54444. lab 5, 6,7
5(A))L
Lab Assessment Questions & Answers
- Why is it critical to perform a penetration test on a web application and a web server prior to production implementation?
- What is a cross-site scripting attack? Explain in your own words.
- What is a reflective cross-site scripting attack?
- Based on the tests you performed in this lab, which web application attack is more likely to extract privacy data elements out of a database?
- If you can monitor when SQL injections are performed on an SQL database, what would you recommend as a security countermeasure to monitor your production SQL databases?
- Given that Apache and Internet Information Services (IIS) are the two most popular web application servers for Linux and Microsoft® Windows platforms, what would you do to identify known software vulnerabilities and exploits?
- What can you do to ensure that your organization incorporates penetration testing and
web application testing as part of its implementation procedures?
8. What is the purpose of setting the DVWA security level to low before beginning the remaining lab steps?
6(B))
Lab Assessment Questions & Answers
- Whyisitrecommendedtoupdatetheantivirussoftware’ssignaturedatabasebefore performing an antivirus scan on your computer?
- Whataretypicalindicatorsthatyourcomputersystemiscompromised?
- WheredoesAVGAntiVirusBusinessEditionplaceviruses,Trojans,worms,and other malicious software when it finds them?
- Whatotherviruses,Trojans,worms,ormalicioussoftwarewereidentifiedand quarantined by AVG within the Virus Vault?
- WhatisthedifferencebetweenthecompletescanandtheResidentShield?
7(c))
Lab Assessment Questions & Answers
- BothWiresharkandNetWitnessInvestigatorcanbeusedforpacketcapturesand analysis. Which tool is preferred for each task, and why?
- WhatisthesignificanceoftheTCPthree-wayhandshakeforapplicationsthat utilize TCP as transport protocol?
- HowmanydifferentsourceIPhostaddressesdidyoucaptureinyourprotocol captures?
- HowmanydifferentprotocolsdidyourWiresharkcapturesessionhave?What function in Wireshark provides you with a breakdown of the different protocol types on the LAN segment?
- HowcanyoufindWiresharknetworktrafficpacketsizecounts?Howandwhere? Are you able to distinguish how many of each packet size was transmitted on your LAN segment? Why is this important to know?
- Whyisitimportanttouseprotocolcapturetoolsandprotocolanalyzersasan information systems security professional?
- Whataresomechallengestobaselineanalysis?
- Whywouldaninformationsystemssecuritypractitionerwanttoseenetworktraffic on both internal and external network traffic?
- WhichtransactionsinthelabusedTCPasatransportprotocol?Whichused UDP? Which ports were used in the lab?
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
