Hypertext Transfer Protocol and Web Application
Lab #1: Evaluate Business World Transformation- Impact of the Internet and WWW Learning Objectives and Outcomes.
1. From the results of Lab #1- Business Application Impact Analysis Worksheet, what do you consider to be the greatest type of risk and why?
a. The greatest will be
2. Why is it critical to perform periodic web application vulnerability assessments and penetration tests?
a. To keep the system from getting hack
3. What kind of web application does Damn Vulnerable Web Application (DVWA) use?
a. It uses PHP/MySQL web application
4. Why is connecting your web servers and web applications to the Internet like opening Pandora’s Box?
a. Because my problems can arise, all the vulnerabilities could be exploited
5. What does the skipfish application do and why is it a good security tool for web servers and web application testing?
a. Skipfish is an active web application security reconnaissance tool.
6. What is tcpdump and why is it a good tool for application for testing the Ubuntu Linux web server and web application security?
a. Tcpdump is an open source command-line tool for monitoring (sniffing) network traffic.
b. At an Ethernet segment, Tcpdump operates by putting the network card into promiscuous mode in order to capture all the packets going through the wire. Using Tcpdump we have a view on any TCP/UDP connection establishment and termination and we can measure the response time and the packet loss percentages To print
7. What does the Firefox live HTTP headers plug-in application do, and why is this a good tool for web server and web application security testing?
a. Live HTTP Headers is a really helpful penetration testing add-on for Firefox. It displays live headers of each http request and response. You can also save header information by clicking on the button in the lower left corner. I don’t think that there is any kind of need to tell how important this add-on is for the security testing process
8. What does using the “-h” switch
1. From the results of Lab #1- Business Application Impact Analysis Worksheet, what do you consider to be the greatest type of risk and why?
a. The greatest will be
2. Why is it critical to perform periodic web application vulnerability assessments and penetration tests?
a. To keep the system from getting hack
3. What kind of web application does Damn Vulnerable Web Application (DVWA) use?
a. It uses PHP/MySQL web application
4. Why is connecting your web servers and web applications to the Internet like opening Pandora’s Box?
a. Because my problems can arise, all the vulnerabilities could be exploited
5. What does the skipfish application do and why is it a good security tool for web servers and web application testing?
a. Skipfish is an active web application security reconnaissance tool.
6. What is tcpdump and why is it a good tool for application for testing the Ubuntu Linux web server and web application security?
a. Tcpdump is an open source command-line tool for monitoring (sniffing) network traffic.
b. At an Ethernet segment, Tcpdump operates by putting the network card into promiscuous mode in order to capture all the packets going through the wire. Using Tcpdump we have a view on any TCP/UDP connection establishment and termination and we can measure the response time and the packet loss percentages To print
7. What does the Firefox live HTTP headers plug-in application do, and why is this a good tool for web server and web application security testing?
a. Live HTTP Headers is a really helpful penetration testing add-on for Firefox. It displays live headers of each http request and response. You can also save header information by clicking on the button in the lower left corner. I don’t think that there is any kind of need to tell how important this add-on is for the security testing process
8. What does using the “-h” switch