Question

In: Computer Science

• Prepare a 250-300 word overview of the Microsoft SDLC practices. Summarize all 12 of the...

• Prepare a 250-300 word overview of the Microsoft SDLC practices. Summarize all 12 of the practices in SDLC.

• Select one of the following practices. In one paragraph, research and summarize available tools in the market:

‒ Practice #4 - Threat modeling

‒ Practice #9 - Perform Static Analysis Security Testing (SAST)

‒ Practice #10 - Perform Dynamic Analysis Security Testing (DAST)

‒ Practice #11 - Perform Penetration Testing

Expert Solution

1. Overview of Microsoft SDLC:-

a. In microsoft sdlc is security development life cycle set of practices that support security assurance and compilance requirements.It helps developers to build more secure software number and severity of vulnerabilities in software.

b. Microsoft sdl introduces security and privacy throghout all phases of the development process

2. Following are 12 practices of microsoft sdl:-

1.Define security requirements .

2.Perform threat modeling.

3. Provide training .

4. Define metrics and compilance reporting

5.Establish design requirements.

6.Define and use cryptography standards

7.Manage the security risk of using third party components

8.Use approved tools.

9. Perform static analysis security testing

10.Perform dynamic analysis security testing

11.Perform penetration testing.

12.Establish standard incident response process.

(3). Pentration testing:-

a. Penetration testing is security analysis of software system performedby skilled security professionals of hacker.

b.The objective is to uncover potential vulnerabilities resulting from coding errors,system configuration,faults.

c. It often performed in conjuction with automated and manual code reviews to provide greater level of analysis.

d. Four things every penetration test report should have:-

1. Execuitve summary for strategic direction.

2.Walkthrough of technical risk

3.Potential impact of vulnerability.

4. Multiple Vulnerability remediation .

e. Different types of penetration include network services,applications,client side,wireless,social engineering etc.

f. Penetration testing tools:-

1.Netsparker

2.Wireshark.

3.Metasploit

4 .Aircrack

5. Acunetix scanner.

venereology answered 1 year ago

Select one domestic or foreign policy Prepare 250- to 300-word response explain: What are the key...

Select one domestic or foreign policy Prepare 250- to 300-word response explain: What are the key features of this policy? How are Americans influenced by this policy? How do Americans influence the policy? Do you agree or disagree with the policy you have picked? Why or why not?

compare and contrast liberalism and realism, please. 250- 300 word

Write a 250-300 word blog on "The impact of underperforming employees"?

Provide an overview of Krispy Kreme's business model and summarize the unethical accounting and business practices...

Provide an overview of Krispy Kreme's business model and summarize the unethical accounting and business practices at the company as detailed in "Krispy Kreme, Sarbanes-Oxley, and Corporate Greed." Specifically, report on the company's channel stuffing business procedures.

what is the impact of diversity practices and experience on others? (word limit 300)

Formulate a 300-word response that includes an overview of the history of Hispanics in North America...

Formulate a 300-word response that includes an overview of the history of Hispanics in North America and the United States. Include in your response: What is the Latino health paradox? What are some of the common health risk behaviors and diseases among Hispanics in the United States? What are some socioeconomic and psychosocial conditions of Hispanics in the United States?

briefly describe and summarize in 300 word the Persuasion and Influence for buying a car to...

briefly describe and summarize in 300 word the Persuasion and Influence for buying a car to the dealership, according to the discussion below? I am just returning home from purchasing a soccer shoes from the Nike outlet store. This is to prepare me for my summer soccer games. I vividly experienced the art of persuasion in display at the store by the sales associate that greeted me. Using his skills of persuasion and his eloquence, I was persuaded to charged...

1. Microsoft sold 300 copies of a word document in the month of April for $10/copy,...

1. Microsoft sold 300 copies of a word document in the month of April for $10/copy, 200 copies of PowerPoint for $25/copy, and 140 copies of excel for $30/copy. In the month of May, they sold 200 copies of a word document for $15/copy, 150 copies of PowerPoint for $30/copy, and 150 copies of excel for $40/copy. What is the GDP deflator index for the month of April based on the April pricings? (our answer should only be a number...

Entrepreneurs Please respond to the following with a 250-300 word response: Analyze the characteristics of a...

Entrepreneurs Please respond to the following with a 250-300 word response: Analyze the characteristics of a successful entrepreneur (see pages 5-7 in textbook) and determine if you have what it takes to start your own business. Provide specific examples to support your response. A recent tax change will significantly lower tax rates for businesses. Consider the contributions of small businesses, as discussed on pages 27-28 in textbook, and provide your opinion on this tax modification.

Please summarize this article in 250-300 words. The economy has changed, and with these changes our...

Please summarize this article in 250-300 words. The economy has changed, and with these changes our communities must adapt themselves to some new realities. Traditionally, economic development, rooted in the post-World War II era, attempted to build our export base by subsidizing firms to locate manufacturing employment in our communities. This was fueled by cheap inputs—land and labor, national-scale competition, and low-skilled workers. Recruitment of industry received the most resources based on the potential to have significant impacts on the...