Question

Part of implementing Quality Windows Limited new enterprise resource planning (ERP) software is ensuring all workstations and servers run secure applications. Since the ERP software is new, Quality Windows Limited needs a new policy to set security requirements for the software. This policy will guide administrators in developing procedures to ensure all client and server software is as secure as possible. The goal is to minimize exposure to threats to any part of the new ERP software or resources related to it.

Describe the goals that define a secure application. Specifically, you will write two policies to ensure Web browsers and Web servers are secure. All procedures and guidelines will be designed to fulfill the policies you create.

Answer the following questions for Web browser and Web server software:

a. What functions should this software application provide?
b. What functions should this software application prohibit?
c. What controls are necessary to ensure this applications software operates as intended?
d. What steps are necessary to validate that the software operates as intended?

Answer 1

A)i) web browser software :

ii) web server software :

B) i) Web browser software: Auto-download updates and Tracking functionality

ii) web server software : unauthorized access and unsecure connection from web browse

C) i) Legal and regulatory controls

ii) Access controls

D) i) Validation process -

ii) Define Requirements-

iii) Develop:

iv)Testing: Test what has been developed

v) Review/Management :

Step-by-step explanation:

A ) Functions that the software application should provide

i) web browser software : This functions requires the software to make requests from the relevant web pages and sending them to the web server software application and serve it up to customers

ii) web server software : This function means that the software should be able to store, process and deliver web pages to web browser applications’.

B) Functions that this software application should prohibit

i) Web browser software: Auto-download updates and Tracking functionality

ii) web server software : unauthorized access and unsecure connection from web browser

C) Controls that are necessary to ensure application software operates as intended

i) Legal and regulatory controls such as privacy laws, and copyright policies will help the software operate smoothly

ii) Access controls such as user authentication when a user is trying to login is very vital for the security of the user

D Steps necessary to validate that the software operates as intended

i) Validation process - The validation process is the first step which is intended to implement plans that identifies who has access to the software, what is been done on the software, and where the software is going to be accessed from.

ii) Define Requirements- defining the functions of the software and what the system can't do as well

iii) Develop: after Defining the requirements the next step is to develop the software in line with the defined requirements

iv)Testing: Test what has been developed

v) Review/Management : After successful testing of the product/software a review of the whole process before commercializing it is required as well