CISSP All-in-One Exam Guide, Eighth Edition by Shon Harris & Fernando Maymi
Author:Shon Harris & Fernando Maymi [Harris, Shon]
Language: eng
Format: epub
Publisher: McGraw-Hill Education
Published: 2018-10-26T05:00:00+00:00
NOTE Some cookies are stored as text files on your hard drive. These files should not contain any sensitive information, such as account numbers and passwords. In most cases, cookies that contain sensitive information stay resident in memory and are not stored on the hard drive.
So, suppose you look at your checking account, do some work there, and then request to view your savings account information. The web server sends a request to see if you have been properly authenticated for this activity by checking your cookie.
Most online banking software also periodically requests your cookie to ensure no man-in-the-middle attacks are going on and that someone else has not hijacked the session.
It is also important to ensure that secure connections time out. This is why cookies have timestamps within them. If you have ever worked on a site that has an TLS connection set up for you and it required you to reauthenticate, the reason is that your session has been idle for a while and, instead of leaving a secure connection open, the web server software closed it out.
A majority of the data within a cookie is meaningless to any entities other than the servers at specific sites, but some cookies can contain usernames and passwords for different accounts on the Internet. The cookies that contain sensitive information should be encrypted by the server at the site that distributes them, but this does not always happen, and a nosy attacker could find this data on the user’s hard drive and attempt to use it for mischievous activity. Some people who live on the paranoid side of life do not allow cookies to be downloaded to their systems (which can be configured through browser security settings). Although this provides a high level of protection against different types of cookie abuse, it also reduces their functionality on the Internet. Some sites require cookies because there is specific data within the cookies that the site must utilize correctly in order to provide the user with the services she requested.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
| Cryptography | Encryption |
| Hacking | Network Security |
| Privacy & Online Safety | Security Certifications |
| Viruses |
Effective Threat Investigation for SOC Analysts by Yahia Mostafa;(6546)
Practical Memory Forensics by Svetlana Ostrovskaya & Oleg Skulkin(6264)
Machine Learning Security Principles by John Paul Mueller(6235)
Attacking and Exploiting Modern Web Applications by Simone Onofri & Donato Onofri(5907)
Operationalizing Threat Intelligence by Kyle Wilhoit & Joseph Opacki(5867)
Solidity Programming Essentials by Ritesh Modi(4018)
Microsoft 365 Security, Compliance, and Identity Administration by Peter Rising(3659)
Operationalizing Threat Intelligence by Joseph Opacki Kyle Wilhoit(3391)
Future Crimes by Marc Goodman(3347)
Mastering Python for Networking and Security by José Manuel Ortega(3345)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3332)
Blockchain Basics by Daniel Drescher(3297)
Learn Computer Forensics - Second Edition by William Oettinger(3154)
Mobile App Reverse Engineering by Abhinav Mishra(2881)
Incident Response with Threat Intelligence by Roberto Martínez(2874)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2869)
The Code Book by Simon Singh(2827)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2780)
Building a Next-Gen SOC with IBM QRadar: Accelerate your security operations and detect cyber threats effectively by Ashish M Kothekar(2718)
