Which explanation about a Cross-Site Request Forgery (CSRF) is not correct? Justify your choice.

Discussion Questions

Help with discussion question app format with references. Provide answer under the question. DO NOT NEED A PAPER.

Part 1

In this module, the HPP (HTTP Parameter Pollution) vulnerability and CSRF (Cross-Site Request Forgery) attack are discussed. As a security professional for a large on-line organization, what are some security measures you would take to reduce the risk of these potential vulnerabilities and attacks? Please respond in 200 words or more.

Please use at least 1 cite using APA format.

Part 2

Which explanation about a Cross-Site Request Forgery (CSRF) is not correct? Justify your choice.

  • CSRF tokens and CORS can be used in reducing the threat of a CSRF attack.
  • CSRF tokens are an unsecure method to defend against CSRF attacks.
  • Session tokens are considered a better security prevention method than cookies when analyzing mitigations against CSRF threats.
  • A successful CSRF attack can result in the attacker being able to modify server-side information about a user’s account compromising it for malicious intent.
  • CSRF attacks can manipulate the authentication method of user’s session, such as basic authentication protocol or cookies, to access their bank account and transfer money without their knowledge

Part 3

Title: Cyberwar

We’ve seen numerous examples this week of the damage that many experts believe cyberwar can cause. Even with limited resources, nearly any entity with enough knowledge can conceivably cause widespread damage and chaos. But despite the awesome impact that cyberwar can have and the recent polarization of global politics, we have yet to devolve full-blown cyberwar. We’ve certainly seen examples of “cyber actions” such as Stuxnet, but thus far no entity has taken the next step. There are a myriad of reasons for “holding back,” many of which we’ll explore later in the course. But since 9/11, extremism, nationalism, the war on terror, and other geopolitical events have driven the level of global conflict to level not seen in decades. Despite all of this, there has not yet been a true cyberwar.

During the cold war experts remained hyper-focused on the threat of nuclear war, but obviously that never occurred. If we look at the cyberwar threat in the same light, does that mean that the very idea of cyberwar just too far-fetched to ever become reality? Or is our world so different now that cyberwar is a real possibility in a way that nuclear war never was?

Part 3 a

Connect the Dots DB (Weekly)

This is an exercise where you “connect the dots” to a region of the world (of which you are assigned) and the topic(s) of the week. This will be done through a series of DB-based activities where you introduce the class to a series of artifacts- these artifacts shall link, in some way, implicit or explicit, the your region and that weeks topic and assigned reading in a way that is useful, prescient, and interesting.

Here is how it works:

o You will have a wide amount of latitude with this but the object is for you to develop some regional knowledge throughout the quarter and share your findings with the class.

o The nature of the artifacts can be anything that can be plugged into the DB- images, maps, videos, reports, whatever… be creative. They can be linked or embedded… if it is embeddable (such as an image) you should opt for that approach.

o You need 2 artifacts for each week where you post.
o In your post you will include a written statement where you explain how your artifact does, indeed,

‘connect the dots’.

o The artifacts must be from 2016 or more recent.

 

 

 

for part 3 A my region is North America

Answer preview………………………

apa 947 words

Share this paper
Open Whatsapp chat
1
Hello;
Can we help you?