SEC 435 Entire Course NEW

STRAYER SEC 435 Week 1 Discussion Session
Hijacking NEW
http://www.uopassignments.com/sec-435-
strayer/sec-435-week-1-discussion-session-
hijacking-recent
For more classes visit
http://www.uopassignments.com
You will need to create your own original
thread. The create thread button is in the upper
left corner once you click on the link above.
"Session Hijacking" Select one of the following and
discuss in no less than three paragraphs, and have
at least one response to another student of at least
one paragraph:
• Consider the “What if” case in Chapter 1 from the
Book: Web Applications and Data Servers and
respond to one or more of the questions asked.
• Research the web, and discuss any recent story
concerning session hijacking. Provide summary
and discussion on what might have been done to

prevent such hijacking, or how such hijacking can
be recognized.
• Any current topic or article related to
penetration techniques.
• The instructor insight.

STRAYER SEC 435 Week 1 Lab NEW
strayer/sec-435-week-1-lab-recent
Click the link above to submit your assignment.
Students, please view the "Submit a Clickable
Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the
Instructor Center.
If you have not logged into the iLabs environment
yet, use your access code emailed to you by the
bookstore when you purchased the books to
register.
Lab Assignments
Submit each lab based on the following:
1. Log into the EC-Council iLab environment.
2. Complete the weekly lab assignment
described below using EC-Council iLab.
3. Submit the screenshots for the steps specified

in each lab assignment.
4. Write a short answer in Word format and
include with the assignment submission link the
following:
a. Summarize the technical experiences in
completing the lab assignment.
b. Identify the commands that were of greatest
benefit to you.
c. Provide general comments on the overall lab
assignment experience.
Note: This is an academic writing assignment.
Correct punctuation, grammar, and spelling are
necessary. Points may be deducted for poor
writing.
Lab Assignment 1
Due Week 1 and worth 30 points
Complete the following EC-Council Labs.
Note: Lab 1 contains deliverables that are partially
derived from the following course required
textbook: EC-Council Press. (2017). Ethical
Hacking and Countermeasures: Web Applications
and Data Servers (2nd ed.). Cengage Learning.

STRAYER SEC 435 Week 2 Discussion Web
Application Threats NEW
strayer/sec-435-week-2-discussion-web-
application-threats-recent
"Web Application Threats" Select one of the
following and discuss in no less than three
paragraphs, and have at least one response to
another student of at least one paragraph:
• Review the attacks listed on the OWASP website,
located at
https://www.owasp.org/index.php/Category:Attac
k. Focus on selecting three attacks that you believe
to be the greatest security threat, rank what you
believe to be the top three greatest security
threats (e.g., cookie/session poisoning, platform
exploits, etc.), and provide a rationale for your
rankings. Explain the key inherent dangers of the
chosen threats, and indicate the key reasons why

you believe such threats pose more of a risk than
other current ones in existence. Justify your
answer.
• Review the attacks listed on the OWASP website,
located at
https://www.owasp.org/index.php/Category:Attac
k. Focus on selecting three attacks that you believe
to be the greatest security threat, rank what you
believe to be the top three greatest security
threats (e.g., cookie/session poisoning, platform
exploits, etc.), discuss the appropriate
countermeasures that security personnel could
utilize in order to minimize the damage of such
threats. Determine whether or not the
countermeasures that you have ranked are
reactive or proactive in nature, and suggest the
primary ways in which each countermeasure
could assist in preventing further damage from the
threats in question. Explain whether or not
honeypots would assist in protecting and
evaluating the three threats selected. Provide a
rationale for your response.

STRAYER SEC 435 Week 2 Lab Hacking
Webservers NEW
strayer/sec-435-week-2-lab-hacking-
webservers-recent
Lab Assignment 2
Lab 1 (Exercise II): “Footprinting Webserver Using
the httprecon Tool”
Lab 2 (Exercise III): “Footprinting a Webserver
Using ID Server”

STRAYER SEC 435 Week 3 Discussion Cracking
NEW
strayer/sec-435-week-3-discussion-cracking-
recent
"Cracking" Select one of the following and discuss
in no less than three paragraphs, and have at least
one response to another student of at least one
paragraph:
• Based on the “What if” case in Chapter 4 from the
Book: Web Applications and Data Servers discuss
the ethical aspects of what Regi did, and the
possible ramifications of his actions.
• Based on the “What if” case in Chapter 5 from the
Book: Web Applications and Data Servers discuss
the ethics of whether the company had an
obligation to report or not, and why? What would

you have done and why?

STRAYER SEC 435 Week 3 Lab Hacking Web
Applications NEW
strayer/sec-435-week-3-lab-hacking-web-
applications-recent
Lab Assignment 3
Lab 3 (Exercise I): “Exploiting Parameter
Tampering and XSS Vulnerabilities in Web
Applications”

Lab 4 (Exercise VII): “Website Vulnerability
Scanning Using Acunetix WVS”

STRAYER SEC 435 Week 4 Discussion SQL Injection
Attacks and Preventions NEW
strayer/sec-435-week-4-discussion-sql-
injection-attacks-and-preventions-recent
"SQL Injection Attacks and Preventions" Select one
of the following and discuss in no less than three
• Read Sammut, T., &Schiffman, M. (2013, April 5).
Understanding SQL Injection. Retrieved from
http://www.cisco.com/web/about/security/intelli
gence/sql_injection.html.
Read Wichers, D., Manico, J., &Seil, M. (2014, April
12). SQL Injection Prevention Cheat Sheet.
Retrieved from

https://www.owasp.org/index.php/SQL_Injection_
Prevention_Cheat_Sheet.
Describe the major concerns that information
security professionals and SQL database
administrators should have with SQL injection
attacks. Additionally, provide the key reasons why
you believe such attacks are popular among
hackers, both malicious and ethical. Justify your
response.
• Suggest what you believe to be the two most
critical best practices for protecting against SQL
injection attacks, and establish whether or not you
believe that there are significant efforts for
security professionals who implement these best
practices. Provide a rationale for your response.

STRAYER SEC 435 Week 4 Lab SQL Injection NEW
strayer/sec-435-week-4-lab-sql-injection-
recent
Lab Assignment 4
Lab 1 (Exercise I): “SQL Injection Attacks on MS
SQL Database”

STRAYER SEC 435 Week 5 Discussion Case Study
NEW
strayer/sec-435-week-5-discussion-case-
study-recent
Case Study" Have an original post of no less than
three or four paragraphs, and offer advice of a
paragraph or two to at least one other
student. This is the proposal for your term paper
due in week 9. Papers should not be written in a
one week or weekend, but should take some time
to research, consider, and then draft. Once
drafted, ideally, one sleeps on the paper, so one
can proof and revise one last time before
submitting the final draft.
I expect a 400 level paper, so give some thought to
your case study and provide me a short synopsis of

what you hope to look at, why, and what you hope
to learn or accomplish.
• Research the web and find an appropriate
incident related to either a successful or failed
penetration testing effort, or a successful or
unsuccessful hacking attempt against an
organization, business or government facility. For
the discussion lay out the basic details of the case,
why you chose this case, and speculate on what
specific lessons you learned from the case, as well
as possible recommendations for future situations.
This proposal should be no less than three or four
paragraphs.

STRAYER SEC 435 Week 6 Discussion Macs and
Viruses NEW
strayer/sec-435-week-6-discussion-macs-and-
viruses-recent
"Macs and Viruses" Select one of the following and
one paragraph:
• A common misconception with Mac OS X systems
is that they are not as susceptible to viruses and
malware as PCs and therefore do not require users
to apply additional security measures. Discuss
whether or not you believe this is true. Provide a
• Review current Mac security features from
Apple’s website located at
http://www.apple.com/macos/security, and read
the article 10 Best Antivirus for the Mac at

http://techtop100.com/9-best-antivirus-for-mac-
do-macs-need-antivirus-best-free-mac-antivirus.
Select two tools, and research their features,
functionality, provided protections, mitigated
risks, costs, and any other pertinent information.
Evaluate the quality of at least two of the selected
Mac security tools, based on their available
features, functionality, provided protections,
mitigated risks, costs, and any other pertinent
information discovered in your research. Decide
whether or not you would recommend either of
the tools for a Mac user. Justify your response.

STRAYER SEC 435 Week 6 Lab Assignment
5Hacking Wireless Networks NEW
strayer/sec-435-week-6-lab-assignment-
5hacking-wireless-networks-recent
Lab Assignment 5
textbook: EC-Council Press. (2017). Secure
Network Operating Systems and Infrastructures.
(2nd ed.). Cengage Learning.
Lab 1 (Exercise I): “Cracking a WEP Network with
Aircrack-ng for Windows.”

STRAYER SEC 435 Week 7 Discussion Mobile
Malware NEW
strayer/sec-435-week-7-discussion-mobile-
malware-recent
"Mobile Malware" Select one of the following and
one paragraph:
• Determine whether or not you believe both that
mobile malware is the new frontier for virus
makers and hackers and whether or not mobile
device security concerns will surpass those of
standard computing devices over the next five
years (e.g., desktops, servers, etc.). Justify your
response.
• Analyze the mobile device OS that you believe is
the easiest to hack. Additionally, explain the
ineffective security features that are utilized by
this specific mobile device OS, and indicate the key

reasons why you believe the security feature is
failing to provide better protection. Provide a

STRAYER SEC 435 Week 7 Lab Assignment 6
Hacking Mobile Platforms NEW
strayer/sec-435-week-7-lab-assignment-6-
hacking-mobile-platforms-recent
Lab Assignment 6
Lab 1 (Exercise I): “Creating Binary Payloads using
Kali Linux to Hack Android.”
Lab 2 (Exercise I): “Harvesting Users’ Credentials
Using Social Engineering Toolkit.”

STRAYER SEC 435 Week 8 Discussion What If NEW
strayer/sec-435-week-8-discussion-what-if-
recent
"What If?" Select one of the following and discuss
in no less than three paragraphs, and have at least
one response to another student of at least one
paragraph:
• Read the “What if” case in Chapter 3 from the
Book: Secure Network Operating Systems and
Infrastructures provide a brief summary and
respond to the two questions that are asked.
• Discuss any aspect of “honeypots” and share your
views on the value of such honeypots for ethical
hackers, or how as a security professional you can
protect yourself against providing such honeypots
for exploitation.

• The instructor insight

STRAYER SEC 435 Week 8 Lab Assignment 7
Evading IDS, Firewalls and Honeypots NEW
strayer/sec-435-week-8-lab-assignment-7-
evading-ids-firewalls-and-honeypots-recent
Lab Assignment 7
Lab 1 (Exercise I): “Detecting Intrusions using
Snort”

STRAYER SEC 435 Week 9 Discussion GET and
POST NEW
strayer/sec-435-week-9-discussion-get-and-
post-recent
Select one of the following and discuss in no less
than three paragraphs, and have at least one
response to another student of at least one
paragraph:
• Imagine that a systems administrator for a
midsized company has recently noticed numerous
odd characters in the log servers. Specifically, http
“GET” and “POST” log entries within their
externally facing IIS version 5 web server. Discuss
the use of the “GET” and “POST” commands and
decide whether or not there are concerns with
their presence on the externally facing web server.
Next, provide your analysis of the most damaging
attack (i.e. XSS, SQL Injection, CSS, and Race

conditions) against Internet Information Services
(IIS). Support your rationale.
• Describe the most prominent signs that a
database attack has occurred. Suggest the main
steps that one would take to recover from such an
attack. Next, propose one strategy you would use
to prevent such attacks.
• The instructor insight

STRAYER SEC 435 Week 10 Discussion Encryption
in Organizations NEW
strayer/sec-435-week-10-discussion-
encryption-in-organizations-recent
"Encryption in Organizations" Select one of the
following and discuss in no less than three
· Suppose an executive-level manager asked
you to explain the importance of encryption. Detail
the key points that you would use to justify the
importance of using encryption during the overall
security posture analysis of the executive-level
manager’s organization.

· Research the web for examples of the manner
in which security professionals could use
encryption in organizations today (e.g., database
encryption), describe at least two uses of
encryption within organizations today that you
found in your research. From the uses identified,
indicate the information resource the encryption
is designed to protect. Assess the importance of
protecting such an information resource from a
security perspective.
· Any current topic or article related to
· The instructor insight.

SEC 435 Entire Course NEW

Recommended

Recommended

More Related Content

Similar to SEC 435 Entire Course NEW

Similar to SEC 435 Entire Course NEW (20)

More from shyamuopuop

More from shyamuopuop (20)

Recently uploaded

Recently uploaded (20)

SEC 435 Entire Course NEW