Question

In: Computer Science

Define and discuss typical Web Site and Web Application Security tools and attack mitigation processes.

Define and discuss typical Web Site and Web Application Security tools and attack

mitigation processes.

Solutions

Expert Solution

Security Tools:

Definition: The tools which provide security to a web site or a web application by detecting malicious acitivity or security vulnerabilities are known as Web site or web application Security tools.

There are many open source security tools available which provides security by scanning for vulnerabilities. These scanners use a technique called black box testing to detect any security vulnerabilities.

Few of them are:

Vega, Grabber, W3af - All these are open source and can be modified according to one's requirement.

To protect oneself from attacks: websites should follow high level encryption, use firewalls, install anitivirus softwares in the systems and use strong passwords.

Attack Mitigation Processes:

In case of any vulnerability to the Web application,

i. Web application firewall:

A firewall protects a website or an application from malicious attacks. It protects the application from attacks from HTTP (Hyper Text Transfer Protocol) sites (which are not secure).

Thus, a web application firewall's (WAF) job is to protect the application from attacks to the application layer.

ii. DNS Security

DNS stands for Domain Name System is the library of the Internet. It contains procedures and the path how a web browser in your system accesses a requested website or an application.

Hackers or attackers use on-path attacks or DNS poisoning to attack this DNS request and make them a victim.

Thus CloudFare service can be used which provides DNSSEC to protect the users from these on path attacks.

DNSSEC : It provides additional security by adding at the entry level an additional security layer.


Related Solutions

Define and discuss Web Site Security and also Define and discuss Web Application Security.
Define and discuss Web Site Security and also Define and discuss Web Application Security.
what we should do to protect and secure Web Site and Web Application
what we should do to protect and secure Web Site and Web Application
Provide at least three methods or tools used to attack web servers as well as provide...
Provide at least three methods or tools used to attack web servers as well as provide how each of these three methods can be protected against. Assignment Objectives: Identify web application vulnerabilities and tools used to protect web servers. Discuss securing web applications. Review the tools used to attack Web servers. 500 words or more, please.
From the security aspect of client/browser, connecting to a secure web site/server, From the cyber security...
From the security aspect of client/browser, connecting to a secure web site/server, From the cyber security perspective, what browser features should be examined for valid certificates. What are the risks of using expired web certificates
Create an empty Web Site application named Bakery. Add a new Web page named Default.aspx to the application. Change the DOCUMENT object's Title property to Meyer's.
In Visual BasicCreate an empty Web Site application named Bakery. Add a new Web page named Default.aspx to the application. Change the DOCUMENT object's Title property to Meyer's. The application should allow the user to enter two items: the number of doughnuts ordered and the number of muffins ordered. The application should should display the total number of items ordered and the total sales amount, inlcuding a 5% sales tax. A doughnut costs .50; a muffin costs .75. Save the...
Which of the following is not an OWASP Top 10 Web Application Security Risk? Group of...
Which of the following is not an OWASP Top 10 Web Application Security Risk? Group of answer choices Broken access control Software maturity Insecure deserialization XML External Entities
discuss any three psychological approaches to launch an information security attack.
discuss any three psychological approaches to launch an information security attack.
Discuss the typical control standards and tools used in farm management.
Discuss the typical control standards and tools used in farm management.
Find student project for data mining application and describe what industry, where the web site )...
Find student project for data mining application and describe what industry, where the web site ) you locate the project then briefly describe the purpose of the project and how the problem was solved and major finding .
From the security aspect of client/browser, connecting to a secure web site/server, Mention the importance of...
From the security aspect of client/browser, connecting to a secure web site/server, Mention the importance of web certificates. Mention 4 certificate issuing companies Mention a security incident (or case study) of exploiting web certificates. From the cyber security perspective, what browser features should be examined for valid certificates. What are the risks of using expired web certificates?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT