Question

There are a multitude of items that Cyber Security professionals view as attack vectors but none are more prevalent and exploitable than application code or as readily available as the network perimeter. There are many ways that these areas are exploited. The application side has its beginning with code which is poorly designed from a security perspective. One of the code items that is exploited by fraudsters to pivot across an organization's internal network is the Web.cfg file - in this file non security minded programmers often leave the User ID and password for connecting to the associated database in plaintext.
For part one of this assignment, write a 1 page summary that explains to a non IT person what this attack is, how it works and how to prevent it.
The second part of this assignment is about the secure perimeter. Using your choice of reference for securing a network (NIST, Rainbow Series Red Book, Common Criteria etc.) research on how to design a secure network perimeter that will protect the internal applications, even poorly written ones like the one above from being exploited. Include a diagram of your solution and on the bottom half - a written explanation, in APA format, of your solution.

Answer 1

AnsweR

RRR

Explanation: