aws dev ops

Suljettu Julkaistu 2 kuukautta sitten Maksettu toimituksen yhteydessä
Suljettu Maksettu toimituksen yhteydessä

Task 1. Security Testing and Vulnerability Analysis of the Assignment 1 Project (30 Marks)

For this task, you should use the ZAP project to conduct automated and manual security testing of

the project. Describe in detail the steps of your testing and discuss the outcomes of the testing

results. You may discuss whether a testing approach is more effective and what you have done to

enhance the number and/or the accuracy of the detected vulnerabilities.

You are required to analyze 3 potential security vulnerabilities. The 3 vulnerabilities you identify

should be of 3 different classes, and you should classify them using 3 distinct CWE codes. Higher

marks will be given to vulnerabilities that cover a broader range or are very different in nature.

For each of the vulnerabilities, you should write a short report discussing the following:

• How the vulnerability was detected, e.g., through one method or a combination of multiple


• A description of the vulnerability, including

o typical example(s) of the vulnerability with explanations,

o how the vulnerability may be exploited, e.g., example inputs from malicious users that

can trigger the attack, and

o consequences of the vulnerability being exploited.

• A justification of why the vulnerability you identified in the project is indeed a security

vulnerability corresponding to the CWE classification. You may achieve this by one or more of

the following:

o Verify the vulnerability by trying to exploit it and describe in detail what action you


o Perform a code review to identify the source code instance, describe where it appears

in the project, and provide the code snippets.

o Conduct some research and cite references to support your claims.

• A recommendation of remediation that would fix the vulnerability or a discussion on why

remediation is challenging. Ideally, a fix is provided specific to the project, e.g., by revising the

source code.

You should not write more than 2 pages for each vulnerability and use an appendix if necessary. The

report format for each vulnerability should contain the following headings.

• Name:

• CWE Code:

• Detection:

• Description:

o Examples:

o Exploitation:

o Impact:

• Justification:

o Verification (optional):

o Code Source (optional):

o Supporting Data (optional):

• Remediation:

Task 2. Containerize and Run a Different Project (30 Marks)

For the second task, you need to find a different project on GitHub and run the project using Docker

containers, including at least 3 containers:

• one that runs the front-end Web application,

• one that runs the back-end database, and

• one that runs a Nginx proxy to allow secure HTTPS connections for the project.

Note that the project you find online must have a front-end and a back-end but may not have the

reverse proxy part --- you can add the proxy container yourself.

You can run each container individually, or use docker-compose, or Kubernetes. You should

demonstrate that your containers are working together in the same way as Assignment 1.

Task 3. Security Testing and Vulnerability Analysis of the Task 2 Project (30 Marks)

For the third task, you should use the ZAP to conduct automated and manual security testing of the

project from Task 2 and analyse 3 potential security vulnerabilities belonging to 3 different classes in

the same way as Task 1.

It is not required that these 3 vulnerabilities belong to 3 classes that are completely different from

those in Task 1, but higher marks will be given to vulnerabilities that are so.

Tietoturva testaus/laadunvarmistus Internet-turvallisuus Verkkoturva Amazon Web Services

Projektin tunnus: #37203970

Tietoa projektista

12 ehdotusta Etäprojekti Aktiivinen kuukausi sitten

12 freelanceria on tarjonnut keskimäärin $84 tähän työhön


Hi, I am Haresh, having 12+ years of experience in Software Testing Industry. - Having unique blend of knowledge in Quality Product Delivery, Processes Management, Functional testing, Integration and regression tes Lisää

$20 AUD 7 päivässä
(14 arvostelua)

Hello i am a Cybersecurity engineer and I am well experienced with devsecops, i have read your description and i can do the 3 tasks just contact me and let me handle it for you.

$20 AUD 7 päivässä
(1 arvostelu)

[✔] DATABASE EXPERT: You have received a 30% discount ($30) on Project 'aws dev ops '. (Recently finished a comparable work) - As a result, you should expect better outcomes in a shorter period (2 days). (Immediately a Lisää

$70 AUD 2 päivässä
(3 arvostelua)

Hello, I'm a seasoned cybersecurity and DevOps specialist with a strong background in security testing, vulnerability analysis, and containerization. I am excited to offer my expertise to complete your project effici Lisää

$65 AUD 5 päivässä
(0 arvostelua)

I am excited to submit my bid for the Security Testing and Vulnerability Analysis project you posted. With a strong background in security testing and a proven track record in vulnerability analysis. Here's how I plan Lisää

$30 AUD 7 päivässä
(0 arvostelua)

Hi dear sir. My name is Anil. I am a professional pen tester. I understand your project. I have experience in doing such work. You can pay me if you want to do the work. thank you

$60 AUD 2 päivässä
(0 arvostelua)

I'm a Lead Engineer to AWS Cloud & DevSecOps team and I apply best practices for securing infrastructure by following OWASP top 10 the most critical web application security risks such as injection, broken authenticati Lisää

$25 AUD 7 päivässä
(0 arvostelua)

I understand that you are looking for a freelancer to conduct security testing and vulnerability analysis of your Assignment 1 Project and Task 2 Project. My skillset includes computer security, Internet Security and w Lisää

$20 AUD 7 päivässä
(0 arvostelua)