In this homework you use Netbeans to create two different unique and complete demonstrations of Porous Defenses such as Missing Encryption of Sensitive Data, Use of Hard-coded Credentials, Missing Authorization,
In this homework you use Netbeans to create two different unique and complete demonstrations of Porous Defenses such as Missing Encryption of Sensitive Data, Use of Hard-coded Credentials, Missing Authorization, Missing Authentication for Critical Function, Incorrect Permission Assignment for Critical Resource, Incorrect Authorization, Execution with Unnecessary Privileges, and Reliance on Untrusted Inputs in a Security Decision. You will demonstrate and describe how to fix each of the problems.
Therefore a total of four code samples will be created. Two with Porous Defenses and two will have the issues fixed.
Assignment Details
Be sure you have carefully read and understand the materials in weeks 5 and 6.
1. Select 2 CWE/SANS Top 25 vulnerabilities under the category of Porous Defenses from one of these specific issues:
a. Missing Encryption of Sensitive Data
b. Use of Hard-coded Credentials
c. Missing Authorization
d. Missing Authentication for Critical Function
e. Incorrect Permission Assignment for Critical Resource
f. Incorrect Authorization
g. Execution with Unnecessary Privileges
h. Reliance on Untrusted Inputs in a Security Decision
Review and try the existing examples in links in the classroom. Use Netbeans to experiment. Work in multiple languages where possible.
2. Using Netbeans, create your own unique, full example for each of the 2 vulnerabilities in this category. Note: by unique and full I mean, this should not just be a code snippet. It should be part of a small application. In other words, you need to adapt the examples provided in the documentation to something more meaningful and substantive. It doesn’t have to be a large, overly complex application, but it needs to be complete, and runnable and demonstrate how this vulnerability may appear in the real world.
3. Demonstrate for each of the two applications they are vulnerable to this attack. You need to show explicitly the attack you use and demonstrate the impact of the vulnerability. The demonstration should occur through screen shots and detailed walkthrough of the steps you performed.
4. Finally, using the information in the CWE/SANS Top 25 vulnerabilities, fix the issues in each of the two examples you created in step 2.
5. Document the vulnerabilities and describe specifically how the issues were corrected. Note: You may need to conduct additional research to better understand the vulnerability or the features associated with a specific language.
Deliverables
Provide all of your source files for this assignment. Two source code files will have software vulnerabilities. The remaining two will have the issues fixed. Provide any supplemental or utility files supporting your main source files.
Prepare a word or PDF file describing and demonstrating the vulnerabilities in each of your source files and specifically how you fixed the issue. You should demonstrate with screen shots and code within the document to report your findings. Note: Be sure to provide all screen shots in one word of PDF document. You can compress the files using a zip application for easier upload.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
