AP Cybersecurity Unit 5 Case File 5: Protect the Data

AP Cybersecurity • Unit 5 • Case File 05

Protect the Data

You are reviewing the web app and data stores at Wellspring Rx, an online pharmacy. Find the flaws and lock the data down.

Points: 0 / 11

Case closed.

You protected the data. Finish the report, then take the cold case.

Case briefing

Wellspring Rx stores prescription records behind a web app. Audit the code, the access model, the cryptography, and the detection.

Stage 1 • Application Vulnerabilities

Spot the SQL injection

CED 5.1.A, 5.5 • Lessons: SQL Injection, Input Sanitization

App code

query = "SELECT * FROM users WHERE name = '" + input + "'";

Stage 2 • Application Vulnerabilities

Spot the XSS

CED 5.1.A • Lesson: XSS

Behavior

A comment field renders user input straight into the page. A comment containing a script tag runs in every visitor browser.

Stage 3 • Access Controls

Least privilege

CED 5.2.A • Lesson: Access Controls (five models, least privilege, chmod)

Findings

A delivery-driver account can read full prescription records. The patient-records file is set to chmod 777.

Stage 4 • Cryptography

Choose the crypto

CED 5.3, 5.4 • Lesson: Cryptography (symmetric vs asymmetric)

Stage 5 • Detecting Attacks on Data

Catch the tampering

CED 5.6.A • Lesson: Detecting Data Attacks (file integrity with hashes)

Evidence

The config file stored hash no longer matches its recomputed hash. An access log shows a 2 GB export at 03:00 by the delivery account.

Analyst's report

Name the highest-severity flaw with a reason, then give one fix for each issue.

Model answer. The highest-severity flaw is the SQL injection, because it can dump or alter the entire prescription database with no further access. It leads.

Fixes: input sanitization for the injection; clean-and-encode sanitization for the XSS; least-privilege roles plus tightening the file off chmod 777 for the access problems; encrypt the database at rest with symmetric crypto and use the pharmacy public key for data sent in, decrypted with its private key; and keep file-integrity monitoring, which caught the tamper, while investigating the 3am export as data exfiltration.

Cold case

Re-running the hash on the restored config file produces the original value again. What does that confirm?

Field glossary (terms from the lessons)
SQL injectioninput sanitizationXSScross-site scriptingleast privilegeaccess control modelchmodLinux permissionssymmetric encryptionasymmetric encryptionpublic keyprivate keyhashingfile integritydata exfiltration
← Unit 5 HubCourse Guide

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]