Assignment: Web Application Attack Scenario
Assignment: Web Application Attack Scenario
· Suppose that you are currently employed as an Information Security Manager for a medium-sized software development and outsourcing services company.
· The Software Development Director has asked you to provide a detailed presentation for her department regarding the most common Web application threats and the manner in which their products could compromise customer financial data.
· The products in question use Microsoft SQL Server databases and IIS Web servers.
· She has asked you to provide a report for her review before she schedules the presentation.
· Write a two to four (2-4) page paper in which you:
· Analyze the common threats to data systems such as Web applications and data servers.
· Next, speculate on the greatest area of vulnerability and potential for damage and / or data loss of such data systems (e.g., SQL injection, Web-based password cracking).
· Devise one (1) attack scenario where a hacker could use the area of vulnerability that you chose in Question 1 in order to gain access to a network or sensitive data.
· Examine the primary ways in which the hacker could execute such an attack, and suggest the strategic manner in which a security professional could prevent the attack.