Cyber Security Question

Description

Please ask any questions you may have. Please ask me any questions and also the attached file is added.

Don't use plagiarized sources. Get Your Custom Assignment on
Cyber Security Question
From as Little as $13/Page

Unformatted Attachment Preview

Prompt 1
Questions
1. (10 points) Intercepting a login request with the credentials of “joe” and “pass” displays the
following URL:
http://www.wahh-app.com/app?action=login&uname=joe&password=pass
What three vulnerabilities can be diagnosed by simply looking at this URL?
2. (2.5 x 8 = 20 points) You log in to an application at the following URL:
https://app.news24hours.com/login/home.php
After successful authentication, the server sets the following cookie:
Set-cookie: sessionId=1498172056438227; domain=app.news24hours.com; path=/login;
HttpOnly;
To which of the following URLs will the sessionId cookie be submitted? Explain why or why not.
a) https://app.news24hours.com
b) https://app.news24hours.com/login/myaccount.php
c) https://web.news24hours.com/login
d) https://raw.app.news24hours.com/login/home.php
e) http://app.news24hours.com/login/myaccount.php
f) http://app.news24hours.com/logintest/login.php
g) https://app.news24hours.com/logout
h) https://testapp.news24hours.com/login/myaccount.php
Note: The HttpOnly flag does not determine whether cookies are transmitted via HTTP or HTTPS
connections. It only
specifies that cookies are not accessible via client-side scripts.

Purchase answer to see full
attachment