Assignment: Web Application Attack Scenario, computer science homework help
Assignment: Web Application Attack Scenario, computer science homework help
Assignment: Web Application Attack Scenario
Suppose that you are currently employed as an Information Security Manager for a medium-sized software development and outsourcing services company. The Software Development Director has asked you to provide a detailed analytical report for her department regarding the most common web application threats and the manner in which their products could compromise customer financial data.
She wants your recommendations on which threats and/or vulnerabilities the company should focus on and your recommendation for mitigation. The products in question use Microsoft SQL Server databases and IIS Web servers.
Write a paper with no less than four pages in which you:
- Analyze the common threats/vulnerabilities to data systems such as web applications and data servers. Speculate on the greatest area of vulnerability and potential for damage and/or data loss of such data systems.
- Devise at least one attack scenario, as an example, where a hacker could use the area of vulnerability that you chose above in order to gain access to a network or sensitive data. Examine the primary ways in which the hacker could execute such an attack, and suggest the strategic manner in which a security professional could prevent the attack.
- Explore the primary role that the human element could play in adding to the attack scenario, if appropriate. You may wish to decide if the human component is critical in protection from that type of attack.
- Draw specific lessons and recommendations as part of the conclusion, and have a strong concluding paragraph. Be sure to revise your introduction to reflect what the paper accomplished once you finish your first draft.
- Use no less than five quality resources in this assignment. Note: Wikipedia and similar websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double-spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, your name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.
|
Points: 220 |
Assignment: Web Application Attack Scenario |
||||
|
Criteria |
Unacceptable |
Meets Minimum Expectations |
Fair |
Proficient |
Exemplary |
|
1. Analyze the common threats/ vulnerabilities to data systems such as web applications and data servers. Speculate on the greatest area of vulnerability and potential for damage and/or data loss of such data systems. Weight: 25% |
Did not submit or incompletely analyzed the common threats/ vulnerabilities to data systems such as web applications and data servers, did not submit or incompletely speculated on the greatest area of threat/vulnerability and the potential for damage and/or data loss of such data systems. |
Insufficiently analyzed the common threats/ vulnerabilities to data systems such as web applications and data servers. Next, insufficiently speculated on the greatest area of threat/vulnerability and the potential for damage and/or data loss of such data systems. |
Partially analyzed the common threats/ vulnerabilities to data systems such as web applications and data servers, partially speculated on the greatest area of vulnerability and potential for damage and/or data loss of such data systems. |
Satisfactorily analyzed the common threats/ vulnerabilities to data systems such as web applications and data servers. Satisfactorily speculated on the greatest area of vulnerability and potential for damage and/or data loss of such data systems. |
Thoroughly analyzed the common threats/ vulnerabilities to data systems such as web applications and data servers, thoroughly speculated on the greatest area of vulnerability and potential for damage and/or data loss of such data systems. |
|
2. Devise at least one attack scenario, as an example, where a hacker could use the area of vulnerability that you chose above in order to gain access to a network or sensitive data. Examine the primary ways in which the hacker could execute such an attack, and suggest the strategic manner in which a security professional could prevent the attack. Weight: 25% |
Did not submit or incompletely devised any attack scenario where a hacker could use the area of chosen vulnerability in order to gain access to a network or sensitive data. Did not submit or incompletely examined the primary ways in which the hacker could execute such an attack, and did not submit or incompletely suggested the strategic manner in which a security professional could prevent the attack. |
Insufficiently devised any attack scenario where a hacker could use the area of chosen vulnerability in order to gain access to a network or sensitive data. Insufficiently examined the primary ways in which the hacker could execute such an attack, and insufficiently suggested the strategic manner in which a security professional could prevent the attack. |
Partially devised one or more attack scenario where a hacker could use the area of chosen vulnerability in order to gain access to a network or sensitive data. Partially examined the primary ways in which the hacker could execute such an attack, and partially suggested the strategic manner in which a security professional could prevent the attack. |
Satisfactorily devised one or more attack scenario where a hacker could use the area of chosen vulnerability in order to gain access to a network or sensitive data. Satisfactorily examined the primary ways in which the hacker could execute such an attack, and satisfactorily suggested the strategic manner in which a security professional could prevent the attack. |
Thoroughly devised one or more attack scenario where a hacker could use the area of chosen vulnerability in order to gain access to a network or sensitive data. Thoroughly the primary ways in which the hacker could execute such an attack, and thoroughly suggested the strategic manner in which a security professional could prevent the attack. |
|
3. Draw specific lessons and recommendations as part of the conclusion, and have a strong concluding paragraph. Be sure to revise your introduction to reflect what the paper accomplished once you finish your first draft. Weight: 30% |
Did not submit lessons and takeaway in the conclusion, or have concluding paragraph, or a paragraph or less of closing statement that only partially touches upon what was presented in the body. Does not have an introduction, or just a partial introduction. |
Had insufficient or partial lessons and takeaway in the conclusion, or weak concluding paragraph, or a paragraph or less of closing statement that touches upon what was presented in the body, or provides only a summary of key points. Does not have a complete or just a partial introduction. |
Has some or adequate lessons and takeaway in the conclusion, or weak concluding paragraph, or a paragraph or less of closing statement that touches upon what was presented in the body, or provides only a summary of key points. Does not have a complete introduction, or is missing a key element of an introduction. |
Covers most of the key lessons and takeaway in the conclusion, or recommendations but may fall short on some detail. Has a good to excellent introduction but may be missing an element. |
Thoroughly develops a multi-paragraph conclusion of key lessons and recommendations with sufficient depth and detail to lead to a strong concluding paragraph. Fully introduces the paper setting both the tone and scope of what the paper accomplished. |
|
4. Five (5) references Weight: 10% |
No references provided |
Does not meet the required number of references; all references poor quality choices. |
Does not meet the required number of references; some references poor quality choices. |
Meets number of required references; all references high quality choices. |
Exceeds number of required references; all references high quality choices. |
|
5. Clarity, writing mechanics, and formatting requirements. Weight: 10% |
More than 8 errors present |
7-8 errors present |
5-6 errors present |
3-4 errors present |
0-2 errors present |
"You need a similar assignment done from scratch? Our qualified writers will help you with a guaranteed AI-free & plagiarism-free A+ quality paper, Confidentiality, Timely delivery & Livechat/phone Support.
Discount Code: CIPD30
Click ORDER NOW..
