It is common knowledge that Web server application attacks have become common in today’s digital information sharing age. Understanding the implications and vulnerabilities of such attacks, as well as the manner in which we may safeguard against them is paramount, because our demands on e-Commerce and the Internet have increased exponentially. In this assignment, you will examine the response of both the U.S. government and non-government entities to such attacks.
To complete this assignment, use the document titled “Guidelines on Securing Public Web Servers”, located at http://csrc.nist.gov/publications/nistpubs/800-44-ver2/SP800-44v2.pdf, to complete the assignment. Read the Network World article, “40% of U.S. government Web sites fail security test” also, located at http://www.networkworld.com/news/2012/031512-dnssec-survey-2012-257326.html.
Write a three to five (3-5) page paper in which you:
Examine three (3) common Web application vulnerabilities and attacks, and recommend corresponding mitigation strategies for each. Provide a rationale for your response. Using Microsoft Visio or an open source alternative such as Dia, outline an architectural design geared toward protecting Web servers from a commonly known Denial of Service (DOS) attack. Note: The graphically depicted solution is not included in the required page length. Based on your research from the Network World article, examine the potential reasons why the security risks facing U.S. government Websites were not always dealt with once they were identified and recognized as such. Suggest what you believe to be the best mitigation or defense mechanisms that would help to combat the Domain Name System Security Extensions (DNSSEC) concerns to which the article refers. Propose a plan that the U.S. government could use in order to ensure that such mitigation takes place. The plan should include, at a minimum, two (2) mitigation or defense mechanisms. Use at least three (3) quality resources outside of the suggested resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.