I would add that cookies should be considered user defined input. Yes the web server usually sets the cookie but it's passed back to the server as a header and can be manipulated. I've seen several examples of folks reading data from a cookie like it's trusted data, it absolutely is not.
File Hashing already provides a layer of integrity right? So does code signing add an additional layer? Test wise if I'm asked to verify the source of an application is it better to answer with code signing as opposed to checking the hash? Hope I'm not misunderstanding anything, thanks!
Hey, I would like to create a youtube of Security + question to help people prepare for the test, are there any legal issues with doing so? I was thinking just a Q&A using multiple choice. Thanks for all the help!
I can’t express how much I appreciate you, good, sir
Prof. Messer is the best! this information is amazing. Loving the consolidated notes that are explained so well. Thank you PM
dont mind me. here brushing up on things before my first CS interview! thanks Messer!
Did you get the job?!
@Benson Dental Associates no I didn't. I'm still trying. I bombed the interview so I'm working on that
@@unholy7324 interviews are rough. I bombed one the other day. I’m sure you’ll do better next time
@@bensondentalassociates8690 thank you. My mentor told them it was a practice interview beforehand and didn't mention it to me.
What were some of the questions they asked? Id like to know so when im done studying, and i get my cert, ill know what to say during the interview.
I would add that cookies should be considered user defined input. Yes the web server usually sets the cookie but it's passed back to the server as a header and can be manipulated. I've seen several examples of folks reading data from a cookie like it's trusted data, it absolutely is not.
File Hashing already provides a layer of integrity right? So does code signing add an additional layer?
Test wise if I'm asked to verify the source of an application is it better to answer with code signing as opposed to checking the hash? Hope I'm not misunderstanding anything, thanks!
A digital signature adds non-repudiation.
Very helpful video.
Hey, I would like to create a youtube of Security + question to help people prepare for the test, are there any legal issues with doing so? I was thinking just a Q&A using multiple choice. Thanks for all the help!
Let me know when you do bro
The headers pic 😂