LOT_Task3

Oct 29th, 2013
RockCafe
Category:
Programming
Price: $20 USD

Question description

LOT Task 3

Click to Show/Hide Directions

Directions

SUBDOMAIN 426.4 - HACKING

Competencies:

426.4.2: Preattack Planning - The graduate evaluates techniques used in footprinting and implements industry best practices to protect against this type of information asset vulnerability.

426.4.3: System Hacking - The graduate evaluates various network system hacking counter-techniques.

426.4.5: Hacking Web Servers - The graduate identifies known web server vulnerabilities and demonstrates industry best practices to protect against this type of threat.

426.4.6: Web Application Vulnerabilities - The graduate identifies common web application vulnerabilities and uses industry best practices to protect against this type of threat.

Introduction:

Maintaining a proactive approach on security requires that an organization perform its own hacking footprinting to see how much information is available to potential hackers. Some organizations do this using internal staff; however, it is much more common to see organizations hire external security consultants to perform these types of security reviews. This allows a truly unbiased outsider to attempt to gather as much information as possible to formulate an attack.

Assume that you have been selected as the security consultant to perform a comprehensive security review for an organization of your choosing. Ensure that the organization that you select has a public website that you can access and at least one web application that you can use for this task. You will review the security of the organization’s website and any related web applications and consider security risks such as structured query language (SQL) injection and social engineering techniques.

To complete this task, you will need to perform a footprinting analysis of your selected company. Your comprehensive security review will involve a series of tasks that are described in detail below.

Note: Task 3 only requires “Passive” Footprinting and a discussion on SQL injection. At no time during the execution of this task should any connection be made to the Footprinting target. If you have any questions please contact the course mentor.

Task:

A.  Create a multimedia presentation (e.g., PowerPoint, Keynote) (suggested length of 12–15 slides) in which you do the following:

1.  Summarize your findings of a footprinting analysis you performed on your chosen organization.

2.  Discuss how the information gathered during your footprinting analysis could be used to initiate an attack against the organization.

3.  Discuss social engineering techniques that could be utilized to gather information regarding the organization’s computer systems.

a.  Present appropriate countermeasures that should be used to combat such social engineering techniques.

4.  Prescribe a series of countermeasures and remedies that could be utilized to counter this type of footprinting attack.

5.  Present common web server vulnerabilities that the organization is most susceptible to.

6.  Present common threats against web applications that pose the greatest risk to the organization’s web applications.

7.  Illustrate how SQL injection could be used to obtain or destroy information from a web application’s database.

8.  Discuss how SQL injection techniques could pose a potential threat to the organization’s web applications.

Note: The slides in your presentation should include only the main points you wish to make, with more extensive information included in the presenter notes section of the presentation.

B.  When you use sources, include all in-text citations and references in APA format.

Note: When bulleted points are present in the task prompt, the level of detail or support called for in the rubric refers to those bulleted points.

Note: For definitions of terms commonly used in the rubric, see the Rubric Terms web link included in the Evaluation Procedures section.

Note: When using sources to support ideas and elements in a paper or project, the submission MUST include APA formatted in-text citations with a corresponding reference list for any direct quotes or paraphrasing. It is not necessary to list sources that were consulted if they have not been quoted or paraphrased in the text of the paper or project.

Note: No more than a combined total of 30% of a submission can be directly quoted or closely paraphrased from sources, even if cited correctly. For tips on using APA style, please refer to the APA Handout web link included in the General Instructions section.


Tutor Answer

(Top Tutor) Daniel C.
(997)
School: University of Maryland
PREMIUM TUTOR

Studypool has helped 1,244,100 students

3 Reviews


Summary
Quality
Communication
On Time
Value
BlueOcean
Nov 13th, 2016
" Awesome! Exactly what I wanted. "
ashleyisgod
Oct 21st, 2016
" Top quality work from this guy! I'll be back! "
Molly_Moon
Sep 29th, 2016
" AMAZING as always! "
Ask your homework questions. Receive quality answers!

Type your question here (or upload an image)

1827 tutors are online

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors