C
- cabinet (.CAB) files, Windows Installer Deployment, Cabinet-File Deployment, Deploy and Run Your Application in the .NET Security Sandbox
- overview, Windows Installer Deployment
- sandbox with, Deploy and Run Your Application in the .NET Security Sandbox
- when to use, Cabinet-File Deployment
- canonical filenames, File-Based or Directory-Based Attacks
- CAS, Security Zones and Permissions (see )
- casing, Direct User Input
- CERT Web site, The Arms Race of Hacking
- certificate authorities, How SSL Works, Obtain an X.509 Certificate from a Certificate Authority
- certificates, Authenticode Signing (see )
- challenges to designing security, Ten Steps to Designing a Secure Enterprise System
- CharacterCasing property of TextBox, Direct User Input
- ChDir keyword, Review Code for Threats
- ChDrive keyword, Review Code for Threats
- child-applications attacks, Use Server.HtmlEncode and Server.UrlEncode
- cipher text, Encryption
- class library zone assignments, How Visual Basic .NET Determines Zone
- client-server applications, Hash Digests, Automated Tools, Automated Tools, Automated Tools, Automated Tools, Automated Tools, Enable Auditing, Enable Auditing, Enable Auditing, Turn Off Unnecessary Sharing, Turn Off Unnecessary Sharing, Turn Off Unnecessary Sharing, Implement BIOS Password Protection, Step 4: Design a Secure Architecture
- architecture recommended, Step 4: Design a Secure Architecture
- auditing, enabling, Enable Auditing
- BIOS passwords, Turn Off Unnecessary Sharing
- disabling auto logon, Automated Tools
- file-sharing software, Turn Off Unnecessary Sharing
- floppy drives, disabling booting from, Implement BIOS Password Protection
- locking down, Automated Tools
- MBSA with, Automated Tools
- NTFS recommended, Automated Tools
- screen saver passwords, Turn Off Unnecessary Sharing
- sharing, turning off, Enable Auditing
- spoofing hashes, Hash Digests
- turning off services, Enable Auditing
- Windows clients, Automated Tools
- clsEmployee sample class, Employee Management System
- Cobalt server appliance vulnerabilities, The Arms Race of Hacking
- code, Security Zones and Permissions, Deploy .NET Enterprise Security Policy Updates, Microsoft Initiatives
- access, Security Zones and Permissions (see )
- managed, Microsoft Initiatives
- obfuscating, Deploy .NET Enterprise Security Policy Updates
- code samples, EmployeeManagementWeb Practice Files, Guide to the Code Samples, Guide to the Code Samples, Guide to the Code Samples, Guide to the Code Samples, Guide to the Code Samples, Employee Management System, Employee Management System, Employee Management System, Encryption Demo, Contents of SecurityLibrary.vb
- .aspx sample, Employee Management System
- DPAPI, Contents of SecurityLibrary.vb
- EmployeeDatabase.mdb, Guide to the Code Samples
- EmployeeManagementWeb, EmployeeManagementWeb Practice Files, Employee Management System
- EMS, Employee Management System (see )
- encryption demo, Guide to the Code Samples
- practice files for chapters, Guide to the Code Samples
- TogglePassportEnvironment utility, Guide to the Code Samples, Encryption Demo
- Web site for, Guide to the Code Samples
- code-access security, Code-Access Security, Code-Access Security, Code-Access Security, Code-Access Security, Code-Access Security, Code-Access Security, Code-Access Security, Code-Access Security, Code-Access Security, Code-Access Security, Code-Access Security, How Actions Are Considered Safe or Unsafe, How Actions Are Considered Safe or Unsafe, How Actions Are Considered Safe or Unsafe, How Actions Are Considered Safe or Unsafe, How Actions Are Considered Safe or Unsafe, It’s On By Default, It’s On By Default, It’s On By Default, Code-Access Security vs. Application Role-Based Security, Code-Access Security vs. Application Role-Based Security, Code-Access Security Preempts Application Role-Based Security, Code-Access Security Preempts Application Role-Based Security, Code-Access Security Preempts Application Role-Based Security, Run Your Code in Different Security Zones, Run Your Code in Different Security Zones, What Code-Access Security Is Meant To Protect, Security Zones and Trust Levels, Security Zones and Trust Levels, Security Zones and Trust Levels, Security Zones and Trust Levels, Security Zones and Permissions, Security Zones and Permissions, How Visual Basic .NET Determines Zone, Ensuring That Your Code Will Run Safely, Ensuring That Your Code Will Run Safely, Ensuring That Your Code Will Run Safely, Ensuring That Your Code Will Run Safely, Ensuring That Your Code Will Run Safely, Ensuring That Your Code Will Run Safely, Ensuring That Your Code Will Run Safely, Code-Access Security in the Real World, Windows Installer Deployment, Cabinet-File Deployment, Deploy and Run Your Application in the .NET Security Sandbox, Deploy and Run Your Application in the .NET Security Sandbox
- chained calls, Security Zones and Permissions
- components, restricting, Code-Access Security
- cooperating with system, Ensuring That Your Code Will Run Safely
- defaults, How Actions Are Considered Safe or Unsafe
- defined, Code-Access Security
- Demands, How Actions Are Considered Safe or Unsafe, It’s On By Default
- deployment, Ensuring That Your Code Will Run Safely, Windows Installer Deployment, Cabinet-File Deployment
- digital signatures, Ensuring That Your Code Will Run Safely
- evidence, Code-Access Security, Security Zones and Trust Levels
- file access sample, Code-Access Security Preempts Application Role-Based Security
- functions blocked by default, How Actions Are Considered Safe or Unsafe
- goals of, Code-Access Security, What Code-Access Security Is Meant To Protect
- highly-trusted applications, Code-Access Security
- highly-untrusted applications, Code-Access Security
- Internet Explorer zones, Security Zones and Trust Levels
- Internet warning, How Actions Are Considered Safe or Unsafe
- isolated storage, Ensuring That Your Code Will Run Safely
- loading options for applications, Ensuring That Your Code Will Run Safely
- location factor, Code-Access Security
- luring attacks, Security Zones and Permissions
- modifying policy, Ensuring That Your Code Will Run Safely
- network share file access, Run Your Code in Different Security Zones
- next generation applications, Code-Access Security in the Real World
- OS restrictions, Code-Access Security Preempts Application Role-Based Security
- permission types, Code-Access Security
- preemption of roles, Code-Access Security vs. Application Role-Based Security
- preventing execution, means of, How Actions Are Considered Safe or Unsafe
- purpose of, Code-Access Security
- role-based security, compared to, Code-Access Security vs. Application Role-Based Security
- safe vs. unsafe actions, Code-Access Security
- sandboxes, Deploy and Run Your Application in the .NET Security Sandbox
- security zones, Security Zones and Trust Levels
- SecurityException, Run Your Code in Different Security Zones
- settings, storing, Ensuring That Your Code Will Run Safely
- single computer, applications on, Code-Access Security Preempts Application Role-Based Security
- system components, It’s On By Default
- tactics for critical operations, How Visual Basic .NET Determines Zone
- trust, Code-Access Security, Security Zones and Trust Levels
- unexpected results from, It’s On By Default
- Windows Installer for permissions with, Deploy and Run Your Application in the .NET Security Sandbox
- collisions, Hash Digests
- column level authorization, SQL Server Authorization
- COM interop–based exceptions, Global Exception Handlers
- commenting in code, Respond to Threats
- CompareValidator, Validation Tools Available to ASP.NET Web Applications
- components, Code-Access Security, Security Zones and Permissions, Prioritize Analysis Based on the Function of Each Component
- access, restricting, Code-Access Security
- code security of, Security Zones and Permissions (see )
- diagramming for threat analysis, Prioritize Analysis Based on the Function of Each Component
- conflicts, multiuser, Handling Exceptions
- constants, viewing, Create a Blueprint of Your Application
- control systems, Securing Web Applications
- controls, validating input of, Validation Tools Available to ASP.NET Web Applications
- cookies, Forms Authentication, Forms Authentication, Parse Method, Testing Tools, Draw Architectural Sketch and Review for Threats, Prioritize Threats
- attacks with, Draw Architectural Sketch and Review for Threats, Prioritize Threats
- Cookie Pal, Testing Tools
- Cookies collection, Parse Method
- Forms authentication generated, Forms Authentication, Forms Authentication
- costs, increasing, trend of, What Happens Next?
- CPU starvation attacks, Application Attacks and How to Avoid Them, Defensive Techniques for DoS Attacks
- crashes, Application Attacks and How to Avoid Them, Where Exceptions Occur
- DoS attacks creating, Application Attacks and How to Avoid Them
- exceptions caused by, Where Exceptions Occur
- Create keyword, Review Code for Threats
- credit cards, Securing Web Applications in the Real World
- cross-site scripting attacks, Cross-Site Scripting Attacks, Cross-Site Scripting Attacks, Cross-Site Scripting Attacks, Cross-Site Scripting Attacks, Cross-Site Scripting Attacks, Cross-Site Scripting Attacks, Cross-Site Scripting Attacks, When HTML Script Injection Becomes a Problem, When HTML Script Injection Becomes a Problem, When HTML Script Injection Becomes a Problem, When HTML Script Injection Becomes a Problem, Use Server.HtmlEncode and Server.UrlEncode, Use Server.HtmlEncode and Server.UrlEncode, Use Server.HtmlEncode and Server.UrlEncode, Use Server.HtmlEncode and Server.UrlEncode, Use Server.HtmlEncode and Server.UrlEncode, Use Server.HtmlEncode and Server.UrlEncode, Create a Blueprint of Your Application
- dangerous HTML scripts, Cross-Site Scripting Attacks
- defensive techniques, When HTML Script Injection Becomes a Problem
- defined, Cross-Site Scripting Attacks
- escape sequences, Use Server.HtmlEncode and Server.UrlEncode
- HTML entities, Use Server.HtmlEncode and Server.UrlEncode
- HTML link creation for, When HTML Script Injection Becomes a Problem
- input length checks, Use Server.HtmlEncode and Server.UrlEncode
- inserting false logon pages, When HTML Script Injection Becomes a Problem
- problems with HTML, Cross-Site Scripting Attacks
- Request.QueryString, Use Server.HtmlEncode and Server.UrlEncode
- Server.HtmlEncode, When HTML Script Injection Becomes a Problem
- Server.UrlEncode, Use Server.HtmlEncode and Server.UrlEncode
- testing against, Create a Blueprint of Your Application
- turning off Request object validation, Cross-Site Scripting Attacks
- ValidateRequest attribute, Cross-Site Scripting Attacks, Use Server.HtmlEncode and Server.UrlEncode
- VB .NET 2003 protection from, Cross-Site Scripting Attacks
- vulnerable application example, Cross-Site Scripting Attacks
- CSRs (certificate signing requests), How SSL Works
- currency validation, Parse Method
- CustomValidator, Validation Tools Available to ASP.NET Web Applications
- cyber-terrorism, The Arms Race of Hacking
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.