|
| |
|
|
SQL Injection Technique - its Methods and Methods of Protection
Bahureková, Beáta ; Sedlák, Petr (referee) ; Kříž, Jiří (advisor)
SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.
|
|
|
Project of communication network infrastructure for office building
Kajan, Tomáš ; Sedlák, Petr (referee) ; Novotný, Vít (advisor)
The bachelor's thesis deals with the design of a communication infrastructure of a multi-story office building. The work deals with a design of a metallic horizontal wires, as well as optical vertical wires between the floors of the building. One of the main factors, which the proposal was based on, was the possibility of renting the building to several tenants. As a part of the project is also partially designed wireless network and the whole work is concluded by an economic evaluation, witch contains active elements, passive elements and approximate price of passive elements installation.
|
|
|
ISMS Implementation Status Assessment
Černoušek, Robin ; Veselý Jindřich, Ing., MBA (referee) ; Sedlák, Petr (advisor)
Bachelor's thesis deals with the issue of information security management system and evaluation of the current state using a created tool. The theoretical part contains the basic principles and concepts of the whole work. The chapter on the analysis of the current state introduces the organization and describes the current state of its information security management system. The actual design of the solution is a tool in the form of an Excel spreadsheet, which will allow an analysis of the current state of the ISMS implementation level in the company.
|
|
|
Best Practices of Information Security for Small Health Facilities
Fábryová, Bianka ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
This thesis deals with proposal of the best practices of Information Security focusing on small medical facilities and data protection of the pacients. The introductory part of this thesis focuses on the theoretical background of information security, based on the series of standards ISO/IEC 27000. In the practical part, based on the application of theoretical knowledge, there is formulated a proposal of recommended steps health care facilities should take to compliance with the principles of information security.
|
|
|
Computer Network Design for Logistics Center
Slabý, Patrik ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
The bachelor thesis deals with the design of a computer network for the investor's logistics center, which operates internationally primarily in the food industry. This involves dealing with an inconsistent space and temperature environment. For this reason, an integral part of the analytical part of the thesis is a description of the current state of the computer network together with the investor's requirements. First, however, it is necessary to deal with theoretical bases that are essential for understanding the issue. The last part of the thesis contains the design of a structured cabling system based on the analytical part.
|
|
|
Security GAP analasys in enterprise environment
Sommer, Vojtěch ; Kornelly, Aleš (referee) ; Sedlák, Petr (advisor)
The diploma thesis deals with level of information security in selected company environment. For this purpose, a security GAP analysis will be performed based on the recommended standard ISO/IEC 27002. Based on the performed analysis a proposal of security precautions is suggested, which should reduce risk of threats under the acceptable level and also should no longer be in conflict with mentioned standard.
|
|
| |
|
|
Impact of IIoT security on proactive maintenance of company's assets
Chomyšyn, Maxim ; Vladimír,, Türkon (referee) ; Sedlák, Petr (advisor)
This work examines possible safety risks associated with the operation of IIoT technologies in industrial production. The content of this document is an analysis of used IIoT technologies, their purpose and method of implementation into production processes and the company's technology strategy. The outcome of this analysis will serve to develop possible risk scenarios and their associated impacts. Finally, I recommend possible changes that either eliminate these risks completely or at least minimize them.
|
|
|
Simulating information security management within a university environment
Hložanka, Filip ; Martina,, Chitu (referee) ; Sedlák, Petr (advisor)
This diploma thesis is concerned with simulating information security management within a university environment. It is divided into three parts. The theoretical part focuses on describing the assets which could be part of a faculty network, attacks that could target it, security processes which could protect it and users that are active within it. The analytical part then applies these segments on a real faculty network. Based on this analysis, a set of specific assets, attacks, security processes and other tasks is created in order to simulate a simplified version of the analyzed network using a sophisticated cybernetic polygon. The security of the network is then assessed after several iterations of the simulations. Its parameters are adjusted in the effort to increase its security and the module is tested on an academic employee in order to assess its effectiveness. The conclusion evaluates the possibilities of increasing the security of the simulated network as well as the usability of the cybernetic polygon in practice.
|
guest ::
RSS feed.