1a: What are the defences to protect against SQL injection attacks, XML injection attacks, and XSS?
The method of preventing an XML injection attack is to use static SQL, prepared statements, parameterized queries while writing the source codes of the program. The functionalities of the database which are not needed in a program should be removed in order to reduce the attack surface (Som, Sinha, & Kataria, 2016). The existing module of the SQL statements should be continuously monitored as it helps in the identification of the vulnerabilities.
The process of prevention of an XML injection attack is to monitor all the user input before the query reaches the database and work accordingly (Jan, Nguyen, & Briand, 2016). The reduction of the single and double quotes used in the user input helps to prevent the XML injection attack; the syntax should be used only from the XML library. The use of a firewall also provides some sort of security against the external attacks.
The method of preventing an XSS injection attack is to have a secure sanitization of every user input (Alwan & Younis, 2017). The users of the systems should be aware of all the inputs which the website accepts as incoming data.
1b: How difficult are they to implement?
There are lots of difficulties to implement the preventive measures regarding the different kinds of injections attacks such as the confidentiality of the data might get distorted. Many useful advanced systems may not be working properly due to the recent patches of the firewalls. The unlogged injection control codes reduce the performance of the system so it is difficult to incorporate them into any program.
1c: Why are these defences not used extensively?
The preventive ways of the injection attacks are not extensively used because it is generally not possible to optimise all the sources in a particular program. The use of parametrised queries limits the efficiency of the programs. The updated versions of the firewall sometimes restrict the application in different kinds of ways so they are not always widely used. The SQL statements cannot be regularly managed on a regular basis. The user inputs are also very difficult to implement in some cases where thousands of inputs are accepted by the system in a fraction of a second.
2a: Use the Internet to identify three DLP products.
The three most commonly used DLP products are PCI, HIPAA and HITECH.
2b: Make a list of their features, architecture, strengths, weaknesses, and so on.
The features of the different types of data loss prevention tools are as followings:
PCI: Payment Card Industry is a type of data loss prevention tool which are used during the online transactions of an enterprise or individual (Chorney, 2016). The prime benefit of using this is ensuring complete security during any online transactions. The prime limitations of PCI are the cost involved in its data prevention techniques.
HIPAA: The prime advantage of using Healthcare Information Portability and Accountability Act is its ability to lock the files used by the patients with the help of the web console (Martínez-Pérez, Torre-Díez, & López-Coronado, 2014). The encrypted locked files can only be accessed with a user defined login credential; this feature enhances the security of the programs which incorporates this data loss prevention technique. It is used in healthcare industry to provide security to the families of the patient. The disadvantage of this tools is that for implementation of this tool every organisation needs experienced trainers which are not easily available as they are always engaged in other training departments of an organisation. The privacy rules of HIPPA are very difficult to understand as it has the capability to post any data without the consent of the involved stakeholders. The billing and legal issues are also ab added disadvantage for this tool as it shares information with many external stakeholders.
HITECH: The Health Information Technology for Economic and Clinical Health Act is a type of data loss prevention tool which enforces the internal policies of the organisation who are incorporating this tool into their systems. The main strength of this tool is to identify all the possible risks such as the unauthorised access in a private network (Latasha Blake). Protection of the sensitive data in a health information industry is the most important advantage regarding this tool. The cost of adoption, implementation and maintenance of this data loss prevention tools is a significant issue regarding this tool. Another disadvantage of this tool is its disruption in work flow for the medical stuffs which results in temporary loss along with that the privacy of patient is also compromised by using this tools.
2c: Then determine if each of these products could be used by an attacker to identify vulnerabilities in an organization’s data protection. Create a table comparing the products and write an analysis of your research.
The data loss preventions tools sometimes help the attackers to identify the vulnerabilities in an organization because of the lack of data inventory and inefficient audit process. Some organization do not know about the location of their data and its authorization. The attackers get aware of the security regulations of an organization by evaluating the different data loss prevention tools (Katharina Krombholz, Heidelinde Hobel, Markus Huber, Edgar Weippl, 2015). Inefficient working of the organization after incorporation of these tools also provides a big opportunity for the attackers to challenge the integrity of the data.
Payment Card Industry
Healthcare Information Portability and Accountability Act
The Health Information Technology For Economic and Clinical Health Act
Associated with business working with financial transactions
Associated with health insurance coverage.
Associated with health information industry.
Help in providing security to all the online transactions
Help to combat fraud and abuse in healthcare industry
Help to reduce healthcare disparities by engaging patients and their family members. Also helps in providing privacy and security to the patient.
Table 1: Created by the author
Comparison of three types of DLP
Analysis: From the above table it can be understood that these three products are extensively used in different organization for the accomplishment of the common purpose which is to provide privacy and security to the people associated with those organization.
3a: What are the advantages of HTTPS?
The prime advantage of using https is its improved security and updated browser labels. HTTPS is the modified version of HTTP used for allowing the exchange of content on the internet. The online transactions are much more secured in an https protocol (Durumeric, et al.). Maintaining the data integrity is the other type of advantage regarding the use of https.
3b: What are its disadvantages?
The foremost disadvantage of using https is its utilisation in lots of servers. It requires more processing power and memory as compared with the HTTP. Latency is an issue in the https as the SSL connections are very much time consuming. HTTPS has other issues such as browser caching which reduces the speed of the modern websites. The other types of disadvantage regarding https is that is required to buy SSL certificates to enhance its trustworthiness.
3c: How is it different from HTTP?
The use of HTTPS provides more security as compared with the HTTP. HTTPS prevents the cybercriminals from accessing critical information. HTTP utilizes port 80 by default and HTTPS makes use of the port 443 by default. It is much safer to use the HTTPS while performing vital tasks such as financial transactions (Naylor, et al., 2014). The other difference between the two protocol is that HTTP do not scramble the data to be transmitted that is the main reason behind the attackers getting access to the data where as in HTTPS data is scrambled before transmission.
3d: How must the server be set up for HTTPS transactions?
The different steps of setting up of the server for https transactions are as follows:
- Hosting with the help of a dedicated IP address, this dedicated IP address is essential by the SSL certificates.
- An authenticated certificate has to be bought, installed and activated into the system.
- After the certificate is installed into the system the transactions are required to be updated in order to start using the HTTPS service.
3e: How would it protect you using a public Wi-Fi connection at a local coffee shop?
The use of HTTPS in a public Wi-Fi is very much secured as compared with HTTP as only a public key and encrypted messages are communicated during the setup of TLS. The data is protected as it is authenticated by the principal secret and pseudo random numbers; when the TLS handshake occurs it uses public private key encryption (McShane, Wilson, & Gregory, 2017). The transactions are secured as the encryption is designed in such a way so that it will not be functional unless it is accessed by the private key, even the public keys are also signed by authenticated root certificates.
3f: Should all Web traffic be required to use HTTPS? Why or why not? Fully argument your answers.
The utilization of the secure socket layers to monitor and transfer data between two users is one of the main reasons why HTTPS must be used in every Web Traffic. All the personal and financial transactions can be done in a much-secured environment in HTTPS. HTTPS also ensures the privacy, authenticity and security to all its users. Only the associated parties involved in a transaction have the authority to access the data in case of HTTPS.
4a: Research AWS’s Virtual Private Cloud or another cloud vendor’s similar offering. What are your impressions?
This section will be comparing the Amazon Web Services and Azure Services. The users of the AWS can fully configure their own space according to their requirement, while the Azure services use Virtual hard disk where clients can partially configure their space. The storage provided by AWS is temporary it gets activated when an case is started and gets dissolved when it is completed. Block blobs and files are used for storage purposes in Azure. Both the cloud service provides specifications such as site recovery and they also support relational database and NoSQL database (Serrano & Gallardo, 2015). Isolated network creation is one of the most glorifying features of AWS which makes it unique from the other types of cloud services and is one of the main reason behind its incorporation in different organisations.
4b: Would this be something that an organization should consider?
The advanced specification of AWS makes it suitable and compatible for use in different types of organizations. The isolated networks of AWS help the user to route tables, create subnets, private IP address ranges and network gateways, all these features are very important for every organisation who uses cloud computing technology. The flexible pricing models are very much helpful for the organisation to adopt this cloud service; the price of the bill depends on their usage. The open source communities mostly use the service of the AWS which makes way for different open source integrations such as Jenkins and GitHub. The AWS is always compatible with different types of servers.
4c: What are its technical limitations? Write a two-page summary of your research.
Like every other cloud services, Amazon cloud services also have certain technical limitations such as the hardware level challenges. Security issues are one of the major issues in cloud computing. The other technical related with AWS is the low bandwidth. The application of the remote servers is one of the other technical issues in AWS. The creation of the incompatibility issues in AWS due to the virtualization of each of the modules is also one of the main technical limitations in AWS.
5a: Interview a network administrator or an IT professional. Ask questions to find out how cyber security is approached in his /her line of work
The foremost security questions that is asked to an IT professional regarding cyber security in his organisation are:
Q: What is the security policy of your organisation?
A: The security policy of my organisation is very much easy to understand and implement, the two main things which my company focus regarding the security policy are:
- Read and understand the policies of all the stakeholders who are associated with the business.
- All the online transactions have to be done in an encrypted message.
Q: How cyber securities are dealt with in your company?
A: Every employee have their personal portals which are protected by their alphanumeric passwords, the systems have advanced anti-virus software and updated firewalls. The security objectives of the company are to provide equal security to each of the stake holders of the corporations irrespective of their designations by maintaining the rules and regulations of the company.
5b: Write a summary of the interview
With the increasing number of cybercrimes each day there is a need for adopting certain policies by every organisation who deals with cloud computing. The security objectives of the organisation are very necessary for the growth and development of the organisation as every employee should be flexible and their roles should be defined by the organisation so that the security of the organization is maintained. Based on the previous and latest trends the organisation should be adopting effective resolution techniques so that it can cope with the cyber challenges. The employees should be aware of all the security issues faced by the corporations so that they can effectively contribute to maintaining security in the company.
5c: Using critical thinking and considering the knowledge gained from this subject, what have you learned about e-security from this professional?
From the above interview, it can be concluded that every organisation should be focussing on all the effective strategies by which the security of the organisation will be maintained. The effective strategies adopted by the organisation should always be modified as cybercriminals are also using the latest technologies and innovative process to harm the growth and productivity of any organisation or individual.
Alwan, Z. S., & Younis, M. F. (2017). Detection and Prevention of SQL.
Chorney, R. (2016). Payment Card Industry Data.
Durumeric, Z., Ma, Z., Springall, D., Barnes, R., Sullivan, N., Bursztein, E., et al. (n.d.). The Security Impact of HTTPS Interception.
Jan, S., Nguyen, C. D., & Briand, L. C. (2016, July 18). Automated and effective testing of web services for XML injection attacks. Retrieved from ACM DIGITAL LIBRARY: https://dl.acm.org/citation.cfm?id=2931042
Katharina Krombholz, Heidelinde Hobel, Markus Huber, Edgar Weippl. (2015). Advanced Social Engineering Attacks. Journal of Information Security and applications, 113-122.
Keromytis, S. W. (2004). SQLrand: Preventing SQL Injection Attacks. Retrieved from Springer link: https://link.springer.com/chapter/10.1007/978-3-540-24852-1_21
Latasha Blake, V. F. (n.d.). Developing Robust Data Management Strategies for Unprecedented Challenges to Healthcare Information. North American Business Press.
Martínez-Pérez, B., Torre-Díez, I. d., & López-Coronado, M. (2014). Privacy and Security in Mobile Health Apps: A Review and Recommendations.
McShane, I., Wilson, C., & Gregory, M. (2017). Practicing Safe Public Wi-Fi: Assessing and Managing Data-Security Risks.
Naylor, D., Finamore, A., Leontiadis, I., Grunenberger, Y., Mellia, M., Munafò, M., et al. (2014). The Cost of the "S" in HTTPS. Sydney.
Serrano, N., & Gallardo, G. (2015). Infrastructure as a Service and Cloud Technologies.
Som, S., Sinha, S., & Kataria, R. (2016). STUDY ON SQL INJECTION ATTACKS: MODE,.