Review and implement my company’s security policies as they relate to web security.

• Implement a secure network infrastructure by controlling access to/from your web server by using: Firewalls, Routers and Switches.
  Implement a Network Intrusion Detection System to monitor attacks against the web server.
• Patched servers.
• Implement load-balancing /fail over capability in case of Denial of Service or server shutdown
• Educated developers about writing secure code.
• Implement a log rotation mechanism.
• Implement a disk space monitoring process.
• The WHOIS Domain information registered for your web presence does not reveal sensitive personnel information, which may be leveraged for Social Engineering (Individual POC Names), War Dialing (Phone Numbers) and Brute Force Attacks (Email addresses matching actual system usernames).
• Check your Domain Name Service (DNS) servers have been properly secured to prevent domain hi-jacking via cache poisoning, etc…

www.bestitdocuments.com