Assignment 1: Web Server Application Attacks
Due Week 2 and worth 110 points
It is common knowledge that Web server application
attacks have become common in today’s digital information sharing age.
Understanding the implications and vulnerabilities of such attacks, as
well as the manner in which we may safeguard against them is paramount,
because our demands on e-Commerce and the Internet have increased
exponentially. In this assignment, you will examine the response of both
the U.S. government and non-government entities to such attacks.
To complete this assignment, use the document titled “Guidelines on Securing Public Web Servers”, located at http://csrc.nist.gov/publications/nistpubs/800-44-ver2/SP800-44v2.pdf,
to complete the assignment. Read the Network World article, “40% of
U.S. government Web sites fail security test” also, located at http://www.networkworld.com/news/2012/031512-dnssec-survey-2012-257326.html.
Write a three to five (3-5) page paper in which you:
- Examine three (3) common Web application
vulnerabilities and attacks, and recommend corresponding mitigation
strategies for each. Provide a rationale for your response.
- Using Microsoft Visio or an open source
alternative such as Dia, outline an architectural design geared toward
protecting Web servers from a commonly known Denial of Service (DOS)
attack. Note: The graphically depicted solution is not included in the required page length.
- Based on your research from the Network World
article, examine the potential reasons why the security risks facing
U.S. government Websites were not always dealt with once they were
identified and recognized as such.
- Suggest what you believe to be the best mitigation
or defense mechanisms that would help to combat the Domain Name System
Security Extensions (DNSSEC) concerns to which the article refers.
Propose a plan that the U.S. government could use in order to ensure
that such mitigation takes place. The plan should include, at a minimum,
two (2) mitigation or defense mechanisms.
- Use at least three (3) quality resources outside of the suggested resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman
font (size 12), with one-inch margins on all sides; citations and
references must follow APA or school-specific format. Check with your
professor for any additional instructions.
- Include a cover page containing the title of the
assignment, the student’s name, the professor’s name, the course title,
and the date. The cover page and the reference page are not included in
the required assignment page length.
- Include charts or diagrams created in Visio or an
open source alternative such as Dia. The completed diagrams / charts
must be imported into the Word document before the paper is submitted.
The specific course learning outcomes associated with this assignment are:
- Define common and emerging security issues and management responsibilities.
- Evaluate an organization’s security policies and
risk management procedures, and its ability to provide security
- Use technology and information resources to research issues in security management.
- Write clearly and concisely about the theories of
security management using proper writing mechanics and technical style