Assignment Requirements:
Part of implementing Ken 7 Windows Limited new enterprise resource planning (ERP) software is ensuring all workstations and servers run secure applications. Since the ERP software is new, Ken 7 Windows Limited needs a new policy to set security requirements for the software. This policy will guide administrators in developing procedures to ensure all client and server software is as secure as possible. The goal is to minimize exposure to threats to any part of the new ERP software or resources related to it.
Using the format below, describe the goals that define a secure application. Specifically, you will write two policies to ensure Web browsers and Web servers are secure. All procedures and guidelines will be designed to fulfill the policies you create.
Answer the following questions for Web browser and Web server software:
1. What functions should this software application provide?
2. What functions should this software application prohibit?
3. What controls are necessary to ensure this applications software operates as intended?
4. What steps are necessary to validate that the software operates as intended?
Once you have answered the questions above, fill in the following details to develop your policies to secure application software.
Remember, you are writing policies, not procedures. Focus on the high-level tasks, not the individual steps. ?
Type of application software
Description of functions this software should allow ?
Description of functions this software should prohibit ?
Known vulnerabilities associated with software ?
Controls necessary to ensure compliance with desired functionality ?
Method to assess security control effectiveness
You will write two policies-one for Web server software and one for Web browser software.