Malicious Activity
Overview
You are a manager of a Web development team for a fictional international delivery service company. Please give your fictional business a name, and provide background information about the company in one or two sentences. Your team maintains all the e-commerce servers, including creating and updating all the content on the webpages and the database that stores customer information. These are mission-critical servers.
You have four clustered nodes that are used for load balancing. These nodes are located in four cities around the globe. Two are in the United States, one is in Europe, and one is in Asia.
The choices of cities and countries are yours:
Node 1: City___________Country___________
Node 2: City___________Country___________
Node 3: City___________Country___________
Node 4: City___________Country___________
Each site is interconnected and gets regular updates from the home office, located in a different city and country that you will choose.
A TCPDUMP is scheduled daily so the team can analyze real-time traffic using WireShark. A team member alerts you to a potential problem found in capture. There is an alarming amount of activities from port 40452, which shows a redirect to the index.php page instead of the login.php page. It appears this node has been compromised with a SQL Injection Attack. You rely on these sites, so you are unable to shut down all e-commerce activities.
Instructions
For this assignment, write a 3–5 page report to the new CEO. Describe your network as you have set it up. Describe your reasoning for the way you distributed the network. Then, in fully developed explanations, address each of the following:
1. Explain the immediate steps you would instruct your team to use to contain the attack while maintaining the service to the e-commerce site.
2. Summarize the steps required to mitigate all future occurrences of this type of attack, including how to verify that the vulnerability has been rectified.
3. Evaluate the OWASP Top 10 – 2017: The Ten Most Critical Web Application Security Risks [PDF], and list three more potential vulnerabilities. Provide specific mitigation strategies to address each risk.
4. Go to Basic Search: Strayer University Online Library to locate and use at least four quality sources in this assignment.
This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions.
The specific course learning outcome associated with this assignment is:
· Propose a response to a malicious attack, including steps to contain the attack and steps to mitigate future attacks.