Question
The Internet has turned into an around-the-clock battleground of attackers and attackers. It is estimated that there are millions of compromised computers and servers known as bots, which are distributed throughout the world at any given time. Bots are responsible for becoming spam bots, web spiders, DDoS attackers, and can be used for other destructive and illegal activities.
To ensure that the Zeus Books web server doesn't become a bot, it is important the webserver is secured and protected from being compromised through exploits and attacks. Zeus Books is requesting you to perform a web server security mitigation assessment.
In the assessment, Zeus Books has requested that you provide three known exploits on the following products and the solutions to mitigate any possible attacks leveraging versions you are currently running the Zeus Books website on:
• Windows
• Hypervisor (the one you recommended in the discussion assignment)
• Apache 2.X
• PHP
Based on your understanding of web server security, create a 4- to 5-page report in a Microsoft Word document answering the following:
• Discuss three known vulnerabilities or exploits on the technologies above.
• Discuss how you will be able to mitigate the known vulnerabilities or exploits.
• Discuss any security software or hardware components which should be used to protect Zeus's website.
• Discuss how you plan to monitor the Zeus Books web server for ongoing security alerting.
Support your responses with examples.
Cite any sources in APA format.
Solution Preview
This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.
1. Three known vulnerabilities or exploitsa. Hypervisor : MS HyperV Persistent DoS Vulnerability\
o Description :
• A security vulnerability was found in the driver vmswitch.sys, associated to the Windows Hypervisor subsystem, allowing an authenticated local DoS. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. The impact is all guests on that host became non-responsive.
• An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. As a result, an attacker logged with admin privileges on a guest VM may cause:
All applications in virtual machines stop responding.
The host kernel CPU usage rises up to 100...