ComputerScienceExpert
$18/per page/
Hello,
I am trying to get this project done. Can I get help? I've attached detail instruction pdf and the java code to be modified.
Part II: Apply select NIST low-impact security controls to the JavaFX Login application.The following security controls should be applied to the application (check the NIST Security ControlsDatabase for details, description and guidance for each control: AC-7 - UNSUCCESSFUL LOGON ATTEMPTS AC-8 - SYSTEM USE NOTIFICATION AU-3 - CONTENT OF AUDIT RECORDS AU-8 - TIME STAMPS IA-2(1) IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS) | NETWORKACCESS TO PRIVILEGED ACCOUNTS (Note this is an enhancement of an existing low-impactsecurity control) Select one additional low-impact security control and implement it. This can be anenhancement or a required low-impact security control. Selecting a control that providesdocumentation as opposed to code changes is also acceptable and encouraged.Hints:a. Start with the baseline Login Application and add methods (or additional classes) as needed tocomply with each of the security controls.b. You will need to make some decisions for your implementation for the security audit/log filesformat. Each student may have a slightly different implementation.c. For the multi-factor authentication, keep it simple. One approach is to send an email to the user with a security code. Then, have them check their email and enter the code. If the codematches, they are properly authenticated.d. There are examples for using JavaMail and writing to files in the materials for this week. Be sureto use those as needed.e. Pay attention to the details of the NIST database description and make sure all of the selectedsecurity controls for this project are fully implemented.f. Start on this early. This will take you longer than you think.
DeliverablesProvide your security fixed Java source code along with a PDF document describing how youaddressed each security control. For example, you should list the security control and thedescriptions and show and describe the code that addresses the security control. You should alsoprovide screen shots and descriptions of the successful executing the code and the resultant outputas applied to each security control. Be sure to submit all of your Java source code if you usedmultiple classes.Your code should be well-documented with comments, include header comments, use propervariable and naming conventions and properly formatted. (Use the Google Java style guidelinesprovided in the content-> Course Resources). Be sure your PDF document is neat, well-organizedand is well-written with minimal spelling and grammar errors. All references used should beincluded in your document.
FileWrite.java
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package filewrite;
import java.io.BufferedWriter;
import java.io.FileWriter;
import java.io.IOException;
/**
* @description This program will write text to a file and save the file in the
* project's root directory.
* @author Eric
*/
public class FileWrite {
/**
* @param args the command line arguments
*/
public static void main(String args) {
// declaring variables of text and initializing the buffered writer
String txt = "Hello World.";
BufferedWriter writer = null; }
} // write the text variable using the bufferedwriter to testing.txt
try {
writer = new BufferedWriter(new FileWriter("testing.txt"));
writer.write(txt);
}
// print error message if there is one
catch (IOException io) {
System.out.println("File IO Exception" + io.getMessage());
}
//close the file
finally {
try {
if (writer != null) {
writer.close();
}
}
//print error message if there is one
catch (IOException io) {
System.out.println("Issue closing the File." + io.getMessage());
}
}
Homework 2
Implementing Low-Impact Security Controls
Adding Select Security Controls to a Login Application Overview
In this homework you will enhance an existing JavaFX Login application to add select low-impacts
security controls based on recommendations from the NIST security controls database. We won’t be
able to implement all of the baseline controls for this exercise. However; the assignment details below
provide direction on which ones should be implemented. You will also asked to choose one additional
low-impact security control, of your choice and implement it.
Assignment
Part I: Review and Understand the Sample JavaFX application
More than likely you have not coded a JavaFX application before. However; if you successfully
completed the CMIS242 prerequisite, you have seen how to create Simple GUI’s using the Swing class.
JavaFX is quite similar to the Swing classes. In fact, most of the classes and methods provide the same
functionality. The sample code provided will refresh and enhance your GUI building skills.
1. Using Netbeans, start a new Java project. Select the JavaFX application option. 1 2. Name the project SDEV425HW2 (or a name of your choice). 3. Click Finish and the template application code will be provided. 2 4. Click the Green arrow to run the application. 5. Clicking the button will display “Hello World” in the Netbeans output.
6. Study the template code paying careful attention to the methods, and the use of the event handlers.
7. Using the Login Application, provided as an attachment in this assignment, copy and paste it into
your project. Note: you may need to change the class and package name of the Login application.
8. Run and experiment with the code so you understand what each line of code is doing.
9. Demonstrate you successfully completed this part of the assignment by providing screen captures
generated from your development environment showing both the FX Hello, World and SDevAdmin
login apps running with no additional modifications.
10. Describe an overview of the functionality of the SDEVAdmin login application pointing out the
functionality of critical code components. 3 4 Part II: Apply select NIST low-impact security controls to the JavaFX Login application.
The following security controls should be applied to the application (check the NIST Security Controls
Database for details, description and guidance for each control: AC-7 - UNSUCCESSFUL LOGON ATTEMPTS
AC-8 - SYSTEM USE NOTIFICATION
AU-3 - CONTENT OF AUDIT RECORDS
AU-8 - TIME STAMPS
IA-2(1) IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS) | NETWORK
ACCESS TO PRIVILEGED ACCOUNTS (Note this is an enhancement of an existing low-impact
security control)
Select one additional low-impact security control and implement it. This can be an
enhancement or a required low-impact security control. Selecting a control that provides
documentation as opposed to code changes is also acceptable and encouraged. Hints:
a. Start with the baseline Login Application and add methods (or additional classes) as needed to
comply with each of the security controls.
b. You will need to make some decisions for your implementation for the security audit/log files
format. Each student may have a slightly different implementation.
c. For the multi-factor authentication, keep it simple. One approach is to send an email to the user
with a security code. Then, have them check their email and enter the code. If the code
matches, they are properly authenticated.
d. There are examples for using JavaMail and writing to files in the materials for this week. Be sure
to use those as needed.
e. Pay attention to the details of the NIST database description and make sure all of the selected
security controls for this project are fully implemented.
f. Start on this early. This will take you longer than you think.
Deliverables
Provide your security fixed Java source code along with a PDF document describing how you
addressed each security control. For example, you should list the security control and the
descriptions and show and describe the code that addresses the security control. You should also
provide screen shots and descriptions of the successful executing the code and the resultant output
as applied to each security control. Be sure to submit all of your Java source code if you used
multiple classes.
Your code should be well-documented with comments, include header comments, use proper
variable and naming conventions and properly formatted. (Use the Google Java style guidelines
provided in the content-> Course Resources). Be sure your PDF document is neat, well-organized
and is well-written with minimal spelling and grammar errors. All references used should be
included in your document.
5 Grading rubric:
Attribute
Sample JavaFX
application NIST low-impact
security controls Meets
15 points
Provides screen captures
generated from your development
environment showing both the FX
Hello, World and SDevAdmin login
apps running with no additional
modifications. (8 points) Does not meet
0 points
Does not provide screen captures
generated from your development
environment showing both the FX Hello,
World and SDevAdmin login apps
running with no additional
modifications. Describes an overview of the
functionality of the SDEVAdmin
login application pointing out the
functionality of critical code
components. (7 points)
60 points
Applies AC-7 - UNSUCCESSFUL
LOGON ATTEMPTS to the
application. (10 points) Does not describe an overview of the
functionality of the SDEVAdmin login
application pointing out the
functionality of critical code
components.
0 points
Does not apply AC-7 - UNSUCCESSFUL
LOGON ATTEMPTS to the application. Applies AC-8 - SYSTEM USE
NOTIFICATION to the application.
(10 points)
Applies AU-3 - CONTENT OF AUDIT
RECORDS to the application. (10
points)
Applies AU-8 - TIME STAMPS to
the application. (10 points)
Applies IA-2(1) IDENTIFICATION
AND AUTHENTICATION
(ORGANIZATIONAL USERS) |
NETWORK ACCESS TO PRIVILEGED
ACCOUNTS to the application. (10
points) Documentation and
Submission Does not apply AC-8 - SYSTEM USE
NOTIFICATION to the application.
Does not apply AU-3 - CONTENT OF
AUDIT RECORDS to the application.
Does not apply AU-8 - TIME STAMPS to
the application.
Does not apply IA-2(1) IDENTIFICATION
AND AUTHENTICATION
(ORGANIZATIONAL USERS) | NETWORK
ACCESS TO PRIVILEGED ACCOUNTS to
the application.
Does not select one additional lowimpact security control and implements
it. Selects one additional low-impact
security control and implements
it. (10 points)
25 points
Provides all Java source code
including “fixed” code. (5 points) 0 points
Does not provide all Java source code
including “fixed” code. Provides screen shots and
descriptions of the successful Does not provide screen shots and
descriptions of the successful executing
6 executing the code and the
resultant output as applied to
each security control. (5 points)
Code is well-documented with
comments, including header
comments, use of proper variable
and naming conventions and
properly formatted. (5 points)
Document is neat, well-organized
and is well-written with minimal
spelling and grammar errors.
(5points) the code and the resultant output as
applied to each security control.
Code is not well-documented with
comments, including header comments,
use of proper variable and naming
conventions and properly formatted.
Document is not neat, well-organized
and is not well-written with minimal
spelling and grammar errors.
All references used were not included in
your document. All references used should be
included in your document. (5
points) 7
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package javamail;
import
import
import
import
import
import
import
import java.util.Properties;
javax.mail.Message;
javax.mail.MessagingException;
javax.mail.PasswordAuthentication;
javax.mail.Session;
javax.mail.Transport;
javax.mail.internet.InternetAddress;
javax.mail.internet.MimeMessage; /**
* @description This program uses Java to send emails over the SSL protocol.
* @author Eric
*/
public class JavaMail {
/**
* @param args the command line arguments
*/
public static void main(String args) {
Properties props = new Properties();
props.put("mail.smtp.host", "smtp.gmail.com");
props.put("mail.smtp.socketFactory.port", "465");
props.put("mail.smtp.socketFactory.class",
"javax.net.ssl.SSLSocketFactory");
props.put("mail.smtp.auth", "true");
props.put("mail.smtp.port", "465");
Session session = Session.getDefaultInstance(props,
new javax.mail.Authenticator() {
protected PasswordAuthentication
getPasswordAuthentication() {
return new
PasswordAuthentication("username","password");
}
});
try {
Message message = new MimeMessage(session);
message.setFrom(new InternetAddress("from@email.com"));
message.setRecipients(Message.RecipientType.TO,
InternetAddress.parse("to@email.com"));
message.setSubject("Testing Subject");
message.setText("Dear Mail Crawler," +
"\n\n No spam to my email, please!");
Transport.send(message);
System.out.println("Done");
} catch (MessagingException e) {
throw new RuntimeException(e);
}
} }