3 Pagesdevise And Implement Security Standards For Programming And Scr ✓ Solved
3 PAGES Devise and implement security standards for programming and scripting development. Evaluate emerging technology driven applications potential security risks and formulate prevention strategies As part of the development of an Information Security Assurance Implementation Plan, it is important to understand and incorporate the applicable standards and regulations. For this assignment, you will continue the planning process by adding the Security Standards for Development and Deployment section to the Information Security Assurance Implementation Plan. The project deliverables for Week 3 are as follows: Update the Information Security Assurance Implementation Plan title page with the new date.
Update the previously completed sections based on the instructor's feedback. Security Standards for Development and Deployment Identify and describe at least 1 information security standard and 1 law or regulation that applies to the organization. Justify why these are applicable. Describe the processes that are affected by these standards, and provide a summary of how they will be affected. Include the processes that are related to the development and deployment of information systems.
Provide a top-level plan for how these standards would be implemented. Individual Project 15% (Video Recoding required) - Deadline Mar 8, 2021, Monday 3 pm Pacific Time, or the link will be closed. No late submission is allowed or you will have a zero. No plagiarism or will be marked zero. Meeting Planner plans for the Chef Association National Conference 2021 The below link is a YouTube video about hosting a national conference for the chef societies.
You are a meeting planner and your duty is to organize a successful event for your clients. The video is a reference and gives you an idea about different activities at a chef national conference. Please watch the recommended video and create a similar video within 5 to 6 minutes of your proposal. Present your proposal to the president of the chef association about planning the national conference for the chef societies in the country that you had been assigned. Please research, understand, communicate, and verify details for your clients in this proposal according to the below requirements of this national conference.
Needs Analysis about the national conference as below: Objectives: Celebrate the 20th Anniversary of the Chef Association at this National Conference. Look for potential new members to join the Chef Association with annual membership fees. Gather the national members to the venues and participate in the Annual General Meeting 2021 (AGM). Learning opportunities for all the talented chefs in the educational seminar with industry-leading professionals or speakers. Young Chefs Competition Final with the sponsor vendors.
The budget is approved for under 0,000 for all the expenses to support 400 attendees. Date and Time: In the second week of November 2021 for the 3 days and 2 nights conference. Facilities: An exhibit hall or hotel's ballroom can allow 40 suppliers and vendors to exhibit their products and services for all members. Hotel accommodation fit for 400 members together in the same property to participate the conference for 3 days and 2 nights. Baquet room with catering and dining service for 400 attendees to have their daily meals with rotate menu (3 meals per day with beverages).
Conference room, boardroom, and all different sizes of breakout rooms to host different committees and members' meetings, education seminar, and AGM. A professional kitchen with all the facilities for the national top 10 young chefs in the final culinary competition. A decorated ballroom for all the members to host the Gala dinner on the last evening of the conference. Transportation: All major airlines' quotations with group discount rate for the national members from 20 cities to the conference destination. Coach buses and shuttles arrangement for the members to participate in their daily activities.
Attractions and Tours: Free-time activities site to have local Cultural, Historial, Recreational, and Sightseeing options for all the members in their free time during the conference. Please suggest to the president of the National Chef Association. Please submit your video link at the FlexiQuiz before the deadline and you will play the video in front of the class with the peers on Mar 8, 2021. Highly recommended to use your mobile phone to record your own video and upload it to the YouTube Channel with unlisted visibility and the public will not see it, only the people you share the link can see it. How do I create an unlisted YouTube video?
1. Use YouTube to record your videos. Here's a link to do this: Right-click on your video and "Copy Video URL" 3. Paste the link to the FlexiQuiz Assignment 100 marks - (Present individual video report within 5 to 6 minutes or marks will be deducted) Video Form - Professionalism, formal dress code, background, video content and quality, presentation skills, time limit support the highest grades with professionally researched and well-organized performance. Please submit your YouTube video link before the deadline in the below area or you will have a zero.
You can use the save and continue feature that Flexiquiz provides for you. Thank you and have a great project. 4 Amy 5178 Zhou 03/05 With all the challenges and the changes that are happening these past years, it has brought about the people in the hospitality industry, a great number of the operators that are in the industry are trying to find a way how they can improve the hotel's pickup by their curb, delivering the orders made, increasing the outdoor meetings, items of grab and go and the services that are driving through. Earlier, the chief members present in the competition showcased many of their inclusive recipes, which met the operators' standards for the products in the market that hold well. (Polak, Finkelstein, Paganoni, Welch & Silver, 2019) Some recipes are prepared that are good for the deliveries of grab and go, long-lasting or shelf table, working across the menus, cost-efficient, and meet the flavor trends in the present.
For the industry to stand still and operate in the markets apart from mainly preparing the traditional foods and even demonstrating what they can do, they will always need support. The organization has an opening for new chef members to join to improve and expand the organization and fit every chef's interests that is willing to be. And for one to join the association, several processes should be met, and a fee is paid to qualify and join the organization fully. The first process for one to join is to determine the eligibility of the applicant. The candidates must produce their education documentation of the 30 hours course, one on the safety of the food and sanitation, one in nutrition, and one in the management as a supervisor.
The other is the history of the candidate, mostly being the working experience. The second step is completing the initial application. In this process, the educational papers are given out or submitted, the documentation of their experience, the must-do educational courses paper for them to be reviewed. The applications can either be faxed, mailed, or scanned. The third process is the certification of exams.
They are two major exams that are done in this section. The first test is the written exams, and their main aim is to test for culinary knowledge. The second exam is the practical exam that evaluates the candidate’s skills and proficiency in culinary. The last process is the final application, where the students have passed all the tests and should now submit the application that has the right documentation on them. The practical and the written exams, the forms of passing, and the fee required for registration.
After all the processes have been successful, the association will approve the papers and the qualifications details to be announced as now a member of the association. The leading professionals in the organization in this three-day seminar have worked with you to emerge the best. (Pham, Guerrero, Li & Pavlovic 2021) They have tried to help the members in their recipes in the places they needed help. In this interaction, they have noticed that most of the chefs have talents in here and do their work with passion, which is a nice thing as an industry where everyone works in an environment that he or she is working is happy. In the competition, some of the competitors were able to secure sponsorships from different restaurants.
This is because they were confident of themselves, what they were doping, and were focused on what they wanted to achieve, and it is by the determined nature that has made them get the chance to be sponsored. The number of people that turned for the competition was much more than what had been expected, which is a factor that is motivating to keep on bringing the competitions for a]us to learn new thing and help improve ourselves in the career that we have ventured in. there has been great care from the accommodation that has been received in the hotel and the taking into mind that the people that signed to be in here are over 400. They are all well taken care of. The hospitality industry is of great importance to any economy of a country, to be more specific; it's the one that handles the tourism sector for about eighty percent of the time that is spent by the time that is spent by a tourist in a certain country, making the industry very important. (McBride & Flore 2019) The chefs are the ones responsible that the tourist eats food with the recipes that are the best making the tourist come for another meal the next time.
The transportation sector members did their best to make sure that every member who was supposed to be here arrived safely and early for them not to miss anything. References McBride, A. E., & Flore, R. (2019). The changing role of the chef: A dialogue. International Journal of Gastronomy and Food Science , 17 , 100157.
Polak, R., Finkelstein, A., Paganoni, S., Welch, R., & Silver, J. K. (2019). Cooking online with a chef: health professionals’ evaluation of a live culinary coaching module. Nutrition and metabolic insights , 12 , . Pham, H.
X., Guerrero, R., Li, J., & Pavlovic, V. (2021). CHEF: Cross-modal Hierarchical Embeddings for Food Domain Retrieval. arXiv preprint arXiv:2102.02547 . 3 PAGES Devise and implement security standards for programming and scripting development. Evaluate emerging technology driven applications potential security risks and formulate prevention strategies As part of the development of an Information Security Assurance Implementation Plan, it is important to understand and incorporate the applicable standards and regulations. For this assignment, you will continue the planning process by adding the Security Standards for Development and Deployment section to the Information Security Assurance Implementation Plan.
The project deliverables for Week 3 are as follows: Update the Information Security Assurance Implementation Plan title page with the new date. Update the previously completed sections based on the instructor's feedback. Security Standards for Development and Deployment Identify and describe at least 1 information security standard and 1 law or regulation that applies to the organization. Justify why these are applicable. Describe the processes that are affected by these standards, and provide a summary of how they will be affected.
Include the processes that are related to the development and deployment of information systems. Provide a top-level plan for how these standards would be implemented. Research has little value if there is no experiments to collect the data to help validating a solution to the original problem. The data gathered must be examined and properly analyzed to understand the results. Therefore, one of critical steps in any scientific research is to design and develop a set of suitable experiments.
For this assignment, you will continue working on the project with the focus on the Research Methodology. You will define the relevant concepts and theoretical foundations that you will used in the design of the experiments to collect data in order to answer the research question, along with the requirements and detailed procedures of the experiments. The following are the project deliverables: · Update the Computer Science Problem-Solving Research Project Report document title page with a new date and project name. · Update the previously completed sections based on instructor feedback. · New Content for Week 3: · 3. Research Methodology · 3.1 Research Matters · Define everything including terminology, testing metrics, assumptions, system set up, or lab environment, etc. that may help the readers to understand the experiments that you are designing in order to collect data to answer the research question. · 3.2 Experiment Design · 3.2.1 Experiment Requirements · Define all the requirements and constraints the experiments must follow.
Also explain the rationale of each requirement or constraint. · 3.2.2 Experiment Procedures · Define the detailed working procedures of the experiments. Using some graphic presentation such as some of UML Diagrams is highly recommended. · Be sure to update your table of contents before submission.
Paper for above instructions
Introduction
As organizations increasingly rely on technology-driven applications, the security of programming and scripting is essential to guard against potential threats and vulnerabilities. Developing a comprehensive Information Security Assurance Implementation Plan entails establishing security standards that are not only compliant with existing regulations but also proactive in mitigating risks associated with the deployment of information systems. This report will delineate relevant standards, applicable regulations, the processes involved, and a top-level implementation plan.
Information Security Standard: OWASP
One pertinent information security standard is the Open Web Application Security Project (OWASP) Top Ten. The OWASP Top Ten is a list of the most critical security risks to web applications, which serves as a guideline to help organizations develop secure applications. OWASP emphasizes security at all stages of software development, advocating for the integration of security practices throughout the software development lifecycle (Sullivan, 2023).
Applicability of OWASP Top Ten
The OWASP standard is applicable to organizations developing web applications because it focuses on common vulnerabilities such as SQL injection, cross-site scripting (XSS), and security misconfigurations, which can significantly undermine application security (OWASP, 2021). By adhering to the OWASP guidelines, developers can be educated on the importance of secure coding practices, reducing the chances of security breaches.
Regulation: General Data Protection Regulation (GDPR)
In conjunction with the OWASP standard, the General Data Protection Regulation (GDPR), enforced in the European Union and impacting any organization that processes personal data of EU citizens, is another critical regulatory framework to consider (Zuboff, 2019). GDPR mandates organizations to implement adequate security measures when developing applications to protect personal data.
Applicability of GDPR
GDPR's principles of data protection by design and by default necessitate that organizations incorporate security measures in the development and deployment phases of information systems (Sweeney, 2018). This regulation impacts several processes including data collection, processing, and storage, ensuring user consent and the ability to manage user data securely.
Processes Affected by OWASP and GDPR
Both the OWASP and GDPR frameworks influence various phases of application development:
- Requirement Analysis: Developers must understand and incorporate security requirements that comply with the OWASP and GDPR standards.
- Design Phase: Security-oriented architecture must be considered, addressing vulnerabilities outlined by OWASP and adhering to GDPR's data protection principles.
- Implementation: Developers are encouraged to use secure coding practices to mitigate vulnerabilities (OWASP, 2021).
- Testing: Regular security testing must be performed, including penetration tests and code reviews to identify and rectify vulnerabilities before deployment.
- Deployment: Ensuring that security controls are functional and that the application meets GDPR compliance regarding personal data before release (Binns, 2018).
Summary of Affected Processes
The application of these standards and regulations significantly streamlines the development processes involved in creating secure solutions. Ongoing security awareness training for employees, especially developers, is crucial for success (Hale, 2020). Developers must keep up with evolving security threats and integrate comprehensive security practices during all development phases.
Top-level Implementation Plan
To implement these standards effectively, organizations should follow a phased approach:
1. Training and Awareness: Conduct training sessions for all developers on OWASP top ten risks and GDPR compliance requirements to foster a culture of security awareness.
2. Risk Assessment: Perform a comprehensive assessment of existing applications and coding practices to identify gaps and vulnerabilities in relation to OWASP and GDPR.
3. Integrate Security into SDLC: Embed security checkpoints into the software development lifecycle from requirement gathering to testing and deployment.
4. Regular Assessments: Conduct frequent security assessments, including vulnerability scanning, code analysis, and penetration testing, especially before major releases (Shen, Li, & Wei, 2020).
5. Documentation and Compliance: Maintain thorough documentation of security risks identified and the measures taken to mitigate them. This includes ensuring compliance with GDPR provisions regarding data processing.
6. Incident Response Plan: Develop and implement an incident response plan to address security breaches swiftly, protecting user data and organizational reputation.
7. Continuous Improvement: Regularly review and update security policies, protocols, and training programs to adapt to new threats and technologies (Gutiérrez-Nolasco et al., 2018).
Conclusion
In the contemporary landscape of cybersecurity threats, emerging technologies necessitate proactive measures in software development. The OWASP Top Ten and GDPR provide frameworks that can significantly mitigate risks and foster secure programming practices. By integrating these standards into the software development lifecycle, organizations can enhance their overall security posture while complying with regulations that govern data protection. Hence, securing applications should be a continuous priority for any organization involved in software development.
References
1. Binns, R. (2018). Fairness in Machine Learning: Lessons from Political Philosophy. Proceedings of the 2018 Conference on Fairness, Accountability, and Transparency.
2. Gutiérrez-Nolasco, D., Vargas, P., & Saez, R. (2018). A Framework for Secure Software Development. International Journal of Software Engineering & Applications, 9(2).
3. Hale, C. (2020). Software Security - Integrating Security into the Software Development Lifecycle. Journal of Software Engineering Research and Development, 8(1).
4. OWASP. (2021). OWASP Top Ten. Retrieved from https://owasp.org/www-project-top-ten/
5. Shen, S., Li, W., & Wei, L. (2020). Software Security and Software Engineering Education: An Empirical Investigation. ACM Transactions on Software Engineering and Methodology, 29(4).
6. Sullivan, M. (2023). Implementing OWASP’s Security Standards in Development. International Journal of Information Security.
7. Sweeney, L. (2018). A Unified Approach to Writing GDPR-Compliance Documentation. Journal of Law and Policy for the Information Society, 14(2).
8. Zuboff, S. (2019). The Age of Surveillance Capitalism. PublicAffairs.
9. Kaur, J., & Talib, M. A. (2017). Security Issues in Software Development and Deployment of Web Applications: Threats and Countermeasures. Journal of Cyber Security Technology, 1(1), 26-45.
10. Khreib, M., & Shah, A. (2020). Towards Enhancing Software Development Security: Challenges and Solutions. Computer Science Review, 39, 100295.