Question
Q// You have a business for which you developed a web site to sell books and related items (such as videos, cassettes, CDs, etc.). This
Q// You have a business for which you developed a web site to sell books and related items (such as videos, cassettes, CDs, etc.). This web site allows customers to browse the catalog, order materials of their choice, and see the invoice of their order. As an administrator, you are allowed to view the inventory stock, add, delete or update items in the inventory. The web site allows customers to make a payment using credit card or debit card. Your system uses three-tier architecture: client, web server and database server. The system is implemented using Visual studio.NET Framework 3.5 with C# and SQL Server. Login controls and access controls are implemented for authenticating users on the client site. No encryption has been implemented in the system.
Answer these Questions
1.What goals could an attacker have in mind when thinking about attacking this system?
2.What are some technical risks/architectural flaws in this system?
3.Propose some risk mitigation strategies for this application.?
4.Describe how you would test the security of this system.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started