Cashback Offer (20th - 30th September 2020). Get Flat 10% Cashback credited in your account on a minimum transaction of $80. Post Your Question

Question Details Normal
$ 32.00

Application 4 | Interpreting Results and Recommending Mitigations

Question posted by
Online Tutor Profile
request

Bugzilla provides extensive, detailed documentation of the level of known vulnerability of any application's code. The problem that this raises for your CISO is that, because there are always a lot of bugs in any product, the reports coming out of Bugzilla are far too extensive and technical for any of the business managers to understand. So they want you to use Bugzilla to answer a simple question clearly: "How insecure are we?"

To begin your assignment:

 

•Go to Bugzilla and search for "insecure."

•Sort your results by "severity" (by selecting the heading labeled "Sev"). Be sure to take a screenshot of your sorted results.

•Choose two items on the list that have a severity ranking of "blocker," "critical," or "major." Then examine their details by selecting the ID number next to each item. Try to understand the mechanics of each vulnerability (e.g., what causes the vulnerability and how does the vulnerability represent a risk at the program level?)

Then, answer the following questions in a 2- to 3-page paper:

 

•In lay terms, briefly describe the two vulnerabilities you have selected. Include in your description what causes the vulnerabilities and how they represent a risk at the program level?

•Explain to the managers what types of tests and reviews should be deployed in order to determine the company's exact status on each item. For example, if cross-site scripting is one of your chosen issues, how do you propose to detect cross-site scripting problems? What are some sample testing or review approaches you might employ to determine whether the company is vulnerable to such an issue?

•Assume that the CISO has told you that the company only has resources to correct one of these vulnerabilities. What specific testing and/or review approach would you suggest in order to determine which one to correct? Provide a practical business justification for your proposal that examines the assumed resource commitment for the testing versus any known effect of each vulnerability.

Be sure to include the screenshot of your sorted results as an appendix to your paper.

Available Answers
$ 32.00

[Solved] Interpreting Results and Recommending Mitigations | Application 4 | Scored 100%

  • This solution is not purchased yet.
  • Submitted On 16 Jan, 2015 07:51:05
Answer posted by
Online Tutor Profile
solution

Sometimes when we are on a secure page in a website and we try to navigate to some other webpage by particularly selecting File menuļƒ  Open option. If the webpage being opened is an insecure page, Firefox issues a security warning that that We are going from a secured page to a...

Buy now to view the complete solution

The benefits of buying study notes from CourseMerit

Assurance Of Timely Delivery
We value your patience, and to ensure you always receive your homework help within the promised time, our dedicated team of tutors begins their work as soon as the request arrives.
Best Price In The Market
All the services that are available on our page cost only a nominal amount of money. In fact, the prices are lower than the industry standards. You can always expect value for money from us.
Uninterrupted 24/7 Support
Our customer support wing remains online 24x7 to provide you seamless assistance. Also, when you post a query or a request here, you can expect an immediate response from our side.
closebutton
Only 45 characters allowed.
closebutton

$ 629.35