short answer questions
complete the lab template. On the word, doc ignore the screenshots. Answer the question in two to three sentences.
Lab #1 – Assessment Worksheet
Evaluating Web Server Vulnerabilities
Course Name and Number:
Lab Due Date:
Lab Assessment Questions
1. What are some of the greatest risks businesses face when connecting to the
2. Why is it critical to perform periodic web-application vulnerability assessments
and penetration tests?
3. Why might connecting your web servers and web applications to the Internet
be like opening Pandora’s Box?
4. What does the Skipfish application do, and why is it a good security tool for
web servers and web application testing?
5. What is tcpdump, and why is it a good tool for testing the Ubuntu Linux web
server and web application security?
6. What does the Firefox Live HTTP Headers plug-in application do, and why is
this a good tool for web server and web application security testing?
7. What does using the -h switch for tcpdump and skipfish do?
8. What information can you determine from the ifconfig -a command?
- Course Name andNumber:
- LabDue Date:
Startanswering the question Below
Each answer should be 2 to 3 sentences long.
Describe How does tcpdump ID vulnerabilities in web traffic
2.Describe how skipfish can ID vulnerabilities in web traffic
3.Summarize the type of information identified by the live HTTO headers add on
4.Describe how live HTTP headers add on can id vulnerabilities in web traffic.
Part 3 how business threats posed by each and explain effect if web application is compromised.
1- A publicly traded retailer with retail outlets and online shopping and shipping options
2- A small, private law firm whose small website features forms for potential clients to complete that require name, address, contact number, and reason for scheduling an appointment
3- A real estate appraisal company that provides residential-loan applicants of a publicly traded financial institution with online appraisals – all applicant information is sent to the appraisal company electronically
4- A Web hosting company that provides leased servers for the websites of clients, ranging from small firms to large online retailers
5- A city government that allows people with parking tickets to pay the fines online using a credit card or online check
6- A local residential-cleaning business with a website that acts as a company brochure; no forms of any type are located on the website
7- A software development company that develops and licenses online shopping software to large corporations
8- A private, locally owned bank with a website that accepts loan applications online
9- A local doctor’s office that maintains all patient information within the office; it doesn’t share electronically with any entities and doesn’t have a website or use any custom-developed software
10- An online-only retailer which sells athletic equipment using shopping-cart software that has been developed in-house and uses PayPal whenever a customer makes a purchase