Assignment 2: Web Application Attack Scenario Due Week 8 and worth 80 points Sup
ID: 3667439 • Letter: A
Question
Assignment 2: Web Application Attack Scenario
Due Week 8 and worth 80 points
Suppose that you are currently employed as an Information Security Manager for a medium-sized software development and outsourcing services company.
The Software Development Director has asked you to provide a detailed presentation for her department regarding the most common Web application threats and the manner in which their products could compromise customer financial data.
The products in question use Microsoft SQL Server databases and IIS Web servers.
She has asked you to provide a report for her review before she schedules the presentation.
Write a two to four (2-4) page paper in which you:
What are the common threats to data systems such as Web applications and data servers?
What are the greatest area of vulnerability and potential for damage and / or data loss of such data systems (e.g., SQL injection, Web-based password cracking)?
Come up with (1) attack scenario where a hacker could use the area of vulnerability that you chose in Question 1 in order to gain access to a network or sensitive data.
What are the primary ways in which the hacker could execute such an attack, and suggest the strategic manner in which a security professional could prevent the attack?
What is the primary role that the human element could play in adding to the attack scenario devised in Question 2?
Give your opinion on whether or not the human component is critical in protection from that type of attack.
Explanation / Answer
1.
Security threats to IT data and systems
Organizations face numerous outer and inside advanced dangers that can degenerate equipment and bargain information. Your private information and licensed innovation could be utilized as a part of e-wrongdoings or misrepresentation.
Malware, infections, spam and treats
Noxious programming or malware spreads worms, infections, Trojans and spyware through:
email connections
records on removable stockpiling gadgets
visits to contaminated sites.
Programmers use malware to control your PC remotely, take or obliterate data (counting passwords), degenerate equipment and programming, or spread malware.
Spam or garbage messages advance fake or non-existent items and administrations, for example, get-rich-speedy plans, false prize or lottery wins, or fake and low quality products. Perused more about spam containing noxious code.
Treats track your site visits and can assemble a profile of your online hobbies and purchasing propensities, and report these subtle elements to outsiders.
Online tricks, phishing and pharmers
Online tricks and false sites or messages are intended to deceive you into uncovering delicate data including financial balance subtle elements, passwords or Mastercard numbers.
Phishing utilizes false messages guaranteeing to be from a trusted sender, for example, a bank, to "fish" for data. Pharming happens when a programmer contaminates your PC with a vindictive code and guides you or your clients to a fake site. Both are utilized for online fraud or cyberfraud.
Programmers, cybercrime and data/IP robbery
Refined and complex e-wrongdoing incorporates the robbery of data or protected innovation, for example, trademarks or client Mastercard points of interest. Programmers wrongfully get to your equipment and information to utilize data, for example, Visa points of interest for cyberfraud, and can degenerate or trade off your online security.
2.
Infections. Aggressors can create unsafe code known as infections. Utilizing hacking methods, they can break into frameworks and plant infections. Infections as a rule are a danger to any environment. They come in various structures and in spite of the fact that not generally malevolent, they generally take up time. Infections can likewise be spread by means of email and plates.
Trojan stallions. These are malevolent projects or programming code covered up inside what resembles an ordinary system. At the point when a client runs the typical project, the shrouded code keeps running too. It can then begin erasing records and bringing about other harm to the PC. Trojan stallions are typically spread by email connections. The Melissa infection that brought on foreswearing of-administration assaults all through the world in 1999 was a sort of Trojan stallion.
Worms. These are projects that run autonomously and go from PC to PC crosswise over system associations. Worms might have segments of themselves running on a wide range of PCs. Worms don't change different projects, in spite of the fact that they might convey other code that does.
Secret key splitting. This is a procedure assailants use to surreptitiously pick up framework access through another client's record. This is conceivable in light of the fact that clients regularly select powerless passwords. The two noteworthy issues with passwords is the point at which they are anything but difficult to figure in view of information of the client (for instance, wife's original last name) and when they are powerless to lexicon assaults (that is, utilizing a word reference as the wellspring of theories).
Disavowal of-administration assaults. This assault misuses the need an administration accessible. It is a developing pattern on the Internet since Web destinations as a rule are open entryways prepared for misuse. Individuals can without much of a stretch surge the Web server with correspondence so as to keep it occupied. In this manner, organizations associated with the Internet ought to get ready for (DoS) assaults. They additionally are hard to follow and permit different sorts of assaults to be quelled.
Email hacking. Electronic mail is a standout amongst the most prevalent components of the Internet. With access to Internet email, somebody can conceivably relate with any of a large number of individuals around the world. A percentage of the dangers connected with email are:
Mimic. The sender address on Internet email can't be trusted on the grounds that the sender can make a false return address. Somebody could have adjusted the header in travel, or the sender could have associated straightforwardly to the Simple Mail Transfer Protocol (SMTP) port on the objective PC to enter the email.
Listening in. Email headers and substance are transmitted free content if no encryption is utilized. Thus, the substance of a message can be perused or adjusted in travel. The header can be altered to cover up or change the sender, or to divert the message.
Parcel replay. This alludes to the recording and retransmission of message bundles in the system. Parcel replay is a huge danger for projects that require confirmation groupings, in light of the fact that an interloper could replay real validation arrangement messages to access a framework. Bundle replay is much of the time imperceptible, yet can be counteracted by utilizing parcel time stamping and parcel succession numbering.
Parcel change. This includes one framework catching and changing a bundle bound for another framework. Parcel data may not just be changed, it could likewise be demolished.
Listening stealthily. This permits a wafer (programmer) to make a complete duplicate of system action. Thus, a wafer can acquire delicate data, for example, passwords, information, and methods for performing capacities. It is feasible for a saltine to spy by wiretapping, utilizing radio, or utilizing helper ports on terminals. It is additionally conceivable to listen stealthily utilizing programming that screens parcels sent over the system. By and large, it is hard to distinguish spying.
Social building. This is a typical type of breaking. It can be utilized by untouchables and by individuals inside of an association. Social designing is a programmer term for deceiving individuals into uncovering their secret word or some type of security data.
Interruption assaults. In these assaults, a programmer uses different hacking devices to access frameworks. These can run from secret word breaking devices to convention hacking and control devices. Interruption discovery devices frequently can identify changes and variations that occur inside of frameworks and systems.
System parodying. In system ridiculing, a framework presents itself to the system as if it were an alternate framework (PC An imitates PC B by sending B's location rather than its own). The purpose behind doing this is frameworks have a tendency to work inside of a gathering of other trusted frameworks. Trust is bestowed in a balanced manner; PC A trusts PC B (this does not infer that framework B trusts framework A). Suggested with this trust is that the framework overseer of the trusted framework is performing the occupation legitimately and keeping up a fitting level of security for the framework. System mocking happens in the accompanying way: if PC A trusts PC B and PC C parodies (imitates) PC B, then PC C can increase generally denied access to PC A.