SlideShare a Scribd company logo

Module CST2572 Secure Web Technologies Assessment 1 Case Study .pdf

M
mysoresilkudyog

Module: CST2572 Secure Web Technologies Assessment 1: Case Study / Scenario Context: A client calls you first thing on a Saturday morning, panicking as their website has been hacked. The website is for a major national health conference with NHS as a leading promotor. Other details: - The server had auto-malware checks on it which shut the site down - The server is an Apache server setup in a VM by a host - The setup also contains the company's main health website with a member's database - All websites are designed and running WordPress - There is admin access via a username/password - The web developers have declared that what has happened is 'out of their remit' Describe: How do you initially reconnaissance and discover what has occurred? How do you remedy? How do you clean-up and restore? Mitigate? Ensure you provide diagrams of the system and any upgrades or updates that are needed..

Education
1 of 1
Download to read offline
Module: CST2572 Secure Web Technologies Assessment 1: Case Study / Scenario Context: A client calls you first thing on a Saturday morning, panicking as their website has been hacked. The website is for a major national health conference with NHS as a leading promotor. Other details: - The server had auto-malware checks on it which shut the site down - The server is an Apache server setup in a VM by a host - The setup also contains the company's main health website with a member's database - All websites are designed and running WordPress - There is admin access via a username/password - The web developers have declared that what has happened is 'out of their remit' Describe: How do you initially reconnaissance and discover what has occurred? How do you remedy? How do you clean-up and restore? Mitigate? Ensure you provide diagrams of the system and any upgrades or updates that are needed.

Recommended

Atc ny friday-talk_20080808
Atc ny friday-talk_20080808Atc ny friday-talk_20080808
Atc ny friday-talk_20080808
Todd Deshane
 
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
karthikvcyber
 
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.wayLlunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Kenny Buntinx
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
DARSHANBHAVSAR14
 
CMS Website Security Threat Protection Oriented Analyzer System
CMS Website Security Threat Protection Oriented Analyzer SystemCMS Website Security Threat Protection Oriented Analyzer System
CMS Website Security Threat Protection Oriented Analyzer System
Editor IJCATR
 
Web security
Web securityWeb security
Web security
Padam Banthia
 
Pardeep Rana IT CV_Breif
Pardeep Rana IT CV_BreifPardeep Rana IT CV_Breif
Pardeep Rana IT CV_Breif
Pardeep Rana
 

Recommended

Atc ny friday-talk_20080808
Atc ny friday-talk_20080808Atc ny friday-talk_20080808
Atc ny friday-talk_20080808
Todd Deshane
 
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
karthikvcyber
 
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.wayLlunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Kenny Buntinx
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
DARSHANBHAVSAR14
 
CMS Website Security Threat Protection Oriented Analyzer System
CMS Website Security Threat Protection Oriented Analyzer SystemCMS Website Security Threat Protection Oriented Analyzer System
CMS Website Security Threat Protection Oriented Analyzer System
Editor IJCATR
 
Web security
Web securityWeb security
Web security
Padam Banthia
 
Pardeep Rana IT CV_Breif
Pardeep Rana IT CV_BreifPardeep Rana IT CV_Breif
Pardeep Rana IT CV_Breif
Pardeep Rana
 
Injection techniques conversys
Injection techniques conversysInjection techniques conversys
Injection techniques conversys
Krishnendu Paul
 
You are the security administrator for a small company- You have a sin.docx
You are the security administrator for a small company- You have a sin.docxYou are the security administrator for a small company- You have a sin.docx
You are the security administrator for a small company- You have a sin.docx
erinskingsman95711
 
Vulnerability manager v1.0
Vulnerability manager v1.0Vulnerability manager v1.0
Vulnerability manager v1.0
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdfWeb sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
aquacareser
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808
Todd Deshane
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack Security
Amazon Web Services
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for Startups
Symosis Security (Previously C-Level Security)
 
E magic case study
E magic case studyE magic case study
E magic case study
Allyssa1Davis
 
Penetration Testing Report
Penetration Testing ReportPenetration Testing Report
Penetration Testing Report
Aman Srivastava
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
BeyondTrust
 
An Internship Presentation ! Bank asia !!
An Internship Presentation ! Bank asia !!An Internship Presentation ! Bank asia !!
An Internship Presentation ! Bank asia !!
Sharif Raihan Kabir
 
70 246-q&a-demo-self examengine
70 246-q&a-demo-self examengine70 246-q&a-demo-self examengine
70 246-q&a-demo-self examengine
Ellina Beckman
 
Tech Ed 2008 Israel Server Management 360
Tech Ed 2008 Israel Server Management 360Tech Ed 2008 Israel Server Management 360
Tech Ed 2008 Israel Server Management 360
Amit Gatenyo
 
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld
 
VMworld 2013: Part 2: How to Build a Self-Healing Data Center with vCenter Or...
VMworld 2013: Part 2: How to Build a Self-Healing Data Center with vCenter Or...VMworld 2013: Part 2: How to Build a Self-Healing Data Center with vCenter Or...
VMworld 2013: Part 2: How to Build a Self-Healing Data Center with vCenter Or...
VMworld
 
6421 b Module-08
6421 b Module-086421 b Module-08
6421 b Module-08
Bibekananada Jena
 
THIYAGARAJAN %5bVDI%5d
THIYAGARAJAN %5bVDI%5dTHIYAGARAJAN %5bVDI%5d
THIYAGARAJAN %5bVDI%5d
K THIYAGARAJAN
 
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
pritam sahu
 
Irm 6-website-defacement
Irm 6-website-defacementIrm 6-website-defacement
Irm 6-website-defacement
Kasper de Waard
 
Owasp
OwaspOwasp
Owasp
SisayDeresa
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
pradhanghanshyam7136
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
Nirmal Dwivedi
 

More Related Content

Similar to Module CST2572 Secure Web Technologies Assessment 1 Case Study .pdf

Injection techniques conversys
Injection techniques conversysInjection techniques conversys
Injection techniques conversys
Krishnendu Paul
 
You are the security administrator for a small company- You have a sin.docx
You are the security administrator for a small company- You have a sin.docxYou are the security administrator for a small company- You have a sin.docx
You are the security administrator for a small company- You have a sin.docx
erinskingsman95711
 
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdfWeb sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
aquacareser
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808
Todd Deshane
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
BeyondTrust
 
Tech Ed 2008 Israel Server Management 360
Tech Ed 2008 Israel Server Management 360Tech Ed 2008 Israel Server Management 360
Tech Ed 2008 Israel Server Management 360
Amit Gatenyo
 
6421 b Module-08
6421 b Module-086421 b Module-08
6421 b Module-08
Bibekananada Jena
 
THIYAGARAJAN %5bVDI%5d
THIYAGARAJAN %5bVDI%5dTHIYAGARAJAN %5bVDI%5d
THIYAGARAJAN %5bVDI%5d
K THIYAGARAJAN
 
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
pritam sahu
 

Similar to Module CST2572 Secure Web Technologies Assessment 1 Case Study .pdf (20)

Injection techniques conversys
Injection techniques conversysInjection techniques conversys
Injection techniques conversys
 
You are the security administrator for a small company- You have a sin.docx
You are the security administrator for a small company- You have a sin.docxYou are the security administrator for a small company- You have a sin.docx
You are the security administrator for a small company- You have a sin.docx
 
Vulnerability manager v1.0
Vulnerability manager v1.0Vulnerability manager v1.0
Vulnerability manager v1.0
 
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdfWeb sever environmentA Web server is a program that uses HTTP (Hy.pdf
Web sever environmentA Web server is a program that uses HTTP (Hy.pdf
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack Security
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for Startups
 
E magic case study
E magic case studyE magic case study
E magic case study
 
Penetration Testing Report
Penetration Testing ReportPenetration Testing Report
Penetration Testing Report
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
 
An Internship Presentation ! Bank asia !!
An Internship Presentation ! Bank asia !!An Internship Presentation ! Bank asia !!
An Internship Presentation ! Bank asia !!
 
70 246-q&a-demo-self examengine
70 246-q&a-demo-self examengine70 246-q&a-demo-self examengine
70 246-q&a-demo-self examengine
 
Tech Ed 2008 Israel Server Management 360
Tech Ed 2008 Israel Server Management 360Tech Ed 2008 Israel Server Management 360
Tech Ed 2008 Israel Server Management 360
 
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
 
VMworld 2013: Part 2: How to Build a Self-Healing Data Center with vCenter Or...
VMworld 2013: Part 2: How to Build a Self-Healing Data Center with vCenter Or...VMworld 2013: Part 2: How to Build a Self-Healing Data Center with vCenter Or...
VMworld 2013: Part 2: How to Build a Self-Healing Data Center with vCenter Or...
 
6421 b Module-08
6421 b Module-086421 b Module-08
6421 b Module-08
 
THIYAGARAJAN %5bVDI%5d
THIYAGARAJAN %5bVDI%5dTHIYAGARAJAN %5bVDI%5d
THIYAGARAJAN %5bVDI%5d
 
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
pritam_sahu_2_year_in_capgemini_as_System_administrator[1]
 
Irm 6-website-defacement
Irm 6-website-defacementIrm 6-website-defacement
Irm 6-website-defacement
 
Owasp
OwaspOwasp
Owasp
 

Recently uploaded

Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
AnaAcapella
 

Recently uploaded (20)

Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 

Module CST2572 Secure Web Technologies Assessment 1 Case Study .pdf

  • 1. Module: CST2572 Secure Web Technologies Assessment 1: Case Study / Scenario Context: A client calls you first thing on a Saturday morning, panicking as their website has been hacked. The website is for a major national health conference with NHS as a leading promotor. Other details: - The server had auto-malware checks on it which shut the site down - The server is an Apache server setup in a VM by a host - The setup also contains the company's main health website with a member's database - All websites are designed and running WordPress - There is admin access via a username/password - The web developers have declared that what has happened is 'out of their remit' Describe: How do you initially reconnaissance and discover what has occurred? How do you remedy? How do you clean-up and restore? Mitigate? Ensure you provide diagrams of the system and any upgrades or updates that are needed.