Knowledge Share

Knowledge is NOT Power IMPLEMENTATION of knowledge is Power!!!
 
HomePortalGalleryCalendarFAQRegisterUsergroupsLog in

Share | 
 

 part2

View previous topic View next topic Go down 
AuthorMessage
Admin
Admin


Posts : 141
Points : 407
Reputation : 0
Join date : 2007-12-29
Location : Chennai

PostSubject: part2   Sat Aug 27, 2011 7:21 pm

3. What do you see as challenges to successfully deploying/monitoring web intrusion detection?

Goal of question – We are attempting to see if the applicant has a wide knowledge of web security monitoring and IDS issues such as:

• Limitations of NIDS for web monitoring (SSL, semantic issues with understanding HTTP)
• Proper logging – increasing the verboseness of logging (Mod_Security audit_log)
• Remote Centralized Logging
• Alerting Mechanisms
• Updating Signatures/Policies


4. What is your definition of the term “Cross-Site Scripting”? What is the potential impact to servers and clients?

Goal of question –This question will determine if the applicant is well versed in the terminology used in web security. The applicant needs to be able to articulate highly technological topics to a wide audience. The second question will help to verify that the applicant fully understands how XSS attacks work and the impact to client information.
Back to top Go down
http://knowledgeshare.forumotion.com
 
part2
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» Paj Tsiab 30 Nrhiav Tus Hlub
» Qeej Hmoob

Permissions in this forum:You cannot reply to topics in this forum
Knowledge Share :: Testing :: MANUAL TESTING-
Jump to: