Web application and a Web server

1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation? Although many organizations have reduce significant number of design and coding defects through software development lifecycle; there still remains security holes that arise when an application is deployed and interacts with other processes and different operating systems (Cobb, 2014). Another reason that penetration test is critical is many Payment Card Industry Data Security Standard (PCI DSS) mandate internal and external penetration test (Cobb,2014).

2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting is when an attacker exploits the controls of a trusted website and injects malicious code with the intent of spreading it to other end users. For example, an attacker injects a browser script on a website, so that other users will click on it and compromise sensitive information.

3. What is a reflective cross-site scripting attack?

A reflective cross-site scripting attack is when the injected script is reflected off the web server, much like an error message or search results. This type of attack is mostly carried out by e-mail messages in which the user is tricked by clicking on a malicious link and then the injected code travels to the vulnerable website and reflects the attack back to the user’s browser (OWASP, 2013).

4. What common method of obfuscation is used in most real-world SQL attacks? These methods include character scrambling, repeating character masking, numeric variance, nulling, artificial data generation, truncating, encoding, and aggregating. These methods rely on an array of built in SQL server system functions that are used for string manipulation (Magnabosco, 2009).

5. Which Web application attack is more prone to extracting privacy data elements out of a database? SQL injections can be used to enter the database with administrator rights in which are also the best way to avoid using Java on the website (OWASP, 2013).

6. If you can monitor when SQL injections are performed on an SQL database, what would you recommend as a security countermeasure to monitor your production SQL databases? I would recommend coordinated and regular security audits to prevent any back lash of SQL injections.

7. Given that Apache and Internet Information Services (IIS) are the two most popular Web application servers for Linux and Microsoft® Windows platforms, what would you do to identify known software vulnerabilities and exploits? I would explore the large number of binary planting vulnerabilities known as “dll spoofing” and “dll preloading” in which have been identified in third party applications running on a windows platform.

8. What can you do to ensure that your organization incorporates penetration testing and Web application testing as part of its implementation procedures? My approach to this matter would be to focus on the benefits of penetration testing and web application testing. I would explain to my company how the testing would identify holes and vulnerabilities in the current web applications. I would also make the point that by incorporating this testing would make the organization more marketable to partner companies and future clients.

9. What other security countermeasures do you recommend for websites and Web application deployment to ensure the CIA of the Web application? I would identify all the key pieces to my Web Server and address each accordingly. The key pieces would include Patches and Updates, IISLockdown, Services, Protocols, Accounts, Files and Directions, Shares, Ports, Registry, Auditing and Logging, Sites and Virtural Directories, Script Mappings, ISAPI Filters, ISS Metabase, Server Certificates, Machine.config, and Code Access Security (Microsoft Corporation, 2014).

10. Who is responsible and accountable for the CIA of production Web applications and Web servers? Any trained certified information security professional that is assigned or assumes such responsibility.

Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with MyStudyWriters
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
Testimonials
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
ACC/543: Managerial Accounting & Legal Aspects Of Business
EXCELLENT JOB
Customer 452773, January 10th, 2024
Sociology
THANK YOUUUUU
Customer 452591, March 18th, 2021
Management
Thank you!!! I received my order in record timing.
Customer 452551, February 9th, 2021
Leadership Studies
excellent job
Customer 452773, August 3rd, 2023
Business and administrative studies
Excellent job
Customer 452773, March 9th, 2023
Human Resources Management (HRM)
excellent
Customer 452773, June 25th, 2023
Business and administrative studies
Thank you
Customer 452773, March 19th, 2023
Business and administrative studies
excellent job!
Customer 452773, May 25th, 2023
Business and administrative studies
Thank you for your hard work and help
Customer 452773, February 21st, 2023
Leadership Studies
excellent job as always
Customer 452773, September 2nd, 2023
History
Don't really see any of sources I provided, but elsewise its great, thank you!
Customer 452697, May 8th, 2021
Leadership Studies
awesome work as always
Customer 452773, August 19th, 2023
11,595
Customer reviews in total
96%
Current satisfaction rate
3 pages
Average paper length
37%
Customers referred by a friend
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat
Close

Sometimes it is hard to do all the work on your own

Let us help you get a good grade on your paper. Get professional help and free up your time for more important courses. Let us handle your;

  • Dissertations and Thesis
  • Essays
  • All Assignments

  • Research papers
  • Terms Papers
  • Online Classes
Live ChatWhatsApp