Brandon Pina M12 Challenge Submission File

pdf

School

Arizona State University *

*We aren’t endorsed by this school

Course

598

Subject

Information Systems

Date

Dec 6, 2023

Type

pdf

Pages

7

Uploaded by BrandonPina

Report
Cybersecurity Module 12 Challenge Submission File Web Development Make a copy of this document to work in, and then respond to each question below the prompt. Save and submit this completed file as your Challenge deliverable. HTTP Requests and Responses 1. What type of architecture does the HTTP request and response process occur in? This client-server architecture allows for the separation of concerns, where the client is responsible for the user interface and user interactions, and the server is responsible for processing requests and managing resources. This separation enables scalability, as multiple clients can interact with a single server, and vice versa. 2. What are the parts of an HTTP request? An HTTP (Hypertext Transfer Protocol) request consists of several parts, each serving a specific purpose. Here are the key components of an HTTP request 1. Request Line 2. Headers 3. Body 3. Which part of an HTTP request is optional? The Request body is part of the HTTP request which is optional 4. What are the three parts of an HTTP response? The HTTP response consists of the status line, Headers, and the Optional body
5. Which number class of status codes represents errors? HTTP status codes of the fourth class represent client errors, i.e. errors that result from a faulty request by the client 6. What are the two most common request methods a security professional encounters? While GET and POST are by far the most common methods that are used to access information provided by a web server, there are a variety of other methods that may also be supported and can sometimes be exploited by attackers 7. Which type of HTTP request method is used to send data? POST is used to send data to a server to create/update a resource. Some notes on POST requests 8. Which part of an HTTP request contains the data being sent to the server? The request body 9. In which part of an HTTP response does the browser receive the web code to generate and style a webpage? The response body Using curl 10. What are the advantages of using curl over the browser? Curl is a fast and efficient way to pull the information you need from the internet without using a graphical interface 11. Which curl option changes the request method? When doing HTTP with curl, the -X option changes the actual method string in the HTTP request
12. Which curl option sets request headers? We can use curl -h or curl -verbose to display the request headers and response headers in the CURL command. The > lines are request headers. The < lines are response headers 13. Which curl option is used to view the response header? All HTTP replies contain a set of response headers that are normally hidden, use curl's --include ( -i ) option to display them as well as the rest of document 14.Which request method might an attacker use to figure out what HTTP requests an HTTP server will accept? Options Sessions and Cookies 15. Which response header sends a cookie to the client? HTTP/1.1 200 OK Content-type: text/html Set-Cookie: cart=Bob Set-Cookie 16. Which request header will continue the client's session? GET /cart HTTP/1.1 Host: www.example.org Cookie: cart=Bob Cookie Example HTTP Requests and Responses Use the following sample HTTP request and response to answer the questions in this section:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
HTTP Request POST /login.php HTTP/1.1 Host: example.com Accept-Encoding: gzip, deflate, br Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 34 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Mobile Safari/537.36 username=Barbara&password=password 17. What is the request method? POST 18. Which header expresses the client's preference for an encrypted response? Upgrade-Insecure-Requests 19. Does the request have a user session associated with it? No 20. What kind of data is being sent from this request body? application/x-www-form-urlencoded HTTP Response HTTP/1.1 200 OK Date: Mon, 16 Mar 2020 17:05:43 GMT Last-Modified: Sat, 01 Feb 2020 00:00:00 GMT Content-Encoding: gzip Expires: Fri, 01 May 2020 00:00:00 GMT Server: Apache
Set-Cookie: SessionID=5 Content-Type: text/html; charset=UTF-8 Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type: NoSniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block [ page content ] 21. What is the response status code? 200 22. What web server is handling this HTTP response? Apache 23. Does this response have a user session associated with it? Yes 24. What kind of content is likely to be in the [page content] response body? username=Barbara&password=password 25. If your class covered security headers, what security request headers have been included? Strict-Transport-Security Monoliths and Microservices 26. What are the individual components of microservices called? Services 27. What is a service that writes to a database and communicates to other services?
API’s 28. What type of underlying technology allows for microservices to become scalable and have redundancy? Containerization platforms Deploy and Test a Container Set 29. What tool can you use to deploy multiple containers at once? Docker Compose 30. What kind of file format is required to deploy a container set? YAML file Databases 31.Which type of SQL query would you use to view all the information in a table called customers ? SELECT * FROM Customers 32.Which type of SQL query would you use to enter new data into a table? (You don't need a full query, just the first part of the statement.) The INSERT INTO statement of SQL is used to insert a new row/record in table 33. Why would you never run DELETE FROM <table-name>; by itself? It will delete the entire table
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Optional Additional Challenge Activity: The Cookie Jar Question 1: Did you see any obvious confirmation of a login? (Y/N) [Enter answer here] Question 2: How many items exist in this file? [Enter answer here] Question 3: Is it obvious that you can access the dashboard? (Y/N) [Enter answer here] Question 4: Look through the output where Dashboard is highlighted. Does any of the wording on this page seem familiar? (Y/N) If so, you should be successfully logged in to your Editor's dashboard. [Enter answer here] Question 5: What happens this time? [Enter answer here] © 2023 edX Boot Camps LLC. Confidential and Proprietary. All Rights Reserved.

Related Documents

combine.py
Unit Lesson Plan Project.docx.pdf
__Rocking your Network_.docx
AB Web Development Challenge.docx
JLane Week 6 Forensic Report.doc
Week 6 Assignment- Kambra Corbett.docx
AB__Assessing Security Culture_.docx
AFs _ M15 Challenge Submission File.docx
JLane Week 7 Assignment.docx
JLane Week 6 Assignment.docx
Hands-On Project 7-1 (1).docx
ABs__Security 101 Challenge_.docx