HIGHER EDUCATION PROGRAMMES

Academic Year 2025: January - June

Summative Assessment 2: Systems Development 3 (HSYD300-1)

NQF Level, Credit: 6, 30

Weighting: 10%

Assessment Type: Research Essay

Educator:
Stephen Maduveko
Examiner: Ralph Mavhunga

Due Date 6 June 2025

Total 20 Marks

A Copyleaks Report will be issued via ColCampus once the assignment is submitted. Please
ensure that you follow the correct steps when uploading your assignment, to ensure that the
Copyleaks Report is correctly issued. If the incorrect document is uploaded, or if no Copyleaks
Report is issued, or if the Copyleaks Report indicates that a 30% similarity/plagiarism score has
been exceeded, a mark of zero (0) will be awarded.

The following Learning Outcomes are assessed in this assessment:

▪ Assess the impact of injection Attacks on Web Application Software

▪ Insight into security challenges in software development

Instructions:
1. Summative Assessment 2 (SA 2) must be handed in online before or on 6 June 2025.

2. The essay must be a minimum of 600 (six hundred) words, and should not exceed 750
(seven hundred and fifty) words.

3. The essay structure must be as follows:

1 HSYD300-1-Jan-Jun2025-SA2-RM-V3-06012025
 • Cover Page:
o Name
o Surname
o Student Number
o Name of your Support Centre (i.e. Boston, Braamfontein)
• Introduction: Tells the reader what the essay is about.
• Body / Main Content: Is based on research and relates to the essay question or topic
that has been set.
• Conclusion: Is a summary of what has been covered in the essay, it may also include
suggestions / recommendations.
• Reference list: (not included in the word count): the Harvard Referencing Method must
be adhered to with regards to in-text citations and the reference list. Please make sure
you have read and adhere to the NWU Referencing Guide, available in the HE Library
module on ColCampus, as well as The Beginners Guide to Plagiarism, available in the
HE Student Information module, also on ColCampus.

4. The essay must be typed, using the following type settings only:
• Font: Arial
• Font Size: 12
• Line Spacing: 1.5

• The following must be adhered to:

• You have been provided with two (2) academic sources (see below), these
sources are compulsory and must be consulted and referenced when
answering the research question.
• It is imperative to note that the compulsory sources must be accessed using
the Library module on ColCampus.
Compulsory sources to peruse:

- Singh, R. (2024). “Web of Threats: A Comprehensive Analysis of Various Injection

Attacks on Web Application Software”. Retrieved from
[Link] [Accessed on 03
September 2024] (Google Scholar)

- Tadhani, J.R., Vekariya, V., Sorathiya, V., Alshathri, S. and El-Shafai, W., (2024).
“Securing web applications against XSS and SQLi attacks using a novel deep learning

2 HSYD300-1-Jan-Jun2025-SA2-RM-V3-06012025
 approach”. Retrieved from [Link]
[Accessed on 03 September 2024] (Google Scholar)

5. You must make use of the Harvard Method of Referencing. Refer to the examples of
referencing below:

Book, single author:

Holt, D.H. 2017. Management principles and practices. Sydney: Prentice-Hall.

Book, 2 or 3 authors:
McCarthey, E.J., William, D.P. & Pascale, G.Q. 2017. Basic marketing, Cape Town:
Juta.

Book, more than 3 authors:

Bond, W.R., Smith, J.T., Brown, K.L. & George, M. 2016. Management of small firms,
Sydney: McGraw-Hill.

Book, no author:
Anon. 2009. A history of Greece 1994-now. Sydney: Irwin.

eBook:
Harris, C.A. 1917. How to write music: musical orthography, edited by M. Randall. New
York, NY: H. W. Grey. [Link] Date of
access: 31 August 2017.

Academic Journal article with one author:

Allan, J. 2017. Nurturing supportive learning environment in higher education through
the teaching of study skills: to embed or not to embed? International Journal of Teaching
and Learning in Higher Education, 19(2):64-76.

Academic Journal with 2 or more authors:

Glatt, M.M., Grindstone, C.H & Hult, C.J. 2019. The geographic expansion of Mexican
immigration in the United States and its implications for local law enforcement. Law
Enforcement Executive Forum Journal, 8(1):73-82.

Webpage, no author:

3 HSYD300-1-Jan-Jun2025-SA2-RM-V3-06012025
 (use first few words of the page title) Improve indigenous housing now, government told.
2007. Available from: <[Link] Date of
Access, 8 February 2016.

Website:
Australian Securities Exchange. 2019. Market Information. Available from:
<[Link] Accessed on 5
July 2019.

Web based image / table / figure:

The Lunar Interior. 2000. Available from:
[Link] 2 Accessed on 8
November 2016.

Blog:
Newton, A. 2007. Newcastle toolkit. 16 January 2007. Angela Newton: Blog. Available
from: <[Link] Accessed on 23 February 2014.

Facebook and Twitter:

Smith, P. 2012. Social networking group, (Facebook), 6 October. Available from:
[Link] Accessed on 29 October 2012.

Newspaper, print:
Wolhuter, T. 2011. How to read food labels. Star. 26, 2 Mar 2011.

Newspaper, electronic database:

Hans, B. 2011. Cosatu slams Swazi loan. The mercury, 15 Aug.
[Link] Date of access: 1
Sep. 2012.

6. Plagiarism occurs when a writer duplicates another writer's language or ideas, and then
calls the work his or her own. Simply put, plagiarism is theft. This includes the ‘copy and
paste’ of work from textbooks, study guides, journal articles. The Plagiarism Declaration,
included in this brief, must be signed and attached to the front of your essay. Refer to the
Plagiarism Information Sheet in your Course Outline for further information.

4 HSYD300-1-Jan-Jun2025-SA2-RM-V3-06012025
 7. Academic sources:
Not all sources can be classified as an academic source. To judge whether a source is an
academic source, take the following criteria into account:
• The author should be identifiable
• The source should be published by a credible publisher (In an Academic Textbook or
Academic Journal)
• A list of references should be provided

Wikipedia is not a credible academic source. There is no one author identifiable, and editing
an article on this site is very easy. Also, blog posts often provide valuable information, but this
is not academically sound.

8. To obtain maximum results, please consult the rubric included in this brief to ensure that
you adhere to and meet all the given criteria.

Question 1 (20 Marks)

A financial institution has recently upgraded its IT infrastructure, adopting cloud-based services,
microservices architecture, and artificial intelligence (AI) for predictive analytics. While these new
technologies offer numerous benefits, they also introduce new security challenges, particularly in
preventing SQL injection attacks.

In a recent security assessment, your team discovered that while traditional SQL injection prevention
methods (like using prepared statements and parameterised queries) are in place, the evolving
nature of SQL injection techniques, combined with the complexity of the new infrastructure, poses
significant risks. For example, attackers increasingly use AI-powered automated tools to identify and
exploit vulnerabilities in web applications. Additionally, the move to microservices has led to the
proliferation of APIs, each of which could potentially be a target for SQL injection if not adequately
secured

Required

a. Explore emerging trends in SQL injection prevention, such as the impact of new technologies
and evolving attack techniques.
b. Examine the unique challenges microservices architectures pose, where multiple services,
often running on different platforms, communicate via APIs.

Compulsory sources to peruse:

5 HSYD300-1-Jan-Jun2025-SA2-RM-V3-06012025
- Singh, R. (2024). “Web of Threats: A Comprehensive Analysis of Various Injection Attacks on
Web Application Software”. Retrieved from
[Link] on 03 September
2024] (Google Scholar)

- Tadhani, J.R., Vekariya, V., Sorathiya, V., Alshathri, S. and El-Shafai, W., (2024). “Securing web
applications against XSS and SQLi attacks using a novel deep learning approach”. Retrieved
from [Link] on 03 September 2024]
(Google Scholar)

The following Learning Outcomes are assessed in this assessment:

Assess the impact of injection Attacks on Web Application Software
Insight into security challenges in software development

6 HSYD300-1-Jan-Jun2025-SA2-RM-V3-06012025
 Assignment Suggested mark allocation Total

content 14 - 18 13 - 10 9-6 5-2 0-1

a. Explore emerging The topic was understood Sufficient understanding of the Limited understanding of the The topic is not understood at all. The student
comprehensively. topic. Responses are relevant to topic. Responses are not aligned and shows some
trends in SQL
Responses relevant & the topic. Presents valid do not address the topic. awareness of
injection prevention, accurate to the topic. information that outlines: Poor assessment of The content is unclear, the topic but
Presents well-adjusted, emerging trends in SQL inaccurate, and/or does not
such as the impact of
significant, and valid A fair assessment of emerging injection prevention, such as incomplete. meet or
new technologies and information on: trends in SQL injection prevention, the impact of new address the
such as the impact of new technologies and evolving Poor assessment of emerging given criteria.
evolving attack
emerging trends in SQL technologies and evolving attack attack techniques.- 5 marks trends in SQL injection
techniques. injection prevention, such techniques.- 9 marks prevention, such as the impact of
as the impact of new the unique challenges new technologies and evolving
b. Examine the unique
technologies and evolving the unique challenges microservices architectures attack techniques.- 4 marks
challenges attack techniques.- 12 microservices architectures pose, pose, where multiple
marks where multiple services, often services, often running on
microservices
running on different platforms, different platforms,
architectures pose, the unique challenges communicate via APIs. communicate via APIs.
microservices architectures – 4 marks – 3 marks
where multiple
pose, where multiple
services, often services, often running on
different platforms,
running on different
communicate via APIs.
platforms, – 6 marks
communicate via
APIs.

Bibliography and Evidence that multiple At least two (2) sources (relevant There is no evidence of research or acknowledgement of sources (In-text
Referencing relevant and compulsory and compulsory sources) were citations and Bibliography missing)
sources were consulted✓ consulted, and Harvard
referencing was correct for some
Correct Harvard of the sources. ✓
referencing for all sources.
Appropriate in-text
citations✓

2 1 0 /20

7 HSYD300-1-Jan-Jun2025-SA2-RM-V3-06012025