P
- packet sniffing tools, Securing Web Applications
- Page objects, IsValid property, Validation Tools Available to ASP.NET Web Applications
- Page_Load events, Install the Passport SDK, How SSL Works
- Params collection, Parse Method, Review Code for Threats
- Parse method, General Language Validation Tools
- partially trusted DLLs, Strong Names vs. Weak Names
- passphrases, Keeping Private Keys Safe
- Passport authentication, Role-Based Authorization, ASP.NET Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Passport Authentication, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK, Install the Passport SDK
- Administration Utility, Install the Passport SDK
- advantages, Passport Authentication
- best use, Install the Passport SDK
- client setup, Passport Authentication
- creating the application, Install the Passport SDK
- defined, ASP.NET Authentication
- encryption key, Install the Passport SDK
- fields for new applications, Install the Passport SDK
- live environment restoration, Install the Passport SDK
- MSN Messenger, Passport Authentication
- Page_Load handler, Install the Passport SDK
- passport, acquiring, Passport Authentication
- PassportIdentity object, Role-Based Authorization, Passport Authentication
- preproduction environment, Passport Authentication
- preproduction passport signup, Install the Passport SDK
- process, Passport Authentication
- purpose, Passport Authentication
- registering new applications, Install the Passport SDK
- SDK installation, Passport Authentication
- server configuration, Install the Passport SDK
- SiteID, obtaining, Install the Passport SDK
- soft sign-ins, Install the Passport SDK
- steps for implementing, Passport Authentication
- switching environments, Passport Authentication
- password-cracking attacks, Mitigating Threats
- PasswordChar property of TextBox, Direct User Input
- passwords, Hash Digests, Hash Digests, Hash Digests, Public Key Encryption, Hiding Unnecessary Information, Hiding Unnecessary Information, Security Zones and Permissions, Create a Blueprint of Your Application, Testing Tools, Fundamental Lockdown Principles, Turn Off Unnecessary Sharing, Turn Off Unnecessary Sharing, SQL Server Authentication, Microsoft Access Authentication and Authorization, Locking Down SQL Server, Mitigating Threats, Mitigating Threats, Microsoft Initiatives
- Access database authentication, Microsoft Access Authentication and Authorization
- authenticating, Hiding Unnecessary Information
- BIOS, Turn Off Unnecessary Sharing
- blank, Security Zones and Permissions, SQL Server Authentication
- constants, stored as, Create a Blueprint of Your Application
- hash digests, Hash Digests
- hiding entry, Hiding Unnecessary Information
- IIS version 6.0, Microsoft Initiatives
- mitigating threats, Mitigating Threats
- removing fields from databases, Public Key Encryption
- screen saver, Turn Off Unnecessary Sharing
- SQL Server, Locking Down SQL Server
- strong, Fundamental Lockdown Principles
- time-outs for accepting, Mitigating Threats
- tools for cracking, Testing Tools
- unencrypted, dangers, Hash Digests
- verifying with hash digests, Hash Digests
- patches, Fundamental Lockdown Principles, Named-Pipes vs. TCP-IP, The Arms Race of Hacking
- not installing, reasons, The Arms Race of Hacking
- OS security, Fundamental Lockdown Principles
- recommended, Named-Pipes vs. TCP-IP
- paths, File-Based or Directory-Based Attacks, Enforce Canonical Filenames, Child-Application Attacks
- GetFullPath method, Enforce Canonical Filenames
- noncanonical, File-Based or Directory-Based Attacks
- parsing in Windows, Child-Application Attacks
- PEAP (Protected Extensible Authentication Protocol), Microsoft Initiatives
- people as a design challenge, Design Challenges
- PerformanceCounterPermission, Security Zones and Permissions
- permissions, What Code-Access Security Is Meant To Protect, Security Zones and Trust Levels, Security Zones and Permissions, Security Zones and Permissions, Security Zones and Permissions, Security Zones and Permissions, Security Zones and Permissions, Local Intranet, Internet, and Trusted Sites Zones, Ensuring That Your Code Will Run Safely, Example: Create a Test Tool for Testing Web Applications, Deploying .NET Security Policy Updates, Update .NET Enterprise Security Policy, Update .NET Enterprise Security Policy, Update .NET Enterprise Security Policy, SQL Server Authorization, Microsoft Access User-Level Security Models, Locking Down SQL Server
- code-access, Security Zones and Permissions (see )
- evidence, Update .NET Enterprise Security Policy
- full, granting, Security Zones and Permissions, Update .NET Enterprise Security Policy
- Local Intranet zone, Security Zones and Permissions
- Microsoft Access, Microsoft Access User-Level Security Models
- modifying policy, Ensuring That Your Code Will Run Safely
- policy manager, Update .NET Enterprise Security Policy
- purpose, What Code-Access Security Is Meant To Protect
- security policy attributes, table, Deploying .NET Security Policy Updates
- security zones, granting, Security Zones and Trust Levels
- SQL Server, SQL Server Authorization, Locking Down SQL Server
- testing for appropriate, Example: Create a Test Tool for Testing Web Applications
- trust level defaults, Security Zones and Permissions
- Trusted Sites zone, Security Zones and Permissions
- version differences, Local Intranet, Internet, and Trusted Sites Zones
- physical security, locking down, "I’m Already Protected. I’m Using a Firewall."
- plain text, Encryption
- planning, Testing for Attack-Resistant Code, Filter and Prioritize Tests for Each Scenario, Prepare for a Response, Prioritize Analysis Based on the Function of Each Component
- response plans for attacks, Prepare for a Response
- testing, Testing for Attack-Resistant Code, Filter and Prioritize Tests for Each Scenario
- threat analysis, Prioritize Analysis Based on the Function of Each Component
- policy manager, Update .NET Enterprise Security Policy
- ports, Step 8: No Back Doors
- posing as users attacks, Mitigating Threats
- practice files for chapters, Encryption, Guide to the Code Samples
- Principal, Role-Based Authorization
- principle of least privilege, Role-Based Authorization
- printing, permission for, Security Zones and Permissions, Local Intranet, Internet, and Trusted Sites Zones
- prioritizing threats, Identify Threats
- privacy, What Happens Next?
- private key encryption, Hash Digests, Private Key Encryption, Private Key Encryption, Private Key Encryption, Private Key Encryption, Private Key Encryption, Keeping Private Keys Safe, Keeping Private Keys Safe, Keeping Private Keys Safe, Keeping Private Keys Safe, Keeping Private Keys Safe, Keeping Private Keys Safe, Keeping Private Keys Safe, Public Key Encryption, Secure Sockets Layer, Contents of SecurityLibrary.vb
- applications, Private Key Encryption
- brute force attacks, Keeping Private Keys Safe
- decryption function, Private Key Encryption
- defined, Hash Digests
- DES, Private Key Encryption (see )
- directory security, Keeping Private Keys Safe
- encrypting keys, Keeping Private Keys Safe
- export restrictions, Public Key Encryption
- function, creating, Private Key Encryption, Contents of SecurityLibrary.vb
- installation issues, Keeping Private Keys Safe
- login credentials as keys, Keeping Private Keys Safe
- safety of keys, Keeping Private Keys Safe
- SSL, Secure Sockets Layer
- storing data with, Private Key Encryption
- storing keys safely, Keeping Private Keys Safe
- privileges, Role-Based Authorization, Code-Access Security, SQL-Injection Attacks, Child-Application Attacks, Example: Create a Test Tool for Testing Web Applications, Fundamental Lockdown Principles, Determining Who Is Logged On
- child-application attacks, effects, Child-Application Attacks
- elevating, attack by, Code-Access Security
- least, principle, Role-Based Authorization, SQL-Injection Attacks, Fundamental Lockdown Principles
- SQL Server, Determining Who Is Logged On
- testing for appropriate, Example: Create a Test Tool for Testing Web Applications
- profiling, Plan of Attack—The Test Plan, Testing Tools
- Protected Extensible Authentication Protocol (PEAP), Microsoft Initiatives
- PSNs (Processor serial numbers), Privacy vs. Security
- public function vulnerability, Create a Blueprint of Your Application, Mitigating Threats, Review Code for Threats
- public key encryption, Keeping Private Keys Safe, Keeping Private Keys Safe, Keeping Private Keys Safe, Public Key Encryption, Public Key Encryption, Public Key Encryption, DPAPI Encryption
- defined, Keeping Private Keys Safe
- functions for, creating, Public Key Encryption, DPAPI Encryption
- private key component of, Keeping Private Keys Safe
- purpose of, Keeping Private Keys Safe
- RSA algorithm for, Public Key Encryption
- slowness of, Public Key Encryption
- Public keyword, Create a Blueprint of Your Application, Mitigating Threats, Review Code for Threats
- publisher identity security policy attribute, Update .NET Enterprise Security Policy
- PWDump, Testing Tools
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.