answer all questions w/ 2 sources


Chapter 7

1- Why is it important to incorporate security throughout the SDLC instead of just in one phase or another? Provide justification for your position.

2- How can limiting scope creep enhance the security of a software system?

3- Why should requirements gathering be prevented after the scope of the system is defined? What implications does this have for both development and security? 

4-  Should the scope of a software system ever be modified to accommodate security changes? Justify your position. 

5-  Why is it important to rank the importance of various stakeholders involved in system development? Justify your answer with examples. 

Chapter 8:

1- Summarize in your own words why it is beneficial to create a vulnerability map for a planned software system. What are the risks when you do not consider the inherent system vulnerabilities in planning?

2- Why should a system always be constructed to fail safely? What are the minimum expectations for a general system to have failed safely? 

3- Would there be risks associated with an attacker getting a copy of the complete business system specification? Justify your position and provide examples to support your argument. 

4- What is the purpose of the complete business system specification ?  Why is it important from the perspective of security ?

, development and the operations of the functions of the respective systems.

5- Why is it important to establish a ranking of vulnerabilities in a system? Use examples to show vulnerability priorities in action.

    • Posted: 11 days ago
    • Due: 
    • Budget: $15
    Tags: urgent IT
    Answers 1

    Purchase the answer to view it