Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

For each of these 6 requirements brifly identify and justify: - How you will val

ID: 3679449 • Letter: F

Question

For each of these 6 requirements brifly identify and justify:

- How you will validate the software against this

- How you will verify the software meets this requirement

- Can the testing for this be automated, and if so how?

- Would you mainly use positive or negative test cases, why?

Functional Requirements:

Authentication allow patiens to log in the system

Set the dates and times where the patients will be contacted to answer pre-set questions

Have different secure type of Payments e.g. Paypal, Skrill etc.

Non-functional Requirements

Allow patients to log in but the limit the log in attempts to limit the chance of hacking

Physiotherapists profile will be moderated and checked because they might add fake infromation like diplomas, certificates etc.

Having 2 type of encryption will make patients and physiotherapists more secure by making sure they are protected.

if possible, can you use different types of testing,

validation and verification.

Explanation / Answer

How you will validate the software against this

The authentication process has two fundamental parts—credentials and validation.

Credentials

Credentials assert the identity of the applicant. A validating agent either confirms or denies the validity of the credentials, determining the level of trust granted the applicant. At an international border, for example, a passport issued by a recognized national government would be a traveler’s credentials, and a crossing guard representing the government of the country/region one attempts to enter would be the validating agent. Typically, a passport is considered a strong guarantee of a bearer’s identity. On the other hand, a business card is another kind of a credential—or proof of identity—that is validated with much less rigor.

In Windows 2000 and Windows XP Professional, a user’s credentials can be supplied by a password, a Kerberos ticket, or a smart card if the computer is equipped to handle a smart card. For more information about smart cards, see “Smart Cards” later in this chapter.

Validation

Validation in Windows is performed by a protected subsystem called the Local Security Authority (LSA), which maintains information about all aspects of local operating system security. In addition to providing interactive user authentication services, the LSA does the following:

Manages local security policy.

Manages audit policy and settings.

Generates tokens that contain user and group information as well as information about the security permissions for the user.

- How you will verify the software meets this requirement

When a user logs on to a computer, a series of steps begins that makes up the authentication process. Authentication validates user identity and defines resources that a user can access. Windows operating systems use NTLM or the Kerberos V5 authentication protocol.Authentication is mostly automatic, but understanding the protocols, policies, and other elements involved can help you configure and manage authentication—and strengthen security.

Windows XP Professional
Everyone membership.The built-in Everyone group includes Authenticated Users and Guests, but it no longer includes members of the Anonymous group.

Simple file sharing.By default, on Windows XP Professional systems that are not connected to a domain, all attempts to log on from across the network will be forced to use the Guest account. In addition, on computers that are using the simple file sharing security model, the Security Properties dialog box is replaced by a simplified Shared Documents Properties dialog box.

Administrative ownership.In Windows NT 4.0 and Windows 2000, all resources such as files and folders that are created by a member of the Administrators group belong to the group as a whole. In Windows XP Professional, these resources by default belong to the individual who creates them.

Encrypting File System (EFS) recovery agent.In a Windows 2000 environment, if you attempt to configure an EFS recovery policy with no recovery agent certificates, EFS is automatically disabled. In a Windows XP Professional environment, the same action enables users to encrypt files without a Data Recovery Agent.

Permissions for installing printers.To install a local printer in Windows XP Professional, you must belong to the Power Users or Administrators group and have the Load/Unload Device Driver privilege. Administrators have this privilege by default, but it must be explicitly granted to Power Users.

Blank password restriction.To protect users who do not password-protect their accounts, Windows XP Professional accounts without passwords can be used only to log on at the physical computer console and not remotely over the network.

Can the testing for this be automated, and if so how.

Although a strong password can help protect against intruders, given enough time, automated password-cracking tools can crack any password. Changing passwords can minimize the risk of an intruder determining a password. It also minimizes potential damage when a password is compromised without the user’s knowledge.

- Would you mainly use positive or negative test cases, why?

A positive test case tests that a system does what it is supposed to.
Example: will allow you to login when valid credentials are supplied.

A negative test case tests that a system does not do things it shouldn't.
Example: should not allow you to login when invalid credentials are supplied.

Permissions for installing printers.

To install a local printer in Windows XP Professional, you must belong to the Power Users or Administrators group and have the Load/Unload
Device Driver privilege. Administrators have this privilege by default, but it must be explicitly granted to Power Users.

Blank password restriction.

To protect users who do not password-protect their accounts, Windows XP Professional accounts without passwords can be used only to log on
at the physical computer console and not remotely over the network.

Related Questions

For each of the statements below, choose \"silicic magma\" or \"mafic magma\" or
Question #284777
For each of the statements below, explain why the statement is either TRUE or FA
Question #1223430
For each of the statements below, explain why the statement is either TRUE or FA
Question #1223700
For each of the statements below, if the argument is correct, then state the rul
Question #3013256
For each of the statements below, label it (a) if it is a group selectionist hyp
Question #18843
For each of the statements below. State whether it is True or False. If you chos
Question #2327891
For each of the statements regarding the leading statement, circle whether the s
Question #1440400
For each of the statemnts decide whether it is true (T) or false (F). Substantia
Question #3039396

Navigate

Previous
For each of the “even” numbered software errors discussed on http://cwe.mitre.or
Next
For each of these arguments, explain which rules of inference are used for each

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.