OWASP Top 10 2017 Potential Vulnerabilities & Mitigation Strategies Paper

/in /by

OWASP Top 10 2017 Potential Vulnerabilities & Mitigation Strategies Paper

A TCPDUMP is scheduled daily so the team can analyze real time traffic using WireShark. A team member alerts you to a potential problem found in <NODE OF YOUR CHOICE> capture. There is an alarming amount of activities from port 40452, which shows a redirect to the index.php page instead of the login.php page. It appears this node has been compromised with a SQL Injection Attack. You rely on these sites so you are unable to shut down all e-commerce activities.

For this Assignment, please write a report to the new CEO. Describe your network as you have set it up. Describe your reasoning for the way you distributed the network. Then, in fully-developed explainations, address each of the following:

  1. Explain the immediate steps you would instruct your team to use to contain the attack, but also to maintain the service to the e-commerce site.
  2. Summarize the steps required to mitigate all future occurrences of this type of attack, including how to verify that the vulnerability has been rectified.
  3. Evaluate the OWASP Top 10 2017, found at https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf and list three more potential vulnerabilities. Provide specific mitigation strategies to address each risk.
  4. Use at least four quality references in this assignment. Note: Wikipedia and similar Websites do not qualify as quality references. Be sure to CITE your sources with complete functioning Web links. Note: Test the links to ensure they work before submitting your paper.
  5. Format your assignment according to the following formatting requirements:
    • Typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
    • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page is not included in the required page length.
    • Include a reference page. Citations and references must follow professional business language format. The reference page is not included in the required page length.