1. Application Security Namuo – CIS 160
Section 7
Application Security
Namuo – CIS 160

2. Section 6.1 Terms Security+ Exam objectives 4.0 = 16% Zero-day attack
Fuzzing
Input validation (databases)
Cross-site scripting
Patch management (WSUS)
Mobile device security
Remote wipe (cloud storage)
Data encryption
Hardware-based encryption
Section 6.1

3. Sample SQL injection attack
INSERT INTO users (' ','pwd','login_id','f ull_name') VALUES ,‘password123',‘namuoc ',‘Clyne Namuo');--'
Sample SQL injection attack

4. DB Field validation