Stock Market and Risk Management Project

User Generated

owmubat25

Programming

Description

Unformatted Attachment Preview

f- 3 Security (1.6 points) (0.4 pt) Create a miss use case for a stock market application • (0.9 pt) Create a design risk assessment for this application, think of all level of security infrastructure, application and operational for the vulnerability, also think about the different types of thread (interception, interruption, modification and fabrication) and fill the table below. Asset Causal/ Threat Exposure / Security measure Vulnerability Consequence Security is important for banking, government, health care where efforts are spent to protect the asset. This exercise focus on security for the military software and data stored on a server. Employee can work on a laptop or desktop in the office and can login remotely to the server. a) (0.55 pt) Create a miss use case for our application Misile System Login Impersonate employee Change password Intecept password to employee Update software 00000 rute force passwor hacker Access to high confidential data ushes unauthorize software Modify confidential data 00 0000 0 Access classified informraiton Copy software Denial of service change destination Loss of important information Access intellectual property b) (0.75 pt) Create a preliminary risk assessment for the military application, think of all level of security infrastructure, application and operational for the vulnerability, also think about the different types of thread (interception, interruption, modification and fabrication) and fill the table below. Asset Causal Threat Exposure/C Security measure onsequenc e Add firewall. Sensitive data shall be encrypted. Departme Use of virus or Unauthorized High. nt of code to hack user gains Access to defense the system or access to the highly intellectua impersonate system and classified property employee. gets design Use of code to confidential information brute force information. authentication loss Departme Weak Unauthorized Medium. Enforce strong password nt of employee user gains Access to requirement to access defense password. access to the employee database. Enforce password intellectua Unattended system and information periodic change. I property employee's gets Requires 2 level of computer. confidential authentication. Phishing information. Session timeout. scam. Use of code to brute force authentication Departme Weak Unauthorized Medium. Enforce strong password nt of employee user gains Access to requirement to access defense password. access to the employee database. Enforce password intellectua Unattended system and prevent periodic change. property employee's modify employee Requires 2 level of computer. confidential from doing authentication. Phishing information. there work Session timeout. scam. Use of code to brute force authentication System Use of code to Modify High. Impair Install firewall software brute force system system Enforce strong password authentication software operation requirement to access witch database. causes Enforce password periodic change. Requires 2 level of authentication. Session timeout. Sensitive data shall be encrypted.
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

View attached explanation and answer. Let me know if you have any questions.

Asset

Causal/Vulnerab
ility

Threat

Exposure/Conse
quence

Security
Measure

Bloomberg
Terminals

High volume

Call sign not
heard

Medium.
Trade not
executed, other
assets unaffected

Written
communications.
Written
confirmations.

Automated
Trading
Algorithms

Use of code to
hack the system.
Use of code to
brute force
authentication.
Weak employee
password.

Altered
algorithms cause
unintended
trades.

High.
Access to control
over trading
information and
protocols.

Encryption of
sensitive...


Anonymous
Goes above and beyond expectations!

Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Related Tags