šŸ·ļø LIMITED TIME OFFER: GET 20% OFF GRADE+ YEARLY SUBSCRIPTION ā†’
Log in
HomeTextbook Notes300,000US110,000

CPSC 420 Chapter Notes - Chapter 2: Data Masking, Email Filtering

23 views3 pages
pdopler16
18 Jan 2023
School
Evangel University
Department
Computer Science
Course
CPSC 420
Professor

For unlimited access to Textbook Notes, a Class+ subscription is required.

Document Summary

Assume a general application as the basis of your analysis. Unpatched or outdated software, weak passwords, and insufficient authentication and authorization controls. These are exploited by attackers to gain access to information or take control of a system among other things. Viruses, malware, hackers, and unauthorized access affect a database. Encryption, data masking, and permissions management are good mitigation strategies for protecting data in a database while it is idle. User training and blocking outgoing calls are policies that can help prevent social engineering. Users must be taught, and outbound call blocking may intercept essential calls. Additionally, training costs time, money, and email filtering may eliminate legitimate mail. Both the network and the database are vulnerable to attack. However, due to the greater importance of the data stored in the database, it is more likely to be attacked than the network itself.

Get access

Grade+20% off
$8 USD/m$10 USD/m
Billed $96 USD annually
Grade+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
40 Verified Answers
Class+
$8 USD/m
Billed $96 USD annually
Class+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
30 Verified Answers

Related Documents

CPSC 420 Chapter Notes - Chapter chapter 8: Vulnerability Management, Legacy System, Software Development Process
pdopler16
CPSC 420 Chapter Notes - Chapter 3: Mobile Computing, Malware
pdopler16
CPSC 420 Chapter Notes - Chapter 2: Cross-Site Scripting, Data Validation, Bounds Checking
pdopler16

Related Questions

A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization. Which of the following actions would BEST resolve the issue? (Choose two.) :

A. Deploy a WAF.

B. Use containers.

C. Conduct input sanitization.

D. Patch the OS

E. Deploy a reverse proxy

F. Deploy a SIEM. .

G Deploy an IDS. 

A company is repeatedly being breached by hackers who valid credentials. The company's Chief information Security Officer (CISO) has installed multiple controls for authenticating users, including biometric and token-based factors. Each successive control has increased overhead and complexity but has failed to stop further breaches. An external consultant is evaluating the process currently in place to support the authentication controls. Which of the following recommendation would MOST likely reduce the risk of unauthorized access?

A Implement strict three-factor authentication.

B Implement least privilege policies

C Switch to one-time or all user authorizations.

D Strengthen identify-proofing procedures

@Shilpa and jeylam2666 is saying answer B and C

Course hero is saying answer C and G 

I am confused ... need the correct answer here 

A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization. Which of the following actions would BEST resolve the issue? (Choose two.) :

A. Deploy a WAF.

B. Use containers.

C. Conduct input sanitization.

D. Patch the OS

E. Deploy a reverse proxy

F. Deploy a SIEM. .