You are a cybersecurity specialist for a large oil and gas field services firm that frequently develops its own software. The company has over 150 locations globally and has outsourced a major portion of its IT and software development to India. All of these

locations, including those in India, are on the same internal network for ease of access,

even though many of them are contractors.

You have been assigned the task of testing a new application to ensure that there are no

security issues with it prior to go-live.

Application details

The purpose of the new application is to track the movement of all of the companys

trucks (semis) throughout the United States 24/7. Each truck will have a transponder

that will report its location, speed, direction, and cargo (among other things). Users will

be able to set a variety of filters based on what theyre looking for. The four main cargo

types are all used in the hydraulic fracturing (aka fracking) process. They are

wastewater, chemicals, explosives, and radioactive materials.

The application will be hosted internally and will NOT be accessible via the Internet.

However, any authenticated user on the internal network will be able to access it. A

small number of employees will have admin privileges to it.

Management is anxious to have this application go live so they can start saving money

by making the routes more efficient. They see no issues with this application as its

pretty simple in their eyes, so they are expecting you to provide the security approval

fairly quickly.

Here are the review tasks you must follow per company policy:

1. Create a test plan for testing this application

a. Feel free to use the example included with this project as a template.

2. Create test cases

3. Create test cycles

As you perform these tasks, be sure to include the following:

Potential team members and what role they will play in the process. Dont forget

that some members may not be in IT.

Accounts and access needed

Specialized tools

Documentation, and where it will reside

Recording of results (how)

Logging of bugs

Justify why you chose a particular testing approach or methodology

Identify risks associated with the design of the application, and recommend

solutions. For example, if you believe that there is an access or authorization

issue, then document the issue, the risk it poses, and recommendation(s) to fix it.Logging of bugs Justify why you chose a particular testing approach or methodology Identify risks associated with the design of the application, and recommend solutions. For example, if you believe that there is an access or authorization issue, then document the issue, the risk it poses, and recommendation(s) to fix it. I WANT TO CREATE THE TEST ENVIRONMENT SOMEBODY HELP ME TO CREATE IT