Wednesday, December 07, 2011
Compromised Business Application Impact Analysis
A Publically Traded Retailer with retail outlets
and online shopping/shipping
Small private law firm.
Wednesday, January 18, 2012
Lab 5 Assessment Question
1. In which phase of OpenSAMM does code review and security testing take place?
2. Which phase of OpenSAMM are policies, metrics, and ed
Quiz 3 Makeup Question
Worms are able to self-replicate. A-True
2. You have created a Web site and need to increase visitor trust. Which of the
following methods are used to build trust?
e it a computer processor,
disk, network link, program, datum, or user.
Threat: any circumstance or event with the potential to cause harm to a system in
the form of destruction, disclosure, modification of data, and/or denialofservice.
Why are IP scans required for PCI Compliance?
ControlScan: "The Payment Card Industry Data Security Standard requires that you scan all outward
facing IP addresses. These IP addresses are not protected by the Fire Wall allowing a hacker to
easily access t
System Development Life Cycle is a systematic approach for application development
or system development. SDLC is the process of building the system that result in a high
quality, cost-effective, within time and efficient application that is cheap to main
Manage data leakage and system infection
Access Patrol manages endpoint device access both on and off the network.
Unauthorized access or transfer of data through USB flash drives, CDs, iPods, MP3s,
FireWire, Wi-Fi, Bluetooth on all company systems, can b
Vulnerability and Security
The Web applications make a recommendation about the frequency of and process for
the Web site vulnerability. This is Why the IP scans required for PCI Compliance. These
IP addresses are not protected by the Fire Wall allowing a
Stage 1 Pre-compliance Assessment
The pre-compliance assessment will help you understand the size of the compliance
risk to your
business and kick-off your compliance program. The pre-compliance assessment is the
gathering process that identifies gap
Quiz 4 Makeup Question
1. SFTP is a secure version of FTP. A-True
2. You are the administrator of a large network. The network has several groups of
user-including students, administrators,
Quiz 7 Makeup Question
1. When information is temporarily kept at one or more middle points during
transmission, that technique is called Store-and-forward communication.
2. Which of the fo
Lab Assessment Questions
1. What are the seven steps to secure software development Lifecycle (SDL)?
2. Explain what STRI
Lab 4 Assessment Questions
1. What is the most common type of Brute force attack on html form based
authentications login screens? Phishing.
2. Which type of vulnerability takes advantage of a u
December 14, 2011
LAB 2 ASSESSMENT QUESTION
1. What search engines are used by the site www.dogpile.com to return result on
Internet searchers? Yahoo and bing
Search engine with <name
1. Which tool used in the lab is considered a dynamic analysis tool? Explain what is
meant by dynamic code analysis.
2. Which tool used in the lab is considered a static analysis
Ins: Mr. Barber
January 18, 2012
Project Part 3
Identify Risk, Threats, and Vulnerabilities
A computer processor, disk, network link, program, datum, or user.
Threat: Any circumstance or event with the potential to cause harm to a s
Founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide, and
Visa International, the PCI (Payment Card Industry) Security Standards Council works to
enhance the security of payment account data. The PCI's Data Security Standard
Project part 1
In e-business, on the other hand, ICT is used to enhance ones business. It includes
any process that a business organization (either a for-profit, governmental
or non-profit entity) conducts over a computer-mediated n
There are two main categories of coding, scripting and programming for creating Web Applications:
I. Client Side Scripting / Coding - Client Side Scripting is the type of code that is executed or interpreted by
Client Side Scripting
Simply put, Web Applications are dynamic web sites combined with server side programming which provide
functionalities such as interacting with users, connecting to back-end databases, and generating results to browsers.
Examples of Web Applications are O