Information Security Awareness Assignment PDF
7 Pages1466 Words95 Views
Added on 2021-09-14
Information Security Awareness Assignment PDF
Added on 2021-09-14
ShareRelated Documents
Running head: INFORMATION SECURITY AWARENESS
Information Security Awareness
Name of the Student
Name of the University
Author’s Note:
Information Security Awareness
Name of the Student
Name of the University
Author’s Note:
1
INFORMATION SECURITY AWARENESS
Table of Contents
6. Most attacks are targeted........................................................................................................2
Targeted by application..........................................................................................................2
Targeted by OS targeted via phishing, 0day and ports..........................................................3
Targeted as an industry..........................................................................................................3
7. Everyone is responsible for security......................................................................................4
Education is key to security...................................................................................................4
8. Countermeasures....................................................................................................................4
Passwords...............................................................................................................................4
Locking computers.................................................................................................................5
Attachments............................................................................................................................5
Phishing..................................................................................................................................5
Social engineering..................................................................................................................5
References..................................................................................................................................6
INFORMATION SECURITY AWARENESS
Table of Contents
6. Most attacks are targeted........................................................................................................2
Targeted by application..........................................................................................................2
Targeted by OS targeted via phishing, 0day and ports..........................................................3
Targeted as an industry..........................................................................................................3
7. Everyone is responsible for security......................................................................................4
Education is key to security...................................................................................................4
8. Countermeasures....................................................................................................................4
Passwords...............................................................................................................................4
Locking computers.................................................................................................................5
Attachments............................................................................................................................5
Phishing..................................................................................................................................5
Social engineering..................................................................................................................5
References..................................................................................................................................6
2
INFORMATION SECURITY AWARENESS
6. Most attacks are targeted
Targeted by application
The targeted attack is the specific attack, which seeks into systems for breaching the
various security measures of any particular organization (Crossler et al.). The initial attacks
are conducted for the purpose of gaining access to the network or computer and is eventually
followed by the proper exploits that are designed for causing harm to the organizational
resources and also for stealing data. The disruption of the services is the most common form
of such attack. These attacks are often targeted by the applications. The major attacks that are
targeted by application are as follows:
i) Cross Site Scripting: This is the type of computer security threat, which is found in
the web applications (Von Solms and Van Niekerk). This XSS attack subsequently enables
the hackers in injecting the client side scripts to web pages that are viewed by the other users.
The cross site scripting threat might be utilized by the attackers for the purpose of bypassing
the access controls.
ii) SQL Injection: This is the of code injection and is utilized for attacking the data
driven applications, where the vulnerable SQL statements could be inserted into the entry
field for proper execution. The security vulnerability is exploited within the software of
application (Peltier). These attacks enable the attackers for spoofing the identities, tampering
the existing data and hence causing repudiation issues.
iii) LDAP Injection: This is the attacking technique that is utilized for exploiting the
websites, which construct the statements of LDAP from the user supplied inputs. The
querying or the manipulation of the directory services is stopped by these types of attacks
(Siponen, Mahmood and Pahnila). This particular application attack often becomes
vulnerable for the organization.
INFORMATION SECURITY AWARENESS
6. Most attacks are targeted
Targeted by application
The targeted attack is the specific attack, which seeks into systems for breaching the
various security measures of any particular organization (Crossler et al.). The initial attacks
are conducted for the purpose of gaining access to the network or computer and is eventually
followed by the proper exploits that are designed for causing harm to the organizational
resources and also for stealing data. The disruption of the services is the most common form
of such attack. These attacks are often targeted by the applications. The major attacks that are
targeted by application are as follows:
i) Cross Site Scripting: This is the type of computer security threat, which is found in
the web applications (Von Solms and Van Niekerk). This XSS attack subsequently enables
the hackers in injecting the client side scripts to web pages that are viewed by the other users.
The cross site scripting threat might be utilized by the attackers for the purpose of bypassing
the access controls.
ii) SQL Injection: This is the of code injection and is utilized for attacking the data
driven applications, where the vulnerable SQL statements could be inserted into the entry
field for proper execution. The security vulnerability is exploited within the software of
application (Peltier). These attacks enable the attackers for spoofing the identities, tampering
the existing data and hence causing repudiation issues.
iii) LDAP Injection: This is the attacking technique that is utilized for exploiting the
websites, which construct the statements of LDAP from the user supplied inputs. The
querying or the manipulation of the directory services is stopped by these types of attacks
(Siponen, Mahmood and Pahnila). This particular application attack often becomes
vulnerable for the organization.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Penetration Testing Penetration Testinglg...
|52
|9148
|85
Cyber Security: Motives of Web Application Attacks and Types of Vulnerabilitieslg...
|8
|1561
|362
Threat Analysis and Security Controls for Web Applications and Serverslg...
|12
|708
|149
Assignment on Risks and Risk Managementlg...
|11
|781
|13
Preventive Mechanisms Against DoS Attackslg...
|13
|3895
|485
Awareness and Defense in Depthlg...
|6
|870
|70