You are working for an organisation that is using a very old web-based applicationthat was developed in-house and is only used by members of the organisation. Theleader of the web development team has indicated that the application needs to beurgently redeveloped as it is dependent upon outdated frameworks that haverecently been found to be vulnerable to SQL injection attacks, however theorganisation is currently short on funding. One of the security team has suggestedusing a web application firewall to prevent common attacks instead.(a) Explain the additional security that would be provided by the web applicationfirewall.(b) Discuss any alternative or complimentary technologies that would assist insecuring the application.

(a) The following securities provided by the web application firewall: A WAF (Web Application…

Answered: (a) Explain the additional security…

(a) Explain the additional security that would be provided by the web api firewall. (b) Discuss any alternative or complimentary technologies that would assist in securing the anplication.

Database System Concepts

7th Edition

ISBN:9780078022159

Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Chapter1: Introduction

Section: Chapter Questions

Problem 1PE

See similar textbooks

Similar questions

Research the three types of firewalls available to corporations and answer the questions below. Describe each type of firewall. Determine which types can reside on a server (as opposed to a networking appliance). Of the server-supported firewalls, choose which types of firewalls are best for your organization. Explain. What are the best locations for these firewalls? Why? As an example, research and describe the 'standard' ingress/egress rules appropriate for the File and Print Services server role.
Important criteria for an a.security NET are laid down. You may begin your investigation at the Open Web Application Security Project's GitHub page, the Microsoft.NET Security website, or any other reliable resource.
A popular computer network publication stated at one time that the enterprise firewall was dead. It boldly stated that the exterior firewalls of the organization should be torn down and replaced with host-based firewalls instead. Is this insane, or is it the best new practice in security management? Explain your answer.
An explanation of firewalls' function in the context of network security and protection is required. Don't forget to define the phrase and include examples that highlight its value to the business.
The stakeholders of a software company have four new security requirements that they are considering including in the next release of their flagship product: Two-factor authentication (2FA), Captcha for Bot Detection (CBT), Password Expirations (PEX), and Role-base access control (RBA). Given the time constraints, they may not be able to include all, so they need to prioritize these requirements based on three criteria: Maintainability (MA), Ease of Use (EU), and Integration Support (IS). They have the following pairwise preferences of the criteria: Maintainability is three times as important as Ease of Use Ease of Use is two times as important as Integration Support Maintainability is five times as important as Integration Support Based on the above information, do the following: Rank the four security requirements using the criteria weights and the following alternatives matrix: MA EU IS 2FA 0.36 0.29 0.09 CBT 0.13 0.33 0.18 PEX 0.27 0.21…
What are common attacks against access control methods and appropriate countermeasures to mitigate potential attacks on access control methods?
Please list the most important parts of a.NET protection and tell us why they are so important. The Open Web Application Security Project's (OWASP) GitHub page, the Microsoft.NET Security website, and any other good websites that come to mind are all on the table.
Could you maybe clarify what what is meant by the phrase "Firewall vulnerability exploit"?
The stakeholders of a software company have four new security requirements that they are considering including in the next release of their flagship product: Two-factor authentication (2FA), Captcha for Bot Detection (CBT), Password Expirations (PEX), and Role-base access control (RBA). Given the time constraints, they may not be able to include all, so they need to prioritize these requirements based on three criteria: Maintainability (MA), Ease of Use (EU), and Integration Support (IS). They have the following pairwise preferences of the criteria: Maintainability is three times as important as Ease of Use Ease of Use is two times as important as Integration Support Maintainability is five times as important as Integration Support Based on the above information, do the following: Make a matrix capturing all pairwise comparisons of importance of criteria.
Discuss common security vulnerabilities in web applications, such as Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF), and methods to mitigate them.
Discuss the function of firewalls in modern network architectures and define the term "firewall" in its context.
Summarize the risks of using JavaScript in a web application from a security perspective.