CIS 542 Assignment 1 Malicious Activity
- Due Week 4 and worth 175 points
You are a manager of a Web development team for fictional international delivery service. Please give your fictional business a name, and provide a sentence or two of background information about the company. Your team maintains all of the e-commerce servers, including creating and updating all of the content on the Web pages and the database that stores customer information. These are mission-critical servers.
You have 4 clustered nodes that are used for load balancing. These nodes are located in 4 cities around the globe. Two are in the USA, one is in Europe, and one is in Asia.
The choices of cities and countries is yours:
Each site is interconnected and gets regular updates from the home office, located in a different city & country that you will choose.
A TCPDUMP is scheduled daily so the team can analyze real-time traffic using WireShark. A team member alerts you to a potential problem found in <NODE OF YOUR CHOICE> capture. There is an alarming amount of activities from port 40452, which shows a redirect to the index.php page instead of the login.php page. It appears this node has been compromised with a SQL Injection Attack. You rely on these sites so you are unable to shut down all e-commerce activities.
For this Assignment, please write a report to the new CEO. Describe your network as you have set it up. Describe your reasoning for the way you distributed the network. Then, in fully-developed explanations, address each of the following:
- Explain the immediate steps you would instruct your team to use to contain the attack, but also to maintain the service to the e-commerce site.
- Summarize the steps required to mitigate all future occurrences of this type of attack, including how to verify that the vulnerability has been rectified.
- Evaluate the OWASP Top 10 2017, found at https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf and list three more potential vulnerabilities. Provide specific mitigation strategies to address each risk.
- Use at least four quality references in this assignment. Note: Wikipedia and similar Websites do not qualify as quality references. Be sure to CITE your sources with complete functioning Weblinks. Note: Test the links to ensure they work before submitting your paper.
- Format your assignment according to the following formatting requirements:
- Typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page is not included in the required page length.
- Include a reference page. Citations and references must follow professional business language format. The reference page is not included in the required page length.
- The specific course learning outcomes associated with this assignment are:
- Analyze Web traffic and log files for malicious activities
- Analyze common Website attacks, weaknesses, and security best practices.
- Use technology and information resources to research issues in securing Web-based applications.
- Write clearly and concisely about Web application security topics using proper writing mechanics and technical style conventions.
- Grading for this assignment will be based on answer quality, logic/organization of the paper, and language and writing skills, using the following rubric.