logo

Information Leakage in Cyber Security

Complete a problem solving task in the field of cybersecurity for the SIT182 course at Deakin University.

19 Pages1443 Words65 Views
   

Added on  2023-03-17

About This Document

This document discusses the concept of information leakage in cyber security. It explores different levels of a war game and the vulnerabilities associated with each level. The document provides observations, screenshots, and impact analysis for each level. It also offers recommendations to prevent information leakage.

Information Leakage in Cyber Security

Complete a problem solving task in the field of cybersecurity for the SIT182 course at Deakin University.

   Added on 2023-03-17

ShareRelated Documents
Report Title
SIT182 – Real-World Practices for Cyber
Security
Assessment Task 2 Problem Solving Task
Student Name
Student ID
Information Leakage in Cyber Security_1
Information Leakage Level
No(s)
War Game
Level
0
Affected resources:
Copy and Paste the URL herecorresponding to the level.
Description
This is the starting section of the War game , where student is
supposed to start this game.
SQL Injection
SQL injection is mostly known as an attack vector for websites but can be used to
attack any type of SQL database.
SQL injection attacks allow attackers to:
It creates the spoof identity too.
It creates the tamper with existing data .
It causes the repudiation issues such as voiding transactions or changing balances in
the content of the website.
It allows the complete disclosure of all data on the system .
It destroys the data or make it otherwise unavailable .
It become the administrators of the database server.
Observation
The insight of SQL injection attack possibility was observed.
Screenshot
Information Leakage in Cyber Security_2
Level Credentials
Level 0 Password:
Impact Analysis
There was no such possibility in it.
Recommendation
There are several steps every organization can take to reduce the
likelihood of falling victim to a SQL injection attack:
Limit user access privileges: Only give employees and users
the ability to access to information that they need in order to
perform their jobs.
Ensure employee security awareness: Make sure that
employees who have a hand in website development (as well
as dedicated Web developers) are aware of the SQL injection
threat and know best practices to keep your servers safe.
Reduce debugging information: When a Web server
experiences an error, make sure details of the error aren't
displayed to the user, since this information could help a
hacker commit malicious activity and gain the information he
or she needs to successfully attack the server.
Test Web applications: check Web developers work by sending
data through the Web server; if the result is an error message,
Information Leakage in Cyber Security_3
the application might be susceptible to an SQL injection
attack.
Information Leakage in Cyber Security_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
System Security : Report
|13
|999
|347

Ways of Attacking a Web Application in PHP: SQL Injection, XSS, Session Hijacking, Directory Traversal, and Remote File Inclusion
|9
|1493
|176

What Is Web Application Security and How Does It Work?
|9
|1856
|13

Assignmnet On System Security - ITC595
|16
|2081
|46

Contemporary World Application 2022
|10
|541
|10

Advanced Network Security: Wireshark Analysis, Web Application Attacks, Cryptography Concepts, Trojan Download Research
|12
|1957
|154