Answered You can hire a professional tutor to get the answer.
1. Identify security objectivesSecurity objectives are goals and limitations related to confidentiality, reliability, and access to data and applications. They include:· This confidentiality includes
1. Identify security objectives
Security objectives are goals and limitations related to confidentiality, reliability, and access to data and applications. They include:
· This confidentiality includes protection against the disclosure of unauthorized information.
· Honesty this includes avoiding unauthorized changes to the information.
· Availability this includes providing essential services, including during the attack.
2. Create an Application Overview
At this point, explain what your web application does. Its purpose is to identify the main characteristics, attributes and customers of the application. This will help you identify the threats involved in Step 4
3. Decompose Your Application
At this point, divide the question to identify the limits of faith, data flow, intervention points, and marking points. You know more about your system, it is easier to discover threats and find weaknesses. To destroy your request:
4. Identify threats
At this point, identify the threats and attacks that affect your application and affect your security goals(Scandariato,Wuyts, & Joosen, 2015). These threats are the negative effects that can occur in your application. To complete this diagnostic process, bring development members together and evaluate the team to discuss. Use the board to identify possible threats. The best team should have software designers, security professionals, developers, audiences, and system administrators.
5. Identify the weaknesses
At this point, evaluate your web system's security system and look at weaknesses. Focus on risk groups as long as you have identified the threats from the previous step. However, be careful that the sample questions in this section are designed to help you identify weaknesses and not threats. An important way to do this is to explore the cap by software cap, to focus on all types of risk at each level.