Web application security - the fast guide 1.1

Table of contents Chapter 1 information Security overview ......................................................................... 11 1.1 Information security definition ..................................................................................... 12 1.2 Applying security ................................................................................................................. 12 1.2.1 Design & Build it to be secure: ........................................................................... 12 1.2.2 Verify it is secure: .................................................................................................... 13 1.2.3 Protect it: ..................................................................................................................... 13 1.3 Layered Security .................................................................................................................. 14 1.3.1 The Physical layer: .................................................................................................. 15 1.3.2 Network Layer: ......................................................................................................... 15 1.3.3 Platform layer: ........................................................................................................... 15 1.3.4 Application layer: ..................................................................................................... 15 1.3.5 Data layer: ................................................................................................................... 15 1.3.6 The response layer:................................................................................................. 15 1.4 The security of layers: ....................................................................................................... 16 1.5 Application layer security: ............................................................................................... 17 1.6 Defense mechanisms ......................................................................................................... 17 1.6.1 Access: ............................................................................................................................ 17 1.6.2 Input: .............................................................................................................................. 19 1.6.3 Attacker: ........................................................................................................................ 20 1.6.4 Monitoring and auditing: ........................................................................................ 23 1.7 QUIZ.......................................................................................................................................... 24 Chapter 2 Web Application technologies ........................................................................... 26 2.1 Web Application technologies ....................................................................................... 27 2.2 HTTP issues ............................................................................................................................ 27 2.2.1 HTTP Request: ........................................................................................................... 28 2.2.2 HTTP Response: ....................................................................................................... 29 2.2.3 Different HTTP methods: ..................................................................................... 30 2.2.4 Cookies: ........................................................................................................................ 30 2.2.5 Securing HTTP: ......................................................................................................... 31 2.3 Client side functionalities -HTML .................................................................................. 31

Web application security - the fast guide 1.1 | страница 4