Reference no: EM132414788
Layering Defenses
In today's world, there are still some organizations that believe sufficient network security protection begins and ends with a firewall. With the concept of layered defenses in mind, provide at least three (3) layered network security defenses in addition to a firewall that organizations could and should consider implementing. Additionally, of the three selected, indicate which you believe to be the most important and why.
1. Explain in detail the information gained using Zenmap for reconnaissance efforts.
2. Create the following security policies for the company described in the Course Security Scenario.
A. Network Device Security (2-3 pages).
B. Intrusion Detection (1-2 pages).
3. State any assumptions that you make, or details that might add depth, texture, or provide a foundation for your policies. Your goal is to create effective policies that represent modern systems assurance security practices and planning.
Database Protection
Since databases can be key targets for attackers, database protection is an extremely critical component of an information security program. Discuss a common attack that may be used to compromise a database system, and at least one (1) protective measure that might be taken to prevent that attack.
1. Compare and contrast Cross-Site Scripting and SQL Injection attacks, including with the effort needed and value of each attack.
2. Create an application Security and Testing policy for the company described in the Course Security Scenario.
State any assumptions that you make, or details that might add depth, texture, or provide a foundation for your policies. Your goal is to create an effective policy that represent modern systems assurance security practices and planning.
Consider the following scoring guide criteria as you complete your assignment:
• Write an application security and testing plan that is appropriate for the Course Security Scenario.