Explain what Primary CIS Control was violated and why the control is critical. A Software as a Service (SaaS) company hosts web portals to allow its auto parts customers to manage their inventories. Recently, they suffered a breach, which resulted in the compromise of all of their customers' data. The root cause of the breach was determined to be a combination of vulnerabilities within their web application, namely cross site scripting (XSS) and SQL injection.

Explain what Primary CIS Control was violated and why the control is critical. A Software as a Service (SaaS) company hosts web portals to allow its auto parts customers to manage their inventories. Recently, they suffered a breach, which resulted in the compromise of all of their customers' data. The root cause of the breach was determined to be a combination of vulnerabilities within their web application, namely cross site scripting (XSS) and SQL injection.

Fundamentals of Information Systems

8th Edition

ISBN:9781305082168

Author:Ralph Stair, George Reynolds

Publisher:Ralph Stair, George Reynolds

Chapter3: Database Systems And Applications

Section: Chapter Questions

Problem 3PSE

See similar textbooks

Similar questions

Database backup and recovery protocols should be discussed, as should their significance. The next step is to discuss the components that a backup and recovery strategy must contain.
In your perspective, what are the primary duties of a database administrator, ranked in order of importance? What methodologies can be employed to ascertain the optimal maintenance techniques for our Local Area Network (LAN)?
In some high-profile cases, hackers broke into customer databases and stole sensitive information. Your first order of business is to identify a business that has had its database compromised. What should set database security apart from system-wide security? Does this have any repercussions on the way the internet stores data? If that's the case, what strategy would you use?
In your perspective, what are the three most important tasks of a database administrator?How do we find out what kinds of preventative care are best for our LAN?
Which web application attack is most likely to harvest pieces of a database's private data? What security safeguards might be implemented to protect your production SQL databases against injection attacks? What can you do to guarantee that penetration testing and web application testing are included in your organization's implementation procedures?
Describe the role of distributed transactions and two-phase commit protocols in ensuring data integrity.
The bank manager wants to find the abnormal transactions done in their credit card payment section to prevent unauthorized transactions of the cards issued by the bank. Assume the bank manager will monitor the abnormal activities of the transaction database to find such malicious transactions. Demonstrate how the outliers detection mechanism in a dataset can help the bank manager and list down at least any four of applications of outliers.
How does "data masking" contribute to security during database connectivity?
How can "load balancers" improve database connectivity in high-traffic scenarios?
Describe the principles of role-based access control (RBAC) in data security.
Client data was stolen as a consequence of database hacking at several well-known businesses. Finding a company whose database has been hacked is your first priority. Second, how should the security of the database differ from that of the rest of the system? Does it affect web data structures in any way? If so, what approach would you take?
Within the context of Big Data and Cloud Computing, what exactly is meant by the term "Distributed Lock Service"?