Storage Flashcards
What are the advantages and disadvantages of hardcoded storage?
Fast delivery of code/easy to implement.
- Later, soft-coding is done to allow parameters to be passed that give the end user a way to modify the results or outcome.
Considered an anti-pattern.
- Hard coding requires the program’s source code to be changed any time the input data or desired format changes, when it might be more convenient to the end user to change the detail by some means outside the program.
Hard to adapt
- Hardcoding file paths make it hard to adapt to another location.
Hard to internationalize
- Hardcoding of messages makes it hard to internationalize a program.
Raises security vulnerabilities
- Elaborate on the vulnerabilities of Hidden Form Fields and reverse Engineering when Hardcoded Storage is implemented.
Hidden fields are used in web pages to pass information about the current page to the server. The user does not need to see this data, but it is passed back to the server on submission so that scripts function correctly behind the scenes. Someone doing reverse engineering on software may use several tools to disassemble a program and reveal hardcoded data.
What is best practice for protecting Database Storage?
Adding a firewall and web firewall
Secure Database User Access
- Strong passwords should be enforced
- Password hashes should be stored encrypted and salted
- Accounts should be locked after three or four login attempts.
- A procedure should be put in place to ensure that accounts are deactivated when staff leave or move to different roles
Regularly Updating Operating Systems and Patches
Test Database Security
Encrypt Data and Backups
Avoid Using Default Network Ports
