Back
Back
Back
Back
Back
Back
Back

Welcome to Live Chat

Welcome to LiveWebTutors Services, World's leading Academic solutions provider with Millions of Happy Students.

Call Back
logo

24x7 Support Available

To Get the Best Price Chat With Our Experts

chat now

In A Hurry? Get A Callback

logo

shopping cart 0

Subject Solutions Code Description Price Delete

Amount Payable : $0

continue shopping proceed to checkout

World's Leading Assignment Library

CP5603 Advanced E-Security

Question Preview:

Question 1 (20 marks)Use the Internet to research defenses against injection attacks.a) What are the defenses to protect against SQL injection attacks, XML injection attacks, and XSS?b) How difficult are they to implement?c) Why are these defenses not used extensively? Write a two-page research to answer these questions1.Question 2 (20 marks)Data loss prevention (DLP) is a system for monitoring how critical data is accessed.a) Use the Internet to identify three DLP products.b) Make a list of their features, architecture, strengths, weaknesses, and so on.c) Then determine if each of these produ...

View Complete Question >>

Question Preview:

Question 1 (20 marks)Use the Internet to research defenses against injection attacks.a) What are the defenses to protect against SQL injection attacks, XML injection attacks, and XSS?b) How difficult are they to implement?c) Why are these defenses not used extensively? Write a two-page research to answer these questions1.Question 2 (20 marks)Data loss prevention (DLP) is a system for monitoring how critical data is accessed.a) Use the Internet to identify three DLP products.b) Make a list of their features, architecture, strengths, weaknesses, and so on.c) Then determine if each of these products could be used by an attacker to identify vulnerabilities in an organization’s data protection. Create a table comparing the products and write an analysis of your research2.1 Based on Ciampa, M. (2015). Security + Guide to Network Security Fundamentals. Boston (Cengage Learning)p. 1332 Based on same, p. 177Page 2 of 2Question 3 (20 marks)Hypertext Transport Protocol over Secure Sockets Layer (HTTPS) is becoming increasingly more popular as a security protocol for Web traffic. Some sites automatically use HTTPS for all transactions (like Google Gmail), while others require that the user must configure it in their settings(such as Facebook).a) What are the advantages of HTTPS?b) What are its disadvantages?c) How is it different from HTTP?d) How must the server be set up for HTTPS transactions?e) How would it protect you using a public Wi-Fi connection at a local coffee shop?f) Should all Web traffic be required to use HTTPS? Why or why not? Fully argument your answers3.Question 4 (20 marks)As cloud computing increases in popularity, enhanced features are being added. Amazon Web Services (AWS) now supports a Virtual Private Cloud infrastructure through which organizations can create a network topology in the AWS cloud that closely resembles their own physical data center, including public, private, and demilitarized zones (DMZs).a) Research AWS’s Virtual Private Cloud or another cloud vendor’s similar offering. What are your impressions?b) Would this be something that an organization should consider?c) What are its technical limitations?Write a two-page summary of your research 4.Question 5 (20 marks)a) Interview a network administrator or an IT professional. Ask questions to find out how is cyber security approached in his/her line of work.b) Write a summary of the interview (provide the transcript as an appendix).c) Using critical thinking and considering the knowledge gained from this subject, what have you learned about e-security from this professional?

View Less >>

Solution Preview

Question 1Answer a- Defense to protect against the SQL injectionTo defend the SQL injection it is required to validate the data received from the web form and after validating the form data we should not pass the form data into the SQL query. Let’s take the example of following query$database = new mysqli('localhost', u_name, ‘pass’, 'dbname');$resultset = $database->query(   'SELECT * FROM employee WHERE u_id = ' . $_POST['u_id']);In this query lots of things are wrong and data came in the POST HTTP request is not being validated here that u_id is having the valid value. Secondly it is allowed an untrusted source to use which any user id.Another thing to note down is that we have not used the u_id as the bounded parameter which allows the SQL injection if u_id is having the malicious data and allow to modify the data SQL data query in unpredicted way and have ignored the validation of user id in first place. So instead of above query we should follow the below parameterized query format-if(ctype_digit($_POST['u_id']) && is_int($_POST['u_id'])) {$validatedId = $_POST['u_id'];  $pdoinstance = new DO('mysql:dbname.db');    $statement = $pdoinstance->prepare('SELECT * FROM transactions WHERE user_id = :u_id');    $statement ->bindParam(':u_id', $validatedId, PDO::PARAM_INT);    $statement ->execute();}else {    // reject id value and report error to user}Defense to protect against the XSS injection: XSS stands for cross site scripting in which malicious user inject some script code and if user input are checked properly at the server side then it allow malicious user to execute their script. XSS attack is basically used for the session hijacking by reading cookies and 

question Get solution

$20

Orginal Price : $26.0

Pay Now

Upload Assignments

250 words

side

Get Your Assignment

Don’t delay more, place your order now. Quick assignment help will be offered to you.

Order Now

CUSTOMER REVIEWS

Excellent

logo

Based on 702 reviews See all reviews here

One of the Best Service

I trust LiveWebTutors for my assignments because of their ability to deliver the perfect assignments time and again. Only a few of my assignments required minor revisions. The rest assured it is the best assignment writing service in the market.

Elizabeth
Sydney

Great Service and on time

I felt so exhausted and burdened with the large number of assignments I had to write and desperately needed someone to help me with all the writing and there was LiveWebTutors company on the internet. They finished my assignments before the due date and also offered me a first-timer discount.

Christina
Perth

One of the Best Assignment Provider

I ordered my Mathematics and Marketing assignments from them last month. I received the content on the set date. Most importantly, the assignments were well-written and plagiarism free. I scored a top grade for the assignment written by them. They are a reliable company.

Oli
Brisbane

Very Helpful Customer Service

I was quite unsure about getting my assignment written online but after coming across LiveWebTutors.com, all my worries have vanished. The quality of the assignments written by their writers is just invincible. Their customer support is very polite and helpful. You should try their service at least once

Kabir
Adelaide