E$-$Threats mitigation techniques & recommendations

$(1)$

Briefy research what you can do to minimise the threats to the fndings in the reconnaissance phase when you tested the web application in section A$\mathrm{.}2.[2$ marks$]$

$(2)$

Briefy research how to prevent your company$$s servers from revealing too much information when an attacker conducts scanning and enumeration, similar to the activities in section A$\mathrm{.}3.[2$ marks$]$

$(3)$

Briefy research and explain how to protect your database against SQL injection exploited in section B$\mathrm{.}2.[3$ marks$]$

$(4)$

Briefy research and explain how to protect your web application against cross site Scripting attacks exploited in section B$\mathrm{.}3.[3$ marks$]$

$(5)$

Briefy research and explain how to protect your web application against cryptanalysis attacks exploited in section B$\mathrm{.}5.[3$ marks$]$

$(6)$

Investigate what activities a security analyst can carry out to protect, or at least minimize the impact of Man in the Middle attack carried out in section C$\mathrm{.}1[2$ marks$]$

$(7)$

Research the work that companies should do to ensure that their users do not fall victims to social engineering attacks similar to the attack you carried out in section C$\mathrm{.}2.[2$ marks$]$

$6$

$(8)$

Research and explain what companies do to protect their web services against a DoS attack similar to the one you have carried out in section D$\mathrm{.}1.[2$ marks$]$

$(9)$

Intrusion Detection and Prevention systems

$$

Explain the diferences between Intrusion Detection System IDS and Intrusion prevention System IPS. $[3$ marks$]$

$$

Scenario assessment: Suggest a recommendation for the scenario you have in hand and justify your answer. $[2$ marks$]$