Get Instant Help From 5000+ Experts For
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing:Proofread your work by experts and improve grade at Lowest cost

And Improve Your Grades
myassignmenthelp.com
loader
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!
Free Quote
wave
How to Optimize Content for SEO

What is SEO?

The rapid development in modern technology has raised the economy, however, this development has also opened doors for cybercriminals to exploit vulnerabilities in web systems and access, damage and destroy data and hardware. Contemporary digital businesses are growing enormously but they continue to experience cybersecurity breaches with one in four businesses detecting a breach during their last operational year. The nature of these attacks means many businesses may not know their IT systems have been breached and how to handle/avoid these attacks.

On successful completion of this module students will be able to

1.Develop dynamic web pages for practical business purposes using server-side technologies.

2.Critically evaluate and compare web server-side technologies and their deployment.

3.Identify and test common security threats associated with PHP.

4.Demonstrate implementation of usability and accessibility standards in designing of dynamic website.

5.Design and test web database systems with clear justification of the design route taken.

Task A

Now FitTheBits has contacted BizTech (Leading IT Company) to develop a secure website to project their presence and the services they offer. The client will also use the website as a contact tool with its customers. The website should be simple to use and must consider customer experience when designing and developing this website.

Assume that you are working as a junior web developer and application security analyst in BizTech and you have been asked to develop this project. During the first phase of website design and development, you will design a front-end website using suitable design tools and technologies such as Adobe brackets or Sublime text-2 and HTML, CSS, JavaScript on the client-side and PHP, MySQL on the server-side.  Alternatively, you can use a complete server-side technologies (e.g –Xampp/Lampp) which includes Apache web server, PHP and MySQL.

In the second phase, you have been assigned a task to carry out a security analysis of website and backend SQL database attached to a website containing possible security vulnerabilities. You will be using a vulnerable web application Mutillidae by OWASP as a test bed. (Note: List of other vulnerable web applications will be provided on Moodle as well). You will setup the PHP based vulnerable application and conduct the security evaluation of its current state.

Deliverables

The web/application security testing must include the following components:

Note:

Task A is worth 60% of the overall assignment. The marking criteria are outlined below.

Setup Fully Functional Vulnerable Web Application:

·PHP

·MySQL

·Apache Server

Setup Mutillidae with all the above services enabled on XAMMP. Please provide step-by-step walk through of your implementation including setup of your backend SQL database using screen shots and appropriate description of each step.  

Web Application Security Testing:

·Nmap scanning

Perform port scanning of web application target (Mutillidae) and elaborate each step clearly mentioning the details of open ports and its relevance to identify the running protocol.  

·Wireshark Sniffing

Perform data/traffic capture on target web application (Mutillidae). Please provide the detailed analysis of captured data (Protocol identified at different TCP/IP layers).   

·SQL Injection using SQLMAP

Perform SQL injection attack on Mutillidae using SQLMAP. Elaborate the findings of your attack and include the name of detected database version, database names, database compromised data etc.

Web Application Security Model:

·Firewalls

·IDS/IPS

·Encryption

Elaborate the use of above technology to strengthen the security of web applications and discuss integration of these as effective security mechanism.  

Tasks:

Your second task is to write a self-reflective commentary about your journey looking website design, development, testing and deployment techniques.

Having created your website project, you should write a self-reflective commentary (1000 words) critically reflecting on your project. Your commentary should critically explore the work you have done to produce your project using relevant literature.

support
close