I

identifying threats, Analyze for Threats and Vulnerabilities

Identity, Role-Based Authorization

IDSs (intrusion detection systems), Detecting That an Attack Has Taken Place or Is in Progress

IIS (Internet Information Services), How SSL Works, SQL-Injection Attacks, Automated Tools, Enable Auditing, Disable and Delete Unnecessary Accounts, Disable and Delete Unnecessary Accounts, Disable and Delete Unnecessary Accounts, Remove Samples, Remove Samples, Remove Samples, Remove Samples, Prioritize Threats, Microsoft Initiatives

attacking with SQL-injection, SQL-Injection Attacks

direct connection attacks on, Prioritize Threats

disabling unecessary services, Disable and Delete Unnecessary Accounts

IUSR_<computername>, Remove Samples

locking down, Disable and Delete Unnecessary Accounts

logging, enabling, Remove Samples

sample sites, Remove Samples

script maps, disabling, Disable and Delete Unnecessary Accounts

SSL sections, specifying, How SSL Works

unnecessary client services, Enable Auditing

URLScan, Automated Tools, Remove Samples

version 6.0, Microsoft Initiatives

IIS Lockdown tool, Fundamental Lockdown Principles, Disable and Delete Unnecessary Accounts, Remove Samples

ILDasm, Create a Blueprint of Your Application, Testing Tools

Impersonation, Windows Integrated Security Authentication, Windows Integrated Security Authentication

Index Server, Disable and Delete Unnecessary Accounts

information disclosure attacks, Identify Threats

input, Hiding Unnecessary Information, Validating Input, Validating Input, Validating Input, Validating Input, Direct User Input, Validation Tools Available to ASP.NET Web Applications, Validation Tools Available to ASP.NET Web Applications, General Language Validation Tools, Parse Method, Don’t Rely on Data Sent to the Client, Input to Subroutines, Handling Exceptions, Create a Blueprint of Your Application, Create a Blueprint of Your Application, Example: Create a Test Tool for Testing Web Applications, Mitigating Threats, Review Code for Threats

ASP.NET validator controls, Validation Tools Available to ASP.NET Web Applications

attacker goals with, Create a Blueprint of Your Application

attacks, Mitigating Threats

direct user input, Validating Input

exceptions caused by, Handling Exceptions

free-form, Validating Input

hidden-field vulnerability, Hiding Unnecessary Information, Create a Blueprint of Your Application, Example: Create a Test Tool for Testing Web Applications

identifying sources of, Validating Input

keywords, dangerous, Review Code for Threats

kinds of, Validating Input

nonuser, Don’t Rely on Data Sent to the Client

numeric, validating, General Language Validation Tools

Request objects, Parse Method

subroutine input, Input to Subroutines

validation, Validation Tools Available to ASP.NET Web Applications (see )

Windows Forms, Direct User Input

installing practice files, Encryption

intercepting data attacks, Mitigating Threats

intercepting Internet messages, Securing Web Applications

interception of logon data, Prioritize Threats

Intermediate Language Disassembler (ILDasm.Exe), Create a Blueprint of Your Application, Testing Tools

Internet, Encryption in the Real World, It’s On By Default, Security Zones and Trust Levels, How Visual Basic .NET Determines Zone, How Visual Basic .NET Determines Zone

encryption for, Encryption in the Real World

security exceptions, It’s On By Default

Untrusted Sites zone, Security Zones and Trust Levels, How Visual Basic .NET Determines Zone

zones, How Visual Basic .NET Determines Zone (see )

Internet Explorer, Microsoft, Security Zones and Trust Levels

Internet Information Services, SQL-Injection Attacks (see )

Internet zone, Security Zones and Trust Levels

(see also )

intranets, It’s On By Default, Run Your Code in Different Security Zones, Security Zones and Trust Levels, Security Zones and Permissions, How Visual Basic .NET Determines Zone, Ensuring That Your Code Will Run Safely, Windows Integrated Security Authentication, Step 4: Design a Secure Architecture

architecture recommended, Step 4: Design a Secure Architecture

Local Intranet zone, Security Zones and Trust Levels, Security Zones and Permissions, Ensuring That Your Code Will Run Safely

Medium Trust security level, Run Your Code in Different Security Zones

security exceptions, It’s On By Default

Untrusted Sites zone, adding to, How Visual Basic .NET Determines Zone

Windows integrated security recommended for, Windows Integrated Security Authentication

IP numbers, resolving, Privacy vs. Security

IPSec, Locking Down SQL Server, Privacy vs. Security

IPv6 (Internet Protocol version 6), Privacy vs. Security

isolated storage, Ensuring That Your Code Will Run Safely

Isolated Storage Administration tool, Cooperating with the Security System

IsolatedFileStorage, Local Intranet, Internet, and Trusted Sites Zones

IsolatedStorageFilePermission, Security Zones and Permissions

IsValid property, Validation Tools Available to ASP.NET Web Applications

IUSR_<computername>, Remove Samples