-
Patrick J. Wasson changed their profile picture 4 years, 2 months ago
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 4 years, 11 months ago
Hi Class,
I have posted your final activity, participation, final exam and final letter grades for the semester (All points are out of 100). In terms of the final exam the class average was 80%. In terms of y […]
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 4 years, 11 months ago
Hi Class,
Last night we had our last in-person class and held a comprehensive review in preparation for the Final Exam. I will be sending out the take-home Final Exam to you the week of 12/1 (Likely either […]
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 4 years, 12 months ago
Explain why web applications have become such a target for hackers. In addition, choose one of the Top 10 vulnerabilities we covered in class and describe why you think it is important to securing web applications.
-
Web application is a program and it relates to web server and its databases. Hacker love to hack web application because if they can install a malware on web application or inject its SQL, hackers can steal the information of users who was visit the website and gain benefit by selling or using the users information. SQL injection makes me biggest impression because injecting SQL hacker can read sensitive data on database and modify data. This can cause big financial loss, reputation loss for a company. So I think SQL injection is a big issue for cybersecurity.
-
Web applications have been targeted by hackers because firewalls don’t work well these days, but Web applications must let users into their network/system to see and use their sites, which is what Web applications do.Hackers can exploit vulnerabilities opened by web applications to attack from web servers to database servers and obtain customer data.One example is SQL injection, which spoofs the system as long as the result is a single line.I think a glaring hole in web application security is the unsecured direct object reference.Web developers must ensure that the user name is not in the URL because the URL is shareable.Thus, if someone shares a URL when logging into their user account, the next person to click on that URL may have access to any information in that account
-
Web applications have become such a target for hackers because they often store valuable data such as credit card numbers, personally identifiable information (PII) and financial data. I think that A6-Sensitive Data Exposure is important in securing web applications. At first, sensitive data exposure leads to financial loss. Harkers use sensitive data in an illegal way. Secondly, the web application has low-level control, which is easy to get sensitive data. Finally, sensitive data exposure shows IT vulnerabilities.
-
The design of the application itself is not the target of the hacker, but the huge database behind the application. These data have PII, payment information and so on. This information is like money in a bank vault. When a hacker gets credit card information, he can turn it into money. OWASP security coding theory believes that the significance of OWASP is preventing the risk and vulnerability caused by improper operation in the process of program development. Web applications are even more important. A program needs to be protected when its source of code is exposed to the public. The SQL injection is a good example. Simple error with chatterer or symbols may cause a huge data breach.
-
Web applications have become a huge target for hackers because hackers will use a running script and malware to penetrate the system they want to take over. It’s easier to do this when the application is web-based because it’ll use access through the internet to try to get through the systems. While for example. if this was a form application, the process would differ and may present as a harder challenge/different process. One of the top 10 vulnerabilities we spoke about in class is the Cross Site Scripting. A hacker could easily send an individual a link containing malware, and if the person clicks the link the hacker gains access to that device. It’s so important to secure web applications because more often than not, we see people fall into phishing scams or even allow social engineering methods trick individuals into granting unauthorized access to sensitive data.
-
Web applications have become such a target for hackers because they are direct port into the database. Many web applications are either imputing information directly into databases or pulling information directly form the database or a combination of both. Therefore this gives hackers a public direct point of access.
Injection flaws are important to secure against because they are very easy to attempt. If someone already knows how to write SQL commands it takes very little effort to writ a command and submit it through to a web app. Hackers can use this to get unauthorized access or implant malicious code in a database. Because it is so easy to attempt and there are so many places where hackers can submit their script it is important to secure against this vulnerability.
-
Web applications have become such a target for hackers as more and more companies move their applications to web for convenience, so that the value of web applications becomes higher than before. In my opinion, injection flaws is the most important to securing web applications as injection is one of the most easy way for hackers to access your application without noticing anyone. Also they will have full access to the web application so that they can steal and change lots of data which will bring a huge loss for the company.
-
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 4 years, 12 months ago
Hi Class, good work last night. To recap: We covered Web Applications security, including coverage of the Top 10 most common vulnerabilities.
In addition, we went through and completed the Web Hacking […]
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 5 years ago
Why do we store data in separate tables and not in one big table? Explain to me how we take an ERD and translate boxes and lines in the ERD into a SQL statement. What is needed in order to design an ERD? Wha […]
-
We store the data in a separate table instead of storing it in a large table because we need to process the information in a more direct way. The data table needs to be linked to another table through their relationship when we store the data through the primary key. In order to design ERD, we need to know and understand relationship about entities, entity attributes, primary keys. ERDs contain different symbols and connectors. They can visualize two kinds of information: the main entities of the system and the relationship between these entities.
-
We store data in separate tables and not in one big table because it makes sense to combine all of these tables into one big table of related content. In addition, it may be more convenient to split them. If people can make good use of ERD in database engineering, people can generate high-quality database design for database creation, management, maintenance, and provide a meaningful basis for communication between people. To work with multiple tables in a SQL statement are primary key and row, foreign Key and so on,
-
From the perspective of IT security, data stored separately can better protect the data.When hacked, hackers cannot download all the data at once.From the IT perspective, data stored separately can be easily and better managed, and the data managed separately makes the logic language functionality of SQL more variable.The ERD provides the relationship between each table.IT technicians can use the source code of SQL to design a new logical language that can flexibly use the separated data.
-
we store data i separate tables because it looks clear and users can see the relationship between each database and to use these data more efficiently. also, if one of database loss or be modified, technicians can restore the specific database. To design an ERD you need a Visual Paradigm, and you need to set up primary key and secondary key and build relationship between these databases.
-
Why do we store data in separate tables and not in one big table? Explain to me how we take an ERD and translate boxes and lines in the ERD into a SQL statement. What is needed in order to design an ERD? What is needed to work with multiple tables in a SQL statement?
It’s important to store data into separate tables and not one big table because this would allow the flow of the systems to work more efficiently. To take an ERD and translate the boxes and lines into a SQl statement, it’s important to use the main source/entity and incorporate it into the formula of a SQL statement. In order to design an ERD you would need an entity and incorporate all of the necessary data needed to form the ERD. To work with multiple tables in a SQL statement,an understanding of relationship must be in order to pair the tables together , using functions as well.
-
Storing information in separate small tables allows us to update a piece of information once instead of many times. In this set up we update the information on one table and then each time that information is referenced in another table, the updated information appears. Instead of updating that piece of information in every spot it would appear in one big table. We can translate and ERD into SQL statements by using the ERD as a guide that dictates which tables, keys, and relationships we must consider when writing the SQL statement. The commands are the same for every SQL statement, the ERD tell us what information to fill in between those commands. To design an ERD you need a Visual Paradigm. In order to work with 2 tables you need to understand the relationships and use and SQL statement to create an outer join or union.
-
Storing in separate tables makes relationship between data more understandable. By using ERD we will have a clear view on how to build the database level by level. A logical mind is required in order to design an ERD. Relationship between multiple tables is needed when working with multiple tables.
-
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 5 years ago
Hi Class,
Last night we continued our Database coverage and moved onto using MySQL Workbench, writing SQL queries, designing a database architecture and working within a db architecture.
Next week we will […]
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 5 years ago
What did you learn about how applications work in our coverage of C#? Research another programming language similar to C# and describe how it is similar/different!
-
In order for applications to work properly the PC needs to know how to process a very large amount of information, and programming languages like c# are basically the way a computer can understand what we need it to do. Java is similar to C# in the sense they are both object oriented program languages. This means that data modeling, basically blueprints, can be used as a backing and foundation of the eventual code to be used to run an application. C# is very windows focused as microsoft developed the programming language themselves. It’s the go to for working with microsoft applications. Java is used more for mobile apps and videogames. Android OS uses Java. Both are useful languages to know and ideal for beginners as they are in many popular applications.
I found this website in summarizing many different languages and their applications in today’s environment.. https://www.computerscience.org/resources/computer-programming-languages/
-
Although the C language provides many low-level processing functions, it still maintains cross-platform features. The C language program written in a standard specification can be used on many computer platforms including some embedded platforms such as embedded processors and supercomputers. As a representative of static object-oriented programming language, Java language implements object-oriented theory very well, allowing programmers to perform complex programming with elegant thinking. The C program is compiled and linked into a machine language. Under the control of the operating system, the CPU directly executes the EXE program code instructions.
The compiler can also be optimized to use the new instruction set, and the instructions are more efficient.
Java requires a virtual machine, and the Java program is compiled into bytecode, which is interpreted and executed by the virtual machine. -
In this chapter I learned about several functions about C# which includes initialize elements and how to write their functions and how to set the scope. One programming language similar to C# is JavaScript.
C# is common language infrastructure framework. JavaScript is designed for specific goals.
Similarities: they would respond if they found the data mistakenly assigned to different objects.
the garbage collection would remove objects to prevent memory leak.
C# and Java only support one path when user work on coding, which limits unintended effects.
Differences: C# designed for common language infrastructure framework. It integrated into the CLI and allows type information to be available at runtime. Only has one type of exception.
JavaScript designed t fallow developers to “write once, run anywhere.” It requires use of an interface to achieve similar functionality. -
In this chapter, I learned some of the design basics of C# and how the language builds computer applications. Both Java and C# are object-oriented languages.Java can be used on Windows, Linux and Unix systems.C# runs more on Windows. C# is more like a basic language, with more variety.JavaScript is mostly used for specific designs.Like games.
-
I thought it was interesting how using C#, computers are able to understand what is needed from them to perform whatever necessary action. Java and C# are similar in that they are both object-oriented programming languages. They are different in the C# is a Microsoft developed programming language that is mostly used in web and game development for mobile devices and is a much similar programming language. Whereas Java is more complex and be used for complex web based applications.
-
C# is a general-purpose and multi-paradigm programming language encompassing strong typing, imperative, declarative, functional, generic, object-oriented, and component-oriented programming disciplines that developed around 2000 by Microsoft. Compared to C and C++, I feel it is simpler and easier to use with the similar high operating efficiency and strong operating capability. In addition, C# and Java are similar programming languages that are typed statically, strongly, and object-oriented.
C # looks a lot like Java, it contains some procedures, such as single inheritance, interfaces, intermediate code compiled with almost the same syntax to run. -
I learned that C# is pronounced “see sharp” and that it is a general-purpose, multi-paradigm programming language which means that it can work across a multiple operating systems and domains. Applications run on these programming languages and the languages are built around certain instructions that can be procedural or object oriented. C# and Java are similar languages that are typed statically, object-oriented, and work across multiple platforms.
-
C# is a type-safe, object-oriented language that enables developers to build secure and powerful applications running on the.net Framework. You can use C# to create Windows client applications, XML Web services, distributed components, client-server applications, database applications, and more.
The difference between C ++ and C# is that C ++ is an object-oriented language, while C # is considered a component-oriented programming language. In C ++, you need to manage memory manually, while C # runs in a virtual machine, which automatically performs memory management. -
C# is a general-purpose, multi-paradigm programming language encompassing strong typing, lexically scoped, imperative, declarative, functional, generic, object-oriented , and component-oriented programming disciplines.
I’ve learnt C before so I’ll compare C and C#.
C is a structured programming language while C# is a object-orientated programming language. C can be used on many platforms while C# requires .NET Framework. C is more on functioning but not good looking while C# is more on good looking type. C supports pointer.
-
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 5 years ago
Hi Class,
As a reminder this week will be conducted via a pre-recorded webex that I will be posting under Schedules and Materials for Week 10.
This week we will cover Application Development, which included […]
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 5 years ago
We looked at two different types of applications last night: Forms Apps and Web Apps. What is the difference between the two? What are the advantages/disadvantages of each?
-
I think web application is runs in a web browser, such as webmail, online retail sales. Web apps is similar to from app because it’s run in the internet and executed on browser, which is huge advantage. Example of Web app would be youtube, it provides a platform for users to streaming videos.
-
In terms of web development, there are:
Shorter execution path
Reduce the need for management
You hardly have to deal with parallelism yourself.
There are far fewer resources to manage, or none — no operating system to handle.
The only downside is that it usually takes more time to install the development machine, and debugging Web applications is more difficult.Debugging is no longer an issue in the current state of the tool.
-
-
The main difference between form applications and web applications is that one requires internet connection, while the other one doesn’t. An advantage that a form application has is that, since it doesn’t require internet connection it can provide easy access for certain functions to be demonstrated. An example of a form application are programs such as adobe, PC games, Microsoft Office, etc. A disadvantage of the form application is that it can take up storage within the computer. For the web applications, Microsoft Office also has a web application feature, an example would be the autosave feature. A disadvantage for a web application is the lack of access if a network is not available to perform the necessary applications.
. -
Forms Applications can be used for Windows desktop Applications and should be designed according to the internal needs of the organization.Web applications, on the other hand, are designed on the Web and depend on the Web.Both have their own advantages and disadvantages.Form Aplplication can be used within the company, and it needs to be consistent with the company’s business and more diversified in design.However, when a form application is infected with malware, it is very difficult to detect, because it is difficult for conventional anti-virus software to detect self-designed applications.
The disadvantage of Web Application is that it depends on the network, and Web applications are more vulnerable to hacker attacks. -
The application creates a lot of convenience for our daily activities. Both form applications and web applications are designed to help us easily access the utilities they provide. But the form application is already set in the personal computer, such as camera, video player, calculator; and the web application is an application that can be accessed through the Internet, such as facebook, twitter.
The advantage of a form application is that it is secure, and hackers can only do minimal damage because it affects only one person’s user experience. -
Form apps are stored locally on your device and do not need a connection to the outside world. Advantage of a form app is that you do not need an internet connection for them to work. Disadvantage is that they will be less functional because they have limited information and cannot connect with other people. Web apps require a connection to the internet in order to access the applications unctions and data. The advantages are that they can do many more functions, communicate with other people, access infinitely more information and updates can be downloaded automatically. The disadvantages are that they require an internet connection and as a result are much more vulnerable.
-
There is a lot different between the Forms app and Web app. For the maintenance, Applications for the Web need to be installed only once, while desktop applications need to be installed separately on each computer. Also, for desktop applications, updating the application is cumbersome because it needs to be done on every computer, whereas Web applications are not. They are also different in using, Desktop applications are limited to physical locations and therefore have availability constraints. Web application development, on the other hand, makes it easy for users to access applications from anywhere using the Internet.
-
Forms Apps are installed on the device and Web Apps are installed on the server. Forms Apps run faster while Web Apps run slower. But when there is a patch or update, Forms Apps need to be updated on every device while Web Apps only need to be updated on the server.
-
-
Patrick J. Wasson wrote a new post on the site Enterprise IT Architecture for IT Auditors 5 years ago
Hi Class,
Last night we moved onto Application Software and covered an overview of web servers and applications. Additionally, we went through a hands-on breakthrough of IIS and Visual Studio.
Next week we […]
-
Patrick J. Wasson commented on the post, GUI vs CLI, on the site 5 years ago
Thanks for contributing to the discussion!!
-
Patrick J. Wasson commented on the post, GUI vs CLI, on the site 5 years ago
Thanks for contributing to the discussion!!
-
Patrick J. Wasson commented on the post, GUI vs CLI, on the site 5 years ago
Thanks for contributing to the discussion!!
-
Patrick J. Wasson commented on the post, GUI vs CLI, on the site 5 years ago
Thanks for contributing to the discussion!!
-
Patrick J. Wasson commented on the post, GUI vs CLI, on the site 5 years ago
Thanks for contributing to the discussion!!
-
Patrick J. Wasson commented on the post, What is the point of a Domain?, on the site 5 years ago
Thanks for contributing to the discussion!!
-
Patrick J. Wasson commented on the post, What is the point of a Domain?, on the site 5 years ago
Thanks for contributing to the discussion!!
-
Patrick J. Wasson commented on the post, What is the point of a Domain?, on the site 5 years ago
Thanks for contributing to the discussion!!
-
Patrick J. Wasson commented on the post, What is the point of a Domain?, on the site 5 years ago
Thanks for contributing to the discussion!!
- Load More