Complete the two short parts

Description

Answer prompt one and two as asked

Don't use plagiarized sources. Get Your Custom Assignment on
Complete the two short parts
From as Little as $13/Page

Unformatted Attachment Preview

Prompt 1
With the proliferation of Internet-of-Things (IoT) in all forms of environments (home, office,
factories, healthcare), security of such devices has become an increasingly critical concern.
Search the Internet and try to find a couple of security status reports and/or market studies on
misconfigured/broken authentication for IoT consumer devices.
In short, summarize the results and your opinion on why this is a major security concern.
Prompt 2
Questions
1. (10 points) Intercepting a login request with the credentials of “joe” and “pass” displays the
following URL:
http://www.wahh-app.com/app?action=login&uname=joe&password=pass
What three vulnerabilities can be diagnosed by simply looking at this URL?
2. (2.5 x 8 = 20 points) You log in to an application at the following URL:
https://app.news24hours.com/login/home.php
After successful authentication, the server sets the following cookie:
Set-cookie: sessionId=1498172056438227; domain=app.news24hours.com; path=/login;
HttpOnly;
To which of the following URLs will the sessionId cookie be submitted? Explain why or why not.
a) https://app.news24hours.com
b) https://app.news24hours.com/login/myaccount.php
c) https://web.news24hours.com/login
d) https://raw.app.news24hours.com/login/home.php
e) http://app.news24hours.com/login/myaccount.php
f) http://app.news24hours.com/logintest/login.php
g) https://app.news24hours.com/logout
h) https://testapp.news24hours.com/login/myaccount.php
Note: The HttpOnly flag does not determine whether cookies are transmitted via HTTP or HTTPS
connections. It only
specifies that cookies are not accessible via client-side scripts.

Purchase answer to see full
attachment