

? Method to assess security control effectiveness

You will write two policies—one for Web server software and one for Web browser software.

Submission Requirements

? Format: Microsoft Word

? Font: Arial, Size 12, Double-Space

? Citation Style: APA Style

? Length: 1–2 pages

Self-Assessment Checklist

? I have provided all requirements necessary to secure application software.

? I have explained and gave a proper reasoning for each step to secure application software.

COM520 Written Assignment 8

Case Scenario for Rationale

Ken 7 Windows Limited is a manufacturer of Windows for residential and commercial builders. Ken 7

Windows Limited carries a variety of Windows and related products. It supplies builders with all of the

tools and supplies to install finished Windows in any type of building.

Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software package

to help control costs and increase both quality and customer responsiveness. The ERP software collects

and stores information including:

• Raw material costs

• Labor costs

• Materials and labor requirements for products

• Purchasing requirements

Ken 7 Windows Limited has identified six basic roles for users in the new ERP software:

• Administrators—maintain ERP data and system operation.

• Planners—run planning software and generate requirements reports.

• Shop Floor users —enter operational data (receiving, shipping, and product progress during


• Managers—manage department personnel.

• Purchasing users—generate purchasing documents based on planning requirements.

• Accounting users—maintain cost and accounting data.

Access controls limit what users or roles can do with different types of data. For example, consider the

following types of data:

• Cost information—raw materials and labor costs, including the cost of finished goods.

• Manufacturing details—cost, amount of labor, and time required to produce finished goods.

• Purchasing requirements—rules for determining when raw materials, components, or supplies

should be purchased.

Through access control:

• Cost information can be viewed only by Accounting users.

• Manufacturing details can be viewed only by Shop Floor users.

• Purchasing requirement can be viewed only by Purchasing users.

During the analysis phase of the ERP implementation, Ken 7 Windows Limited raised concerns about

users being able to access restricted data.

• Accounting users are able to login to shop floor computers.

• Purchasing users are able to access human resource (HR) applications and data.

The ERP implementation team suggested the following access control measures to protect restricted


• Create an organizational unit (OU) in Active Directory for shop floor computers.

• Deploy Group Policy Objects (GPOs) to restrict shop floor users to the shop floor OU.

• Define data access controls in the ERP software to deny access for all non-HR users to restricted


Implementation of several access control measures helped Ken 7 Windows Limited to restrict the data

access. Hence access control and authentication is important, as it helped Ken 7 Windows Limited in

reducing costs and increasing profits.


Order Solution Now

Similar Posts