Reference no: EM133263331 , Length: word count:2000
Web Application Security
Security Audit
Learning Outcome 1: Interact with the protocols that define the World Wide Web
Learning Outcome 2: Demonstrate practical knowledge of digital certification and TLS
Learning Outcome 3: Perform a security audit of a web application
Learning Outcome 4: Recommend security measures to protect web applications
Task: In this assessment you are required to write a report on the security of a web application of up to 2000 words.
This report should consist of two elements:
1. Short report demonstrating successful exploitation of common web vulnerabilities (CTF Style)
2. Discussion of ONE topic from the OWSAP top 10
Security Assessment
For the first element of the report you will need to complete a series of hacking tasks on a virtual machine.
The machine will allow you to demonstrate your ability to exploit common web application flaws including topics like:
• Directory Scanning
• Cross Site Scripting
• SQL Injection
For the report you are expected to write a brief summary of how you exploited the flaw. For example, a description of the attack, and any payloads used.
This element of the report can be screenshots or code samples, some discussion of the thought process used for exploitation, along with any flags gained during the process.
OWASP Topic Discussion
For the second element of the report you are required to write a short report on ONE element of the OWASP top 10. You are free to choose any element, either one of the topics we study in the lab sessions such as XSS or SQLi, or another element that interests you.
1. Introduction to the topic: What it is, and why it is of interest in Cyber security
2. Discussion of this topic including:
o Technical discussion of the topic (How does this flaw happen)
o Discussion of the topic in the wider security context (What does it mean in terms of security, how common is it, how "dangerous" is the vulnerability)
o Example of the topic in the "Real world"
3. Considerations for mitigating this problem.
4. Social, Legal and Ethical considerations with this particular topic
Report Structure
The recommended structure for the report is
1. Introduction
2. Results of the Security Audit
3. Discussion of OWASP topic
4. Summary
5. References
Attachment:- Web Application Security.rar
|
Explain the dignity for all students act
: Explain the Dignity for All Students Act. Why was it created and how does it help to prevent bullying? Do you believe it is enough to eliminate bullying in scho
|
|
First impressions of persons
: Find and read the following article: Kelley, H. (1950). The warm-cold variable in first impressions of persons. Journal of Personality, 18 (4), 431.439.
|
|
Difference between contingency and contiguity
: The issue of contingency vs. contiguity has been of major importance in conditioning and learning in recent years.
|
|
What the participants are feeling
: In a lab setting, there is an emotion that shows a relatively very low heart rate, and low finger temperature, which is associated with disgust. When asked what
|
|
Perform a security audit of a web application
: Web Application Security Demonstrate practical knowledge of digital certification and TLS and Perform a security audit of a web application
|
|
Work performance reports
: Work Performance Reports are described in small sections of Chapters 4, 9, 10, and 11 of the PMBOK Guide. Review all of these sections and provide a summary exp
|
|
Values for standard critical path notation
: 1. Draw the critical path and include all the values for standard critical path notation: task identifier, duration, early start, early finish, late start, late
|
|
Contrast the status of women in pro-islamic arabia
: Compare and contrast the status of women in pro-Islamic Arabia and the status of women after Quranic reforms.
|
|
Steps of organizing a seminar
: 1. You have been appointed as a Project Manager for this upcoming event. Your responsibility is to manage a team on organizing a seminar as per requested by the
|