Network Security FAQ Web Security

1. www.ConfigRouter.com Network​​Security​​FAQ:​​Web​​Security Q1.​​What​​is​​the​​difference​​between​​a​​right​​and​​a​​permission? Answer:​​A​​right​​applies​​to​​actions​​that​​involve​​accessing​​the​​resources​​of​​the​​operating​​system itself,​​such​​as​​shutting​​down​​the​​system.​​A​​permission​​applies​​to​​accessing​​the​​file​​system’s resources,​​such​​as​​reading​​and​​writing​​files. http://www.configrouter.com/network-security-faq-web-security-7451/ Q2.​​What​​can​​be​​done​​on​​a​​web​​server​​to​​make​​it​​more​​secure​​against​​intruders? Answer:​​Six​​options​​make​​a​​web​​server​​more​​secure: Harden​​the​​file​​system. Set​​account​​policies. Edit​​group​​rights. Rename​​critical​​accounts. Turn​​on​​auditing. Remove​​or​​disable​​unnecessary​​services. http://www.configrouter.com/network-security-faq-web-security-7451/ Q3.​​What​​is​​DAC? Answer:​​Discretionary​​Access​​Control​​(DAC)​​is​​a​​means​​of​​restricting​​access​​to​​information based​​on​​the​​identity​​of​​users​​and​​membership​​in​​certain​​groups.​​Access​​decisions​​are​​typically based​​on​​the​​authorizations​​granted​​to​​a​​user​​based​​on​​the​​credentials​​presented​​at​​the​​time​​of authentication​​(username,​​password,​​hardware/software​​token,​​and​​so​​on).​​In​​most​​typical​​DAC models,​​owners​​of​​information​​or​​resources​​can​​change​​permissions​​at​​their​​discretion​​(thus​​the name).​​DAC’s​​drawback​​is​​that​​the​​administrator​​cannot​​centrally​​manage​​these​​permissions​​on files​​and​​information​​stored​​on​​the​​web​​server. http://www.configrouter.com/network-security-faq-web-security-7451/ https://configrouternotes.blogspot.in  https://configrouter.tumblr.com/  https://in.pinterest.com/phaniconfig/ccna-online-training/  https://configrouternotes.wordpress.com/  https://twitter.com/PhaniConfig  https://trello.com/configrouter  http://flip.it/y5znjX  https://www.reddit.com/user/phani_config/  https://www.scoop.it/t/ccna-exam-answers 

2. www.ConfigRouter.com http://feeds.feedburner.com/ConfigRouter    CCNA​ ​200-125​ ​Dump​ ​With​ ​Questions​ ​​ ​and​ ​Answers​ ​with​ ​Explanation  CCNA​ ​NetAcad​ ​Training  CCNA​ ​RS​ ​Training  CCNA​ ​Cyber​ ​Ops​ ​Training  CCNA​ ​Data​ ​Center​ ​Training  CCNA​ ​Security​ ​Training https://www.youtube.com/c/CiscoNetworkingVideos Nexus​​OS​​Basics​​and​​Fundamentals​​Complete​​Video​​Course https://www.youtube.com/watch?v=pwn0sT4pOEo&list=PL9UP_4zHScPw49YXOCkK9UFRbPP S55RD2 CCNA​​Cyber​​Ops​​SECFND​​210-250​​Complete​​Video​​Course https://www.youtube.com/watch?v=eT88kco4u5M&list=PL9UP_4zHScPxTqWXRTbTHOUZ4IH BfItpZ CCNA​​Wireless​​200-355​​Complete​​Video​​Course https://www.youtube.com/watch?v=yNnGavnlTZ0&list=PL9UP_4zHScPweZMvKm2mhucuF0X- kO5jV CCNA​​Cloud​​CLDADM​​210-455​​Complete​​Video​​Course https://www.youtube.com/watch?v=GjD27VyOYEQ&list=PL9UP_4zHScPz35gaincmzptwnH1cB M8Oj CCNA​​Data​​Center​​DCICT​​200-155​​Complete​​Video​​Course https://www.youtube.com/watch?v=QMe8ZgviyZ4&list=PL9UP_4zHScPwrrIVgNHW8c2weI-pIgF DL CCNA​​Data​​Center​​DCICN​​200-150​​Complete​​Video​​Course https://www.youtube.com/watch?v=VAJv3C4BgjE&list=PL9UP_4zHScPyjupWBcyODSaJjlR7Se Ik- CCNA​​Cloud​​CLDFND​​200-451​​Complete​​Video​​Course https://www.youtube.com/watch?v=C3SdnXLAA7M&list=PL9UP_4zHScPy8PX3z55iFF0rW66n- 1PDf Q4.​​How​​can​​you​​enable​​logging​​on​​your​​IIS​​web​​server? Answer:​​To​​enable​​logging,​​open​​Internet​​Information​​Services​​in​​the​​Administrative​​tools​​menu,

3. www.ConfigRouter.com expand​​the​​tree,​​right-click​​Default​​Web​​Site,​​and​​choose​​Properties.​​On​​the​​Properties​​page, select​​the​​Web​​site​​tab. Near​​the​​bottom​​of​​that​​page,​​you​​need​​to​​make​​sure​​that​​the​​check​​box​​Enable​​logging​​is enabled.​​Now,​​select​​Properties.​​You​​can​​see​​that,​​by​​default,​​a​​new​​log​​file​​is​​created​​every day.​​The​​default​​log​​file​​directory​​is​​%WinDir%\System32\LogFiles;​​however,​​you​​should change​​this​​to​​point​​somewhere​​else,​​preferably​​to​​another​​server. http://www.configrouter.com/network-security-faq-web-security-7451/ Q5.​​What​​two​​methods​​restrict​​access​​to​​an​​IIS​​web​​server? Answer:​​The​​two​​methods​​that​​restrict​​access​​to​​an​​IIS​​web​​server​​are​​on​​a​​user-by-user​​basis or​​by​​IP​​addresses. http://www.configrouter.com/network-security-faq-web-security-7451/ Q6.​​List​​three​​popular​​scripting​​languages​​used​​on​​web​​servers​​that​​are​​executed​​by​​browsers when​​visiting​​the​​site. Answer:​​The​​three​​popular​​scripting​​languages​​used​​on​​web​​servers​​that​​are​​executed​​by browsers​​when​​visiting​​the​​site​​are​​Java,​​JavaScript,​​and​​VBScriptActiveX. http://www.configrouter.com/network-security-faq-web-security-7451/ Q7.​​Describe​​the​​four​​security​​zones​​that​​are​​available​​in​​Internet​​Explorer. Answer:​​The​​four​​security​​zones​​that​​are​​available​​in​​Internet​​Explorer​​are​​as​​follows: Internet​​Contains​​all​​websites​​that​​are​​not​​placed​​in​​another​​zone. Local​​Internet​​Contains​​all​​the​​websites​​that​​are​​on​​your​​company’s​​intranet.​​Here,​​you​​find​​all sites​​that​​have​​the​​same​​domain​​name​​as​​the​​one​​your​​PC​​is​​using. Trusted​​sites​​Contains​​websites​​that​​you​​trust​​will​​not​​damage​​your​​data.​​If​​you​​want​​to​​have trusted​​sites,​​you​​must​​add​​them​​manually. Restricted​​Contains​​websites​​that​​you​​do​​not​​trust​​because​​they​​might​​potentially​​damage​​your data.​​This​​is​​also​​a​​manual​​list. http://www.configrouter.com/network-security-faq-web-security-7451/ Q8.​​Briefly​​describe​​the​​four​​predefined​​security​​levels​​in​​Internet​​Explorer. Answer:​​The​​four​​predefined​​security​​levels​​in​​Internet​​Explorer​​follow. High This​​is​​the​​safest​​way​​to​​browse​​but​​also​​the​​least​​functional. Less​​secure​​features​​are​​disabled.

4. www.ConfigRouter.com Cookies​​are​​disabled.​​(Some​​websites​​do​​not​​work.) This​​is​​appropriate​​for​​sites​​that​​might​​have​​harmful​​content. Medium Browsing​​is​​safe​​and​​still​​functional. Prompts​​before​​downloading​​potential​​unsafe​​content. Unsigned​​ActiveX​​controls​​are​​not​​downloaded. This​​is​​appropriate​​for​​most​​Internet​​sites. Medium-low This​​is​​the​​same​​as​​Medium​​without​​prompts. Most​​content​​is​​run​​without​​prompts. Unsigned​​ActiveX​​controls​​are​​not​​downloaded. This​​is​​appropriate​​for​​sites​​on​​your​​local​​network​​(intranet). Low Minimal​​safeguards​​and​​warning​​prompts​​are​​provided. Most​​content​​is​​downloaded​​and​​run​​without​​prompts. All​​active​​content​​can​​run. Appropriate​​for​​sites​​that​​you​​absolutely​​trust. http://www.configrouter.com/network-security-faq-web-security-7451/ Q9.​​What​​is​​the​​difference​​between​​session​​cookies​​and​​persistent​​cookies? Answer:​​The​​difference​​between​​session​​cookies​​and​​persistent​​cookies​​is​​as​​follows: Session​​cookies​​This​​cookie​​is​​created​​when​​you​​visit​​an​​e-commerce​​website​​where​​you​​use​​a shopping​​cart​​to​​keep​​track​​of​​what​​you​​buy.​​After​​you​​check​​out​​of​​that​​website,​​the​​session cookie​​is​​deleted​​from​​your​​browser​​memory. Persistent​​cookies​​When​​you​​go​​to​​a​​website​​and​​you​​see​​a​​personalized​​welcome​​message, you​​know​​that​​you​​have​​a​​persistent​​cookie​​on​​your​​PC.​​These​​cookies​​contain​​information about​​you​​and​​your​​account.​​Often,​​this​​information​​is​​a​​key​​that​​is​​related​​only​​to​​a​​database with​​your​​profile. http://www.configrouter.com/network-security-faq-web-security-7451/ Q10.​​What​​is​​the​​best​​way​​to​​handle​​cookies? Answer:​​The​​best​​solution​​is​​to​​force​​all​​your​​cookies​​to​​be​​session​​cookies.​​You​​can​​do​​this​​by making​​the​​folder​​in​​which​​the​​cookies​​are​​stored​​read-only.​​Your​​browser​​can​​accept​​them​​but cannot​​save​​them​​to​​disk. http://www.configrouter.com/network-security-faq-web-security-7451/