Please help with this question!

Apr 19th, 2015
Steve1995
Category:
Computer Science
Price: $15 USD

Question description

Securing Programs

This week, you will look at the infrastructure of secure programs and some of the components that provide security. Using your online lectures, experience, and research, respond to the following questions:

  • Input validation is a layer of indirection between what a user enters and what is executed in a program. Why is this a significant concern on the web? What circumstances involving web pages make this a unique platform for entering malicious input? Give at least two examples of vulnerabilities for web applications that result from users entering malicious input into form fields.
  • What steps can be taken for input validation in cases in which the entry does not meet regular criteria, such as a phone number in which the pattern can be predicted? What is an example of input that does not have a regular pattern? How could this be protected by input validation?
  • Some web deployments call on precompiled components or libraries, such as NetBeans and C executables. How could these systems be protected from injection by users? Why might this be necessary?

Choose a programming language (such as Java, JavaScript, C, C++, Perl, PHP, etc.) and research using the Internet and South University Online Library resources to answer the following questions:

  • What are the primary security issues reported for this language?
  • Are there any known compiler or interpreter issues that introduce security vulnerabilities to this language?
  • How does this language handle bounds checking for arrays? Does this prevent or facilitate buffer overflows?
  • How does this language process strings from the user? Does this leave any security holes?
  • Is this language compiled or interpreted?
  • How is this language affected by deployment? Justify your answer.
  • Can the vulnerabilities of this language be corrected by defensive programming? Justify your answer.
  • Does this language provide authentication mechanisms?
  • Is the source code of this language accessible to the end user?
  • Is access control possible with this language? Why or why not?

Tutor Answer

(Top Tutor) Daniel C.
(997)
School: New York University
PREMIUM TUTOR

Studypool has helped 1,244,100 students

8 Reviews


Summary
Quality
Communication
On Time
Value
pmallory
Dec 3rd, 2016
" Totally impressed with results!! :-) "
mixedballz
Nov 24th, 2016
" excellent work as always thanks for the help "
Five Star Tutor
Nov 22nd, 2016
" Outstanding Job!!!! "
kiln82
Nov 11th, 2016
" awesome work thanks "
darnay
Nov 2nd, 2016
" The best tutor out there!!!! "
likeplum4
Oct 28th, 2016
" Excellent work as usual "
kpcutie
Oct 6th, 2016
" Excellent job "
Joemoe
Sep 27th, 2016
" <3 it, thanks for saving me time. "
Ask your homework questions. Receive quality answers!

Type your question here (or upload an image)

1830 tutors are online

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors