Using the security controls reviewed last week (STIG documents, the OWASP-10, an

Using the security controls reviewed last week (STIG documents, the OWASP-10, and CIS), select five (5) security controls from at least two of those security control frameworks. Perform an assessment of their compliance and make as much progress as is practical to implement the control, recognizing that many of the follow-on steps are beyond the scope of our environments; in these cases, make sure to describe what you did to evaluate, what you did to mitigate, and what would still require action to fully comply. Use the Security Controls Synopsis template for each control. Each control should get 1-2 pages of attention, resulting in a single PDF that contains 5-10 pages. Address meaningful controls applicable to your target environment, which for most of you will be your LAMP stack, but if you’re feeling adventurous, you can choose to use a real-world system or a pet project as the target, so long as it is applicable to the type of security controls we’re focusing on within Data & Application Security. Do not include actual work you did as part of your job, don’t use repeats (same topic from two control frameworks), and don’t use more than one control that is mostly “Not Applicable”. Treat this as a work deliverable: use critical thinking and check your writing/spelling for completeness.