Website Testing and Security

• It’s important to fully test any sort of web application development for functionality, security, etc. Outline the major componenents that you would include in your test plan in order to make sure that your Web application is secure. Provide a rationale for your test plan components.
• Imagine that you are an IT Security Manager. You want to have your security team perform penetration testing as part of vulnerability testing on your current systems.  Your CIO wants to hire an outside company to perform the penetration testing.  Choose a side and argue for or against hiring an outside company.  What are the potential benefits and risks with penetration testing in general.

“End-Point Device Security“

• Assume you are an IT Manager in charge of developing policies for your organization’s upcoming BYOD usage announcement.  Policies could include categories such as devices supported, passwords,employee use, applications, expense reimbursement, etc.  What are the top five (5) policies that you would include?  Be sure at least one (1) of the policies involves security.
• • Determine what you believe to be the top three (3) physical security risks for endpoint devices. Create a list of three (3) best practices that you would follow in order to secure your devices, physically and otherwise