Instructions
Securing Data
Complete the following:
For each of the following actions, use the appropriate language to complete a solution.
Please copy the numbered action into your Microsoft Word document.
For items 15 below, respond to each item.
Start a next action on a new page.
- Using the Java code below, describe the vulnerability that exists in the query and what can be done to fix the issue(s).
import java.util.Scanner;
public class IN300_Unit5_A1 {
public static void main(String[] args) {
Scanner sc = new Scanner(System.in);
System.out.println(“Enter employee name”);
String employee = sc.nextLine();
String query = “SELECT * FROM Employee where employeeName = ‘” + employee + “‘”;
System.out.println(“The query is: ” + query);
}
}
Output:
Enter employee name
Bob’ or ‘1’=’1
The query is: SELECT * FROM Employee where employeeName = ‘Bob’ or ‘1’=’1′
Describe the vulnerability that exists in the query and what can be done to fix the issue(s).
- Given the below Python code and execution, describe the results and what input validation countermeasures you might use to ensure you get the proper results:
Code:
result = input(“Do you want to continue [Yes] or [No]: “)
print(result)
Execution 1:
$ python3 IN300_Unit5_A2.py
Do you want to continue [Yes] or [No]: No
No
Execution 2:
$ echo ” NO ” + exec(subprocess.run([“ls”, “-l”]))” | python3 IN300_Unit5_A2.py
Do you want to continue [Yes] or [No]: NO ” + exec(subprocess.run([“ls”, “-l”]))
- In two paragraphs, describe the best practice of running code with least privilege. You can include some vulnerabilities and countermeasures as examples.
- In two paragraphs, describe the best practice of not trusting infrastructure. You can include some vulnerabilities and countermeasures as examples.
- In one paragraph, describe the best practice of avoiding security by obscurity. You can include some vulnerabilities and countermeasures as examples.
Your submission for this part should meet any stated specifications listed above.
For the mastery requirements for this Competency Assessment, complete the following boldfaced item:
Develop a 12-page report discussing how improper coding can lead to SQL injection issues in a web application.
What Students Are Saying About Us
.......... Customer ID: 12*** | Rating: ⭐⭐⭐⭐⭐"Honestly, I was afraid to send my paper to you, but you proved you are a trustworthy service. My essay was done in less than a day, and I received a brilliant piece. I didn’t even believe it was my essay at first 🙂 Great job, thank you!"
.......... Customer ID: 11***| Rating: ⭐⭐⭐⭐⭐
"This company is the best there is. They saved me so many times, I cannot even keep count. Now I recommend it to all my friends, and none of them have complained about it. The writers here are excellent."
"Order a custom Paper on Similar Assignment at essayfount.com! No Plagiarism! Enjoy 20% Discount!"
