1 Faculty of Business and Information Technology INFR 4660U: Web Services and eBusiness Security Exercise 1 –Solution File 3.2 a.Paste a screenshot of the Apache Tomcat welcome page from the browser. 3.4 a.What is the HTTP command used in the first transaction between the browser and WebGoat? GET b.What is the HTTP version? 1.1 c.What is the value for person? Zain (in my case) d.What is the value for submit? Go! e.Explain the functions of the POST command with the two parameters. POST command submits data to be processed to a specified resource with the two parameters (value of the text box and the submit button).
2 3.5 a.What is the administrator’s user name? admin b.What is the password? 2275$starBo0rn3c.Describe one method to improve the login security here. Choose a username and answer to the secret question which is not easy to decode for the attacker. d.What are some of the desired characteristics you will keep in mind while writing code for the “Reset forgotten password” feature? Think from a developer’s point-of-view, presenting information to the end-user. Any security question or identity information presented to users to reset forgotten passwords should ideally