F

FAT file system, "I’m Already Protected. I’m Using a Firewall.", Automated Tools

file-based attacks, Defending Against Memory and Resource DoS Attacks

files, How Actions Are Considered Safe or Unsafe, Run Your Code in Different Security Zones, Security Zones and Permissions, Local Intranet, Internet, and Trusted Sites Zones, Cooperating with the Security System, File-Based or Directory-Based Attacks, Where Exceptions Occur, Testing Tools, Automated Tools, Turn Off Unnecessary Sharing

code-based security, Run Your Code in Different Security Zones

exceptions arising from problems with, Where Exceptions Occur

FileMon, Testing Tools

FileOpen function, How Actions Are Considered Safe or Unsafe, Cooperating with the Security System

non-canonical names, File-Based or Directory-Based Attacks

permissions, Security Zones and Permissions, Local Intranet, Internet, and Trusted Sites Zones, Automated Tools

sharing, software, Turn Off Unnecessary Sharing

Finally clauses, Exception Handling

firewalls, Windows Integrated Security Authentication, Locking Down Windows, Internet Information Services, and .NET, Disable and Delete Unnecessary Accounts, Named-Pipes vs. TCP-IP, Step 8: No Back Doors, Step 8: No Back Doors

design considerations, Step 8: No Back Doors

installing, Disable and Delete Unnecessary Accounts

locking down, need for, Locking Down Windows, Internet Information Services, and .NET

purpose of, Step 8: No Back Doors

recommended, Named-Pipes vs. TCP-IP

Windows integrated security with, Windows Integrated Security Authentication

fixes for attacks, deploying, Prepare for a Response

folders, permissions for, Code-Access Security Preempts Application Role-Based Security

footprinting, Plan of Attack—The Test Plan

Form collection, Parse Method, Review Code for Threats

Forms authentication, ASP.NET, ASP.NET Authentication, EmployeeManagementWeb Practice Files, EmployeeManagementWeb Practice Files, Forms Authentication, Forms Authentication, Forms Authentication, Forms Authentication, Forms Authentication, Forms Authentication, Forms Authentication, Forms Authentication, Forms Authentication, Forms Authentication, Install the Passport SDK

adding secure areas, Forms Authentication

Anonymous user access, denying, Forms Authentication

best use for, Install the Passport SDK

Config file for, Forms Authentication

cookies for, Forms Authentication, Forms Authentication

defined, ASP.NET Authentication

encryption for, Forms Authentication

FormsAuthentication class, Forms Authentication

logging out, code for, Forms Authentication

login pages, EmployeeManagementWeb Practice Files, Forms Authentication

process of, EmployeeManagementWeb Practice Files

setting, Forms Authentication

forms, Windows, How Visual Basic .NET Determines Zone (see )

forms-based security, Forms Authentication (see )

FormsIdentity objects, Role-Based Authorization

frmAddNew sample form, Employee Management System

frmDashboard sample form, Employee Management System

frmLogin sample form, Employee Management System

frmManage sample form, Employee Management System

frmMyInto sample form, Employee Management System

frmRemoveUser sample form, Employee Management System

Full Rights model, Microsoft Access Authentication and Authorization

Full Trust, Security Zones and Trust Levels, Security Zones and Permissions

limits of, Security Zones and Trust Levels

permissions under, Security Zones and Permissions

functions, Use Quotes Around All Path Names, Create a Blueprint of Your Application, Deploy .NET Enterprise Security Policy Updates

buffer overrun vulnerability, Use Quotes Around All Path Names

obfuscating, Deploy .NET Enterprise Security Policy Updates

vulnerability, Create a Blueprint of Your Application