One of the security improvements for the Always Fresh IT environment is to ensure all workstations and
servers run secure applications. The company needs policies that set security requirements for the
software. These policies will guide administrators in developing procedures to ensure all client and server
software is as secure as possible.
Specifically, you will write two policies to ensure web server software and web browsers are secure. Your
policy statements will describe the goals that define a secure application.
Consider the following questions for web server software and web browsers:
1. What functions should this software application provide?
2. What functions should this software application prohibit?
3. What controls are necessary to ensure this applications software operates as intended?
4. What steps are necessary to validate that the software operates as intended?
Create two policies—one for web server software and one for web browser clients. Remember, you are
writing policies, not procedures. Focus on the high-level tasks, not the individual steps.
Use the following as a guide for both policies:
▪ Type of application software
▪ Description of functions this software should allow
▪ Description of functions this software should prohibit
▪ Known vulnerabilities associated with software
▪ Controls necessary to ensure compliance with desired functionality
▪ Method to assess security control effectiveness
▪ Internet access
▪ Course textbook
▪ Format: Microsoft Word (or compatible)
▪ Font: Arial, size 12, double-space
▪ Citation Style: Follow your school’s preferred style guide
▪ Length: 1 to 2 pages
▪ I created two policies that addressed all issues.
▪ I followed the submission guidelines.