Web Development Security, Promotion, and Monitoring Report
VerifiedAdded on  2021/05/30
|11
|2672
|69
Report
AI Summary
This report examines the critical aspects of web development, focusing on security, promotion, and monitoring. It begins with an evaluation of a guest speaker's discussion on web security, highlighting the importance of encryption and addressing potential vulnerabilities like SQL injection. The report then delves into secure web development, emphasizing the need for early security integration, the importance of confidentiality, authentication, authorization, integrity, and availability. It includes a case study of Microsoft Dynamics 365, illustrating the application of security criteria and the impact of vulnerabilities. The report also covers website promotion and marketing strategies, including search engine optimization and the use of social media. Furthermore, it addresses website monitoring, explaining how businesses can check server performance and user behavior analytics to identify and resolve issues. The report provides criteria for both website marketing and monitoring, using Walmart as a case study to illustrate effective promotional strategies.
Running head: TASK 4
TASK 4
Name of the University
Name of the student
Author note
TASK 4
Name of the University
Name of the student
Author note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1TASK 4
Table of Contents
Guest speaker evaluation............................................................................................................2
Evaluations.................................................................................................................................2
1. Secure Web Development...............................................................................................2
2. Website Promotion /Marketing and Monitoring.............................................................7
References................................................................................................................................11
Table of Contents
Guest speaker evaluation............................................................................................................2
Evaluations.................................................................................................................................2
1. Secure Web Development...............................................................................................2
2. Website Promotion /Marketing and Monitoring.............................................................7
References................................................................................................................................11
2TASK 4
Part B: Reflection and Evaluation Reports (LO2)
Guest speaker evaluation
I was highly impressed with the discussion talk that was provided to us by the guest
speaker. In my project, I personally created a boxing news website. Just like the guest speaker
mentioned about the importance of encryption in websites, I implemented cryptographic
encryption in my personal project. The website which I made was static in nature but still
managed to harbor other factors such as SQL injection and session management. Moreover,
as per the discussion where the speaker mentioned about irregularities of a project, I could
aseess the situation with my project where I failed to put the login page in every page of the
website. The lecture provided by the guest speaker was really helpful to me as it helped me to
assess my situation with his general reviews.
Evaluations
1. Secure Web Development
Summarise
Web developers nowadays face massive pressure from clients for delivering their
applications within a tight deadline. Web systems are computer programs that function by
accessing the intranet or internet. The web development applications includes on line
activities such as social networks, webmail and inline retail sales. As businesses want faster
delivery dates for their web development, the web developers face difficulty in implementing
all the necessary security aspects to the final application (Taylor, Fritsch and Liederbach
2014). Moreover with time, the complexity of the web development increases as developers
make the application to withstand external security attacks, integrate with other devices and
adapt with any platform. For every business and organization, secure web development is a
topmost priority. Still, only 10% of security researchers agree that proper surveys are carried
Part B: Reflection and Evaluation Reports (LO2)
Guest speaker evaluation
I was highly impressed with the discussion talk that was provided to us by the guest
speaker. In my project, I personally created a boxing news website. Just like the guest speaker
mentioned about the importance of encryption in websites, I implemented cryptographic
encryption in my personal project. The website which I made was static in nature but still
managed to harbor other factors such as SQL injection and session management. Moreover,
as per the discussion where the speaker mentioned about irregularities of a project, I could
aseess the situation with my project where I failed to put the login page in every page of the
website. The lecture provided by the guest speaker was really helpful to me as it helped me to
assess my situation with his general reviews.
Evaluations
1. Secure Web Development
Summarise
Web developers nowadays face massive pressure from clients for delivering their
applications within a tight deadline. Web systems are computer programs that function by
accessing the intranet or internet. The web development applications includes on line
activities such as social networks, webmail and inline retail sales. As businesses want faster
delivery dates for their web development, the web developers face difficulty in implementing
all the necessary security aspects to the final application (Taylor, Fritsch and Liederbach
2014). Moreover with time, the complexity of the web development increases as developers
make the application to withstand external security attacks, integrate with other devices and
adapt with any platform. For every business and organization, secure web development is a
topmost priority. Still, only 10% of security researchers agree that proper surveys are carried
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3TASK 4
out for determining whether the critical developmental applications are checked before and
after production. Most of the times, the security of the web development is tested after the
source code is written (Conklin et al. 2015). This limits the chances of identifying the flaws
that are inherent to the system and even if proper security checks are carried out, it delays the
SDLC stage and often turn out to be a costly endeavour.
Develop criteria
Properly analysing the security of the web development is crucial for the
sustainability of the application. It has its fair share of advantages. Vulnerabilities can be
identified with the help of multiple analysis techniques. External web applications can be
discovered with the help of web development monitoring and discovery tools. Common
vulnerabilities due to static code that can assist in SQL injection and cross site scripting can
be scanned with the help of static application system testing tools. Moreover, for a secure
web development environment, the flaws that are do not require source code and are in
production can be tested with the help of Dynamic Application security testing (Peltier 2013).
The development team can also use manual penetration to check for vulnerabilities like
business logic flaws and authorization issues.
During the secure web developmental stage, some security criteria need to be
undertaken during the developmental stage. First comes confidentiality. Only authorised
users should be able to access the vital data that is put into the web application during its
development. Steps and security gates need to be placed to prevent unauthorised users from
getting access to the business critical data compromising the entire application. Second
comes authentication. This criteria is present for identifying the proper user who is logging
into the system. Proper passwords and usernames need to be assigned to each and every
member of the team member who will be accessing the web developmental application. The
out for determining whether the critical developmental applications are checked before and
after production. Most of the times, the security of the web development is tested after the
source code is written (Conklin et al. 2015). This limits the chances of identifying the flaws
that are inherent to the system and even if proper security checks are carried out, it delays the
SDLC stage and often turn out to be a costly endeavour.
Develop criteria
Properly analysing the security of the web development is crucial for the
sustainability of the application. It has its fair share of advantages. Vulnerabilities can be
identified with the help of multiple analysis techniques. External web applications can be
discovered with the help of web development monitoring and discovery tools. Common
vulnerabilities due to static code that can assist in SQL injection and cross site scripting can
be scanned with the help of static application system testing tools. Moreover, for a secure
web development environment, the flaws that are do not require source code and are in
production can be tested with the help of Dynamic Application security testing (Peltier 2013).
The development team can also use manual penetration to check for vulnerabilities like
business logic flaws and authorization issues.
During the secure web developmental stage, some security criteria need to be
undertaken during the developmental stage. First comes confidentiality. Only authorised
users should be able to access the vital data that is put into the web application during its
development. Steps and security gates need to be placed to prevent unauthorised users from
getting access to the business critical data compromising the entire application. Second
comes authentication. This criteria is present for identifying the proper user who is logging
into the system. Proper passwords and usernames need to be assigned to each and every
member of the team member who will be accessing the web developmental application. The
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4TASK 4
third criteria is authorisation. This criteria is present to authorise the user who is using the
system through OTP or a particular action (Taylor, Fritsch and Liederbach 2014). The motive
behind this criteria is to check whether any unscrupulous users are attempting to break into
the system. Fourth comes integrity. To determine that the data is correct, proper security
measures need to be placed. Fifth comes availability. For securing a web development
application, the required information and proper communication should be always available
whenever it is required. For making the web development secure, the security experts need to
understand the specifications and logic that re inbuilt in the application properly to determine
all the possible scenarios by which it can be compromised.
Case study
The following case study is based on the web development security of a large CRM
solution developer known as Microsoft Dynamics 365. The application was launched in July
2016 and consists of a product line of CRM applications and enterprise resource planning
solutions. The web server of Dynamics 365 was protected with a firewall and was hosted by
an ISP. Other security measures were applied such as content filtering applications. Beyond
security was contacted for auditing the defences that was provided by the ISP via security
reports and weekly scanning.
Soon after the scanning process was started, for determining the security of the web
system, a vulnerability was identified. To add to the issues, the ISP was not interested in
providing any recommendations or solutions. Prior two months of the scanning process, an
attacker used the vulnerability to put a backdoor on the server for gaining access into the
system. The backdoor allowed the attacker to attack other servers on the network, use the
leap frog mechanism and manipulate the server information.
third criteria is authorisation. This criteria is present to authorise the user who is using the
system through OTP or a particular action (Taylor, Fritsch and Liederbach 2014). The motive
behind this criteria is to check whether any unscrupulous users are attempting to break into
the system. Fourth comes integrity. To determine that the data is correct, proper security
measures need to be placed. Fifth comes availability. For securing a web development
application, the required information and proper communication should be always available
whenever it is required. For making the web development secure, the security experts need to
understand the specifications and logic that re inbuilt in the application properly to determine
all the possible scenarios by which it can be compromised.
Case study
The following case study is based on the web development security of a large CRM
solution developer known as Microsoft Dynamics 365. The application was launched in July
2016 and consists of a product line of CRM applications and enterprise resource planning
solutions. The web server of Dynamics 365 was protected with a firewall and was hosted by
an ISP. Other security measures were applied such as content filtering applications. Beyond
security was contacted for auditing the defences that was provided by the ISP via security
reports and weekly scanning.
Soon after the scanning process was started, for determining the security of the web
system, a vulnerability was identified. To add to the issues, the ISP was not interested in
providing any recommendations or solutions. Prior two months of the scanning process, an
attacker used the vulnerability to put a backdoor on the server for gaining access into the
system. The backdoor allowed the attacker to attack other servers on the network, use the
leap frog mechanism and manipulate the server information.
5TASK 4
The prompt action by the security experts of Microsoft immediately identified the
backdoor present in the server. This security risk was previously identified through the scans
but the risk severity was disagreed by the administrator of the CRM server.
The identification of the backdoor not only reduced the damaged due to the
compromise but also saved Microsoft a lot of money. Moreover, the attacker could not do
anything else other than putting the backdoor in the server limiting the down time of the
break, expense and damage.
Application of the above criteria
In the above case study, a vulnerability in the web development of a CRM software
was identified. The vulnerability prevented the secure deployment of the CRM application to
the prospective clients undermining their security.
To protect the confidentiality and the authorisation criteria of secure web
development, automated vulnerability scanning was conducted. The process allowed
Microsoft to simulate security attacks on the web application and run the simulations on
every known application attack that are updated frequently depending on the severity of the
security attack. Manual testing was conducted to consider the authentication and
authorisation aspect of the security criteria of the web system (Conklin et al. 2015). The flaws
were remediated without compromising the vital data.
To determine the integrity and availability criteria of the secure web development stage,
the source code of the web app was reviewed. The testing allowed the concerned company to
test the browser side of the app development. The security code review allowed the
identification of the backdoor which was put up by malicious attackers for compromising the
web application. The review also helped to identify potential attacking vectors that can be
used due to some inadequate database encryption.
The prompt action by the security experts of Microsoft immediately identified the
backdoor present in the server. This security risk was previously identified through the scans
but the risk severity was disagreed by the administrator of the CRM server.
The identification of the backdoor not only reduced the damaged due to the
compromise but also saved Microsoft a lot of money. Moreover, the attacker could not do
anything else other than putting the backdoor in the server limiting the down time of the
break, expense and damage.
Application of the above criteria
In the above case study, a vulnerability in the web development of a CRM software
was identified. The vulnerability prevented the secure deployment of the CRM application to
the prospective clients undermining their security.
To protect the confidentiality and the authorisation criteria of secure web
development, automated vulnerability scanning was conducted. The process allowed
Microsoft to simulate security attacks on the web application and run the simulations on
every known application attack that are updated frequently depending on the severity of the
security attack. Manual testing was conducted to consider the authentication and
authorisation aspect of the security criteria of the web system (Conklin et al. 2015). The flaws
were remediated without compromising the vital data.
To determine the integrity and availability criteria of the secure web development stage,
the source code of the web app was reviewed. The testing allowed the concerned company to
test the browser side of the app development. The security code review allowed the
identification of the backdoor which was put up by malicious attackers for compromising the
web application. The review also helped to identify potential attacking vectors that can be
used due to some inadequate database encryption.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6TASK 4
2. Website Promotion /Marketing and Monitoring
Summarise
Website promotion or marketing allows the web developer to enhance the exposure of
website by improving the content of the website and attracting increased number of visitors.
Several processes are used to enhance the website promotion mechanism such as search
engine submission and search engine optimization which is used to enhance the website
traffic. The technique utilizes several platforms such as Instagram, Twitter and Facebook to
market its contents. By sharing the viral contents, the webmasters hope that more and more
visitors will open their prospective websites for better outcomes.
Website monitoring is different than website marketing and promotion. The technique
allows businesses to check their server and monitor website functions to analyse if they are
responding properly. This mechanism is adopted to check if the end users can enjoy the
website and its applications as they are intended to for more functionality and performance
(Zimmerman and Ng 2015). Website monitoring allows the developers to identify certain
issues in a running website such as inter-connect problems, network hop problems ad internet
latency. When an issue is identified, the monitoring service sends alerts in the form of
diagnostics with the help of mobile, emails and SMSs.
With the help of monitoring systems, the user activities and data can be assessed,
collected and tracked which is collectively known as User behaviour analytics. The user
behaviour analytics help to identify certain user data such as security alerts, their
geographical locations, permissions and accounts and accesses. From the past and present
user data activity, certain factors such as peer group activity, session durations and allocated
resources are taken into consideration into the analysis phase. The user behaviour analytics
provide actionable insights to the cybersecurity teams (Strauss and Frost 2016). The data logs
2. Website Promotion /Marketing and Monitoring
Summarise
Website promotion or marketing allows the web developer to enhance the exposure of
website by improving the content of the website and attracting increased number of visitors.
Several processes are used to enhance the website promotion mechanism such as search
engine submission and search engine optimization which is used to enhance the website
traffic. The technique utilizes several platforms such as Instagram, Twitter and Facebook to
market its contents. By sharing the viral contents, the webmasters hope that more and more
visitors will open their prospective websites for better outcomes.
Website monitoring is different than website marketing and promotion. The technique
allows businesses to check their server and monitor website functions to analyse if they are
responding properly. This mechanism is adopted to check if the end users can enjoy the
website and its applications as they are intended to for more functionality and performance
(Zimmerman and Ng 2015). Website monitoring allows the developers to identify certain
issues in a running website such as inter-connect problems, network hop problems ad internet
latency. When an issue is identified, the monitoring service sends alerts in the form of
diagnostics with the help of mobile, emails and SMSs.
With the help of monitoring systems, the user activities and data can be assessed,
collected and tracked which is collectively known as User behaviour analytics. The user
behaviour analytics help to identify certain user data such as security alerts, their
geographical locations, permissions and accounts and accesses. From the past and present
user data activity, certain factors such as peer group activity, session durations and allocated
resources are taken into consideration into the analysis phase. The user behaviour analytics
provide actionable insights to the cybersecurity teams (Strauss and Frost 2016). The data logs
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7TASK 4
from the authentication logs and network are collected and stored in the SIEM as well as log
management systems for analysing malicious and normal traffic of user behaviours.
Develop criteria
For proper website marketing and promotion, the following criteria needs to be
checked. First of all, the target market of the website needs to be evaluated. The number of
visitors is important for website marketing but that number is irrelevant if no one is interested
in the prospective website. The SEO or Search engine optimization techniques needs to be
used to deliver more traffic. The website keywords and stats needs to be regularly checked so
that people who are looking for a particular information can find the prospective website at
the top of the search suggestion. The third criteria is to check the proper market for
implementing promotional strategies. The last criteria is to check which promotional efforts
are providing suitable results.
For proper website monitoring, some criteria needs to be undertaken. The first criteria
is the usage of a proper browser. This is important as it is the only medium by which the end
user application experience can be checked. It can be used to check the impact of the end
user experience and how the elements of the website load the content for the particular users.
The second criteria is the easy and efficient monitoring systems. In the website monitoring
scenario, a number of tools are present which takes a lot of time to expertise and requires
high skilled labour. The monitoring system should be cost effective. The third criteria is
flexible alerting and notification system (Boone and Kurtz 2013). This helps to increase
awareness about the operational issues. Beside the traditional SMS and email alert system,
the alert systems can be integrated with telephone calls that can be accessed during off hours.
The fourth criteria is precise diagnostics and reporting. Using a proper website helps to
enhance the performance analysis and troubleshooting problems. TCP trace routing, a
from the authentication logs and network are collected and stored in the SIEM as well as log
management systems for analysing malicious and normal traffic of user behaviours.
Develop criteria
For proper website marketing and promotion, the following criteria needs to be
checked. First of all, the target market of the website needs to be evaluated. The number of
visitors is important for website marketing but that number is irrelevant if no one is interested
in the prospective website. The SEO or Search engine optimization techniques needs to be
used to deliver more traffic. The website keywords and stats needs to be regularly checked so
that people who are looking for a particular information can find the prospective website at
the top of the search suggestion. The third criteria is to check the proper market for
implementing promotional strategies. The last criteria is to check which promotional efforts
are providing suitable results.
For proper website monitoring, some criteria needs to be undertaken. The first criteria
is the usage of a proper browser. This is important as it is the only medium by which the end
user application experience can be checked. It can be used to check the impact of the end
user experience and how the elements of the website load the content for the particular users.
The second criteria is the easy and efficient monitoring systems. In the website monitoring
scenario, a number of tools are present which takes a lot of time to expertise and requires
high skilled labour. The monitoring system should be cost effective. The third criteria is
flexible alerting and notification system (Boone and Kurtz 2013). This helps to increase
awareness about the operational issues. Beside the traditional SMS and email alert system,
the alert systems can be integrated with telephone calls that can be accessed during off hours.
The fourth criteria is precise diagnostics and reporting. Using a proper website helps to
enhance the performance analysis and troubleshooting problems. TCP trace routing, a
8TASK 4
network diagnostics tool can be used to include connectivity alerts and notifications. The fifth
criteria is monitoring the system both inside as well as outside the firewall. The last criteria is
proper support services.
Case study
Walmart is a multinational retail business which is American in origin and operates a
number of grocery stores, departmental stores and hypermarkets. The company has invested a
lot in promoting its website through marketing as well as promotional strategies. It uses a
variety of social medias to promote its name and markets its brand by engaging customers
with trending topics. Moreover, it enhances its brand image by resorting in green initiatives
and sustainable developments. Walmart has specified certain guidelines on promotions,
location based and engagement for its associates. It has a number of twitter accounts to
promote their initiatives and major activities from diversity to sustainability and from
charitable giving to healthy foods (Ottman 2017). For discussing what happens at the national
level and influence others, Walmart uses Facebook. @WalmartHub is the actual handle by
which Walmart makes use of Twitter to check their retweets and content. The timeline of
Facebook is used judiciously to increase their website brand awareness. It uses an image
every year in the timeline to populate the newsfeed. 26 million fans have subscribed to their
pages which brings in entertainment as well as a lot of updates. The Walmart posts offer a lot
of suggestions. #WalmartElves tag is used by Walmart as its own hashtag for gift inspiration
and for promotional purposes. It uses twitter not only for marketing but also for engaging
with its customers. Walmart also uses Pingdom to monitor its online activities and uses
HostTracker to determine the user experience. The software has added functionality of
providing reduced page load times and diagnosing solutions.
Application of the above criteria
network diagnostics tool can be used to include connectivity alerts and notifications. The fifth
criteria is monitoring the system both inside as well as outside the firewall. The last criteria is
proper support services.
Case study
Walmart is a multinational retail business which is American in origin and operates a
number of grocery stores, departmental stores and hypermarkets. The company has invested a
lot in promoting its website through marketing as well as promotional strategies. It uses a
variety of social medias to promote its name and markets its brand by engaging customers
with trending topics. Moreover, it enhances its brand image by resorting in green initiatives
and sustainable developments. Walmart has specified certain guidelines on promotions,
location based and engagement for its associates. It has a number of twitter accounts to
promote their initiatives and major activities from diversity to sustainability and from
charitable giving to healthy foods (Ottman 2017). For discussing what happens at the national
level and influence others, Walmart uses Facebook. @WalmartHub is the actual handle by
which Walmart makes use of Twitter to check their retweets and content. The timeline of
Facebook is used judiciously to increase their website brand awareness. It uses an image
every year in the timeline to populate the newsfeed. 26 million fans have subscribed to their
pages which brings in entertainment as well as a lot of updates. The Walmart posts offer a lot
of suggestions. #WalmartElves tag is used by Walmart as its own hashtag for gift inspiration
and for promotional purposes. It uses twitter not only for marketing but also for engaging
with its customers. Walmart also uses Pingdom to monitor its online activities and uses
HostTracker to determine the user experience. The software has added functionality of
providing reduced page load times and diagnosing solutions.
Application of the above criteria
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9TASK 4
From the above case study, it is evident that Walmart has invested a lot in determining
its target audience. The methods by which it engages customers via tags and major initiatives
shows that the company has determined the criteria of promoting its strategies to the proper
target markets. The number of likes and followers that the page receives is a direct indication
that the company is doing well with its promotional strategies indicating that the last criteria
of assessing the final results is justified. Moreover, both the softwares that are used by the
company are efficient and simple (second criteria) and provides flexible alert systems (third
criteria). Also, besides the two softwares, Walmart also invests in TCP trace routing software
which enables it to monitor both external and internal activities with respect to the firewall.
To engage efficiently with its target customers, Walmart has invested significantly in its
support services (last criteria) such as proper customer services and backup technical team to
monitor its website proficiently.
From the above case study, it is evident that Walmart has invested a lot in determining
its target audience. The methods by which it engages customers via tags and major initiatives
shows that the company has determined the criteria of promoting its strategies to the proper
target markets. The number of likes and followers that the page receives is a direct indication
that the company is doing well with its promotional strategies indicating that the last criteria
of assessing the final results is justified. Moreover, both the softwares that are used by the
company are efficient and simple (second criteria) and provides flexible alert systems (third
criteria). Also, besides the two softwares, Walmart also invests in TCP trace routing software
which enables it to monitor both external and internal activities with respect to the firewall.
To engage efficiently with its target customers, Walmart has invested significantly in its
support services (last criteria) such as proper customer services and backup technical team to
monitor its website proficiently.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10TASK 4
References
Boone, L.E. and Kurtz, D.L., 2013. Contemporary marketing. Cengage learning.
Conklin, W.A., White, G., Cothren, C., Davis, R. and Williams, D., 2015. Principles of
computer security. McGraw-Hill Education Group.
Ottman, J., 2017. The new rules of green marketing: Strategies, tools, and inspiration for
sustainable branding. Routledge.
Peltier, T.R., 2013. Information security fundamentals. CRC Press.
Strauss, J. and Frost, R.D., 2016. E-marketing: Instructor's Review Copy. Routledge.
Taylor, R.W., Fritsch, E.J. and Liederbach, J., 2014. Digital crime and digital terrorism.
Prentice Hall Press.
Zimmerman, J. and Ng, D., 2015. Social media marketing all-in-one for dummies. John
Wiley & Sons.
References
Boone, L.E. and Kurtz, D.L., 2013. Contemporary marketing. Cengage learning.
Conklin, W.A., White, G., Cothren, C., Davis, R. and Williams, D., 2015. Principles of
computer security. McGraw-Hill Education Group.
Ottman, J., 2017. The new rules of green marketing: Strategies, tools, and inspiration for
sustainable branding. Routledge.
Peltier, T.R., 2013. Information security fundamentals. CRC Press.
Strauss, J. and Frost, R.D., 2016. E-marketing: Instructor's Review Copy. Routledge.
Taylor, R.W., Fritsch, E.J. and Liederbach, J., 2014. Digital crime and digital terrorism.
Prentice Hall Press.
Zimmerman, J. and Ng, D., 2015. Social media marketing all-in-one for dummies. John
Wiley & Sons.
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.