Escolar Documentos
Profissional Documentos
Cultura Documentos
Introduction
I work as trainee as an IT security specialist for leading security consultancy. As a part of my role, I
have to carry out small scale research in order to recognize and discover a range of software
vulnerability that potentially impacts on range of businesses. In this task, I am going to analyze the
documents of questionnaire which I have collected in previous tasks using appropriate tools and
techniques. Research is basically a term used for a systematic search for getting relevant answers on
any taken-up topic (Anon., n.d.). Various research was done and, in this task, I analyzed the research
and data carried using appropriate analytical tools and techniques. The evaluation of the selected
analysis tools and techniques considering accuracy and authenticity with proper justification has
been carried out.
Percentage technique
Percentage technique is a technique from which information are converted in numerical form of percent. I
converted the answer of the company and converted it into percentage. For example:
In this way, we can convert the answer to percentage and we can achieve total point of data or information
collection. Using a filer is another useful tool for modeling data. Filtering means narrowing your focus to
one particular subgroup and filtering out the others. So instead of comparing subgroups to one another,
here we’re just looking at how one subgroup answered the question. From this tool we can numerically
evaluate the percentage and convert it into a numerical value, so we know how many companies have
vulnerability and how can they recognize, discover and solve the vulnerability. Our data collection is from
random selection of company. So, data may not be same but most of the company can tick in the same
answer so common answer will be in priority.
Conclusion
This task is all about tools and techniques used for analyzing the collected data and information. Tools and
techniques in research are the statistical methods of collection, analysis, interpretation, and organization of
data. Statistics provides numerous tools and techniques to analyze the data and interpret the results of the
analysis. Data analysis is collecting and organizing of data so that a researcher can come to a conclusion. So,
in this task, I have discussed about tools and technique used for my data analyzing like percentage
techniques or tool and data analyzing using Microsoft excel or spreadsheet.
P6: Communicate appropriate recommendations as a result of research and data analysis to draw valid
and meaningful conclusion.
Introduction
As being IT specialist, this research was done so as to find out various security vulnerabilities in an
organization. This research has got its own aims and objectives. Various tools, techniques, methods
and resources are used while doing research so as to produce suitable result. As knowledge of
various tools and techniques can be generated research helps in learning process as the skills can be
used and applied. In previous task, I have already analyzed my collected information or data using
two techniques one is percentage technique and other is analyze from Microsoft Excel.
Applying
After completing the analysis of collected data or information, I needed to start interpreting the findings to
develop some recommendations. I needed to apply the analysis finding into some recommendations. This
means that I needed to put into use or find a purpose for the analytical results. For example, my analysis
showed that the main vulnerability of the software is “weaknesses in authentication, authorization or
cryptographic practices”. So that to solve these vulnerabilities I have to focus on coding and testing of
authentication, authorization or cryptographic and make software better and vulnerability free.
Drawing Conclusions
After completing the analysis of data or information suggested or gathered to make importance out of what
isn't plainly expressed. I needed to apply the analysis finding into some recommendations. This means that
I needed to put into use or find a purpose for the analytical results. For example, my analysis showed that
the main vulnerability of the software is “weaknesses in authentication, authorization or cryptographic
practices”. So that to solve these vulnerabilities I have to focus on coding and testing of authentication,
authorization or cryptographic and make software better and vulnerability free.
So, from saying my experience, every company has at least little vulnerability in the software or system. So
nowadays there are many vulnerabilities in the software like memory safety violations such as buffer
overflows and over-reads etc., input validation errors (such as Code injection), privilege (confusion bugs
such as clickjacking), Race conditions (such as symlink races, side channel attack, timing attack etc.) and user
interface failures etc. these are the main vulnerabilities of the software or system but after I collect
information or data with the help of questionnaire. I found that most of the company feels bugs and
vulnerability and most of the company face authentication, authorization and cryptographic errors. So, this
is the common vulnerability in most of the companies. Besides these there are also vulnerability in code as
error or bugs and this is also main vulnerability of the software. For analyzing the answers of the
quantitative research, I use tools and techniques like percentage techniques from which I was able to
change answers from questionnaire to percentage value and after I found percentage of answer, I
converted it into numeric value. There was also Microsoft excel from which I was able to analyze the
collected data by making spreadsheet.
Conclusion
As the project has got various aims and objective the research helps to achieve aims and objective.
Similarly, the knowledge gained after the completion of the project was fruitful. Various tools and
techniques were used and they were suitable. I was communicating appropriate recommendations as result
of research and data analysis, for this I drawing valid and meaningful conclusion that what I have done after
collect information and what I have found out in whole project. So, in this way, this task has been
completed.