Explain why web applications have become such a target for hackers. In addition, choose one of the Top 10 vulnerabilities we covered in class and describe why you think it is important to securing web applications.
Class Discussion
Database Architecture and Development
Why do we store data in separate tables and not in one big table? Explain to me how we take an ERD and translate boxes and lines in the ERD into a SQL statement. What is needed in order to design an ERD? What is needed to work with multiple tables in a SQL statement?
Programming Languages (For 10/31)
What did you learn about how applications work in our coverage of C#? Research another programming language similar to C# and describe how it is similar/different!
Forms Applications vs Web Applications
We looked at two different types of applications last night: Forms Apps and Web Apps. What is the difference between the two? What are the advantages/disadvantages of each?
Securing a MySQL DB Server
Last night we spent a decent amount of time discussing the database level of a database server as well as the operating system level of a database server. Why do you think we spent so much time discussing this? What are two main levels of security that affect a database server (hint: there are tables within the db itself, but these tables all boil down to files in a folder in windows) How do we ensure both levels are secured?
GUI vs CLI
After last night, which do you prefer? What are the benefits/drawbacks of a graphical user interface? What are the benefits/drawbacks of a command line interface? Why do you think understanding the command line is so vital to your future careers in IT Auditing?
What is the point of a Domain?
Why do we care about domains? Why is it ok for you to not be on a domain at home, but at work your company makes your work pc join their domain? What’s the point?
How does any of this relate to your future work as IT Auditors?
IP Addresses and Networks
After last night do IP Addresses mean anything more to you than before? We knew that they were your identity on the internet, but what else do they say about you? Understanding now the vast number of network components that make up a corporate network how do you think you will be a better IT Auditor after what we covered last night?
Importance of Understanding Storage Components
Last night we talked about a variety of storage components and how they all technically worked at a very detailed level. While you may never work in a factory that manufactures hard drives, as an IT Auditor why do you think it is important to understand and appreciate the variety of storage components that exist in an organization?
Why all the Operating Systems?
Why do you all think I am asking you to install multiple virtual machines with different operating systems using 2 different types of virtual machines hosting technology? Doesn’t it seem like a lot of work to have to download iso/dvd/exe files from the web and install them when we could just use MS Azure and host them in the cloud?
Why don’t I just ask you to sign up for azure and install one instance of windows server and do the OS lab? Why Linux, Windows Server 2012 and Windows 2008 both local and cloud based?
Do you think configuring 3 different types of operating systems will ever help you become better IT Auditors? Feel free to agree or disagree!