(Solved Homework): Write 400–600 words that respond to the following questions with your thoughts, ideas, and comments. This will be

Write 400–600 words that respond to the following questions with your thoughts, ideas, and comments. This will be the foundation for future discussions by your classmates. Be substantive and clear, and use examples to reinforce your ideas:

The management team is concerned about having the data for the music application in a single spot, and how having this setup could make this server more of a target or put it at higher risk than others. They would like to better understand what are the actual risks with having a database running inside the information systems infrastructure. Prepare a report for the management team that describes the following:

The security concerns or vulnerabilities associated with the DBMS.

The security concerns or vulnerabilities associated with the database.

What safeguards could be implemented to reduce the risk for each.

Expert Answer

 Increase in usage of databases, the frequency of attacks against databases has also increased.

Reason is the increase in access to data stored in databases. When the data is been accessed by many people, the chances of data theft increases.

it is often the staff of an enterprise — database developers, administrators and the like — who create the environment necessary for attacks to gain access to data.

Databases are a key target for cybercriminals due to the often-valuable nature of sensitive information in the database. Whether the data is financial or holds intellectual property and corporate secrets, hackers worldwide can profit from breaching a businesses’ servers and plundering databases.

Vulnerabilities often found in database-driven systems are:

1. Deployment Failures

The most common cause of database vulnerabilities is a lack of testing when they are deployed. Although any given database is tested for functionality and to make sure it is doing what the databases is designed to do, very few checks are made to check the database is not doing things it should not be doing.

Solution: Through testing to check if database is failing in some cases like putting excess load, making an artificial power failure or passing high voltage currents etc.

2. Data leaks

Databases may be considered a “back end” part of the office and secure from Internet-based threats (and so data doesn’t have to be encrypted), but this is not the case. Databases also contain a networking interface, and so hackers are able to capture this type of traffic to exploit it.

Solution: administrators should use SSL- or TLS-encrypted communication platforms.

3. Stolen database backups

insiders are also likely to steal archives, database backups for money, profit or revenge. This is a common problem for the modern enterprise,

solution: Businesses should consider encrypting archives and backups to mitigate the insider-risk.

4. A lack of segregation

An administrator can have full privilege to view all data’s in the database. Hackers can somehow gain access via administrator credentials and steal data.

Solution: The separation of administrator and user powers, as well as the segregation of duties, can make it more difficult for fraud or theft undertaken by internal staff. In addition, limiting the power of user accounts may give a hacker a harder time in taking complete control of a database.

5. Hopscotch

Hackers find a weakness within the infrastructure that can be used as leverage for more serious attacks until they reach the back-end database system. For example, a hacker may worm their way through your accounts department before hitting the credit card processing arena.

Solution: Unless every department has the same standard of control, creating separate administrator accounts and segregating systems can help mitigate the risk.

6. SQL injections

SQL injections remain a critical problem in the protection of enterprise databases. Applications are attacked by injections, via the url from where the database can be accessed.

Example:

Hacker can pass this sql command via the url so that the condition always evaluate to be true and will then return the information.

SELECT * FROM Users WHERE UserId = 105 OR 1=1;

Solution: protect web-facing databases with firewalls and to test input variables for SQL injection during development.

7. Front end OS vulnerabilities: Vulnerabilities in underlying operating systems like Windows, UNIX, Linux, sql express etc., and the services that are related to the databases could lead to unauthorized access. This may lead to a Denial of Service (DoS) attack.

Solution: This could be prevented by updating the operating system related security patches as and when they become available.

iWriteHomework
Order NOW for a 10% Discount
Pages (550 words)
Approximate price: -

Why Us?

Top Quality and Well-Researched Papers

All ourbpapers are written from scratch. In fact, Clients who ask for paraphrasing services are highly discouraged. We have writers ready to craft any paper from scratch and deliver quality ahead of time.

Professional and Experienced Academic Writers

Our writers keeps you posted on your papers progress - providing you with paper outline/draft. You are also at liberty to communicate directly with your writer.

Free Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.

Prompt Delivery and 100% Money-Back-Guarantee

All papers are always delivered on time, in many cases quite ahead of time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.

Essays

Essay Writing Service

No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.

Admissions

Admission Essays & Business Writing Help

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.

Reviews

Editing Support

Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.

Reviews

Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.

× Contact Live Agents