Discussion Question Replies (Ethical IT & Parenting Discussions)

User Generated

yvirfzbxrynhtu69

Writing

Description

Can someone help write a 100 word response to the four statements:

1.) 

The influence that friends exert over one another as teenagers is clearly powerful and, far too often, undesirable. Unhealthy behaviors can be almost contagious among adolecents at this age. Teens whose friends smoke, drink or use drugs, for example, are more likely to indulge in these behaviors themselves. Aggressive, illegal or self-injurious behaviors also have a tendency to cluster among friend groups, as do concerns about body image and eating. So at a young age, my father taught me to associate myslef with those who are less likely to get in trouble. From elementary until high school I was a social butterfly and had many friends. I did not allow peer pressure to get the best of me because I always asked myself: Will I feel better afterwards or what would happen if I did this? The only occurance I allowed peer pressure to influence me, was at the beheast of my older brother and his friend to smoke weed at the age of 11. I smoked my first joint when I was 11. I didn’t want to but all my brother and his friend were smoking and I didn’t want to be out of the group. I only did it two other times fro the rest of my life and found it to be a nice experience but not for me... I didn't like the uncontrollable laughing or sleepiness. My parents were always working so I was very independent and choose my flock of close friends wisely. I did not want to associate with those who were trying hard to fit in or else I know I would be playing superhero all the tome. My parents knew about this of me and so they vehemently warned me not to put myself in a disadvantage of others. I believe responsible rules should be

Looking out for yourself and others.

No one leaves anyone behind.

No drugs or alchol when DD or get wasted; if kids plan to drink they will find a way.

Have fun but dont be stupid and get yourself or others hurt.

 Hmmm, I believe dating should start around 18. I believe you don't know what you want at age 14 to 17 and tend to fall in love with anyone hard. At 18, young adults can actually go on a date and enjoy a actually courtship rather than play relationship.

2.)

There are so many resources available to help parents get information to their teenage children.  Hopefully the parents have an open line of communication with their kids so that they feel comfortable enough approaching their parents with questions about topics such as pregnancy, STDs, and contraception.  But I know that's not always the case for many reasons, or more information is required.  So in that case:

Parents, there are many sources of information for your teenager to gather information on areas sex:

-Planned Parenthood is available in your area, and hold a wealth of information and guidance on these topics

-Your family doctor is always a great resource for your adolescent.  Make them an appointment to speak with them and ask     questions

-Your child's school nurse or guidance counselor is available for them as a trusted guide in these areas.

-The internet is a scary place for your teenager to search for information on these sensitive topics on their own, but there are safe and reliable web sites that you can show your child to gather information, or download some specific info for them to look at.

-The most important thing is to provide your teenager with appropriate and accurate information, so that they don't go looking for it in dangerous or incorrect places.  

3.)

Well, the good news is that there is a lot we can do to defend against SQL injection attacks. Although there is no such thing as a 100 percent guarantee in network security, formidable obstacles can be placed in the path of SQL injection attempts.

1. Comprehensive data sanitization. Web sites must filter all user input. Ideally, user data should be filtered for context. For example, e-mail addresses should be filtered to allow only the characters allowed in an e-mail address, phone numbers should be filtered to allow only the characters allowed in a phone number, and so on.

2. Use a web application firewall. A popular example is the free, open source module ModSecurity which is available for Apache, Microsoft IIS, and nginx web servers. ModSecurity provides a sophisticated and ever-evolving set of rules to filter potentially dangerous web requests. Its SQL injection defenses can catch most attempts to sneak SQL through web channels.

3. Limit database privileges by context. Create multiple database user accounts with the minimum levels of privilege for their usage environment. For example, the code behind a login page should query the database using an account limited only to the relevent credentials table. This way, a breach through this channel cannot be leveraged to compromise the entire database.

4. Avoid constructing SQL queries with user inputEven data sanitization routines can be flawed. Ideally, using SQL variable binding with prepared statements or stored procedures is much safer than constructing full queries.

Any one of these defenses significantly reduces the chances of a successful SQL injection attack. Implementing all four is a best practice that will provide an extremely high degree ofprotection. Despite its widespread use, your web site does not have to be SQL injection's next victim

http://www.esecurityplanet.com/hackers/how-to-prevent-sql-injection-attacks.html

4.)

Without being very familiar with the techniques used to hack databases, I can only go on what I've picked up in the reading thus far.

I understand database hacking to be the gained access to a database on a system that you are not supposed to be allowed to access. There are a number of ways to get to the database. For instance a database server could be infected with a trojan or any number of malware and the attacker could escalate privileges and exfil the entire database. Of course, as we are learning this week, databases are often accessed by SQL injections or attacks on the front end applications. This is usually achieved by entering SQL queries into fields that have been built into a web-form such as a username or password field. This technique typically involves entering invalid inputs and using the response from the web / database server to learn more about the topology of the backend. I understand that sometimes a poorly designed and use the GET vice POST command an attacker would actually be able to send structured queries directly to the database server to elicit actual responses vice error codes.

By analysing the error codes the attacker can fingerprint the database server and slowly discover the table names, administrator account names, database schema, database and operating system versions, etc. With this information the attacker could then research specific vulnerabilities associated with that particular target. Having knowledge of the file system and database structure allows the attacker to formulate more targeted attacks.

Databases are common targets because they are, well, so very common. They are generally a part of every webpage. Their sole purpose is to be a central collection point to collect, store and organize information. Rather than rifling through a filing cabinet to find a small piece of information, you can essentially grab the entire cabinet and the index that tells you exactly where all of the information is.

Also, because web applications and databases are so prolific, there is a very good chance that not everyone is or knows how to protect them correctly. From an attackers point of view there are many targets, they can be extremely valuable, and there is a decent chance of success with minimal chance of being caught or having an attack being attributed to the attacker.


User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer


Anonymous
Really helpful material, saved me a great deal of time.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags