Chat with us, powered by LiveChat

Explain how In-band, Inferential, and Out-of-band SQL Injection attacks are performed.

Competency Assessment Directions

This Competency Assessment assesses the following learning competency:
IT503-3: Appraise database development standards and security issues.
Working with Databases
Purpose

This assessment will require you to explain, discuss, and evaluate the basic database organization, diagramming techniques, normalization, and SQL injection attacks.
Assessment Instructions
Provide the following in an APA paper. Write a descriptive subheading for each of the four main parts (without including any numbering). Employ logical paragraphing for new ideas and readability.

Part 1: Entity Tables
Develop a table for one of the following entities.
Database for Bob’s Bookstore – Entity: Book
Database for Victoria’s Vehicles – Entity: Car
Database for Springfield Secondary School – Entity: Student
Include at least eight attributes and the designation of a primary key. All attributes must have suitable SQL data types and lengths identified, as well as whether or not the attribute is required.

Consistency in case is expected. Present this information in a Microsoft Word table.

Part 2: The ERD

First write an explanation of “relational” in terms of database development.
Then explain the diagram below in detail. Include identification of all keys (including foreign keys) and an explanation of each cardinality. Identify the case used for attribute names.
There is no specified length for this part of the assessment, but the answer must be complete. You may use a bulleted list format for the diagram explanations. Do not use source material.

Part 3: Normalization

Explain reasons for normalization.
Describe each of the different forms.
Provide examples from your own understanding.
This part of the assessment must be 300-400 words in length to ensure adequate detail. Use APA standard citations to cite any source material used. (Examples must not come from source material, however.)

Part 4: SQL and database attacks
Explain how In-band, Inferential, and Out-of-band SQL Injection attacks are performed.

Include reasons why hackers might use an SQLi attack (what they hope to gain).

This part of the assessment must be 300-400 words in length to ensure adequate detail. Use APA standard citations to cite any source material used.
Other requirements

Present your work in one Microsoft Word document.
For part 1, use a Word table.
For part 2, the first answer must be in paragraph form, and the diagram explanation may be a bulleted list.
For parts 3 and 4, use logical paragraphing (no lists or tables).
Use APA formatting, but without an abstract or table of contents.
Paraphrase and cite your sources according to APA standards, but do not copy or quote.

Provide a reference page with full APA-standard reference entries.

Directions for Submitting Your Assessment
Name your assessment document according to this convention: The file should be saved as:

IT503_YourLastName_Assessment3. Submit your completed assessment to the Dropbox.
Review the checklist rubric before beginning this activity.
Minimum Submission Requirements

If work submitted for this competency assessment does not meet the minimum submission requirements, it will be returned without being scored.
Plagiarism

Plagiarism is an act of academic dishonesty. It violates the University Honor Code, and the offense is subject to disciplinary action. You are expected to be the sole author of your work. Use of another person’s work or ideas must be accompanied by specific citations and references. Whether the action is intentional or not, it still constitutes plagiarism.