Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Internet and Web Security > Cross-Cutting Concerns > Flashcards

Cross-Cutting Concerns Flashcards

1
Q

What is HTTPS?

A

End-to-end security based on TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Give the seven protocols/policies that increase Web security.

A
  • HTTPS

Simple Access Authentication (run over HTTPS):
* Basic Authentication
* HTTP Digest Access Authentication

Authorisation and Identity:
* OAuth 2.0 (Authorisation)
* OpenID Connect (Authentication)

  • Same-Origin Policy
  • Cross-Origin Resource Sharing (CORS) protocol
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What three considerations should be made for Web security regardless of protocols/policies employed.

A
  • Many more attacks possible
  • Formal methods are required to prove correctness of protocols.
  • The browser has become a very sophisticated software system, subject to many potential attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Discuss Scalability in Web Security.

A

Protocols have become more involved!
* HTTPS setup costs
* OAUTH interactions
* Preflight requests for Cross-Origin Resource Sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Give the six governing bodies (governance) of Web security.

A
  • W3C World Wide Web Consortium
  • IETF
  • OpenID
  • WhatWG
  • EU privacy laws (Cookie Law)
  • CAs and browser developers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe two ways in which the web layer is self-describable in relation to Web security.

A
  • WWW-Authenticate header
  • Use of OPTIONS and HEAD to query service for CORS and Security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Internet and Web Security (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions