StudyDaddy Computer Science The codes should be in HTML/PHP/JAVA only-Please let me know your rates first

The codes should be in HTML/PHP/JAVA only-Please let me know your rates first

1 Homework 5 Demonstrating Porous Defenses Final Over view In this homework you use Netbeans to create two different unique and complete demonstrations of Porous Defenses such as Use of a Broken or Risky Cryptographic Algorithm , Improper Restriction of Excessive Authentication Attempts , and Use of a One -Way Hash without a Salt . You will demonstrate and describe how to fix each of the problems. Therefore a total of four code samples will be created. Two wi th Porous Defenses and two will have the issues fi xed. Assignment Details Be sure you have carefully read and understand the materials in week s 7 and 8. 1. Select 2 CWE/SANS Top 25 vulnerabilities under the category of Porous Defenses from one of these specific issues : a. Use of a Broken or Risky Cryptographic Algorithm , b. Improper Restriction of Excessive Authentication Attempts , and c. Use of a One -Way Hash without a Salt Review and try the existing examples in links in the classroom . Use Netbeans to experiment. Work in multiple languages where possible. 2. Using N etbeans, create your own unique , full example for each of the 2 vulnerabilities in th is category. Note: by unique and full I mean, this should not just be a code snippet. It should be part of a small application. In other words, you need to adapt the examp les provided in the documentation to something more meaningful and substantive. It doesn’t have to be a large, overly comple x application, but it needs to be complete, and runnable and demonstrate how this vulnerability may appear in the real world. 3. Demon strate for each of the two applications they are vulnerable to this attack. You need to show explicitly the attack you use and demonstrate the impact of the vulnerability. The demonstration should occur through screen shots and detailed walkthrough of the steps you performed. 4. Finally, using the information in the CWE/SANS Top 25 vulnerabilities, fix the issues in each of the two examples you created in step 2. 5. Document the vulnerabilities and describe specifically how the issues were corrected. Note: You may need to conduct additional research to better understand the vulnerability or the features associated with a specific language. Deliverables Provide all of your source files for this assignment . T wo source code files will have software vulnerabilities. The remaining t wo will have the issues fixed. Provide any supplemental or utility files supporting your main source files. 2 Prepare a word or PDF file describing and demonstrating the vulnerabilities in each of your source files and specifically how you fixed the issue. You should demonstrate with screen shots and code within the document to report your findings. Note: Be sure to provide all screen shots in one word of PDF document. You can compress the files using a zip application for easier upload. Grading Rubric: Attribute Meets Does not meet Vulnerabilities 50 points Select s 2 CWE/SANS Top 25 vulnerabilities under the category of Porous Defenses . (10 points) Create s unique , full example for each of the 2 vulnerabilities in th is category . (20 points) Demonstrate s for each application , they are vulnerable to an attack . (20 points) 0 points Does not s elect 2 CWE/SANS Top 25 vulnerabilities under the category of Porous Defenses . Does not c reate unique , full example for each of the 2 vulnerabilities in th is category . Does not d emonstrate for each application , they are vulnerable to an attack . Mitigation 25 points Fixes the issues i n each of the two examples you created. (25 points) 0 points Does not f ix the issues i n each of the two examples you created. Documentation and submissions 25 points Provide s all source files (those with vulnerabilities, those fixed and any supplemental files needed to run the application . (5 points) Within a word or PDF file, documents vulnerabilities and describe specifically how the issues were corrected . (10 points) Demonstrate s with properly labeled screen captures and code within the document to report your find ings. (10 points) 0 points Does not p rovide all source files (those with vulnerabilities, those fixed and any supplemental files needed to run the application . Within a word or PDF file, does not document vulnerabilities and describe specifically how the issues were corrected . Does not d emonstrate with properly labeled screen captures and code within the document to report your find ings.

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!