Computers and Technology, 03.09.2021 20:00 ghwolf4p0m7x0

In this homework you use AWS Cloud 9 to create two different unique and complete demonstrations of insecure interaction between components such as SQL Injection, Command Line Injection, Cross-Site Scripting, Unrestricted Upload of File with Dangerous Type, Cross-Site Request Forgery (CSRF), and URL Redirection to Untrusted Site ('Open Redirect'). You will demonstrate and describe how to fix each of the problems. Therefore, a total of four code samples will be created. Two will have insecure interaction between components and two will have the issues fixed. Assignment Details Be sure you have carefully read and understand the materials in week 1 and 2 as well as successfully configured your environment. 1. Top 25 vulnerabilities under the category of Insecure Interaction between Components. Review and try the existing examples in links in the classroom. Use AWS Cloud-9 to experiment. Work in multiple languages where possible.
2. Using AWS Cloud 9, create your own unique, full example for each of the 2 vulnerabilities in this category. Note: by unique and full I mean, this should not just be a code snippet. It should be part of a small application. In other words, you need to adapt the examples provided in the documentation to something more meaningful and substantive. It doesnâ€™t have to be a large, overly complex application, but it needs to be complete, and runnable and demonstrate how this vulnerability may appear in the real world.
3. Demonstrate for each of the two applications they are vulnerable to this attack. You need to show explicitly the attack you use and demonstrate the impact of the vulnerability. The demonstration should occur through screen shots and detailed walkthrough of the steps you performed.
4. Finally, using the information in the CWE/SANS Top 25 vulnerabilities, fix the issues in each of the two examples you created in step 2.
5. Document the vulnerabilities and describe specifically how the issues were corrected. Note: You may need to conduct additional research to better understand the vulnerability or the features associated with a specific language.

Answers: 1

Show answers

Another question on Computers and Technology

Computers and Technology, 22.06.2019 18:30

Technician a says that a shop towel should never be used to clean around the flange area before replacing an automatic transmission filter. technician b says that a dimpled transmission fluid pan can be repaired. who is right

Answers: 3

Answer

Computers and Technology, 23.06.2019 02:00

Consider the following function main: int main() { int alpha[20]; int beta[20]; int matrix[10][4]; . . } a. write the definition of the function inputarray that prompts the user to input 20 numbers and stores the numbers into alpha. b. write the definition of the function doublearray that initializes the elements of beta to two times the corresponding elements in alpha. make sure that you prevent the function from modifying the elements of alpha. c. write the definition of the function copyalphabeta that stores alpha into the first five rows of matrix and beta into the last five rows of matrix. make sure that you prevent the function from modifying the elements of alpha and beta. d. write the definition of the function printarray that prints any onedimensional array of type int. print 15 elements per line. e. write a c11 program that tests the function main and the functions discussed in parts a through d. (add additional functions, such as printing a two-dimensional array, as needed.)

Answers: 3

Answer

Computers and Technology, 23.06.2019 04:00

Another name for addicting games.com

Answers: 1

Answer

Computers and Technology, 24.06.2019 01:00

The initial tableau of a linear programming problem is given. use the simplex method to solve it. x 1 x 2 x 3 s 1 s 2 z 1 2 4 1 0 0 8 3 4 1 0 1 0 10 minus3 minus12 1 0 0 1 0 the maximum is nothing when x 1equals nothing, x 2equals nothing, x 3equals nothing, s 1equals3, and s 2equals0. (be sure to simplify to lowest terms if necessary.)

Answers: 2

Answer

You know the right answer?

In this homework you use AWS Cloud 9 to create two different unique and complete demonstrations of i...

Questions