Uncategorized pages

From Guidance Share

Jump to: navigation, search

Showing below up to 500 results starting with #1.
View (previous 500) (next 500) (20 | 50 | 100 | 250 | 500).

  1. .NET Framework 1.1 Performance
  2. .NET Framework 1.1 Performance Guidelines - Working Set
  3. .NET Framework 1.1 Security
  4. .NET Framework 2.0 Performance
  5. .NET Framework 2.0 Security
  6. ADO.NET 1.1 Performance
  7. ADO.NET 1.1 Security
  8. ADO.NET 2.0 Performance
  9. ADO.NET 2.0 Security
  10. ASP.NET 1.1 Performance
  11. ASP.NET 1.1 Performance Checklist
  12. ASP.NET 1.1 Security
  13. ASP.NET 1.1 Security Application Scenarios
  14. ASP.NET 1.1 Security Guidelines - Cross-Site Scripting
  15. ASP.NET 1.1 Security Guidelines - Impersonation
  16. ASP.NET 1.1 Security Whiteboard Solutions
  17. ASP.NET 2.0 Code Examples
  18. ASP.NET 2.0 Intranet - Windows Auth to AD Groups
  19. ASP.NET 2.0 Performance
  20. ASP.NET 2.0 Performance Inspection Questions - Data Binding
  21. ASP.NET 2.0 Security
  22. ASP.NET 2.0 Security Application Scenarios
  23. ASP.NET 2.0 Security FAQs
  24. ASP.NET 2.0 Security Practices - Auditing and Logging
  25. ASP.NET 2.0 Security Practices - Authentication
  26. ASP.NET 2.0 Security Practices - Authorization
  27. ASP.NET 2.0 Security Practices - Code Access Security
  28. ASP.NET 2.0 Security Practices - Configuration
  29. ASP.NET 2.0 Security Practices - Data Access
  30. ASP.NET 2.0 Security Practices - Exception Management
  31. ASP.NET 2.0 Security Practices - Impersonation and Delegation
  32. ASP.NET 2.0 Security Practices - Input and Data Validation
  33. ASP.NET 2.0 Security Practices - Secure Communication
  34. ASP.NET 2.0 Security Practices - Sensitive Data
  35. ASP.NET 2.0 Security Questions and Answers
  36. ASP.NET 2.0 Security Questions and Answers - Authentication
  37. ASP.NET 2.0 Security Questions and Answers - Configuration
  38. ASP.NET 2.0 Security Questions and Answers - Impersonation / Delegation
  39. ASP.NET 2.0 Security Questions and Answers - Others
  40. ASP.NET 2.0 Security Whiteboard Solutions
  41. About
  42. About This Site
  43. Actors, Personas, and Roles
  44. Agile Architecture Method
  45. Agile Architecture Method Explained
  46. Agile Architecture Method Explained - Chapter 1 - Agile Architecture Method
  47. Agile Architecture Method Explained - Chapter 2 - Step 1: Identify Architecture Objectives
  48. Agile Architecture Method Explained - Chapter 3 - Step 2: Identify Key Scenarios
  49. Agile Architecture Method Explained - Chapter 4 - Step 3: Application Overview
  50. Agile Architecture Method Explained - Chapter 5 - Step 4: Key Hot Spots
  51. Agile Architecture Method Explained - Chapter 6 - Step 5: Candidate Solutions
  52. Agile Architecture Method Explained - Chapter 7 - Reviewing Your Architecture
  53. Agile Architecture Method Explained - Chapter 8 - Communicating Your Architecture
  54. Agile Architecture Method Explained - Introduction
  55. Application Architecture Guide
  56. Application Architecture Guide - Architecture and Design Solutions At a Glance
  57. Application Architecture Guide - Chapter 10 - Presentation Layer Guidelines
  58. Application Architecture Guide - Chapter 11 - Business Layer Guidelines
  59. Application Architecture Guide - Chapter 12 - Data Access Layer Guidelines
  60. Application Architecture Guide - Chapter 13 - Service Layer Guidelines
  61. Application Architecture Guide - Chapter 14 - Application Archetypes
  62. Application Architecture Guide - Chapter 15 - Web Applications
  63. Application Architecture Guide - Chapter 16 - Rich Internet Applications (RIA)
  64. Application Architecture Guide - Chapter 17 - Rich Client Applications
  65. Application Architecture Guide - Chapter 18 - Services
  66. Application Architecture Guide - Chapter 19 - Mobile Applications
  67. Application Architecture Guide - Chapter 1 - Fundamentals of Application Architecture
  68. Application Architecture Guide - Chapter 20 - Office Business Applications (OBA)
  69. Application Architecture Guide - Chapter 21 - SharePoint Line-Of-Business (LOB) Applications
  70. Application Architecture Guide - Chapter 2 - .NET Platform Overview
  71. Application Architecture Guide - Chapter 3 - Architecture and Design Guidelines
  72. Application Architecture Guide - Chapter 4 - Designing Your Architectures
  73. Application Architecture Guide - Chapter 5 - Deployment Patterns
  74. Application Architecture Guide - Chapter 6 - Architectural Styles
  75. Application Architecture Guide - Chapter 7 - Quality Attributes
  76. Application Architecture Guide - Chapter 8 - Communication Guidelines
  77. Application Architecture Guide - Chapter 9 - Layers and Tiers
  78. Application Architecture Guide - Cheat Sheet - Data Access Technology Matrix
  79. Application Architecture Guide - Cheat Sheet - Integration Technology Matrix
  80. Application Architecture Guide - Cheat Sheet - Presentation Technology Matrix
  81. Application Architecture Guide - Cheat Sheet - Workflow Technology Matrix
  82. Application Architecture Guide - Cheat Sheet - patterns
  83. Application Architecture Guide - Cheat Sheet - patterns & practices Pattern Catalog
  84. Application Architecture Guide - Fast Track
  85. Application Architecture Guide - Foreword by S. Somasegar
  86. Application Architecture Guide - Foreword by Scott Guthrie
  87. Application Architecture Guided - Introduction
  88. Application Vulnerability Categories
  89. Architecture
  90. Architecture Frame
  91. Architecture and Design Checklist
  92. Assume all input is malicious.
  93. Attack Pattern Template
  94. Attack Patterns
  95. Attack Template
  96. Attacks
  97. Audit and log access across application tiers.
  98. Auditing and Logging
  99. Auditing and Logging Vulnerabilities
  100. Authentication
  101. Authentication, Authorization and Trust
  102. Authentication, Authorization and Trust Vulnerabilities
  103. Authentication Vulnerabilities
  104. Authorization
  105. Authorization Vulnerabilities
  106. Avoid plain text passwords in configuration files
  107. Avoid storing secrets in the Local Security Authority (LSA).
  108. Avoid storing sensitive data in view state
  109. Back up and analyze log files regularly.
  110. Be able to disable accounts.
  111. Be careful with canonicalization issues.
  112. Buffer Overflow
  113. Buffer Overflow Attack
  114. Buffer Underwrite
  115. Build Scenario Frame
  116. Business Layer Design Checklist
  117. Can impersonation be used with Forms authentication?
  118. Canonicalization Attack
  119. Capture-Replay
  120. Case Studies
  121. Catch exceptions.
  122. Centralize your approach.
  123. Chapter 10 – Quantifying End-User Response Time Goals
  124. Chapter 11 – Consolidating Various Types of Performance Acceptance Criteria
  125. Chapter 12 – Modeling Application Usage
  126. Chapter 13 – Determining Individual User Data and Variances
  127. Chapter 14 – Test Execution
  128. Chapter 15 – Key Mathematic Principles for Performance Testers
  129. Chapter 16 – Performance Test Reporting Fundamentals
  130. Chapter 17 – Load-Testing Web Applications
  131. Chapter 18 – Stress-Testing Web Applications
  132. Chapter 1 – Fundamentals of Web Application Performance Testing
  133. Chapter 2 – Types of Performance Testing
  134. Chapter 3 – Risks Addressed Through Performance Testing
  135. Chapter 4 – Web Application Performance Testing Core Activities
  136. Chapter 5 – Coordinating Performance Testing with an Iteration-Based Process
  137. Chapter 6 – Managing an Agile Performance Test Cycle
  138. Chapter 7 – Managing the Performance Test Cycle in a Regulated (CMMI) Environment
  139. Chapter 8 – Evaluating Systems to Increase Performance-Testing Effectiveness
  140. Chapter 9 – Determining Performance Testing Objectives
  141. Checklist Item Template
  142. Chosen Plaintext Attack
  143. Client Side Validation
  144. Client Side Validation Vulnerabilities
  145. Code Access Security (.NET 1.1) Security
  146. Code Example Template
  147. Code Examples
  148. Code Vulnerability Categories
  149. Command Injection
  150. Communication Design Checklist
  151. Communications Security
  152. Communications Security Vulnerabilities
  153. Comparing Classes by Name
  154. Configuration Management
  155. Configuration Management Vulnerabilities
  156. Connect using a least privileged account
  157. Connection string management
  158. Consider authorization granularity
  159. Consider authorization granularity.
  160. Consider identity flow.
  161. Consider the identity that is used for resource access
  162. Constrain, Then Sanitize
  163. Constrain, reject, and sanitize your input.
  164. Constrain input
  165. Countermeasures
  166. Covert Storage Channel
  167. Covert Timing Channel
  168. Create application specific event source
  169. Credentials Brute Force Attack
  170. Cross-site Scripting
  171. Cross Site Scripting Attack
  172. Cryptography
  173. Cryptography Vulnerabilities
  174. Cryptography and Secrets
  175. Cryptography and Secrets Vulnerabilities
  176. Data Layer Design Checklist
  177. Data privacy and integrity on the network
  178. Deletion of Data-structure Sentinel
  179. Denial of Service Attack
  180. Deserialization of Untrusted Data
  181. Do I need to create a unique user account for each application pool?
  182. Do not cache sensitive data
  183. Do not develop your own cryptography.
  184. Do not leak information to the client.
  185. Do not mix session tokens and authentication tokens
  186. Do not pass sensitive data from page to page
  187. Do not pass sensitive data using the HTTP-GET protocol.
  188. Do not rely on client-side state management options
  189. Do not rely on client-side validation.
  190. Do not send passwords over the wire in plaintext.
  191. Do not store database connections, passwords, or keys in plaintext.
  192. Do not store passwords in user stores.
  193. Do not store secrets if you can avoid it.
  194. Do not store secrets in code.
  195. Do not store sensitive data in persistent cookies.
  196. Do not trust HTTP header information.
  197. Does the code centralize its approach?
  198. Does the code use protection="All"
  199. Does the code use the right algorithm with an adequate key size?
  200. Doubly Freeing Memory
  201. Encode Output
  202. Encrypt sensitive cookie state.
  203. Encrypt sensitive data if you need to store it
  204. Encrypt the contents of the authentication cookies.
  205. Encrypt the data or secure the communication channel.
  206. Engineering Practices
  207. Engineering Practices Frame
  208. Engineering Practices Overview
  209. Engineering Practices Project
  210. Ensure database connections are always closed
  211. Enterprise Services (.NET 1.1) Performance
  212. Enterprise Services (.NET 1.1) Security
  213. Exception Gatekeeper
  214. Exception Management
  215. Exception Management Vulnerabilities
  216. FAQs
  217. Fail securely
  218. Failure of TRNG
  219. Failure to Add Integrity Check Value
  220. Failure to Check Integrity Check Value
  221. Failure to Check Whether Privileges Were Dropped
  222. Failure to Check for Certificate Revocation
  223. Failure to Drop Privileges When Reasonable
  224. Failure to Encrypt Data
  225. Failure to Follow Chain of Trust in Certificate Validation
  226. Failure to Protect Class Data with Accessors
  227. Failure to Validate Certificate Expiration
  228. Failure to Validate Host-Specific Certificate Data
  229. Feedback
  230. Firewall restrictions
  231. Focus Centers
  232. Forceful Browsing Attack
  233. Foreword By Alberto Savoia
  234. Foreword By Rico Mariani
  235. Format String
  236. Format String Attack
  237. Glossary
  238. Guidance
  239. Guidance Engineering
  240. Guidance Overview
  241. Guideline Item Template
  242. HTTP Replay Attack
  243. Heap Overflow
  244. Home Page 10
  245. Home Page 11
  246. Home Page 12
  247. Home Page 13
  248. Home Page 14
  249. Home Page 15
  250. Home Page 16
  251. Home Page 17
  252. Home Page 18
  253. Home Page 19
  254. Home Page 2
  255. Home Page 20
  256. Home Page 21
  257. Home Page 22
  258. Home Page 23
  259. Home Page 24
  260. Home Page 25
  261. Home Page 3
  262. Home Page 4
  263. Home Page 5
  264. Home Page 6
  265. Home Page 7
  266. Home Page 8
  267. Home Page 9
  268. Home Page Archive 1
  269. How To: Perform a Security Code Review Review for Managed Code (Baseline Technique)
  270. How To Recognize Stack Overflow Vulnerabilities
  271. How To Template
  272. How can I retain impersonation in the new thread created from ASP.NET application?
  273. How do I Sign .Net assemblies with Authenticode signature?
  274. How do I cache roles in ASP.NET 2.0?
  275. How do I configure account lockout using membership feature in ASP.Net 2.0?
  276. How do I create a custom trust level for ASP.NET?
  277. How do I create a service account for running my ASP.NET applications?
  278. How do I decide my Authentication strategy in ASP.NET?
  279. How do I delay sign an ASP.NET application assembly?
  280. How do I enable Forms Authentication to work with multiple Active Directory domains?
  281. How do I enable my ASP.NET application to write to new event source?
  282. How do I encrypt sensitive data in machine.config or web.config file?
  283. How do I enforce strong passwords using membership feature in ASP.NET 2.0
  284. How do I flow the original user identity to different layers?
  285. How do I handle exceptions securely?
  286. How do I impersonate a specific (fixed) identity?
  287. How do I impersonate the original caller?
  288. How do I implement single sign on using forms authentication?
  289. How do I instrument my application for security?
  290. How do I lock authorization settings?
  291. How do I lock configuration settings?
  292. How do I pre-compile my ASP.NET application?
  293. How do I prevent detailed errors from returning to the client?
  294. How do I protect Forms Authentication?
  295. How do I protect audit and log files?
  296. How do I protect authorization cookie when using role caching in ASP.NET 2.0?
  297. How do I protect my web application's ViewState?
  298. How do I protect passwords?
  299. How do I protect passwords in user store?
  300. How do I protect sensitive data in configuration files?
  301. How do I protect sensitive data in memory?
  302. How do I protect sensitive data in the database?
  303. How do I protect the database connection strings in web.config file?
  304. How do I run an ASP.NET application with a particular identity?
  305. How do I secure Session State information?
  306. How do I set up a SQL Server or SQL Express database for Membership, Profiles and Role Management?
  307. How do I setup a global exception handler for my application?
  308. How do I strong-name an ASP.NET application assembly?
  309. How do I strong name an ASP.NET application?
  310. How do I temporarily impersonate the original caller?
  311. How do I use File Authorization in ASP.NET 2.0?
  312. How do I use Forms Authentication with Active Directory?
  313. How do I use Forms Authentication with SQL Server database?
  314. How do I use RoleManager in my application?
  315. How do I use Role Authorization in ASP.NET 2.0?
  316. How do I use SQL authentication for connecting to SQL server?
  317. How do I use URL Authorization in ASP.NET 2.0?
  318. How do I use Windows Groups for role authorization in ASP.NET 2.0?
  319. How do I use code access security with ASP.NET?
  320. How do I use my custom role store for roles authorization?
  321. How do I use my custom user / identity store with forms authentication?
  322. How do I use programmatic impersonation?
  323. How do I use structured exception handling?
  324. How do I use the Health monitoring feature in ASP.NET 2.0?
  325. How do I use windows authentication for connecting to SQL server?
  326. How do I validate input in HTML controls, QueryString, cookies, and HTTP headers?
  327. How do I validate input in server-side controls?
  328. How do I write partial trust applications?
  329. How is the AuthorizationStoreRoleProvider different from Authorization Manager APIs?
  330. How should I prevent someone from disassembling code?
  331. Ignored Function Return Value
  332. Impersonate original caller only when required
  333. Implement page-level or application-level error handlers
  334. Improper Pointer Subtraction
  335. Improper String Length Checking
  336. Info Disclosure Through Data Queries
  337. Info Disclosure Through Error Messages
  338. Input Validation
  339. Input Validation Vulnerabilities
  340. Input and Data Validation
  341. Input and Data Validation Vulnerabilities
  342. Inspection Center
  343. Install URLScan on your Web server
  344. Insufficient Entropy in PRNG
  345. Integer Overflow
  346. Integer Overflow Attack
  347. Internet Facing Bank Application
  348. Interop (.NET 1.1) Performance
  349. Invoking Untrusted Mobile Code
  350. J.D. Meier
  351. Keep unencrypted data close to the algorithm.
  352. Key Exchange Without Entity Authentication
  353. Knowledge Base
  354. LDAP Injection Attack
  355. Language Feature Misuse Vulnerabilities
  356. Large Software Development Shop Security Engineering Team
  357. Limit session lifetime.
  358. Log detailed error messages.
  359. Log key events.
  360. Logic Errors
  361. Logic Errors Vulnerabilities
  362. Login account configuration
  363. Logon auditing
  364. Main Page
  365. Maintain sensitive data on the server
  366. Maintain separate administration privileges.
  367. Make sure that users do not bypass your checks.
  368. Man in the Middle Attack
  369. Memory
  370. Memory Vulnerabilities
  371. Miscalculated Null Termination
  372. Missing Parameter
  373. Misuse of Language Features
  374. Mobile Application Design Checklist
  375. Network Eavesdropping Attack
  376. News and Highlights
  377. Non-cryptographic PRNG
  378. Not Allowing Password Aging
  379. Not Using a Random IV with CBC Mode
  380. Null Pointer Dereference
  381. One-click Attack
  382. Overlays
  383. Partition your Web site
  384. Passing Mutable Objects to an Untrusted Method
  385. Password Dictionary Attack
  386. Performance
  387. Performance At a Glance
  388. Performance Cheat Sheets
  389. Performance Checklists
  390. Performance Conceptual Framework
  391. Performance Explained
  392. Performance Guidelines
  393. Performance How Tos
  394. Performance Inspection Questions
  395. Performance Inspections
  396. Performance Methodologies
  397. Performance Modeling
  398. Performance Practices
  399. Performance Principles
  400. Performance Techniques
  401. Performance Testing
  402. Performance Testing Glossary
  403. Performance Testing Guidance for Web Applications
  404. Personas
  405. Personas at patterns & practices
  406. Personas at patterns and practices
  407. Place Web controls and user controls in separate assemblies
  408. Place resource access code in a separate assembly
  409. Portal:Security/box-footer
  410. Portal:Security/box-header
  411. Portal:Topic/box-footer
  412. Portal:Topic/box-header
  413. Prescriptive Guidance
  414. Presentation Layer Design Checklist
  415. Principles
  416. Project Management Scenario Frame
  417. Protect authentication cookies.
  418. Protect credentials and authentication tickets
  419. Protect log files.
  420. Protect sensitive data in storage
  421. Protect sensitive data over the wire
  422. Protect session state from unauthorized access.
  423. Protect the credentials for SQL authentication
  424. Protect view state with MACs
  425. Protect your administration interfaces.
  426. Protect your configuration store.
  427. Protect your encryption keys.
  428. Questions and Answers
  429. Race Condition in Checking for Certificate Revocation
  430. Race Condition in Signal Handler
  431. Race Condition in Switch
  432. Race Condition in Thread
  433. Race Condition in Time of Check, Time of Use
  434. Range
  435. Range Vulnerabilities
  436. Reflection Attack in an Authentication Protocol
  437. Remoting (.NET 1.1) Performance
  438. Remoting (.NET 1.1) Performance Guidelines - DataSets and Remoting
  439. Remoting (.NET 1.1) Security
  440. Reporting Scenario Frame
  441. Repudiation Attack
  442. Require authentication for sensitive pages
  443. Require strong passwords.
  444. Resources Index
  445. Response Splitting Attack
  446. Restrict the application in the database
  447. Restrict unauthorized callers
  448. Restrict unauthorized code
  449. Restrict user access to system-level resources.
  450. Retrieve sensitive data on demand.
  451. Return generic error pages to the client
  452. Returning Mutable Object to an Untrusted Method
  453. Reusing a Nonce, Key Pair in Encryption
  454. Rich Client Design Checklist
  455. Rich Internet Application (RIA) Design Checklist
  456. SQL Injection
  457. SQL Injection Attack
  458. Sanitize Input
  459. Scenario Frames
  460. Secure UDL files with restricted ACLs
  461. Secure restricted pages with SSL
  462. Secure sensitive data over the network
  463. Secure the authentication cookie
  464. Secure the session data
  465. Secure your connection strings
  466. Security
  467. Security3
  468. Security Application Scenarios
  469. Security At a Glances
  470. Security Case Studies
  471. Security Cheat Sheets
  472. Security Checklists
  473. Security Code Inspection
  474. Security Deployment Inspection
  475. Security Design Guidelines
  476. Security Design Inspection
  477. Security Design Patterns
  478. Security Design Principles - Auditing and Logging
  479. Security Design Principles - Authorization
  480. Security Design Principles - Cryptography
  481. Security Engineering Explained
  482. Security Engineering Explained - Chapter 1 - Security Engineering Approach
  483. Security Engineering Explained - Chapter 2 - Security Objectives
  484. Security Engineering Explained - Chapter 3 - Security Design Guidelines
  485. Security Engineering Explained - Chapter 4 - Threat Modeling
  486. Security Engineering Explained - Chapter 5 - Security Architecture and Design Review
  487. Security Engineering Explained - Chapter 6 - Security Code Review
  488. Security Engineering Explained - Chapter 7 - Security Deployment Review
  489. Security Engineering Explained - Introduction
  490. Security Engineering Ramp Up Training
  491. Security Explained
  492. Security Guidelines
  493. Security How Tos
  494. Security Implementation Patterns
  495. Security Inspection Questions
  496. Security Inspections
  497. Security Methodologies
  498. Security Objectives
  499. Security Patterns
  500. Security Practices

View (previous 500) (next 500) (20 | 50 | 100 | 250 | 500).

Retrieved from "http://guidanceshare.com/wiki/Special:Uncategorizedpages"
Views
Personal tools