Reference no: EM133926885 , Length: word count:3000

Cloud and Web Services Security

Assignment Brief.

As part of the formal assessment for the programme you are required to submit a Cloud and Web Services Security assignment. Please refer to your Student Handbook for full details of the programme assessment scheme and general information on preparing and submitting assignments.

Learning Outcomes:

After completing the module, you should be able to:

Recognise common security threats to contemporary Cloud and Web Services.
Deploy appropriate Internet based application security models to secure applications against potential security threats, evaluating these models against relevant security standards.
Appraise social, ethical and legal considerations relevant to Cloud and Web applications and their impact in an enterprise.
Graduate Attribute:
Professionally knowledgeable in their subject area
Critically evaluate and further contextualise understanding of subject area with the ability to link the discipline(s) to local, national and global issues, research and pursue evidence- based arguments within the discipline using an extensive range of academic and professional body resources. Show clear ability to engage with different traditions of thought, and the ability to apply their knowledge in practice including in multi-disciplinary or multi- professional contexts.

Assignment Task Scenario:

Plotsner, an IT Security officer, discovered that a browser extension has introduced a vulnerability that makes it easy for attackers to hijack sessions on public Wi-Fi networks. The extension seems to allow anyone on the same network to view and capture session cookies of users accessing popular websites over unsecured HTTP connections.

A government agency's web portal has been targeted by attackers. The attackers replaced the homepage with illegal content, which caused the temporary closure of the website. Armel, Cybersecurity Administrator, reported that it was a web server attack in which the attackers were able to disable all the implemented security controls.

Britta, a Security Engineer in the financial industry, has identified a possible SQL Injection attack in their database, which has allowed the attacker to retrieve personally identifiable information, such as usernames, passwords, salary, etc .

Lissa, a penetration tester, found a Local File Inclusion (LFI) web application vulnerability on a shopping website that allows malicious threat actors to access, view, and add files that are located within the document root directory and its subdirectories.

Part 1: Mini Project

You MUST use the platform details as provided by your lecturer otherwise a 0 mark will be given.

Select one of the provided scenarios and, taking on the role of a Security Analyst, complete the following:

Threat Model and Risk Analysis: Using a recognized security model identify and assess the security threats and associated risks for the specific attack in the scenario.

Implementation Documentation: For two security threats relating to Cloud and Web services security that you have identified in your threat and risk analysis, in the platform provided, demonstrate how the attack would occur. Using screenshots, document the steps within the attack, ensuring you evidence all the tools and phases taken. Get expert-level assistance in any subject with our assignment help services.

Part 2: Report

For the chosen scenario, critically evaluate the current threat landscape and using a suitable security model, recommend and justify a solution showing how it offers mitigation from attacks.

Reflect on the social, ethical, and legal implications relevant to the scenario and their impact on the business enterprise at a local, national and global level.