CECY 311 – Web Development and Security

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/20

flashcard set

Earn XP

Description and Tags

These flashcards cover key concepts related to web development and security, including web applications, security risks, user access, and reactive measures against attacks.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

21 Terms

1
New cards

Web Applications

Applications that run on web servers and can include e-commerce, social networks, and online banking.

2
New cards

Static Website

A web page or site that delivers the same content to every visitor and does not require users to log in.

3
New cards

Dynamic Web App

Web applications that allow two-way information flow, requiring user authentication and enabling content submission.

4
New cards

Common Web App Functions

Typical uses of web applications including shopping, social networking, banking, web search, and more.

5
New cards

Cloud Services

Internal web applications such as HR systems, collaboration software, and email web interfaces.

6
New cards

Web App Security

The protection measures taken to guard sensitive data and prevent attackers from gaining access to backend systems.

7
New cards

OWASP Mobile Top 10 Risks

A list of common vulnerabilities in mobile applications, including weak server-side controls and poor authorization.

8
New cards

Input Validation

The practice of ensuring that incoming data is correct and safe to process, often the first line of defense against attacks.

9
New cards

Arbitrary Input

Data that a user can submit, which may include invalid or malicious information.

10
New cards

Access Control

The process of determining permissions for users and defining what resources they can access within an application.

11
New cards

Authentication

The process of verifying the identity of a user, traditionally using usernames and passwords.

12
New cards

Session Management

The handling of user sessions to maintain state across multiple requests and provide secure access control.

13
New cards

Boundary Validation

A security practice that entails validating data at defined trust boundaries between trusted and untrusted zones.

14
New cards

Sanitization

The process of modifying input data to make it safe for processing and prevent harmful data from being executed.

15
New cards

Multistep Validation

A security approach involving multiple layers of checks to ensure data integrity and safety.

16
New cards

Canonicalization

The process of converting data into a standard format to ensure accurate validation and processing.

17
New cards

Web Application Firewall (WAF)

A security tool that monitors and filters HTTP traffic to and from a web application.

18
New cards

Reacting to Attacks

Defensive strategies that include slowing response times and terminating sessions of suspicious activities.

19
New cards

Logging and Monitoring

The practice of recording access and system operations to track user activities and detect anomalies.

20
New cards

Error Handling

The methods used to inform users of issues without revealing sensitive information that could aid attackers.

21
New cards

Firewalls

Network security devices that monitor and control incoming and outgoing network traffic based on predetermined security rules.