Web Security – CSCI 631

CG • Section 8WK • 11/08/2019 to 04/16/2020 • Modified 07/27/2021

Course Description

This course deals with web security issues, such as SQL injection, cross site scripting, and other web vulnerabilities - along with how to detect, defend and protect against such attacks.

For information regarding prerequisites for this course, please refer to the Academic Course Catalog.

Rationale

Web security is a subject with high visibility and importance. The stakes are high for all concerned- for businesses that derive increasing revenue from Internet commerce, for users who trust web applications with sensitive information, and for criminals who can make big money by stealing payment details or compromising bank accounts. This course addresses this critical subject by practically discussing common web vulnerabilities, secure web development practices and mitigation measures against those vulnerabilities, and how to conduct, analyze, and document web security audits.

Course Assignment

Textbook readings and lecture presentations/notes

Course Requirements Checklist

After reading the Syllabus and Student Expectations, the student will complete the related checklist found in the Course Overview.

Discussions (4)

The student is required to provide a thread in response to the provided prompt for each discussion. Each thread must be 350 words in length and demonstrate course-related knowledge. In addition to the thread, the student is required to reply to two (2) other classmates’ threads. Each reply must be 250 words in length.

Lab Assignments (5)

The student will complete five (5) labs associated with the course material. Each lab will have specific instructions for tasks, along with deliverables, to be completed in the virtual lab environment.

Research and Breach in the News Assignment

The student will perform research into a publicly announced breach that has occurred with the last three years. This breach is web or network related resulting in the loss of privacy or data. The student will produce a report in current APA format of at least 750 words and must include at least two (2) references in addition to the course text text and the Bible.

Security Assessment Findings Project Assignment

The student will perform a security assessment of a web site, as discussed in the lab environments, and create a report based upon the results of that assessment.

The student will then write a research-based paper in current APA format that focuses on the results from a web security assessment. A report template and further instructions are provided in the course. The paper must include at least three (3) references in addition to the course textbook and the Bible.

Security Assessment Remediation Project Assignment

This project is a continuation of the Security Assessment Findings Project. In this paper, the student will discuss the recommended remediations and actions to address the vulnerabilities reported upon in the earlier paper. The student will write a research-based paper using the associated template with this assignment. The final deliverable for this project will be a paper in current APA format (including the previous test plan assignment with the new content in this paper- combining the paper from Module/Week 6 with the paper in this project.). It must include at least three (3) additional references in addition to the three (3) references from the test plan assignment, course textbook and the Bible.

Quizzes (6)

Each quiz will cover the Reading & Study material for the module(s) in which it is assigned. Each quiz will be open-book/open-notes, contain multiple-choice, true/false, and short answer questions, and have a 60-minute time limit.

Quiz: Midterm Exam

The Quiz: Midterm Exam will cover the Reading & Study material for Modules 1–5. The Quiz: Midterm Exam will be open-book/open-notes, contain true/false, multiple choice, and short answer questions, and have a 1 hour and 30 minute time limit.