Telecommunications Engineering homework help

/in /by

APA style, 1 paragraph each question
 
Use the above textbook reference:
Schoenfield, B. S. (2015). Securing systems: Applied security architecture and threat models. CRC Press.
Architecture Risk Assessment (ARA) and threat modeling. Upper management needs to support the security standards. There are inevitable tradeoffs in business between rigorous security and delivering products to customers, so there needs to be a balance between the security standards and the time lag they can create on innovation and product delivery.
 
Question 1: Expressing Security Requirements: Expressing Security Requirements to Enable? Who Consumes Requirements? Getting Security Requirements Implemented? Why Do Good Requirements Go Bad?
Question 2: Building an Assessment Program? Building a Team? Peer Review and Workload?
 
Question 3: Successful security architecture needs upper management to support for effective security standards and protocols. However, there are possible disadvantages to upper management involvement. List and describe the tradeoffs in business between rigorous security and delivering products to customers. Go beyond merely the automated solutions, or the technical checks that can be done without much human support.
 
Question 4: Examine how capturing, standardizing, applying patterns, and standard solutions help to increase efficiency and maintain delivery teams’ velocity. Provide at least 3 real-world examples which describe and examine how they provide the velocity. Do not simply provide a list of things teams can do but for each idea, define the idea and explain its relevance.
 
Question 5: Schoenfield lists several components of a successful security architecture practice, such as broad support across the organization, recruitment and training of security architects with the right kind of aptitude and interest, effective security requirements that enhance but do not slow down the innovation process, and finally, indicators that the security architecture team is being well utilized and adding value to project development. Describe what each of these components are and explain how each is relevant to security development. Include detail and examples.