Chapter 4 Application Security Knowledge and Test Prep

Slides:



Advertisements
Similar presentations
®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
Advertisements

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Security+ Guide to Network Security Fundamentals, Third Edition
XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Security+ Guide to Network Security Fundamentals, Third Edition
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Computer Security and Penetration Testing
Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
The OWASP Foundation OWASP Chennai Phishing.
Web Application Attacks ECE 4112 Fall 2007 Group 9 Zafeer Khan & Simmon Yau.
Quiz Review.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Introduction to Network Security © N. Ganesan, Ph.D.
PowerPoint Presentation to Accompany GO! with Internet Explorer 9 Getting Started Chapter 3 Exploring the World Wide Web with Internet Explorer 9.
With Internet Explorer 9 Getting Started© 2013 Pearson Education, Inc. Publishing as Prentice Hall1 Exploring the World Wide Web with Internet Explorer.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Configuring and Troubleshooting Internet Access Chapter 9 powered by dj.
Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report
Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.
Learning In A Techno World How Safe is Your Cyberspace?
1 Spyware, Adware, and Browser Hijacking. ECE Agenda What is Spyware? What is Adware? What is Browser Hijacking? Security concerns and risks Prevention,
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
 We all know we need to stay safe while using the Internet, but we may not know just how to do that. In the past, Internet safety was mostly about.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
JavaScript, Fourth Edition
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.
1 iSAMS by CIS IT Department CIS – IT Department Date : 04 August 2012 Version : 1.0.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
Software Security Testing Vinay Srinivasan cell:
Chapter 3 (HW02) Exploring the World Wide Web with Internet Explorer 9.
1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.
Client Side Vulnerabilities Aka, The Perils of HTTP Lesson 14.
Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
.  At least one in ten web pages are booby-trapped with malware  Just viewing an infected Web page installs malware on your computer, if your operating.
Conducting Security Assessments Dan Elder Security Engineer Novacoast Eron Howard Manager Development Services Novacoast.
XP New Perspectives on the Internet, 4e Tutorial 2 1 Browser Basics Introduction to Microsoft Internet Explorer and Netscape Navigator.
The attacks ● XSS – type 1: non-persistent – type 2: persistent – Advanced: other keywords (, prompt()) or other technologies such as Flash.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
Module 2 – User Safety Privacy Attacks on end users Browser vulnerabilities.
COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION.
Internet safety By Suman Nazir
Introduction to Network Security. Acknowledgements.
1 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Take over a client via the browser Interesting information on the client Can use browser.
Any criminal action perpetrated primarily through the use of a computer.
CHECKLIST SYSTEM REQUIREMENTS Done For Further Testing Browser Requirements Internet Explorer version 6.0 or 7.0 Testing of CIR (avg. minimum bandwidth)
By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,
Windows Vista Configuration MCTS : Internet Explorer 7.0.
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
Windows Tutorial 5 Protecting Your Computer
Chapter 6 Application Hardening
World Wide Web policy.
Security in Moodle plugins
Cross-Site Request Forgeries: Exploitation and Prevention
Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.
Windows Vista Inside Out
Chapter 9: Configuring Internet Explorer
Presentation transcript:

Chapter 4 Application Security Knowledge and Test Prep Press F5 Grab a pen / pencil and paper Jot the answer down for each question. The answers will appear on the next slide Take this prep seriously to help with Chapter 4’s exam... Hint hint

Which protocol can be used to secure the e-mail login from an Outlook client using POP3 and SMTP? A. SMTP B. SAP C. SPA D. Exchange

Which protocol can be used to secure the e-mail login from an Outlook client using POP3 and SMTP? A. SMTP B. SAP C. SPA (Secure Password Authentication) is a Microsoft protocol used to authenticate e-mail clients. D. Exchange

As part of your user awareness training, you recommend that users remove which of the following when they finish accessing the Internet?   A. Instant messaging B. Cookies C. Group policies D. Temporary files

As part of your user awareness training, you recommend that users remove which of the following when they finish accessing the Internet?   A. Instant messaging B. Cookies C. Group policies D. Temporary files

What are two ways to secure Internet Explorer What are two ways to secure Internet Explorer? (Select the two best answers.)   A. Set the Internet zone’s security level to High. B. Add malicious sites to the Trusted Sites zone. C. Disable the pop-up blocker. D. Disable ActiveX controls.

What are two ways to secure Internet Explorer What are two ways to secure Internet Explorer? (Select the two best answers.)   A. Set the Internet zone’s security level to High. B. Add malicious sites to the Trusted Sites zone. C. Disable the pop-up blocker. D. Disable ActiveX controls.

Which of the following concepts can ease administration but can be the victim of malicious attack?   A. Zombies B. Backdoors C. Buffer overflow D. Group policy

Which of the following concepts can ease administration but can be the victim of malicious attack?   A. Zombies B. Backdoors Backdoors were originally created to ease administration. However, hackers quickly found that they could use these backdoors for a malicious attack. C. Buffer overflow D. Group policy

In an attempt to collect information about a user’s activities, which of the following will be used by spyware?   A. Session cookie B. Tracking cookie C. Shopping cart D. Persistent cookie

In an attempt to collect information about a user’s activities, which of the following will be used by spyware?   A. Session cookie B. Tracking cookie C. Shopping cart D. Persistent cookie

An organization hires you to test an application that you have limited knowledge of. You are given a login to the application, but do not have access to source code. What type of test are you running?   A. Gray box B. White box C. Black box D. SDLC

An organization hires you to test an application that you have limited knowledge of. You are given a login to the application, but do not have access to source code. What type of test are you running?   A. Gray box A gray box test is when you are given limited information about the system you are testing. B. White box C. Black box D. SDLC

An attacker takes advantage of vulnerability in programming, which allows the attacker to copy more than 16 bytes to a standard 16-byte variable. Which attack is being initiated?   A. Directory traversal B. Command injection C. Buffer overflow D. Code overflow

An attacker takes advantage of vulnerability in programming, which allows the attacker to copy more than 16 bytes to a standard 16-byte variable. Which attack is being initiated?   A. Directory traversal B. Command injection C. Buffer overflow D. Code overflow

You are the security administrator for a multimedia development company. Users are constantly searching the Internet for media, information, graphics, and so on. You receive complaints from several users about unwanted windows appearing on their displays. What should you do?   A. Install antivirus software B. Install pop-up blockers C. Install screensavers D. Install a host-based firewall

You are the security administrator for a multimedia development company. Users are constantly searching the Internet for media, information, graphics, and so on. You receive complaints from several users about unwanted windows appearing on their displays. What should you do?   A. Install antivirus software B. Install pop-up blockers C. Install screensavers D. Install a host-based firewall

Which of the following attacks uses a JavaScript image tag in an e-mail?   A. SQL injection B. Cross-site request forgery C. XSS - Cross-site scripting D. Directory traversal

Which of the following attacks uses a JavaScript image tag in an e-mail?   A. SQL injection B. Cross-site request forgery C. XSS - Cross-site scripting D. Directory traversal

How can you train a user to easily determine whether a web page has a valid security certificate? (Select the best answer.) A. Have the user contact the webmaster. B. Have the user check for HTTPS://. C. Have the user click the padlock in the browser and verify the certificate. D. Have the user called the ISP.

How can you train a user to easily determine whether a web page has a valid security certificate? (Select the best answer.) A. Have the user contact the webmaster. B. Have the user check for HTTPS://. C. Have the user click the padlock in the browser and verify the certificate. D. Have the user called the ISP.

Again, use this Chapter 4 prep to help with Exam #2 (Chapters 4 & 5)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.