Lab 4 Assessment Worksheet

Lab 4 Assessment Worksheet - Students Wayne S McKenzie...

Info icon This preview shows page 1. Sign up to view the full content.

Students: Wayne S. McKenzie Instructor: Ms. Crawford Course: IS3445 Security For Web Applications And Social Networking Assignment: Lab #4 Assessment Worksheet – Exploit Known Web Vulnerabilities on a Live Web Server Due Date: 7/9/13 Lab Assessment Questions & Answers 1. What is a Brute Force Attack and how can the risks of these attacks be mitigated? An attempt to discover a password by trying every possible combination of letters, numbers, and symbols until the correct combination is discovered. Mitigation could be multi-factor authentication 2. Explain the scenario where a hacker may use Cross Site Request Forgery (CRFS) to perform authorized transactions. 3. What is the proper way to prevent XSS attacks?
Image of page 1
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 4. If an attacker wishes to place a phising page on a website, what is a common vulnerability that can be exploited to successfully do this? 5. What could be the impact of a successful SQL injection? 6. What is the difference with a blind SQL injection attack from a normal SQL injection attack? 7. Why are stored XSS vulnerabilities a major risk factor for a web application? 8. What whould the following url being queued in your web logs be an indication of . ./. ./. ./. ./. ./. ./. ./. ./etc/passwd ”? 9. How would you ensure security between a web application and an SQL server? 10. What is a benefit to using a web application firewall (WAF)?...
View Full Document

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern