a)Provide an example of a Cross Site Scripting (XSS) attack. Include an explanation of the differences between
Question:
a)Provide an example of a Cross Site Scripting (XSS) attack. Include an explanation of the differences between stored and reflective XSS attacks.
b)Provide an example of a SQL Injection attack. Why does the back end database make a difference in how it works? What type of information or access could be compromised with SQL injection attacks? Include at least one additional reference.
c)Watch this video on "Ethical Hacking - How Buffer Overflow Attacks Work":https://www.youtube.com/watch?v=iZTilLGAcFQ. In own words, explain how Buffer Overflow attacks work. Include at least one image or drawing. Include at least one additional reference.
d)Both the SANS (http://www.sans.org/top25-software-errors/) and OWASP (https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project) sites provide techniques for preventing application attacks. Discuss three of these techniques. Be sure to cite any sources used.
e)What part of the e-mail process does SSL/TLS usually secure? Is this end-to-end security? Explain. What standards and technologies provide end-to-end security for email?
Principles Of Information Security
ISBN: 9780357506431
7th Edition
Authors: Michael E. Whitman, Herbert J. Mattord