Index_T

Previous page
Table of content
Next page


T

table level authorization, SQL Server Authorization

tampering with data attacks, Table 14-1: STRIDE Threat Categories

tax, security as a, Design Challenges

TCP-IP

named-pipes, compared to, Named-Pipes vs. TCP-IP

Teleport Pro, Table 9-3: Test Tools

Telnet service, Turn Off Unnecessary Services

terrorism, Cyber-Terrorism

testing, Take the Attacker’s View

approaches to, Testing Approaches, Stress Testing

approaches, table of, Testing Approaches, Table 9-2: General Testing Approaches

attacker’ s view, taking, Take the Attacker’s View

automated unit testing, Table 9-2: General Testing Approaches, Automated Unit Testing, Table 9-3: Test Tools

benefits of security emphasis, Plan of Attack—The Test Plan

beta feedback, role of, Relying Too Much on Beta Feedback

blueprints of applications, Take the Attacker’s View, Create a Blueprint of Your Application

brainstorming scenarios, Brainstorm—Generate Security-Related Scenarios, Create Scenarios Based on Inroads for Attack

components of, Plan of Attack—The Test Plan

cost of, Filter and Prioritize Tests for Each Scenario, Failing to Factor In the Cost of Testing

creating tools, Create Your Own Test Tools, Example: Create a Test Tool for Testing Web Applications

database security, Create Scenarios Based on Inroads for Attack

debugging features for, Writing Self-Testing Code

deployment evironments, in, Test in the Target Environment

DLL spoofing, Create Scenarios Based on Inroads for Attack

features, security v. usefulness, Plan of Attack—The Test Plan

filtering tests, Filter and Prioritize Tests for Each Scenario

generating tests, Generate Tests, Filter and Prioritize Tests for Each Scenario

hidden fields, Create Scenarios Based on Inroads for Attack, Example: Create a Test Tool for Testing Web Applications

importance of, Chapter 9: Testing for Attack- Resistant Code, Make Testing for Security a Priority

inroads, scenarios based on, Create Scenarios Based on Inroads for Attack

insufficient, Testing Too Little, Too Late

lateness mistake, Testing Too Little, Too Late

manual testing, Table 9-2: General Testing Approaches, Ad Hoc, or Manual, Testing

mistakes, common, Common Testing Mistakes, Assuming Third-Party Components Are Safe

network redirection tools, Table 9-3: Test Tools

NUnit tool, Automated Unit Testing, Table 9-3: Test Tools

password cracking tools, Table 9-3: Test Tools

permission levels, Test in the Target Environment

plan development, Plan of Attack—The Test Plan

plan execution, Attack—Execute the Plan, Stress Testing

prioritizing scenarios, Get Focused—Prioritize Scenarios, Prioritize Security-Related Scenarios Based on Threats

prioritizing tests, Plan of Attack—The Test Plan, Filter and Prioritize Tests for Each Scenario

profile tools, Table 9-3: Test Tools

public functions, Create Scenarios Based on Inroads for Attack

real-world considerations, Testing in the Real World

relevance to scenarios, Filter and Prioritize Tests for Each Scenario

retasked components, Failing to Test and Retest for Security

reverse-engineering tools, Table 9-3: Test Tools

schedules for, Plan of Attack—The Test Plan

security aspect, Plan of Attack—The Test Plan

self-testing code, Table 9-2: General Testing Approaches, Writing Self-Testing Code

stress test tools, Table 9-3: Test Tools

stress testing, Table 9-2: General Testing Approaches, Stress Testing

target configurations, Plan of Attack—The Test Plan

third-party components, Assuming Third-Party Components Are Safe

tool creation, Create Your Own Test Tools, Example: Create a Test Tool for Testing Web Applications

tools for, Testing Tools, Example: Create a Test Tool for Testing Web Applications

unknown issues, narrowing, Failing to Test and Retest for Security

URL-based attacks, Create Scenarios Based on Inroads for Attack

usage scenarios, Plan of Attack—The Test Plan

user name input, Generate Tests

WebTester sample application, Example: Create a Test Tool for Testing Web Applications

XML file vulnerability, Create Scenarios Based on Inroads for Attack

text boxes

validating input, Validation Tools Available to Windows Forms Applications

third-party components, danger of, Assuming Third-Party Components Are Safe

Thread objects, Table 15-1: Visual Basic .NET Keywords to Look For_ (continued)

threat analysis

allocating time for, Allocate Time

architectural sketches for, Draw Architectural Sketch and Review for Threats

cost considerations, Allocate Time

defined, Analyze for Threats and Vulnerabilities

documentation, Plan and Document Your Threat Analysis

EMS example, prioritized table of threats, Prioritize Threats, Table 15-3: Prioritize Threats for the Employee Management System_ (continued)

key concepts of, Chapter 15: Threat Analysis Exercise

listing threats, Create a Laundry List of Threats, Table 15-1: Visual Basic .NET Keywords to Look For_ (continued)

planning, Plan and Document Your Threat Analysis

prioritizing components, Prioritize Analysis Based on the Function of Each Component

prioritizing threats, Prioritize Threats, Table 15-3: Prioritize Threats for the Employee Management System_ (continued)

response development, Respond to Threats

reviewing code, Review Code for Threats, Table 15-1: Visual Basic .NET Keywords to Look For_ (continued)

steps in process, Analyze for Threats

threat modeling

design phase, Step 5: Threat-Model the Vulnerabilities

threats

analyzing for. , see analyzing for vulnerabilities

bypassing UI attack, Table 14-2: Example of Common Attacks and Techniques to Mitigate Them

identifying, Identify and Prioritize, Table 14-1: STRIDE Threat Categories

intercepting data attacks, Table 14-2: Example of Common Attacks and Techniques to Mitigate Them

methods for avoiding damage from, Analyze for Threats and Vulnerabilities

mitigating, Prevent Attacks by Mitigating Threats, Table 14-2: Example of Common Attacks and Techniques to Mitigate Them

password-cracking attacks, Table 14-2: Example of Common Attacks and Techniques to Mitigate Them

posing as users, Table 14-2: Example of Common Attacks and Techniques to Mitigate Them

prioritizing, Prioritize Threats, Table 15-3: Prioritize Threats for the Employee Management System_ (continued)

real-world considerations, Security Threats in the Real World

response options for, Respond to Threats

severity, factors in, Prioritize Threats

tracking, Prioritize Threats

time limitations, Design Challenges

timestamp services, Strong Naming, Certificates, and Signing Exercise

TlntSvr service, Turn Off Unnecessary Services

TogglePassportEnvironment utility, Appendix A: Guide to the Code Samples, TogglePassportEnvironment utility, Figure A-12: Changing the Passport environment to pre-production

tools

locking down platforms, for, Automated Tools

Web-page manipulation, Table 9-3: Test Tools

tools available to hackers, What Happens Next?

tools, test, Testing Tools, Example: Create a Test Tool for Testing Web Applications

trace-back, Privacy vs. Security

TraceRt.exe, Chapter 5: Securing Web Applications

tracing routes, Chapter 5: Securing Web Applications

tracking threats, Prioritize Threats

training development teams, Step 3: Educate the Team

transactions

audit trails, Implementing an Audit Trail

repudiation, Implementing an Audit Trail

transport-level security., see ssl (secure sockets layer)

trends in security

arms race intensification, What Happens Next?

authentication, Privacy vs. Security

Big Brother systems, Privacy vs. Security

cost increases, What Happens Next?

government initiatives, Government Initiatives

IPv6 (Internet Protocol version 6), The IPv6 Internet Protocol

Microsoft initiatives, Microsoft Initiatives

privacy issues, Privacy vs. Security

trace-back, Privacy vs. Security

unified systems, What Happens Next?

virus intensification, What Happens Next?

Triple-DES, Private Key Encryption

decryption function, Private Key Encryption

defined, Private Key Encryption

function using, creating, Private Key Encryption

passphrases, Keeping Private Keys Safe

safety of keys, Keeping Private Keys Safe

trust

defined, How Actions Are Considered Safe or Unsafe

trust levels

code-access permission defaults, Security Zones and Trust Levels, Table 3-3: Full Trust Permissions Granted to My Computer Zone

defaults for zones, Security Zones and Trust Levels

Full Trust, Security Zones and Trust Levels

permissions associated with, Security Zones and Permissions

Trusted Sites zone

defined, Security Zones and Trust Levels

permissions for, Security Zones and Permissions, Local Intranet, Internet, and Trusted Sites Zones

scope of, How Visual Basic .NET Determines Zone

Trustworthy Computing initiative, Testing in the Real World, Microsoft Initiatives

Try...Catch blocks, Try…Catch or On Error GoTo, Exception Handling

Type keyword, Table 15-1: Visual Basic .NET Keywords to Look For_ (continued)



Previous page
Table of content
Next page
Security for Microsoft Visual Basic .NET
Security for Microsoft Visual Basic .NET
ISBN: 735619190
EAN: N/A
Year: 2003
Pages: 168
BUY ON AMAZON
C & Data Structures (Charles River Media Computer Engineering)
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
An Introduction to Design Patterns in C++ with Qt 4
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy