Description
Topic 1
Learning About OWASP
Visit the OWASP website.
Using WORD, write an ORIGINAL brief essay of 300 words or more describing the history and background of OWASP.
https://owasp.org/www-community/vulnerabilities/
Choose one of the vulnerabilities on the linked page and describe briefly.
Topic 2
https://www.wired.com/story/cambridge-analytica-fa...
Read this article about Cambridge Analytica in Wired Magazine. Discuss whether you think the premise of the article is correct and that people are more aware of privacy concerns.
Use at least three sources. Use the Research Databases available from the Danforth Library, not Google. Include at least 3 quotes from your sources enclosing the copied words in quotation marks and cited in-line by reference to your reference list. Example: "words you copied" (citation) These quotes should be one full sentence not altered or paraphrased. Cite your sources using APA format. Use the quotes in your paragraphs. Do Not Doublespace.
Topic 3
Answer each these questions in a paragraph with at least five sentences: Include the question and number your responses accordingly. Provide a citation for each answer.
1. What kind of speech was the First Amendment written to protect?
2. Does the First Amendment apply only to spoken words?
3. What does it mean that laws regulating speech must be content neutral?
4. Why are common carriers prohibited from controlling the content of the material they carry?
5. How does the Supreme Court determine whether material is obscene?
6. Why have attempts to censor the Internet failed in the US?
7. Why not just ban spam?
8. Why did Facebook ban Alex Jones and Louis Farrakan?
9. Should websites that show how to 3d print guns be banned?
10. According to the Supreme Court 'anonymity is a shield from the tyranny of the majority'. What does that mean?
Explanation & Answer
Attached. Please let me know if you have any questions or need revisions.
Running head: WEB SECURITY
Web Secure Applications
Name
Institution
1
WEB SECURITY
The Open Web Application Security Project (OWASP) is an altruistic organization
established in 2004 to thwart common application hacking proactively. The main exertion at
normalizing secure programming practices as application attacks on old, unsafe programming
language proliferated. The unbiased association assumes a risk-based strategy to safekeeping and
is intended to circumvent influence from any particular organization (Alanazi & Sarrab, 2011).
Since any business does not regulate OWASP, its nonpartisan regulation can be utilized
to approve apps and monitor for fresh susceptibilities. These assist organizations with
assimilating security into development, validation, and maintenance to ensure secure web apps.
The association is put in place to guarantee a diversity of data and worldwide neutrality.
Vulnerabilities are gaps or feebleness in an application that can be a design fault or an
execution wiretap, enabling hacking to damage the shareholders of an application. Shareholders
consist of the app vendor, app consumers, and other individuals that depend on the application.
One of the vulnerabilities in the link includes improper data validation. This is a form of
a computer software vulnerability that may be utilized for security exploits. This vulnerability is
initiated when a product does not authorize or erroneously authenticates input that can affect the
control flow or data flow.
Since it is hard to detect malicious entries trying to make an entry, apps must check and
authenticate every input logged into a system. Input authentication must take place whenever
data is received from an external party, particularly if the data is from dubious sources. Improper
input validation may cause injection attacks, memory drip, or compromised systems (Owasp.org,
2020). While input validation can be either blacklisted or whitelisted, it is better to whitelist
information. Whitelisting only permits anticipated data. In contrast, blacklisting depends on
2
WEB SECURITY
programmers forecasting all unanticipated data. Thus, the software makes blunders more easily
with blacklisting. Some of the best examples of...
Review
Review
