Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
39 Cards in this Set
- Front
- Back
|
How do you prevent other from reading data that is transmitted over the internet |
Using SSL secure sockets Layer |
|
|
How do you determine if you are transmitting data over a secure connection. |
Lock |
|
|
What is the process that SSL uses? How does it encrypt and decrypt data. |
With SSL, the browser encrypts all data that’s sent to the server and decrypts all data that’s received from the server. Conversely, the server encrypts all data that’s sent to the browser and decrypts all data that’s received from the browser.
|
|
|
Is SSL able to determine is data was tampered with during transit? |
Yes. |
|
|
What does the URL start with with secure connection. |
The URL for a secure connection starts with HTTPS instead of HTTP.
|
|
|
How do you test an application that uses SSL |
To test an application that uses SSL, you must run the application under IIS or IIS Express.
|
|
|
What else is in the web browser to show that there is a secure connection |
A lock |
|
|
What is assigned when an application under ISS Express is running on the local server? |
When you create an application that runs under IIS Express, it’s assigned a port number on the local server.
|
|
|
Where can you see this port number when you run the application? |
You can see this port number in the address bar after the localhost keyword when you run the application.
|
|
|
What must you create to use SSL with an application. |
To use SSL with an application that runs under IIS Express, you need to create a binding for the HTTPS protocol for the application.
|
|
|
How do you create the binding for the HTTPS protocol |
To do that, you simply set the SSL Enabled property of the project to True.
|
|
|
When you use SSL , what is used to authenticate IIS Express |
When you use SSL with IIS Express, a test certificate is used to authenti- cate IIS Express. This certificate is installed along with Visual Studio and IIS Express. When y
|
|
|
What is needed when you deploy and application to a production server? |
When you deploy an application to a production server, though, you’ll need to use a digital secure certificate.
|
|
|
What is the purpose of digital certificates |
Digital secure certificates serve two purposes. First, they establish the identity of the server or client. Second, they provide the information needed to encrypt data before it’s transmitted.
|
|
|
What happens if a browser doesn't recognize a certificate. |
If a browser doesn’t recognize a certificate as coming from a trusted source, however, it informs the user and lets the user view the certificate.
|
|
|
What is SSL client authentication. Provide an example.
|
A bank might want to use SSL client authentica- tion to make sure it’s sending sensitive information such as account numbers and balances to the correct person.
|
|
|
How is SSL client authentication |
To implement this type of authentication, a digital secure certificate must be installed on the client..
|
|
|
What must you obtain to use a SSL secure client connections. |
If you want to develop an ASP.NET application that uses SSL to secure client connections, you must first obtain a digital secure certificate from a trusted source such as those listed in this figure.
|
|
|
Again, what are the two types of digital certificate. |
|
|
|
What is SSL strength. What does a longer key mean. |
SSL strength refers to the length of the generated key that is created during the encryption process. The longer the key, the more difficult it is to break the encryp- tion code
|
|
|
SSL strength depends on what three factors? |
|
|
|
How do you request and install certificates. |
You can use the IIS Management Console to request and install certificates. To display this console, click the System and Security link in the Control Panel, followed by the Administrative Tools link. Then, double-click on Internet Information Services (IIS) Manage
|
|
|
How do you request a connection for an ASP.net application |
To do that, you execute a Response.Redirect method with the URL for the HTTPS protocol
|
|
|
What type of URL must you use for HTTPS? |
To request a secure connection using HTTPS, you must use an absolute URL. If you’re using IIS Express, that means that the URL must include the domain name and the port number for the HTTPS binding.
|
|
|
What must the URL include (IIS Express) |
If you’re using IIS Express, that means that the URL must include the domain name and the port number for the HTTPS binding.
|
|
|
Rather than coding the domain name and port number into each URL, you may want to store this information in the
|
web.config file
|
|
|
A web.config file that defines secure and unsecure path settings
|
<?xml version= "1.0"?> <configuration> <appSettings> <add key ="SecureAppPath" value="//localhost:44300/" /> add key ="UnsecureAppPath" value="//localhost:49565/"> </appSettings> |
|
|
Code that retrieves the secure application path from the web.config file
|
string url = "https:" + ConfigurationManager.AppSettings["SecureAppPath"] + "CheckOut1.aspx"; Response.Redirect(url);
|
|
|
Code that returns to an unsecured connection
|
string url = "http:" + ConfigurationManager.AppSettings["UnSecureAppPath"] + "Order.aspx"; Response.Redirect(url);
|
|
|
How do you request a secure connection |
To request a secure connection, you must use an absolute URL that specifies HTTPS as the protocol. Once you establish a secure connection, you can use rela- tive URLs to continue using the secure connection
|
|
|
How do you return an unsecured connection |
To return to an unsecured connection after using a secure connection, you must code an absolute URL that specifies the HTTP protocol.
|
|
|
Instead of coding the application’s path into each URL, what can you do
|
You can store secure and unsecure paths in the appSettings section of the web.config file.
|
|
|
|
AppSettings property
|
|
|
What is displayed in a browser before a secure connection is established or closed. |
Depending on the security settings in your browser, a dialog box may be displayed before a secure connection is established or before a secure connection is closed.
|
|
|
How do I make sure the page is operating on a secure connection |
check the IsSecureConnection property of the HttpRequest object in its Load event handler.
|
|
|
If the page is not using a secure connection what should it do. |
If the page isn’t using a secure connection, it should switch to a secure connection to protect the privacy of the user’s data. To do that, it can replace the unsecure application path with a secure application path.
|
|
|
What are the properties of the HttpRequest |
1. IsSecureConnection- Returns true if the current connection is secure. Otherwise it returns False 2. Url - The URL of the current request. |
|
|
A Page_Load method that forces the page to use a secure connection
|
|
|
|
If your application is using a server other than IIS Express, you can switch to a secure connection by? |
If your application is using a server other than IIS Express, you can switch to a secure connection by replacing the HTTP protocol in the URL to HTTPS and then redirecting the browser to the new URL.
|
