CS 405 Final Project
Question Description
.I. Executive Summary: Provide a high-level overview of the contents of your report for the leadership team. Include your findings on major security flawsuncovered and the impact vulnerabilities pose.II. Summary of MethodsIn this section, you will describe the various methods used to identify vulnerabilities in the source code.A. Describe how and when you used methods to visually inspect the code to identify the vulnerabilities you found. [CS-405-01]B. Describe how and when you used the compiler errors or warnings to identify the vulnerabilities you found. [CS-405-01]C. Explain how and when you used a static analysis tool to identify the vulnerabilities you found. [CS-405-01]III. Vulnerability FindingsIn this section, you will assess the identified weaknesses in the following areas: String-formatted output Memory management Pointers Integer arithmetic Code qualityProvide the following for each indicated weakness:A. An evaluative description that explains why the code is insecure and details the implications of the weakness [CS-405-02]B. Remediation recommendations as modified code that corrects the weakness or reduces the vulnerability [CS-405-03]IV. Depth of Audit: You will be graded on the percentages of weaknesses and vulnerabilities that you identify in your secure code audit report.These sections should adhere to best practices and industry standards.
Part II: Case Study AnalysisBased on the provided documentation on the following two case studies from Predicting Software Assurance Using Quality and Reliability Measures, provide abrief analysis of the two case studies.I. Case One: Database Vulnerabilities (Apple Coding Vulnerability, found on page 19)Given the particular scenario pertaining to the database system, evaluate security aspects of program designs and architectures for defending againstattacks:A. Explain the security issues present, indicating the potential risks that the issues pose. [CS-405-04]B. Recommend testing types or processes necessary to identify the vulnerabilities. [CS-405-04]II. Case Two: Architecture-Specific Vulnerabilities (Heartbleed Vulnerability, found on page 21)Given the particular scenario pertaining to a server, evaluate security aspects of program designs and architectures for defending against attacks:A. Explain the security issues present, indicating the potential risks that the issues pose. [CS-405-04]B. Recommend testing types or processes necessary to identify the vulnerabiliti
Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."