Instructions

Part 1 – (labs are already completed; please see screenshots on the assessment template).

Based on the specific actions taken in the lab, compare and contrast Cross-Site Scripting and SQL Injection attacks, including with the effort needed and value of each attack (please submit the answer on the assessment template part 1.3 response).

Part 2 – Security Planning: Application Security and Testing

Create an application Security and Testing policy for the company described in the Course Security Scenario. State any assumptions that you make, or details that you might add that add depth, texture, or provide a foundation for your policies. Your goal is to create an effective policy that represent modern systems assurance security practices and planning.

Application Security (please submit policy on the assessment template part 2 security planning item 2.1)

Testing (please submit policy on the assessment template part 2 security planning item 2.2)

Consider the following scoring guide criteria as you complete your assessment:

Provide required screenshots that document lab completion.

Write an application security & testing plan that is appropriate for the Course Security scenario.

Compare and contrast Cross-Site Scripting and SQL Injection attacks.