Table of Contents

List of Figures

List of Tables

Introduction

Is It Legal to Use Your Writing Service?

Absolutely, it’s 100% legal! Our service provides sample essays and papers to guide your own work—think of it as a study tool. Used responsibly, it’s a legit way to improve your skills, understand tough topics, and boost your grades, all while staying within academic rules.

1 DEFENCE IN DEPTH

1.1 Physical Controls

1.2 Technical Controls

How Much Does It Cost to Get a Paper Written?

Our pricing starts at $10 per page for undergrad work, $16 for bachelor-level, and $21 for advanced stuff. Urgency and extras like top writers or plagiarism reports tweak the cost—deadlines range from 14 days to 3 hours. Order early for the best rates, and enjoy discounts on big orders: 5% off over $500, 10% over $1,000!

1.3 Administrative Controls

2 SECURITY VULNERABILITIES

2.1 Server and Database paradigms

2.2 Generic Vulnerabilities

Will My Use of This Service Stay Private?

Yes, totally! We lock down your info with top-notch encryption—your school, friends, no one will know. Every paper’s custom-made to blend with your style, and we check it for originality, so it’s all yours, all discreet.

2.2.1 Session spoofing

2.2.2 Injection attacks

2.2.3 Cross-site scripting

3 SECURITY RECOMMENDATIONS

Do You Use AI to Write Papers?

No way—our papers are 100% human-crafted. Our writers are real pros with degrees, bringing creativity and expertise AI can’t match. Every piece is original, checked for plagiarism, and tailored to your needs by a skilled human, not a machine.

3.1 Developer Skill

3.2 Database Permissions (Least Privilege)

3.3 Security Obscurity

3.4 Password Usage/Storage

Why Choose You for Research Papers?

We’re the best because our writers are degree-holding experts—Bachelor’s to Ph.D.—who nail any topic. We obsess over quality, using tools to ensure perfection, and offer free revisions to guarantee you’re thrilled with the result, even on tight deadlines.

References

Appendix

List of Figures

Figure 1. Defence in Depth Overview………………………………………

Figure 2. Defence in Depth for Web Applications……………………………..

Who’s Writing My College Essays?

Our writers are top-tier—university grads, many with Master’s degrees, who’ve passed tough tests to join us. They’re ready for any essay, working with you to hit your deadlines and grading standards with ease and professionalism.

Figure 3. Fortification of host nodes……………………………………….

Figure 4. Session Spoofing……………………………………………..

Figure 5. Http Headers………………………………………………..

Figure 6. OSfuscate – Before…………………………………………….

Are Your Papers Original?

Always! We start from scratch—no copying, no AI—just pure, human-written work with solid research and citations. You can even get a plagiarism report to confirm it’s 95%+ unique, ready for worry-free submission.

Figure 7. OSfuscate – After……………………………………………..

Figure 8. URLScan – Before……………………………………………..

Figure 9. URLScan – After………………………………………………

Figure 10. SQL Injection Attack…………………………………………..

Can You Match Any Citation Style?

You bet! From APA to IEEE, our writers nail every style with precision. Give us your guidelines, and we’ll craft a paper that fits your academic standards perfectly, no sweat.

Figure 11. SQL Injection Result…………………………………………..

List of Tables

Table 1. Microsoft Server 2019 vs Ubuntu Server 18.04 (2/11/18)………………..16

Table 2. Microsoft IIS 7.5 vs Apache 2.4 (2/11/18)…………………………..16

Table 3. A comparative study of attacks against Corporate IIS and Apache………….16

Can I Update Instructions Mid-Order?

Yep! Use our chat feature to tweak instructions or add details anytime—even after your writer’s started. They’ll adjust on the fly to keep your essay on point.

 

Introduction

The premise for this report is to provide the client with a deeper understanding of the security landscape, by delivering a more comprehensive overview of Defence in Depth, security vulnerabilities in the server and application layers and finally, security recommendations for the client’s website.

1         DEFENCE IN DEPTH

Originally defined as a military strategy, in the 1976 thesis ‘The grand strategy of the Roman Empire from the first century A.D. to the third’ by Edward Luttwak (Luttwak, 1976); the concept ‘Defence in Depth’ was later adopted by the National Security Agency (NSA, 2010), as a suitable ‘best practice’ paradigm for achieving information assurance.

Luttwak elucidates that the basic principle of the strategy is to implement layers of defence around the target of an attacker, rather than to defeat an attack with a single, strong defensive line.  The objective is to slow an advance because, over time, attrition will force the attack to lose momentum, and therefore, will not be as effective.

How Do I Get an Essay Written?

Easy—place your order online, and your writer dives in. Check drafts or updates as you go, then download the final paper from your account. Pay only when you’re happy—simple and affordable!

In terms of information security, Straub (2003) describes that this layered defensive posture (Appendix, Figure. 1) is leveraged by using redundant security mechanisms, so that if one defensive measure fails there are more behind it to continue to protect the data, systems, networks, and users, by buying time.  Time, which can then be utilised, to respond to an incident, minimising the risk of an attack (Shamim, Fayyaz and Balakrishnan, 2014).

An essential principle of the Defence in Depth strategy, develops Skoglund (2014), is a balanced focus on three primary elements: People, Technology and Operations, which can be applied within each layer.

However, it is essential to understand, that implementing a secure defence is always a “best effort”.  No system can ever be 100% secure, affirms Langer and Yorks (2018, p.222) because factors outside of the controls, might introduce vulnerabilities.  An example of this is that software in use may contain 0-day bugs; unknown application vulnerabilities that could be exploited by an attacker.

When considering the primary elements, often overlapping, three types of control can be applied: Physical, Technical, and Administrative.

How Fast Can You Handle Urgent Deadlines?

Super fast! Our writers can deliver a quality essay in 24 hours if you’re in a pinch. Pick your deadline—standard is 10 days, but we’ll hustle for rush jobs without skimping.

LO1: Evaluate approaches to applying defence in depth to web applications

1.1         Physical Controls

[84 words max] Describe one area.

Physical controls are anything that physically limits or prevents access to an IT asset for example, fences, guards, dogs, locks, and CCTV systems.

Locks

Often underutilised, most modern computer cases incorporate a holed tab at the rear, to permit the fitting of a lock, thereby delaying the removal of the case cover, denying access to and the removal of, the systems hard drives.

Can You Tackle Complex Essay Topics?

Definitely! From astrophysics to literary theory, our advanced-degree writers thrive on tough topics. They’ll research deeply and deliver a clear, sharp paper that meets your level—high school to Ph.D.

1.2         Technical Controls

[84 words max] Describe one area.

Web Application Firewalls

DSS-PCI Card Transactions

OSI Layer 7, deep packet inspection.  Reverse proxy (Proxy interrogates application, not client)

Technical controls are hardware or software whose purpose is to protect systems and resources. Examples of technical controls would be disk encryption, fingerprint readers, and Windows Active Directory. Hardware technical controls differ from physical controls in that they prevent access to the contents of a system, but not the physical systems themselves.

How Do You Meet My Professor’s Standards?

We tailor your paper to your rubric—structure, tone, everything. Our writers decode academic expectations, and editors polish it to perfection, ensuring it’s grade-ready.

1.3         Administrative Controls

[84 words max] Describe one area.

Security Awareness Training

Administrative controls are an organisation’s policies and procedures.  Their purpose is to ensure that there is proper guidance available regarding security and that regulations are met. They include things such as hiring practices, data handling procedures, and security requirements.

2         SECURITY VULNERABILITIES

Your task is to compare, and contrast, a range of vulnerabilities and their potential effect on your client’s business.

What’s Your Editing Process?

Upload your draft, tell us your goals, and our editors will refine it—boosting arguments, fixing errors, and keeping your voice. You’ll get a polished paper that’s ready to shine.

LO2: Compare and contrast security vulnerabilities in dynamic web environments using different development paradigms

This section should cover: –

• Features and comparison of Windows IIS/SQL and Apache/MySQL

• Comparing and contrasting key elements of vulnerabilities in dynamic web environments using different development paradigms

• Definition and analysis of the vulnerabilities listed in the scenario

Can You Suggest Paper Topics?

Sure! Need ideas? We’ll pitch topics based on your subject and interests—catchy and doable. Pick one, and we’ll run with it, or tweak it together.

2.1         Server and Database paradigms

[180 words max] Firstly compare, and contrast, the two main server and database paradigms; i.e. Windows IIS/SQL (WISA) and Apache/MySQL (WAMP) regarding vulnerabilities.

2.2         Generic Vulnerabilities

Secondly, discuss the generic vulnerabilities listed below (additional vulnerabilities could be considered).

2.2.1        Session spoofing

[100 words max] Text goes here.

2.2.2        Injection attacks

[100 words max] Text goes here.

SQL Injection (SQLi) can be used in a range of ways to cause serious problems. By levering SQL Injection, an attacker could bypass authentication, access, modify and delete data within a database. In some cases, SQL Injection can even be used to execute commands on the operating system, potentially allowing an attacker to escalate to more damaging attacks inside of a network that sits behind a firewall.

SQL Injection can be classified into three major categories – In-band SQLi, Inferential SQLi and Out-of-band SQLi.

Both fields, ‘ or 1=1–

Do You Offer Rush Revisions?

Yes! If you need quick edits, our team can turn it around fast—hours, not days—tightening up your paper for last-minute perfection.

Password field, 1’or’1’=’1

(GAO, 2018) Equifax 2017 SQL Injection

(ICO, 2015) TalkTalk – DDoS + SQL Injection

2.2.3        Cross-site scripting

[100 words max] Text goes here.

Vulnerabilities persists in many Web applications due to developers lack of expertise in the problem identification and their unfamiliarity with the current mechanisms (Venkat et al., 2012)

(Mutton, 2017) eBay 2017

Can You Provide Outlines First?

Absolutely! We’ll draft an outline based on your topic so you can approve the plan before we write—keeps everything aligned from the start.

3         SECURITY RECOMMENDATIONS

You have previously undertaken some analysis of the static vulnerabilities of the website using penetration testing tools. You are now required to extend this analysis to the susceptibility of the Lanconnnectors site to the vulnerabilities discussed in section 2, and other threats specific to this configuration that you may have identified or discovered.

LO3: Critically analyse the potential security risks for a given web deployment scenario and recommend security mechanisms

This section should cover: –

• Analysis of threats from section 2 contextualised to the client website

• Security recommendations to mitigate threats from section 2

• Analysis of additional areas listed in scenario

• Security recommendations to mitigate threats from additional areas listed in the scenario.

3.1         Developer Skill

[160 words max] Text goes here.  Full stack vs Coder? Security through validation? Do not offer the ability to delete a record.

Can You Include Data Analysis?

You bet! Need stats or charts? Our writers can crunch numbers and craft visuals, making your paper both sharp and professional.

Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today’s computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk.  Developers today need help figuring out how to write code that attackers will not be able to exploit. However, writing such code is surprisingly difficult (Viega and Messier, 2003).

Front End developer + Backend developer = Full Stack developer

3.2         Database Permissions (Least Privilege)

[160 words max] Text goes here.  Default permissions?

(Barnum and Gegick, 2005) Explain that only the minimum necessary rights should be assigned to a subject that requests access to a resource and should be in effect for the shortest duration necessary (remember to relinquish privileges). Granting permissions to a user beyond the scope of the necessary rights of action can allow that user to obtain or change information in unwanted ways. Therefore, a careful delegation of access rights can limit attackers from damaging a system.

3.3         Security Obscurity

[160 words max] Text goes here.

Gleaning information, by undertaking passive reconnaissance using a product such as Burp Suite (PortSwigger, 2018), helps to narrow the field of possible exploits, thereby saving an attacker time and effort, explains (Skoglund, 2014b).  Figure 5. Illustrates that the Http Headers are exposing

Therefore, understanding that if a web server’s known to be running Apache 2.2 a hacker, or a script that the hacker’s running, knows to look for security holes in Apache 2.2. If the web server software is unknown, they must try everything. So you want to limit exposed information. Don’t report any more information than is absolutely necessary. It’s similar to the idea of least privilege, but this is least information.

It is possible to obscure the identification of the operating system, by anyone using active reconnaissance tools, using an application such as OSfuscate 0.3 (Crenshaw, 2016)

Performing this task prevents a potential hacker from focusing an attack against the known vulnerabilities of a known operating system.

A comparative study of attacks against Corporate IIS and Apache (Wright, 2011)

How Do You Handle Long-Term Projects?

We break it down—delivering each part on time with consistent quality. From proposals to final drafts, we’re with you all the way.

Figure 5. Illustrates that the Http Headers are exposing ,,,,,,,,,,,,,,,,,,,

To frustrate the attacker

3.4         Password Usage/Storage

[160 words max] Text goes here.

2 step authentication

Hashing/salting

Can You Write for Global Standards?

Yep! Whether it’s UK, US, or Australian rules, we adapt your paper to fit your institution’s style and expectations perfectly.

References

Barnum, S. and Gegick, M. (2005) Least privilege.

Cleghorn, L. (2013) ‘Network Defense Methodology: A Comparison of Defense in Depth and Defense in Breadth’, Journal of Information Security, Vol:4, pp. 144–149. doi: 10.4236/jis.2013.43017.

Crenshaw, A. (2016) ‘OSfuscate’. Louisville: IronGeek.

Darknet (2017) Defence In Depth For Web Applications [Image], Countermeasures. Available at: https://www.darknet.org.uk/2016/03/defence-depth-web-applications/ (Accessed: 30 October 2018).

GAO (2018) Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach.

Is there a possibility of plagiarism in my completed order?

We write every paper from scratch just for you, and we get how important it is for you to feel confident about its originality. That’s why we double-check every piece with our own in-house plagiarism software before sending it your way. This tool doesn’t just catch copy-pasted bits—it even spots paraphrased sections. Unlike well-known systems like Turnitin (used by most universities), we don’t store or report anything to public databases, so your check stays private and safe. We stand by our plagiarism-free guarantee to ensure your paper is totally unique. That said, while we can promise no plagiarism from open web sources or specific databases we check, no tech out there (except Turnitin itself) can scan every source Turnitin indexes. If you want that extra peace of mind, we recommend running your paper through WriteCheck (a Turnitin service) and sharing the report with us.

ICO (2015) TalkTalk cyber attack – how the ICO’s investigation unfolded, News and Events. Available at: https://ico.org.uk/about-the-ico/news-and-events/talktalk-cyber-attack-how-the-ico-investigation-unfolded/ (Accessed: 25 October 2018).

Langer, A. M. and Yorks, L. (2018) Strategic Information Technology : Best practices to drive digital transformation. 2nd edn. John Wiley & Sons.

Luttwak, E. (1976) The grand strategy of the Roman Empire from the first century A.D. to the third. Johns Hopkins University Press.

Matrix Computer Consulting (2018) Cyber Security 101 [Image], Cyber Security Practice. Available at: http://www.matrixcc.net/cyber-security/ (Accessed: 30 October 2018).

When will my order be assigned to the writer?

The moment you place your order, we jump into action to find the perfect writer for you. Usually, we’ve got someone lined up within an hour. Sometimes, though, it might take a few hours—or in rare cases, a few days—if we need someone super specialized. If no writers from your chosen category are free, we’ll suggest one from a lower category and refund the difference if you’d paid extra for that option. Want to keep tabs on things? You can always peek at your order’s status on your personal order page.

Mitre (2018a) Apache 2.4 Search Results, Common Vulnerabilities and Exposures (CVE) List. Available at: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=apache+2.4 (Accessed: 2 November 2018).

Mitre (2018b) IIS 7.5 Search Results, Common Vulnerabilities and Exposures (CVE) List. Available at: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=iis+7.5 (Accessed: 2 November 2018).

Mitre (2018c) Microsoft Server 2019 Search Results, Common Vulnerabilities and Exposures (CVE) List. Available at: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Microsoft+Server+2019 (Accessed: 2 November 2018).

Mitre (2018d) Ubuntu Server 18.04 Search Results, Common Vulnerabilities and Exposures (CVE) List. Available at: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Ubuntu+Server+18.04 (Accessed: 2 November 2018).

Mrd, D. (2018) Redirect someone to a different website (ARP spoofing). [Image], Pentest Tips. Available at: http://pentestfreak.blogspot.com/2013/05/redirect-someone-to-different-website.html (Accessed: 1 November 2018).

Mutton, P. (2017) Hackers still exploiting eBay’s stored XSS vulnerabilities in 2017, Security. Available at: https://news.netcraft.com/archives/2017/02/17/hackers-still-exploiting-ebays-stored-xss-vulnerabilities-in-2017.html (Accessed: 28 October 2018).

NSA (2010) Defense in Depth. Fort Meade.

PortSwigger (2018) ‘Burp Suite Professional’.

Shamim, A., Fayyaz, B. and Balakrishnan, V. (2014) ‘Layered Defense in Depth Model for IT Organizations’, in 2nd International Conference on Innovations in Engineering and Technology. Penang, p. 4. doi: 10.15242/IIE.E0914047.

Skoglund, K. (2014a) ‘Defense in depth’, in Programming Foundations: Web Security. Lynda.com. Available at: https://www.lynda.com/Web-Development-tutorials/Defense-depth/133330/163841-4.html (Accessed: 27 October 2018).

Skoglund, K. (2014b) ‘Security through obscurity’, in Programming Foundations: Web Security. Lynda.com. Available at: https://www.lynda.com/Web-Development-tutorials/Security-through-obscurity/133330/163842-4.html (Accessed: 27 October 2018).

Straub, K. R. (2003) Information Security : Managing Risk with Defense in Depth.

Venkat, T., Rao, N., Tejaswini, V. and Preethi, K. (2012) ‘Defending against Web Vulnerabilities and Cross-Site Scripting’, Journal of Global Research in Computer Science, Vol:3(5), p. 4.

Viega, J. and Messier, M. (2003) Secure programming cookbook for C and C++. O’Reilly.

Wright, C. S. (2011) A comparative study of attacks against Corporate IIS and Apache Web Servers.

Appendix

Figure 1. Defence in Depth Overview

(Matrix Computer Consulting, 2018)

Figure 2. Defence in Depth for Web Applications

(Darknet, 2017)

Figure 3. Fortification of host nodes

(Cleghorn, 2013)

Figure 4. Session Spoofing

(Mrd, 2018)

Figure 5. Http Headers

Figure 6. OSfuscate – Before

Figure 7. OSfuscate – After

Figure 8. URLScan – Before

Figure 9. URLScan – After

Figure 10. SQL Injection Attack

 

Figure 11. SQL Injection Result

Table 1. Microsoft Server 2019 vs Ubuntu Server 18.04 (2/11/18)

CVE O/S Vulnerabilities
Microsoft Server 2019 (Mitre, 2018c)	6
Ubuntu Server 18.04 (Mitre, 2018d)	3

Table 2. Microsoft IIS 7.5 vs Apache 2.4 (2/11/18)

CVE Web Server Vulnerabilities
Microsoft IIS 7.5 (Mitre, 2018b)	7
Apache 2.4 (Mitre, 2018a)	3

Table 3. A comparative study of attacks against Corporate IIS and Apache

(Wright, 2011)

Tags: Affordable Academic Writing Services USA, Assignment Help for Master's Students, Online Class and Exam Help, Thesis and Dissertation Writing UK