A security engineer is working on a large software development project.

A security engineer is working on a large software development project. As part of the design of

the project, various stakeholder requirements were gathered and decomposed to an implementable and testable level. Various security requirements were also
documented. Organize the following security requirements into the correct hierarchy required for an SRTM.
Requirement 1: The system shall provide confidentiality for data in transit and data at rest.
Requirement 2: The system shall use SSL, SSH, or SCP for all data transport.
Requirement 3: The system shall implement a file-level encryption scheme.
Requirement 4: The system shall provide integrity for all data at rest.
Requirement 5: The system shall perform CRC checks on all files.

A security engineer is working on a large software development project. As part of the design of

the project, various stakeholder requirements were gathered and decomposed to an implementable and testable level. Various security requirements were also
documented. Organize the following security requirements into the correct hierarchy required for an SRTM.
Requirement 1: The system shall provide confidentiality for data in transit and data at rest.
Requirement 2: The system shall use SSL, SSH, or SCP for all data transport.
Requirement 3: The system shall implement a file-level encryption scheme.
Requirement 4: The system shall provide integrity for all data at rest.
Requirement 5: The system shall perform CRC checks on all files.

A.
Level 1: Requirements 1 and 4; Level 2: Requirements 2, 3, and 5

B.
Level 1: Requirements 1 and 4; Level 2: Requirements 2 and 3 under 1, Requirement 5 under 4

C.
Level 1: Requirements 1 and 4; Level 2: Requirement 2 under 1, Requirement 5 under 4; Level
3: Requirement 3 under 2

D.
Level 1: Requirements 1, 2, and 3; Level 2: Requirements 4 and 5



Leave a Reply 0

Your email address will not be published. Required fields are marked *