Security architecture and design | Computer Science homework help

Respond to each question below. Remember to cover all aspects of the question. 

1. Successful security architecture needs upper management to support effective security standards and protocols. However, there are possible disadvantages to upper management involvement. List and describe the tradeoffs in the business between rigorous security and delivering products to customers. Go beyond merely the automated solutions or the technical checks that can be done without much human support.

2. Examine how capturing, standardizing, applying patterns, and standard solutions help to increase efficiency and maintain delivery teams’ velocity. Provide at least 3 real-world examples which describe and examine how they provide the velocity. Do not simply provide a list of things teams can do but for each idea, define the idea and explain its relevance. 

3. Schoenfield lists several components of a successful security architecture practice, such as broad support across the organization, recruitment, and training of security architects with the right kind of aptitude and interest, effective security requirements that enhance but do not slow down the innovation process, and finally, indicators that the security architecture team is being well utilized and adding value to project development. Describe what each of these components is and explain how each is relevant to security development. Include detail and examples.

TextBook: Schoenfield, Brook S.E. – Securing Systems: Applied Security Architecture and Threat Models, CRC Press, 2014 ISBN: 978-1-4822-3397-1

The Top questions should be covered from the concept of the below 13 chapters of Security Architecture and Design:  

Chapter 1: Introduction

Chapter 2: The Art of Security Assessment

Chapter 3: Security Architecture of Systems

Chapter 4: Information Security Risk

Chapter 5: Prepare for Assessment

Chapter 6: eCommerce Website

Chapter 7: Enterprise Architecture

Chapter 8: Business Analytics

Chapter 9: Endpoint Anti-malware

Chapter 10: Mobile Security Software with Cloud Management

Chapter 11: Cloud Software as a Service (SaaS)

        Chapter 12: Patterns and Governance Deliver Economies of Scale

Chapter 13: Building an Assessment Program