ask 3 says to “A. Create a multimedia presentation (e.g., PowerPoint, Keynote) (suggested length of 12 slides) in which you do the following:
Note: The slides in your presentation should include only the main points you wish to make, with more extensive information included in the presenter notes section of the presentation.
Answer the questions in the order they are asked and make sure you answer each and every question. Pull information from your readings. The following is provided for you to use guidance or as bullet points in your slides:
– Types of information you found during your footprinting along with a few screen captures (5-6 slides)
– Attack methods you identified from the information gathered – Social engineering, DoS, SQL Injection, Cross-Site Scripting, Buffer Overflow, Remote Code Execution etc.
– Social engineering Techniques – Impersonation, in person methods, over the phone, email phishing, phone number spoofing, exploiting human nature
– Countermeasures to combat social engineering – train and educate employees, conduct Pen testing, search internet for corporate info to remove, develop document handing procedures, utilize strong authentication
– Countermeasure for Footprinting – Develop defense in depth security plan to include social engineering methods, footprinting tactics, application security, network security, hardware configuration, pen testing, router configuration to deny data requests, close inactive ports and disable un used protocols, remove unnecessary info from web pages, deploy security devices to filter and reject footprint traffic
– Org Web Server Vulnerabilities – Misconfigurations in OSs or networks, Bugs in OSs and Web application, Gaps created by server default settings, Unpatched security problems in applications, Gaps in security policies, procedures, or maintenance.
– Common Threats to Web Application – MiM attacks, session hijacking, buffer overflow, cross site scripting, cookie manipulation, privilege escalation, malicious program infection
– “Illustrate how SQL injection could destroy information: go to your book and use the “illustration” that shows the actual character that would be used to perform an SQL injection. DO NOT ATTEMPT A SQL INJECTION!!!! This is an academic discussion only.
Hi there! Click one of our representatives below and we will get back to you as soon as possible.