CS 405 Project Two Presentation - Christopher Roelle

.pptx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

405

Subject

Information Systems

Date

Apr 3, 2024

Type

pptx

Pages

Uploaded by CaptainStingray2490

Green Pace Security Policy Presentation Developer: Christopher Roelle

OVERVIEW: DEFENSE IN DEPTH

THREATS MATRIX [Populate the Threats Matrix table and provide explanations to summarize of all of your security risks.] Likely [Insert text here.] Priority [Insert text here.] Low priority [Insert text here.] Unlikely [Insert text here.]

10 PRINCIPLES • Validate Input Data • Heed Compiler Warnings • Architect and Design for Security Policies • Keep it Simple • Default Deny • Adhere to the Principle of Least Privilege • Sanitize Data Sent to Other Systems • Practice Defense-in-Depth • Use Effective QA Techniques • Adopt a Secure Coding Standard

CODING STANDARDS High-Priority • STD-003-CPP – String Correctness – Buffers • STD-004-CPP – SQL Injection – Parameterization of Tokens • STD-005-CPP – Memory Protection – Allocation errors • STD-008-CPP – Iterators – Valid Loop Constraints Low-Priority • STD-001-CPP – Data Type – Underflow/Overflow • STD-002-CPP – Data Value – Incorrect Casting • STD-006-CPP – Assertions – Assertions are not logic control • STD-007-CPP – Exceptions – Catch Exceptions • STD-009-CPP – I/O – Close I/O after use • STD-010-CPP – One-Task Object/Functions – Keep It Simple

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help