Question: The following security controls should be applied to the application (check the NIST Security Controls Database for details, description, and guidance for each control:

The following security controls should be applied to the application (check the NIST Security Controls
Database for details, description, and guidance for each control:


 -  AC-7 - UNSUCCESSFUL LOGON ATTEMPTS
 -  AC-8 - SYSTEM USE NOTIFICATION
 -  AU-3 - CONTENT OF AUDIT RECORDS
 -  AU-8 - TIME STAMPS
 -  IA-2(1) IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS) | NETWORK
      ACCESS TO PRIVILEGED ACCOUNTS (Note this is an enhancement of an existing low-impact
      security control)
 -  Select one additional low-impact security control and implement it. This can be an
      enhancement or a required low-impact security control. Selecting a control that provides
      documentation as opposed to code changes is also acceptable and encouraged.


Hints:


a.   Start with the baseline Login Application and add methods (or additional classes) as needed to
      comply with each of the security controls.
b.   You will need to make some decisions for the implementation of the security audit/log files
      format.
c.   For the multi-factor authentication, keep it simple. One approach is to send an email to the user
      with a security code. Then, have them check their email and enter the code. If the code
      matches, they are properly authenticated.
d.   JavaMail
e.   Pay attention to the details of the NIST database description and make sure all of the selected
      security controls for this project are fully implemented.

Looking for some additional guidance on how to apply these NIST security controls to the application in the code above.

8 | SDEV 425 HW 2 Part I | 8/23/23 * Initial HW 2 Template downloaded code without mods 8/ * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. 8/ package sdev425hw2; import javafx.application. Application; import javafx.event.ActionEvent; import javafx.geometry.Pos; 

8 | SDEV 425 HW 2 Part I | 8/23/23 * Initial HW 2 Template downloaded code without mods 8/ * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. 8/ package sdev425hw2; import javafx.application. Application; import javafx.event.ActionEvent; import javafx.geometry.Pos; import javafx.scene.Scene; import javafx.scene.control.Button; import javafx.scene.control.Label; import javafx.scene.control. PasswordField; import javafx.scene.control. TextField; import javafx.scene.layout.GridPane; import javafx.scene.paint.color; import javafx.scene.text.Text; import javafx.stage.Stage; /** *@author jim Adopted from Oracle's Login Tutorial Application * https://docs.oracle.com/javafx/2/get_started/form.htm 8/ public class SDEV425_2 extends Application {

Step by Step Solution

3.57 Rating (157 Votes )

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock

To apply the NIST security controls to the Java application provided we can follow these steps 1 AC7 UNSUCCESSFUL LOGON ATTEMPTS Implement a mechanism to track unsuccessful login attempts You can crea... View full answer

blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Programming Questions!

Q:

Case Study: Quick Fix Dental Practice Technology requirements Application must be built using Visual Studio 2019 or Visual Studio 2017, professional or enterprise. The community edition is not...

Q:

Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...

Q:

Googles ease of use and superior search results have propelled the search engine to its num- ber one status, ousting the early dominance of competitors such as WebCrawler and Infos- eek. Even later...

Q:

Which of the following security settings, when remotely applied to a group of computers running Windows Server 2008 R2 in an Active Directory forest, will take precedence over all the others? A....

Q:

Please help with solving questions 1-6 as detailed as possbile. Your audit firm, Hawk & Soar, PLLC, has been engaged to perform the annual audit of TealDeal, Inc. The Company manufactures and sells...

Q:

An employee was promoted within the organization and relocated to a new office in a different building. A few months later, security personnel discovered that the employee's smart card was being used...

Q:

Case 3 (20 points): Audit Sampling Case This Case Study is an Audit Sampling case. Note that 4 points out of the 20 total available points for the case assignment will be based on your participation...

Q:

Of the following security controls, which unique design type is a manual control that does not avert an incident from happening but rather alerts an organization about the breach? A. Preventive B....

Q:

Which of the following security controls can provide cloud customers role - based control for critical information within the enterprise?

Q:

Which of the following security controls can provide cloud customers role - based control for critical information within the enterprise?

Q:

Referring to Example 5.10, Comment 4, consider a sudden exposure of the surface to large surroundings at an elevated temperature (Tsur) and to convection (T, h). (a) Derive the explicit,...

Q:

Nina graduated from university in 2021 with a large tuition loan but was excited to have landed a very lucrative job with Microsoft. Despite the great salary, she was terrible at managing her money....

Q:

The area of the shaded region between - 0 . 3 3 and 2 . 1 8 is what?

Q:

You have just received a loan from your bank for $19,000 and you will use it to buy a car. The interest rate is 6 percent and the term of the loan is 6 years. You will make 6 equal annual payments...

Q:

what elements of OSHA's guidelines on workplace violence can be adapted for future use in most types of business and industrial firms?

Q:

Use those word for Literary Devices. ( Allegory, Alliteration, Antagonist, Anthropomorphism, Blank verse, Characterization, Climax, Conflict, Creative license, Dramatic irony, Figurative language,...

Q:

Using the method of integration, find the centroid of the area. Snipping Tool y Mode Detay X = ky. Answer(s): nip mode us Cutton Snipping To 175mm Iha future upda S home Try impro &Sketch (or try...

Q:

Using the method of integration, derive the equation for the centroid of the area. y Answer(s):

Q:

RuizRecitation Activity 1Instructions: Please work in small groups (3 or 4 students) on the following problems. You are expected to finish these problems even if there was not enough time in class to...

Q:

Identify the main features of control over inventories and production.

Q:

Below is a list of problem situations. In each case, discuss some of the major steps you would follow in systems analysis. a. A company has problems with raw material shortages. b. A company has...

Q:

Equity Financing Life Insurance Company is headquartered in Miami, Florida. The company is very large, so it operates an enormous mainframe computer system. Recently, a group of political radicals...

Q:

Promotional Novelties manufactures a wide range of novelty items for its corporate customers, It has just received an order for 20,000 toy tractor-trailers that will be sold by a gas station chain as...

Q:

A small furniture maker has just received an order to deliver 250 chairs at the beginning of week 6. The production/purchase planner needs to arrange for the assembly of subassemblies and purchase of...

Q:

Using the drawing of a pair of scissors below, do the following: a. Draw the product structure tree for the scissors. b. Perform MRP for the scissors and all its components except the screw. Lead...