Professional Documents
Culture Documents
STUDENT ID : 11690098
INFORMATION SECURITY
ASSIGNMENT 2
1
Contents
Task:............................................................................................................................................................3
Introduction.................................................................................................................................................3
Task:1 Scenario Analysis :............................................................................................................................3
Task 1.1 Real Life Security Breach..............................................................................................3
1.2. Difference between Cross Site Scripting (XSS) and Cross Site Request Forgery (XSRF)
:........................................................................................................................................................3
References :.................................................................................................................................................6
2
Task:
Introduction
This project mostly dealing with security breaches and the cross site scripting and also mostly
forgery analysis can be carried out by these type of security and also many added benefits will be
included .
Facebook is now days the world’s largest communication platform through which various types
of networks are to be followed and also mostly users data will be stored in this platform by
which the hackers collected users phone numbers and address and it was a serious issue at that
time and caused so much loss and then face book started secured passwords and not allowing
others to use and it was also stated that it didn’t protect its users data .
Vulnerability
According to the face book breach the organization weakness leaded to the database security and
the lost of all data and vulnerability defines the weakness of the system and these weakness
caused database administrator lost of damage and severe cause happened
Threats
Hackers in which getting the phone numbers and the data of the users will lead to threats
Control
The encryption technique will leads to the standard password security mechanisms and also for
the better security these threats and vulnerabilities can be avoided by using these case .
1.2. Difference between Cross Site Scripting (XSS) and Cross Site Request
Forgery (XSRF) :
Cross site scription can be used in web applications and also it is a special vulnerability that is used in
most of the systems and also these websites will be attacked easily by the hackers as there is no special
circumstances in which they will have cyber criminals try to inject these virus in to the organizations and
also they will be used for all the purposes and while considering these changes they can be transformed
and also the cookies that are generated in these sites will be exploited .
3
S. No XSS CSRF
1 Cross site scripting can be processed and Cross site request forgery can
organized be processed
2 Checking cannot be done by data to data Features and functionality of
as well as verification the process will be dependent
3 Javascript will be used Javascript is not used
4 Malicious process which will cause Users are attacked without
vulnerability their knowledge
5 Cross site scripting is harmful compared Cross site request forgery is
to others less harmful
Resolution
Microsoft created a set of features like data execution and prevention mechanisms and they
developed some special features to enable and also prevent the buffer overflow and also they
brought some other mechanisms and also they have their own terms in dealing with the security
codes
4
systems and also they are using STO for the better results and also it is successful using this and
to avoid hackers from stealing these will help mostly and also they give most of the data to the
system vulnerabilities and they will process and also proceed to the malware process and now
adays working with digital environment is very efficient for all the people those who consider it
as the biggest and also they are identifying the bugs through vulnerability and the action for all
the users will be the same .
There is other method like centralized storage process this also can be implemented by host running
virtualization and also cost will eb reduced and also something that is stolen can be return by this
process and the host running technology can also be used for all the systems .
5
References :
1. Buffer Overflow Attacks,xs