Web application security - the fast guide 1.1 | Page 4

Table of contents
Chapter 1
information Security overview ......................................................................... 11
1.1 Information security definition ..................................................................................... 12
1.2 Applying security ................................................................................................................. 12
1.2.1 Design & Build it to be secure: ........................................................................... 12
1.2.2 Verify it is secure: .................................................................................................... 13
1.2.3 Protect it: ..................................................................................................................... 13
1.3
Layered Security .................................................................................................................. 14
1.3.1 The Physical layer: .................................................................................................. 15
1.3.2 Network Layer: ......................................................................................................... 15
1.3.3 Platform layer: ........................................................................................................... 15
1.3.4 Application layer: ..................................................................................................... 15
1.3.5 Data layer: ................................................................................................................... 15
1.3.6 The response layer:................................................................................................. 15
1.4 The security of layers: ....................................................................................................... 16
1.5 Application layer security: ............................................................................................... 17
1.6 Defense mechanisms ......................................................................................................... 17
1.6.1 Access: ............................................................................................................................ 17
1.6.2 Input: .............................................................................................................................. 19
1.6.3 Attacker: ........................................................................................................................ 20
1.6.4 Monitoring and auditing: ........................................................................................ 23
1.7
QUIZ.......................................................................................................................................... 24
Chapter 2
Web Application technologies ........................................................................... 26
2.1 Web Application technologies ....................................................................................... 27
2.2 HTTP issues ............................................................................................................................ 27
2.2.1 HTTP Request: ........................................................................................................... 28
2.2.2 HTTP Response: ....................................................................................................... 29
2.2.3 Different HTTP methods: ..................................................................................... 30
2.2.4 Cookies: ........................................................................................................................ 30
2.2.5 Securing HTTP: ......................................................................................................... 31
2.3
Client side functionalities -HTML .................................................................................. 31