Application: Web Servers and Security Development Life Cycle Web servers often receive confidential customer information at the front end and store it at the back end. Attackers can gain access to such information by attacking the front end, the back end,

technical writing

Description

Application: Web Servers and Security Development Life Cycle Web servers often receive confidential customer information at the front end and store it at the back end. Attackers can gain access to such information by attacking the front end, the back end, or both. Both the front end applications and the back end database need to be secured. Intruders can cause serious damage to the customers whose information is stored in the server, and thus can result in causing damage to the organization. The Microsoft Security Development Lifecycle (SDL) is an example of how an organization can develop applications in a secure way and ensure that code updates and newly discovered vulnerabilities are dealt with appropriately to manage risk. The SDL emphasizes making security an integral part of the software development lifecycle (SDLC). Consider the following scenario: At your company, web servers on the Internet allow customers to access a consumer web application for retail purchases. 


The web servers run Microsoft IIS software and use a back-end SQL database that stores confidential, personally identifiable information about the users of the application. However, the company is not satisfied with the security of the current software and the database and wants to develop them in-house for enhanced security. Based on your reading and additional research, write a 4- to 6-page paper recommending security tools and processes to manage your company’s web application. Cover the following points: Explain two possible attack scenarios on the web servers. Explain the potential damages from each of the attacks. Clarify how and where your company can incorporate security measures into the SDLC to achieve these goals: Develop more secure applications Audit application security Keep applications secure in light of newly discovered vulnerabilities and threats I need in apa style with appropriate references and with nothing plagiarized!


Related Questions in technical writing category


Disclaimer
The ready solutions purchased from Library are already used solutions. Please do not submit them directly as it may lead to plagiarism. Once paid, the solution file download link will be sent to your provided email. Please either use them for learning purpose or re-write them in your own language. In case if you haven't get the email, do let us know via chat support.