Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

Assignment: Web Application Attack Scenario Due Week 9 and worth 200 points Suppose that you are currently employed as an Information Security Manager for a medium-sized software development and...

1 answer below »

Assignment: Web Application Attack Scenario

Due Week 9 and worth 200 points

Suppose that you are currently employed as an Information Security Manager for a medium-sized software development and outsourcing services company. The Software Development Director has asked you to provide a detailed analytical report for her department regarding the most common web application threats and the manner in which their products could compromise customer financial data.

She wants your recommendations on which threats and/or vulnerabilities the company should focus on and your recommendation for mitigation. The products in question use Microsoft SQL Server databases and IIS Web servers.

Write a paper with no less than four pages in which you:

  1. Analyze the common threats/vulnerabilities to data systems such as web applications and data servers. Speculate on the greatest area of vulnerability and potential for damage and/or data loss of such data systems.
  2. Devise at least one attack scenario, as an example, where a hacker could use the area of vulnerability that you chose above in order to gain access to a network or sensitive data. Examine the primary ways in which the hacker could execute such an attack, and suggest the strategic manner in which a security professional could prevent the attack.
  3. Explore the primary role that the human element could play in adding to the attack scenario, if appropriate. You may wish to decide if the human component is critical in protection from that type of attack.
  4. Draw specific lessons and recommendations as part of the conclusion, and have a strong concluding paragraph. Be sure to revise your introduction to reflect what the paper accomplished once you finish your first draft.
  5. Use no less than five quality resources in this assignment. Note: Wikipedia and similar websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

  • Be typed, double-spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, your name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
Answered Same Day Dec 26, 2021

Solution

Robert answered on Dec 26 2021
111 Votes
VULNERABILITIES, THREATS AND ATTACKS IN NETWORK SYSTEMS
PAGE
VULNERABILITIES, THREATS AND ATTACKS IN NETWORK SYSTEMS
Student’s name
Name of the Institute
1 Introduction
This is the age of digitalization and Internet. All the organizations are using Information systems and generate huge amount of data. This data and information is an asset for the companies and must be protected against any attack and theft. With adequate network security, it can be protected. As there is rise in attacks in recent few years, organizations are become aware and taking measures to ensure protection of its data against any attack. This paper will throw light on common threats and vulnerabilities that are generally exploited by the Hackers and also discusses about the measures that organizations should take in order to prevent such attacks. It also discusses 1 example of malware attack in NHS hospital 1 month back to understand the criticality.
2 Analyze the common threats/vulnerabilities to data systems such as web applications and data servers
Vulnerabilities refers to the weaknesses in the network devices which could be exploited for misuse. Threats are when people are willing to take advantage of such vulnerabilities and they uses various tools, programs and scripts to attach on the web applications and web servers.
There are 3 common types of vulnerabilities:
    Vulnerability
    Description
    Technology weaknesses
    This refers to the weaknesses that arises due to shortcomings of the technology. For example, SMTP and FTP protocols re not very secure and thus TCP was developed. If any organization is still using FTP protocol, it is inviting danger. Problems associated with the operating systems (Chou, 2013) weaknesses and network devices incapability like firewall holes, are also part of this type of vulnerability.
    Security policy weaknesses
    This refers to when there is no strict policy in organization and people have access to unauthorized network from office premises. Also, This also arises when employees are not properly trained and uses weak passwords that could easily be compromised. Apart from this, if organization is not installing the latest updates for their software and hardware due to their improper policy, it is also a vulnerability (Bays, Oliveira, Barcellos, Gaspary, & Madeira, 2015). Latest attack of WannaCry Malware on NHS, UK Based hospital happened as they have not upgraded to the latest version of operating systems as per the Microsoft.
    Configuration weaknesses
    This is the primary responsibility of network administrators. They have to ensure that the major
owser settings are controlled at the organization level and individual machines do not have access to modify that data. This was Java applets, activex control, pop...
SOLUTION.PDF
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here
Attach File