wk-13 D2

  
Question:1 
Fruhlinger (2018) posted about the Wannacry ransomware attack of May 2017. This was, in the opinion of many experts, a warning attack. If the hackers had not left a ‘kill-switch’ within the code of the ransomware the attack could have been worse and impossible to stop. The Windows application that this attack took advantage of was the SMB protocol which allows communication between computers in a network. The vulnerability in the SMB protocol had been discovered by the NSA who had, instead of reporting it, used it to create the EternalBlue exploit. This exploit was released to the public and has been used since for many different types of attacks (Schirmarcher, Ondrus & Tan, 2018).
This was a security misconfiguration vulnerability in the OWASP top ten. This is because the SMB protocol could have been secured if only network admins around the world had bothered to install the patch that had already been released by Microsoft. The availability and confidentiality components of the CIA triad were affected by this ransomware attack. 
After the attack there has been a lot of talk as to the future of cybersecurity and how easy it is for exploits such as these to spread globally. Once more it seems that the industry is far behind the attackers when it comes to anticipating exploits. This is especially made worse by the fact that there is negligence by corporations e.g. some corporations still use Windows XP.
Answer:
I want 250 words explanation on above paragraph with 3 reference, your sentence must be start from, I like your post, I would like to add some more details on your discussion….

Question:2 
Application vulnerabilities are increasing in today’s world by different kinds of attacks such are phishing, crypto-jacking, Service attacks etc. This kind of vulnerabilities can occur in different places like user personal computers, client machines or within the end-user workstations. In order to avoid these kinds of vulnerabilities companies must take precautions in discovering and preventing the attacks.
There are several kinds of vulnerabilities are occurred in the Microsoft. Such is, an elevation privilege vulnerability have occurred .net framework which could give access to an unauthorized person or an intruder at an elevated level. With this elevated privilege vulnerability, an entire organization would be in danger as this could give access to whole data or files in the organization. The Broken access control, insecure deserialization will be applicable to this kind of vulnerability. All there CIA components will come into the picture. The insecure deserialization can be detected through the application security tools where a broken access control needs to do testing through the testing tools and also penetration testing will be helpful in identifying the non-functional access controls.
There was a problem associated with Microsoft excel which is an information disclosure vulnerability. Authentication is not required to exploit this vulnerability and coming to the CIA triad it is impacting the confidentiality component.  We can protect this kind of vulnerability through testing before launching into the real world.
Answer:
I want 250 words explanation on above paragraph with 3 reference, your sentence must be start from, I like your post, I would like to add some more details on your discussion….

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more