Reference no: EM131188407
Lab: Performing a Web Site and Database Attack by Exploiting Identified Vulnerabilities
Overview
In this lab, you performed simple tests to verify a cross-site scripting (XSS) exploit and an SQL injection attack using the Damn Vulnerable Web Application (DVWA), a tool left intentionally vulnerable to aid security professionals in learning about Web security. You used a Web browser and some simple command strings to identify the IP target host and its known vulnerabilities, and then attacked the Web application and Web server using cross-site scripting (XSS) and SQL injection to exploit the sample Web application running on that server.
Lab Assessment Questions & Answers
1. Why is it critical to perform a penetration test on a Web application and a Web server pri to production implementation?
2. What is a cross-site scripting attack? Explain in your own words.
3. What is a reflective cross-site scripting attack?
3. Which Web application attack is more likely to extract privacy data elements out of a database?
4. What security countermeasures could be used to monitor your production SQL databases against injection attacks?
5. What can you do to ensure that your organization incorporates penetration testing and W application testing as part of its implementation procedures?
6. Who is responsible for the C-I-A of production Web applications and Web servers?
|
Availability of funding assistance from other countries
: Explore the World Fact Book page of Central Intelligence Agency website at https://www.cia.gov/library/publications/the-world-factbook/. Select two countries from among those represented on the global map on the webpage. Hovering over the map with..
|
|
What was the firms net income
: During the year, the Senbet Discount Tire Company had gross sales of $1.25 million. The firm’s cost of goods sold and selling expenses were $544,000 and $234,000, respectively. The firm also had notes payable of $990,000. What was the firm’s net inco..
|
|
Write an informative speech on basketball
: What would be a good (Purpose statement, Attention getter, Thesis statement and First main point/argument) to get me started on it.
|
|
Discuss the reforms done or needed in that industry
: HI5003 - Economics for Business Choose any industry and discuss the reforms done or needed in that industry and demand and supply of a product of your choice and factors that affect the demand and supply sides of the market.
|
|
Explain what is a reflective cross-site scripting attack
: What is a cross-site scripting attack? Explain in your own words. What is a reflective cross-site scripting attack? Which Web application attack is more likely to extract privacy data elements out of a database?
|
|
Loyal customers offer to healthcare organizations
: Create a report that describes and critically analyzes at least 5 contemporary best practices to improve customer loyalty in a healthcare organization Be sure to discuss the multiple benefits that loyal customers offer to healthcare organizations
|
|
Describe natural processes or phenomena for the first time
: A dominant group associated with zoology differs from a control group in that it rules the treatment of the control group.
|
|
Why are some managers powerless
: Managers should have plenty of power but some are incapable of getting subordinates to do what they want. Why?
|
|
Write a research paper on given topic
: Describe the current status in Anniston.- Discuss the effects of PCB on human health and to the environment.- What are the effects of dioxin on human health and to the environment?
|