SDEV425-Homework 2 Implementing Low-Impact Security Controls Solved

In this homework you will enhance an existing JavaFX Login application to add select low-impacts security controls based on recommendations from the NIST security controls database. We won’t be able to implement all of the baseline controls for this exercise. However; the assignment details below provide direction on which ones should be implemented. You will also asked to choose one additional low-impact security control, of your choice and implement it.

Assignment Part I: Review and Understand the Sample JavaFX application
More than likely you have not coded a JavaFX application before. However; if you successfully completed the CMIS242 prerequisite, you have seen how to create Simple GUI’s using the Swing class. JavaFX is quite similar to the Swing classes. In fact, most of the classes and methods provide the same functionality. The sample code provided will refresh and enhance your GUI building skills.

1.      Using Netbeans, start a new Java project. Select the JavaFX application option.

  

 

 

2.      Name the project SDEV425HW2 (or a name of your choice).

  

 

3.      Click Finish and the template application code will be provided.

  

 

 

 

4.      Click the Green arrow to run the application.

 

  

 

5.      Clicking the button will display “Hello World” in the Netbeans output.

 

6.      Study the template code paying careful attention to the methods, and the use of the event handlers.

 

7.      Using the Login Application, provided as an attachment in this assignment, copy and paste it into your project. Note: you may need to change the class and package name of the Login application.

 

8.      Run and experiment with the code so you understand what each line of code is doing.

 

9.      Demonstrate you successfully completed this part of the assignment by providing screen captures generated from your development environment showing both the FX Hello, World and SDevAdmin login apps running with no additional modifications.

 

10.   Describe an overview of the functionality of the SDEVAdmin login application pointing out the functionality of critical code components.

  

 

  

 

 

 

 

Part II: Apply select NIST low-impact security controls to the JavaFX Login application. 

 

The following security controls should be applied to the application (check the NIST Security Controls Database for details, description and guidance for each control:

•        AC-7 - UNSUCCESSFUL LOGON ATTEMPTS

•        AC-8 - SYSTEM USE NOTIFICATION

•        AU-3 - CONTENT OF AUDIT RECORDS

•        AU-8 - TIME STAMPS

•        IA-2(1) IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS) | NETWORK ACCESS TO PRIVILEGED ACCOUNTS (Note this is an enhancement of an existing low-impact security control)

•        Select one additional low-impact security control and implement it. This can be an enhancement or a required low-impact security control. Selecting a control that provides documentation as opposed to code changes is also acceptable and encouraged.