HomeworkLib
Question

Threats to the security of a website can range from low – some kid tries an...

Threats to the security of a website can range from low – some kid tries an attack that they read about on the web – to high…Where what happens? (with a high skill attacker?)

Please explain in 4-5 sentences

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

`Hey,

Note: Brother if you have any queries related the answer please do comment. I would be very happy to resolve all your queries.

When we talk about low range, in this there are people involved who are just testing what they learnt in their classes or somewhere on website. Although it is unethicaal but, can lead to explore some of the biggest loopholes.

When talking about high. We really need to be cautious because attackers can:

  1. Carry out SQL injection attacks to gain access to the database, spoof a user’s identity, and destroy or alter data in the database. SQL injection occurs when malicious SQL statements are inserted into form fields to try and gather information from the database. This information enables the hacker to access, modify or destroy information in the database. With SQL injection, a hacker can change the price of a product, and gain customer information such as credit cards numbers, passwords and contact information.
  2. Use Cross-Site Scripting (XSS) attacks to send malicious code to other users of the website by injecting code into the application that then executes on the client side for other users. These attacks can lead to your customers being infected with malware, having their sensitive information stolen, or even having their computer be recruited into large botnets.
  3. Make the site temporarily unavailable with a Distributed Denial of Service Attacks (DDoS). DDoS attacks generate requests from thousands of IP addresses in an attempt to flood a site with traffic, making it impossible for the server to respond to requests. DDoS attacks can slow a site down or make it temporarily unavailable.
  4. Hijack trusted user sessions to make unwanted purchases on behalf of users with Cross Site Request Forgery (CSRF) attacks. CSRF attacks occur when a user is tricked into clicking a link or downloading a compromised file that executes unwanted or unknown actions on an authenticated user session.

Kindly revert for any queries

Thanks.

0 0
Add a comment
Know the answer?
Add Answer to:
Threats to the security of a website can range from low – some kid tries an...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • Question The followings are the most common security threats in networks. a. TCP/IP Hijacking [5 marks]...

    Question The followings are the most common security threats in networks. a. TCP/IP Hijacking [5 marks] b. Network Sniffer [5 marks] c. Password Hackers [5 marks] d. Server Hijacking [5 marks] e. DoS Attack [5 marks] You are expected to carry out an analysis and discuss on the nature of each threats by addressing the following element like; i. What it is all about? ii. How can such attack/threats take place in the network? iii. Why they do it? iv....

  • CHapter 8 from 978-0-13-408504-3 (Security in Computing 5th Edition) 1. Explain the differences between public, private,...

    CHapter 8 from 978-0-13-408504-3 (Security in Computing 5th Edition) 1. Explain the differences between public, private, and community clouds. What are some of the factors to consider when choosing which of the three to use? 2. How do cloud threats differ from traditional threats? Against what threats are cloud services typically more effective than local ones? 3. You are opening an online store in a cloud environment. What are three security controls you might use to protect customers’ credit card...

  • Please choose 5 questions from 20 and answer them. 1. How can a security framework assist...

    Please choose 5 questions from 20 and answer them. 1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it? 2. Where can a security administrator find information on established security frameworks? 3. What is the ISO 27000 series of standards? Which individual standards make up the series? 4. What are the issues associated with adopting a formal framework or model? 5....

  • Ellen 84 Which preventive, detective, and/or corrective controls would best mitigate the follow- ing threats? a....

    Ellen 84 Which preventive, detective, and/or corrective controls would best mitigate the follow- ing threats? a. An employee's laptop was stolen at the airport. The laptop contained personal in- formation about the company's customers that could potentially be used to commit identity theft. b. A salesperson successfully logged into the payroll system by guessing the payroll supervisor's password. c. A criminal remotely accessed a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At...

  • Subject: Principles of Information Security True/False Traffic that is encrypted will typically pass by an intrusion...

    Subject: Principles of Information Security True/False Traffic that is encrypted will typically pass by an intrusion prevention system untouched. Performing cloud-based data loss prevention (DLP) is as simple as moving the enterprise edge methodology to the cloud. General UNIX baselining follows similar concepts as baselining for Windows OSs. Defense against attack begins by eliminating threats. A worm is malicious code that has to attach itself to something else to survive. With the availability of DNS blacklisting, pattern matching is no...

  • Can someone help me with the following problems please? 1. How can a security framework assist...

    Can someone help me with the following problems please? 1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it? 2 What are the issues associated with adopting a formal framework or model? 3. What benefit can a private, for-profit agency derive from best practices designed for federal agencies? 4. What are the differences between a policy, a standard, and a practice?...

  • ****NO HAND WRITTEN RESPONSES. NO COPYING OTHER or SIMILIAR RESPONSES. *** if you want a thumbs...

    ****NO HAND WRITTEN RESPONSES. NO COPYING OTHER or SIMILIAR RESPONSES. *** if you want a thumbs up, please be original!!! NO DUPLICATES! Thank you. Processes, along with the kernel, are the only means of accomplishing work on a computer. Therefore, writing a program that creates a breach of security, or causing a normal process to change its behavior and create a breach, is a common goal of crackers. Even most nonprogram security events have as their goal causing a program...

  • Question 1 Global outsourcing appears to be here to stay. Use the Web to identify a...

    Question 1 Global outsourcing appears to be here to stay. Use the Web to identify a company that is providing low-cost labor from some less developed part of the world. Provide a short report that explains who the company is, where it is located, who its customers are, what services and capabilities it provides, how long it has been in business, and any other interesting information you can find in your search. It’s been argued that organizations should consider outsourcing...

  • Description: In this assignment, you will be launching a denial of service attack on a web...

    Description: In this assignment, you will be launching a denial of service attack on a web server. We will be using hping3, a command-line oriented network security tool inside Kali Linux (an advanced penetration testing Linux distribution). Setting up the victim machine Download the Windows XP virtual machine with WebGoat server installed, using the following link. We will use this machine as the victim machine and launch a DoS attack on the WebGoat server.https://drive.google.com/open?id=0BwCbaZv8DevUejBPWlNHREFVc2s Open the victim machine and launch...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT