Question:
a) Give an example of a Cross Site Scripting (XSS) attack. Include an explanation of the differences between reflective and stored XSS attacks.
b) Give an example of a SQL Injection attack. Why does the back end database make a difference in how it works What kind of information or access could be compromised with SQL injection attacks?
c) What part of the e-mail process does SSL/TLS generally secure? Is this end-to-end security? Describe. What standards provide end-to-end security?
Project:
Buffer overflows are a fairly common vulnerability. They can crash an application, allow unauthorized people access, process unintended payloads, etc. Most students just learning about the field of IT security can hear about buffer overflows but don't really understand how they work.
The subsequent online example is a great demonstration of how buffer overflows actually work. It really helps students understand how buffer overflows work if they can see a graphical representation. They can visualize the memory space and how the overflow may affect the underlying code.