application defense Flashcards
a programming language designed to handle the occurrence of exceptions
error and exception handling
special conditions that change the normal flow of program executions
exceptions
the process of ensuring that a programs operates on clean, correct, and useful data is called
input validation
this mode makes it more difficult for malicious software to be installed on the computer
enable protected mode from internet explorer
it is used by internet explorer to control add-ons
ActiveX
text files, stored on a computer to save information about your preferences, browser settings, and web page preferences
cookies
cookies used by the site you are visiting
first party cookies
cookies placed by sites linked to the site you are visiting
third party cookies
software that allows users to share contents and access contents shared by other users
peer-to-peer (P2P)
this attack uses LDAP statements with arbitrary commands to exploit Web-based applications with access to a directory service.
LDAP injection
this attack injects and executes unwanted commands on the application
command injection
this attack includes database commands and those commands subsequently execute on the server.
SQL injection
this attacked forces a program to load a dynamic-link library (DLL).
DLL injection
this attack uses specific characters to traverse to the parent directory in a file system
Directory traversal
the process of including invalid data in an HTTP response header.
Header manipulation
