Suppose you are working in Techmart Inc.
which sells various products through its website.
Due to some recent losses, you are trying to identify the most important risks to the Website.
Based on feedback from several experts, you have come up with a list.
You now want to prioritize these risks.
Now in which category you would put the risk concerning the modification of the Website by unauthorized parties.
Click on the arrows to vote for the correct answer
A. B. C. D.B.
Website defacing is an attack on a website by unauthorized party that changes the visual appearance of the site or a webpage.
These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own.
Incorrect Answers: A: Ping Flooding is the extreme of sending thousands or millions of pings per second.
Ping Flooding attack can make system slow or even shut down an entire site.
C: A denial-of-service attack (DoS attack) is an attempt to make a computer or network resource unavailable to its intended users.
One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable.
D: The FTP bounce attack is attack which slips past application-based firewalls.
In this hacker uploads a file to the FTP server and then requests this file be sent to an internal server.
This file may contain malicious software or a simple script that occupies the internal server and uses up all the memory and CPU resources.
The risk concerning the modification of the website by unauthorized parties is related to the website's integrity, which is one of the three aspects of information security (confidentiality, integrity, and availability). It means that unauthorized parties may modify the website's content, layout, or functionality, leading to a loss of trust, reputation, and revenue.
Out of the given options, the most relevant category for this risk is "Web defacing." Web defacing is a type of attack that involves changing the visual appearance of a website, usually by replacing the homepage with a hacker's message or graphic. This attack can be achieved through various methods, including exploiting vulnerabilities in the website's code, stealing login credentials, or using phishing techniques to trick users into giving up their access rights.
Ping Flooding Attack, Denial of Service (DoS) Attack, and FTP Bounce Attack are all related to the availability aspect of information security. A Ping Flooding Attack is a type of DoS attack that involves sending a large number of ping requests to a target computer or network, causing it to become overwhelmed and unable to respond to legitimate requests. A Denial of Service (DoS) Attack involves flooding a website with so much traffic that it becomes overloaded and unavailable to legitimate users. FTP Bounce Attack is a type of attack that exploits vulnerabilities in the FTP protocol to allow an attacker to connect to a third-party computer and use it to launch an attack on the target system.
In summary, the risk concerning the modification of the website by unauthorized parties belongs to the category of Web defacing, which is related to the integrity aspect of information security.