2.4 |
Client side functionalities- CSS..................................................................................... 33 |
|
2.5 |
Client side functionalities – Java Script...................................................................... 34 |
|
2.6 |
Server side functionalities............................................................................................... 35 |
|
2.7 |
Server side functionalities- Web Servers.................................................................. 36 |
|
2.7.1 |
Netscape enterprise server:................................................................................ 36 |
|
2.7.2 |
Apache server:........................................................................................................... 36 |
|
2.7.3 |
Microsoft IIS:.............................................................................................................. 36 |
|
2.8 |
Server side functionalities- Scripting languages.................................................... 37 |
|
2.8.1 |
PHP:................................................................................................................................ 37 |
|
2.8.2 |
Perl:................................................................................................................................. 37 |
|
2.8.3 |
VBscript:....................................................................................................................... 38 |
|
2.9 |
Server side functionalities- frameworks................................................................... 38 |
|
2.9.1 |
Ruby on rails:............................................................................................................. 38 |
|
2.9.2 |
ASP. NET:....................................................................................................................... 39 |
|
2.9.3 |
Java:................................................................................................................................ 39 |
|
2.10 |
Server side functionalities- Database Access.......................................................... 39 |
|
2.11 |
Server side functionalities- Web Services................................................................ 40 |
|
2.12 |
QUIZ:........................................................................................................................................ 43 |
|
Chapter 3 |
Vulnerabilities and threat models................................................................... 46 |
|
3.1 |
Vulnerabilities, threats and attack............................................................................... 47 |
|
3.2 |
Threats risk modeling........................................................................................................ 48 |
|
3.2.1 |
Definition:.................................................................................................................... 48 |
|
3.2.2 |
Threat modeling process:.................................................................................... 48 |
|
3.3 |
Threats and vulnerabilities models-IIMF.................................................................. 50 |
|
3.4 |
Threats and vulnerabilities models- CIA................................................................... 50 |
|
3.4.1 |
Confidentiality:.......................................................................................................... 50 |
|
3.4.2 |
Integrity:....................................................................................................................... 51 |
|
3.4.3 |
Availability:................................................................................................................. 51 |
|
3.5 |
Threats and vulnerabilities models- STRIDE............................................................ 52 |
|
3.5.1 |
Spoofing:...................................................................................................................... 52 |
|
3.5.2 |
Tampering Data:....................................................................................................... 52 |
|
3.5.3 |
Repudiation:............................................................................................................... 52 |
|
3.5.4 |
Information disclosure:........................................................................................ 52 |
|
3.5.5 |
Denial of service:...................................................................................................... 53 |