FOR THE THREAT MODEL SECTION OF THE PAPER I NEED A GRAPHIC OF A THREAT MODEL CREATED USING MICROSOFT THREAT MODELING TOOL. PLEASE DO NOT IGNORE THIS VERY IMPORTANT STEP.
CHOSEN TOPIC IS CROSS-SITE SCRIPTING AKA XSS
I WILL HANDLE THE COVER PAGE, I JUST NEED YOU TOO HANDLE TO PAPER AND THE WORKS CITED.
Secure Web Application Architecture Design – Final Project
Learning Objectives
Research a secure web application architecture accounting
for application and operating system
vulnerabilities based on the Common Vulnerability Scoring
System (CVSS). The base operating system
will be RedHat Linux, Apache, MySQL, and PHP. Known as the
LAMP stack this development stack will
provide the opportunity to model a real-world secure
architecture.
Note: Include vulnerabilities specific to your topic when
possible. In some cases, the
topic will not have specific web server or operating system
vulnerabilities associated
with it. In those cases, an unrelated vulnerability is
acceptable.
Overall Assignment Requirements
You will be assigned one of the OWASP top ten web
application vulnerabilities as the topic of your final
project.
CHOSEN TOPIC – CROSS-SITE SCRIPTING
Once assigned a topic you research the vulnerability and
provide an overview of the vulnerability
including a threat model on threats associated with your
topic, and finally an applicable ASVS controls
that help secure a web application from your specific
vulnerability. On a more abstract level, design a
secure and resilient application architecture to protect
transactions as they pass through an enterprise
environment. Think of it in eliminating any single points of
failure. For example, a single firewall or
database server would cause a transaction to fail if one of
those components were unavailable.
Report Sections
Include the following sections in your Report:
Introduction
This section will include specific information about your
topic and why it is dangerous.
Vulnerability
This section will focus on the LAMP stack and 2
vulnerabilities from each component of WAMP.
Threat Model
Secure Architecture Design – Final Project
Version 4
This section will contain a threat model showing STRIDE
threats specific to your project topic.
Proposed Resilient Architecture
This section will show a secure and resilient architecture
designed by you to ensure the web
application is available and secure to the users.
Compensating Controls
This section includes ASVS controls applicable to the topic
you were assigned.
Conclusion
Closing thoughts and summary.
Final Project Paper Requirement
Introduce the paper and what it will cover. Research and
provide any vulnerabilities currently available
for the software stack on the web server. Provide a threat
model diagram and associated logic to
support the model. Define a multi-tier, enterprise security
architecture based on a resilient components
that eliminate any single points of failure. Provide
compensating controls that cover a least four ASVS
items relevant to the OWASP vulnerability selected.
Requirements:
• Provide a detailed background on the topic assigned.
• Maximum of two vulnerabilities per system component: OS,
Web Server, Database, and
Language for a total of eight items.
o Example: Linux vulnerability x2 = 2, Apache vulnerability
x 2 = 2, MySQL vulnerability x2
= 2, and PHP vulnerability x2 = 2 for a total of 8 items.
• Complete threat model including at least five STRIDE
threats that can affect the overall system.
• Proposed secure and resilient architecture including
multitier application, security devices,
database, and multiple security zones. You must include
Threat Model and proposed
Enterprise Architecture DIAGRAM in your paper. These are NOT
the same diagram.
• Minimum of four ASVS 4.0 controls to be implemented to
secure the system(s) against the
vulnerabilities discovered.
Secure Architecture Design – Final Project
Version 4
Possible Points
200 Points possible for the assignment (20% of final grade)
• 150 points possible for the paper (final paper submission)
• 50 points possible for the presentation (final
presentation submission)
Required Resources
Any websites, references, or tools discussed in class or
retrieved from research.
Do not copy and paste directly from websites, synthesize the
information in your own words. Any
information found to be directly copied from any public
source without proper citation and reference
will be considered plagiarism.
Submission Requirements
Format: Microsoft Word
Font: Times New Roman, Size 12, Double-Spaced
Citation Style: APA (https://library.cscc.edu/apa)
Length: 4-5 pages not including the title or reference pages
Filename: FLast_FinalAssignment.docx (Example: John Smith |
JSmith_FinalAssignment.docx)
FOR THE THREAT MODEL SECTION OF THE PAPER I NEED A GRAPHIC OF A THREAT MODEL CRE
Struggling With a Similar Paper? Get Reliable Help Now.
Delivered on time. Plagiarism-free. Good Grades.
What is this?
It’s a homework service designed by a team of 23 writers based in Carlsbad, CA with one specific goal – to help students just like you complete their assignments on time and get good grades!
Why do you do it?
Because getting a degree is hard these days! With many students being forced to juggle between demanding careers, family life and a rigorous academic schedule. Having a helping hand from time to time goes a long way in making sure you get to the finish line with your sanity intact!
How does it work?
You have an assignment you need help with. Instead of struggling on this alone, you give us your assignment instructions, we select a team of 2 writers to work on your paper, after it’s done we send it to you via email.
What kind of writer will work on my paper?
Our support team will assign your paper to a team of 2 writers with a background in your degree – For example, if you have a nursing paper we will select a team with a nursing background. The main writer will handle the research and writing part while the second writer will proof the paper for grammar, formatting & referencing mistakes if any.
Our team is comprised of native English speakers working exclusively from the United States.
Will the paper be original?
Yes! It will be just as if you wrote the paper yourself! Completely original, written from your scratch following your specific instructions.
Is it free?
No, it’s a paid service. You pay for someone to work on your assignment for you.
Is it legit? Can I trust you?
Completely legit, backed by an iron-clad money back guarantee. We’ve been doing this since 2007 – helping students like you get through college.
Will you deliver it on time?
Absolutely! We understand you have a really tight deadline and you need this delivered a few hours before your deadline so you can look at it before turning it in.
Can you get me a good grade? It’s my final project and I need a good grade.
Yes! We only pick projects where we are sure we’ll deliver good grades.
What do you need to get started on my paper?
* The full assignment instructions as they appear on your school account.
* If a Grading Rubric is present, make sure to attach it.
* Include any special announcements or emails you might have gotten from your Professor pertaining to this assignment.
* Any templates or additional files required to complete the assignment.
How do I place an order?
You can do so through our custom order page here or you can talk to our live chat team and they’ll guide you on how to do this.
How will I receive my paper?
We will send it to your email. Please make sure to provide us with your best email – we’ll be using this to communicate to you throughout the whole process.
Getting Your Paper Today is as Simple as ABC
No more missed deadlines! No more late points deductions!
You give us your assignments instructions via email or through our order page.
Our support team selects a qualified writing team of 2 writers for you.
In under 5 minutes after you place your order, research & writing begins.
Complete paper is delivered to your email before your deadline is up.
Want A Good Grade?
Get a professional writer who has worked on a similar assignment to do this paper for you