Đang chuẩn bị liên kết để tải về tài liệu:
Web Security

Không đóng trình duyệt đến khi xuất hiện nút TẢI XUỐNG Tải xuống

Hello. With everything that is occurring on the Internet and all of the articles that have been written, web security is a very exciting area. Most attacks that are publicized are either directly or indirectly web-based attacks. Every company and person seems to have a web site, yet most web sites are not designed or built properly from a security standpoint. | Web Security Security Essentials The SANS Institute Information Assurance Foundations - SANS 2001 1 Hello. With everything that is occurring on the Internet and all of the articles that have been written web security is a very exciting area. Most attacks that are publicized are either directly or indirectly web-based attacks. Every company and person seems to have a web site yet most web sites are not designed or built properly from a security standpoint. In the next hour we are going to take a look at web security and cover some things you can do to check the security of the web sites you either maintain or use. This is a foundational course developed for the SANS Security Essentials program. When you complete this course there will be a quiz available from the SANS web page to help reinforce the material and ensure your mastery of it. Also you should always get prior permission but I would recommend trying these steps out on your own web sites to see what vulnerabilities might exist. Remember before you can fix a problem you must be aware of the problem. Hopefully after this module you will have some of the knowledge you need to start securing your web applications. 6 - 1 Agenda Web communication Web security protocols Active content Cracking web applications Web application defenses Web Security - SANS 2001 2 On the slide Agenda we list some of the key things that we are going to cover in this section. First we are going to cover web communication and how it works. Topics that are often misunderstood like input validation and cookies will also be covered. Next security protocols like SSL and SET will be discussed and key attributes and potential weaknesses of each will be covered. Active content that increases functionality but decreases security will also be addressed. CGI Java and ActiveX will all be explained which will allow a reader to compare their alternatives when deciding on which one to use when putting together a web site. Then the exciting topic of .