McCurley-Shimer_Assignment #1

docx

School

American Military University *

*We aren’t endorsed by this school

Course

440

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

7

Uploaded by DeanHippopotamus5891

Report
Assignment 1 1 Assignment 1 Alexus McCurley-Shimer American Military University INTL440 Cyber Warfare Professor Binversie November 20, 2023
Assignment 1 2 Throughout time there has been many issues with cyber crime especially as technology has progressed. Understanding the ins and outs of how cyber crime can be conducted is very important for a user to be aware of the dangers that they can face. As well as understanding the many different ways that the users are able to communicate with technology. With this paper we will understand the building blocks that make communications via networking secure. As well as the understanding of the software challenges that there are. There are four different ways for communication on the internet. “It can be done through various means, including email, instant messaging, social networking, and video conferencing.” (Naha 2023) The first is instant messaging which is an online chat technology that allows people to be able to communicate via messages in real-time on the internet. The second is VoIP and Internet Phone System which has the internet route to telephone calls instead of the traditional phone lines. Such as voice over internet protocol (VoIP) that sends voice packets by using IP instead of PSTN which is Public Switched Telephone Network. The third is email which is when an individual communicates via messages and files. Email communications have become extremely fast and reliable when it comes to communicating. The fourth is the social networking platforms. This is done over social media such as Facebook, Twitter, Instagram, and more. Social media has become a popular way for internet communication. This is due to the speed and simplicity of communicating with friends or customers, being able to enhance businesses brand awareness, a good way to redirect traffic, the ability to help businesses interact with their customers, and to help with advertising, promotions, as well as market research. There are many different aspects to network building blocks that we will be going over.
Assignment 1 3 Switches: o “A switch connects endpoints to the network so they can communicate with each other.” (Cloud Academy n.d.) o Two primary benefits: Provide each pair of communicating devices with a speedy connection Ability to segregate communications to be able to ensure that it does not enter other areas of the network. o The capability of momentarily connecting the receiving and sending of a device to be able to use the bandwidth of a network without any interference. Routers: o Are the devices that connect two or more different networks as well as filter the network traffic to ensure that only the desired information is able to travel between them. o Example: Routers are able to be used as well as to regulate the flow of information from internal networks and the internet. o Wide area network or WAN is the portion of the network that connects the routers. Proxy Servers: o These act as a web filter and firewall. These are able to provide a shared network connection and is able to cache data to be able to speed up any requests. o Proxy servers are able to keep users and the internal network protects from any bad things such as malicious attacks.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Assignment 1 4 o There is able a high level of privacy o What proxy can do: Improve bandwidth and speed Control Internet usage of employees Provide better security Provide privacy benefits “A web application vulnerability is any system flaw that an attacker can exploit to compromise a web application.” (Moradov 2023) We will be going over the eight different vulnerabilities. 1. SQL Injection: This is when an application uses Structured Query Language (SQL) to ensure that communications are managed in a database. Any vulnerabilities with SQL can allow an attacker to insert malicious SQL commands to be able to exfiltrate, modify, or delete data. 2. Cross-Site Scripting (XSS): These attacks are similar to SQL injection attacks, which involves the injection of malicious script in a website or web application. 3. Cross-Site Request Forgery (CSRF): This attack happens when an attacker is able to force a victim to perform an action on a web application. 4. Session Fixation: This is when an attack involves forcing the user session ID to a specified value. 5. Local File Inclusion (LFI): This attack exploits the dynamic files with inclusion mechanisms in the web application.
Assignment 1 5 6. Security Misconfigurations: This is one of the most serious web application vulnerability due to the ability to provide attacks with the opportunity to infiltrate into an application with ease. 7. XML External Entity (XXE) Processing: This happens when an attacker abuses the features in an XML parser to be able to gain access remotely or local files this is done typically with the Denial of Service (DoS). 8. Directory Traversal: This is also known as backtracking and involves the exploitation of how the web application receives data. There are ways to prevent these types of vulnerabilities. Authentication and access control. “While it may seem obvious, many web applications do not implement basic access control measures.” (Lohvynenko 2023) Avoid security misconfigurations this can be done by using web development framework or CMS. Exception management can be used to ensure that there are no errors displayed on long stack traces to the user. Manage containers carefully to ensure that the applications are secure this can be done by using Docker. Quality assurance and testing can be important to ensure that there are no errors on the application. Not only does a company have to ensure that their side is protected they are able to ensure that the client’s side is protected as well. “There is no silver bullet against web application attacks-they are an ever-evolving problem that requires a multifaceted solution.” (Edwards 2023) The way to ensure that the client’s side is protected can be done by these ten practices: Regular testing and scanning for vulnerabilities Input validation and sanitization Prepare statements and parameterized queries Set the content security policy header
Assignment 1 6 Synchronize tokens Validate files and directory paths Disable the processing of external entities Whitelist of acceptable elements and attributes Secure coding practices Keep the servers and software up-to-date. As we have found out there has been many challenges facing with technology. There is a better understanding of what issues there are with software and how to ensure that there is a way to ensure that the vulnerabilities are not exploited. As well as an understanding of the building blocks that are needed when it comes to keeping a network secure and how they are the beginning. There is an understanding on the different types of communication that technology has been able to provide us as well.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Assignment 1 7 References: Edwards, Jeffrey. “What Is a Web Application Attack, and How Can You Prevent It?” CHEQ, October 26, 2023. https://cheq.ai/blog/what-is-web-application-attack/. Lohvynenko, Anton. “How to Secure Web Applications from Vulnerabilities in 2023.” MobiDev, October 4, 2023. https://mobidev.biz/blog/best-practices-to-secure-web-applications-from- vulnerabilities. Moradov, Oliver. “8 Critical Web Application Vulnerabilities and How to Prevent Them.” Bright Security, September 13, 2023. https://brightsec.com/blog/web-application-vulnerabilities/. Naha, Priya. “Internet Communication: What It Is and 4 Ways of Internet Communication.” CallHippo, November 14, 2023. https://callhippo.com/blog/telephony/internet- communications-what-is-it-ways-to-communicate-over-the-internet#:~:text=It%20can %20be%20done%20through,face%20conversation%20or%20telephone%20calls. “Network Building Blocks - Networks and Communications [CISMP] Course.” Cloud Academy. Accessed November 20, 2023. https://cloudacademy.com/course/networks-and- communications-cimsp-1/network-building-blocks/.

Related Documents

MSIT 3150-Assignment 3 .docx
Textbook Assignment 3.docx
McCurley-Shimer_Assignment #2.docx
McCurley-Shimer_Assignment #2.docx
Lab 5 - Stego.docx
McCurley-Shimer_Assignment #3.docx
McCurley-Shimer_Assignment #6.docx
MSIT 3150 -Assignment 1.docx
MSIT 3150-Assignment 4.docx
T09.pdf
Salesforce Platform Developer I Certification Practice Questions and Answers.docx
2.3.11.pdf
Recommended textbooks for you
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
SEE MORE TEXTBOOKS