Question

1. describe many pitfalls on the path to data fluency. Pick any two pitfalls from the book and apply your knowledge of SDLC on each scenario to suggest ways to improve data fluency in these scenarios. (40 points)

2. The employee education department of a large corporation has been centralized. As a consequence, the educators must travel among all locations of the branches. They use their smart phone to interact and share their schedules and data. What are the steps you would take to secure these transactions by applying your knowledge of the security triad? Describe each step. (30 points)

3. Usability is a term that denotes the ease with which people can use an interface to achieve a particular goal. Conduct Internet research and find out what usability test is? Then describe how you would evaluate the usability of a smart phone scheduling app for the above corporation. (30 points) Must include the link/URLs/sources of your search results.

Answer 1

What is Data Fluency?

Data fluency enables people to express ideas about data in a shared language. It connects employees across roles through a set of standards, processes, tools and terms. Data Fluency matters as it drives decision making .

Pitfalls of Data Fluency related to SDLC:

1.Poorly defined goals : Not having more people who speak language of data, Less skilled producers of data products

2.Inadequate Documentation and Gaps in Communication : No organizational culture with the conditions to support data discussions and no agile systems

3.Scope Creep and Lack Of Stake Holders

4.Failing to Anticipate Problems

5.Failing to Allocate Task properly

b)Steps we would take to secure these transactions by applying our knowledge of the security triad:

1.Mobile Application Penetration Testing
We can develop advance application cyber testing methodology and integrate it with other methodologies to include vast testing at the application level.My suggestion or approach will be to focuses on exposing all the vulnerabilities and weaknesses within the application in order to determine the gap between the application security state and the industry’s best practices.

2.Security Development Lifecycle
We should offers a Secure Development Life Cycle (SDLC) guidance and consulting. These services help in early detection of application vulnerabilities and prevention is far more secure and cost effective than implementing post- production security fixes.

3.Infrastructure Penetration Testing
External and Internal infrastructure Penetration Tests. An infrastructure penetration test is a proven method of evaluating the security of your computing networks infrastructure weaknesses by simulating a malicious attacker from the outside world (internet) or as an internal authorized employee.

4.Security Audits
Security audit is a systematic, measurable technical test of the organization's security employment of its policy. It is part of the process of maintaining effective security policies.

c)Usability Test:

For scheduling an application we have three ways:

Receiver: We will receive an event by clicking on User friendly Button.

Timer: We will give this timer to listener and will went to scheduler.

Scheduler:Scheduler will schedule the event.

Url And Links

Phase ||Security Practice Usability Practice Planning Security training Human-centered Security objectives Context specification Security requirements Usage scenarios Requirements Quality gates User analysis Risk assessment Task analysis Specifications Usability specifications Attack surface analysis Concept development Threat modeling Prototypes Design Design review Interaction design Design review Approved tools Approved tools Security patterns User interface patterns Implementation Static analysis Interface development Code review User interface review Dynamic analysis Expert review Testing Attack surface review Usability evaluation Acceptance testing Incident response plan Surveys and interviews Deployment Security review Release Archive Maintenance Incident plan Usability review

https://www.tutorialspoint.com/software_testing_dictionary/usability_testing.htm

You can learn to draw diagram

https://online.visual-paradigm.com/diagrams/solutions/free-use-case-diagram-tool/