Oct 29th, 2013
Price: $20 USD

Question description

LOT Task 3

Click to Show/Hide Directions




426.4.2: Preattack Planning - The graduate evaluates techniques used in footprinting and implements industry best practices to protect against this type of information asset vulnerability.

426.4.3: System Hacking - The graduate evaluates various network system hacking counter-techniques.

426.4.5: Hacking Web Servers - The graduate identifies known web server vulnerabilities and demonstrates industry best practices to protect against this type of threat.

426.4.6: Web Application Vulnerabilities - The graduate identifies common web application vulnerabilities and uses industry best practices to protect against this type of threat.


Maintaining a proactive approach on security requires that an organization perform its own hacking footprinting to see how much information is available to potential hackers. Some organizations do this using internal staff; however, it is much more common to see organizations hire external security consultants to perform these types of security reviews. This allows a truly unbiased outsider to attempt to gather as much information as possible to formulate an attack.

Assume that you have been selected as the security consultant to perform a comprehensive security review for an organization of your choosing. Ensure that the organization that you select has a public website that you can access and at least one web application that you can use for this task. You will review the security of the organization’s website and any related web applications and consider security risks such as structured query language (SQL) injection and social engineering techniques.

To complete this task, you will need to perform a footprinting analysis of your selected company. Your comprehensive security review will involve a series of tasks that are described in detail below.

Note: Task 3 only requires “Passive” Footprinting and a discussion on SQL injection. At no time during the execution of this task should any connection be made to the Footprinting target. If you have any questions please contact the course mentor.


A.  Create a multimedia presentation (e.g., PowerPoint, Keynote) (suggested length of 12–15 slides) in which you do the following:

1.  Summarize your findings of a footprinting analysis you performed on your chosen organization.

2.  Discuss how the information gathered during your footprinting analysis could be used to initiate an attack against the organization.

3.  Discuss social engineering techniques that could be utilized to gather information regarding the organization’s computer systems.

a.  Present appropriate countermeasures that should be used to combat such social engineering techniques.

4.  Prescribe a series of countermeasures and remedies that could be utilized to counter this type of footprinting attack.

5.  Present common web server vulnerabilities that the organization is most susceptible to.

6.  Present common threats against web applications that pose the greatest risk to the organization’s web applications.

7.  Illustrate how SQL injection could be used to obtain or destroy information from a web application’s database.

8.  Discuss how SQL injection techniques could pose a potential threat to the organization’s web applications.

Note: The slides in your presentation should include only the main points you wish to make, with more extensive information included in the presenter notes section of the presentation.

B.  When you use sources, include all in-text citations and references in APA format.

Note: When bulleted points are present in the task prompt, the level of detail or support called for in the rubric refers to those bulleted points.

Note: For definitions of terms commonly used in the rubric, see the Rubric Terms web link included in the Evaluation Procedures section.

Note: When using sources to support ideas and elements in a paper or project, the submission MUST include APA formatted in-text citations with a corresponding reference list for any direct quotes or paraphrasing. It is not necessary to list sources that were consulted if they have not been quoted or paraphrased in the text of the paper or project.

Note: No more than a combined total of 30% of a submission can be directly quoted or closely paraphrased from sources, even if cited correctly. For tips on using APA style, please refer to the APA Handout web link included in the General Instructions section.

Tutor Answer

(Top Tutor) Daniel C.
School: University of Maryland

Studypool has helped 1,244,100 students

Review from our student for this Answer

Dec 11th, 2013
"Outstanding Job!!!!"
Ask your homework questions. Receive quality answers!

Type your question here (or upload an image)

1820 tutors are online

Brown University

1271 Tutors

California Institute of Technology

2131 Tutors

Carnegie Mellon University

982 Tutors

Columbia University

1256 Tutors

Dartmouth University

2113 Tutors

Emory University

2279 Tutors

Harvard University

599 Tutors

Massachusetts Institute of Technology

2319 Tutors

New York University

1645 Tutors

Notre Dam University

1911 Tutors

Oklahoma University

2122 Tutors

Pennsylvania State University

932 Tutors

Princeton University

1211 Tutors

Stanford University

983 Tutors

University of California

1282 Tutors

Oxford University

123 Tutors

Yale University

2325 Tutors