来自英国代写的顾客授权发布的web application security,QAC020N256H作业要求片段,我们不会发布QAC020N256H的answer在网站,我们曾经写过QAC020N256H及相关的web application security写过很多作业,考试,如果你也需要代写这个课程的作业请联系客服WX:QQ 5757940 ,代写人的代写服务覆盖全球华人留学生,可以为英国留学生提供cs代写、非常准时精湛的服务,小作业assignment代写、essay代写享适时优惠,project、paper代写、论文代写支持分期付款,网课、exam代考预约时刻爆单中赶紧来撩。
Question:
Assignment Tasks
期望。本作业由两部分组成。A部分是为一个健身房设计和开发一个数据库驱动的网站,B部分是一份1500字的评估报告,包括对A部分的反思性评论。
理论依据。我们越来越信任在网站上输入我们的个人信息。虽然这使我们的日常生活更加方便,但它是一个...
Expectations: This assignment comprises of two components: Part A is the design and development of a database driven website for a gym, and Part B is an evaluation report of 1500 words consisting of reflective commentary on Part A. Both components are one piece of work and will assess all the module learning outcomes.
Rationale: We trust more and more inputting our personal information to websites. Although this makes our everyday lives more convenient, it a ...
Question:
Assignment Tasks
Expectations: This assignment comprises of two components: Part A is the design and development of a database driven website for a gym, and Part B is an evaluation report of 1500 words consisting of reflective commentary on Part A. Both components are one piece of work and will assess all the module learning outcomes.
Rationale: We trust more and more inputting our personal information to websites. Although this makes our everyday lives more convenient, it also engenders more vulnerabilities because this will increase the frequency of hacking attacks and security breaches. These attacks can range from serious, large scale attacks to simple ones and from simple ones to the ridiculous and life changing incidents. In light of those incidents and vulnerabilities, this assignment will encourage you to apply the web application security concepts and identify the web application vulnerabilities by analysing web application components such as PHP and MySQL.
Scenario:
Background: The COVID-19 pandemic has changed the reality of life and has directed young generation, amongst others, to use the Internet more than ever. They view the Internet as a positive aspect in our society and a robust and effective systems of communication which play a crucial role in our daily activities and development of identities. On the other hand, the advent of the Internet and its uses are also often used negatively. Many people, as well as organisations, are the targets of cyber bullying resulting in confusion on the part of the “target”. Very often, most people are unaware that what they are going through is a form of bullying. As a result, the previously safe environment of the Internet is now becoming a source of confusion and anxiety. This rapid development has increased the cybersecurity breaches with one in four businesses detecting a breach during their last few months of operations. The nature of these attacks means that many businesses may not know their IT systems have been breached and how to handle/avoid these attacks.
ProHunt is a real estate company based in London. The company deals with renting, buying and selling residential and commercial properties in the area. They are committed to providing the highest levels of customer care. The company employs two directors, two receptionists, four office administrators, two consultants, and seven field workers. To be competitive and remain at cutting edge, The ProHunt intends to launch its business online offering one stop estate services. This new website aims to offer their customers convenience, more control and speedy signup for their services to avoid manual administrative tasks. Although the claim is to improve customer services, securing customer data and eliminating the security risks, it is obvious that it will also help the club save costs and remain financially robust.
Task A
Now “ProHunt” has contacted BuildTech (Leading IT Company) to go through a security check for the website to project their online presence and services. The client will also use the website as a contact tool with its customers.
You have been assigned to carry out a security analysis of your client website and backend SQL database attached to a website containing possible security vulnerabilities; your answer can make reasonable assumptions.
Deliverables:
The web/application security testing must include the following components:
Note:
Task A is worth 60% of the overall module. The marking criteria are outlined below. Setup Fully Functional Vulnerable Web Application:
- PHP
- MySQL
- Apache Server
Setup Kali with all the above services enabled on XAMMP. Please provide step-by-step walk through of your implementation including setup of your backend SQL database using screen shots and appropriate description for each step.
For web app we have to use the auto generated one from Kali.
Web Application Security Testing:
- Nmap scanning
Perform port scanning of web application target (Kali) and elaborate each step clearly mentioning the details of open ports and its relevance to identify the running protocol
- Wireshark Sniffing
Perform data/traffic capture on target web application (Kali). Please provide the detailed analysis of captured data (Protocol identified at different TCP/IP layers).
- SQL Injection using SQLMAP
Perform SQL injection attack on Kali using SQLMAP. Elaborate the findings of your attack and include the name of detected database version, database names, database compromised data etc.
Web Application Security Model:
- Firewalls
- IDS/IPS
- Encryption
Elaborate the use of above technology to strengthen the security of web applications and discuss integration of these as effective security mechanism.
Develop a plan to make a fully functional website.
Setup a server side (PHP) vulnerable web/application connected to backend database (MySQL) for security testing in local environment either using XAMPP/WAMP or Virtual Box. Provide step-by-step configuration details of environment setup (XAMPP/WAMP, Virtual Box etc), web/application and back-end database.
Scanning: You must use a network scanner like Nmap to perform a scan on target web/application and include your findings, open ports, applications, operating systems, etc.
Sniffing: You must demonstrate the use of Wireshark sniffer to perform capture of web application session data. This will require to capture session data between your browser and website/server either remote or local.
Use SQLMAP to identify and exploit the SQL injection vulnerabilities based on the findings from the above steps. You must elaborate the steps of SQL Injection vulnerability exploited.
Design and implement an appropriate web security model for the given scenario by provisioning and utilizing appropriate web security standards/technology.
Part B: Reflection and Evaluation Report
Tasks:
Your second task is to write a self-reflective commentary about your journey from looking at website design, development, testing to deployment of techniques.
Having created your website project, you should now write a self-reflective commentary (1500 words) critically reflecting on your project. Your commentary should critically explore the work you have done to produce your project using relevant literature.
Task B is worth 40% of the overall module.
Deliverables:
Your commentary should show evidence of your reading and research and use Harvard referencing. Your reflection is a chance to look back on what you have down and to revisit key design and technical decisions you have made. In other words, were they the right decisions or would you have done something differently? Your focus should primarily be on the critical aspect of what you have done in assignment 1.
Report Structure, Introduction, Critical appraisal and Conclusion/action plan
Critical evaluation and comparison of web server-side technologies
Critically appraise web application security threats and evaluate their impact on business operations.
Future enhancements with the benefit of your experience on the project. What else could you have been done to evaluate/identify web application vulnerabilities? Critical discussion on web application security tools used during the security testing.
If you are a student from an English-speaking country, please feel free to contact us at [email protected] and we will provide you with an excellent writing service.
为什么选择代写人 代写
作为现存十年的代写服务机构,我们没有任何学术丑闻,我们保护顾客隐私、多元化辅导、写作、越来越多的小伙伴选择代写人为他们解决棘手的各类作业难题,保障GPA,为留学梦助力! 我们的客服团队及写手老师总是能第一时间响应顾客的各类作业需求,有些人即使有重要的事甚至带伤上场协助考试。Final季,忙的时候一天十几场考试还在继续坚持着,我知道,他们明明可以不用这么辛苦的…但是他们为了坚守承诺,为了另一端屏幕外的那一份期望,他们没有选择退缩、时刻为同学们提供最好的!这么有温度的代写还不添加备用一下?WX/QQ: 5757940
