security study guide

20165214 2018-2017-1 "Information Security system Design Fundamentals" The third week study summary of learning Contents1. In fact, the GCC command invokes a series of programs that convert the source code into executable code.2, the actual realization of the memory system is to combine multiple hardware memory and operating system software.3. ISA: Instruction set architecture, which defines the state of th

2018-2019-1 20165228 "The foundation of Information security system design" The second week study summary textbook learning content Summary information = bit + context Unsigned encoding: Represents a number greater than or equal to zero based on the traditional binary notation Complement coding: represents the most common way to sign a certificate, a number that can be expressed or positive or negativ

20145216 Shi Yao "The basis of information security system Design" 6th week Study Summary teaching contents summary Fourth Processor architecture first section Y86 instruction set architectureFirst, the programmer visible State1. Meaning: Each instruction will read or modify some parts of the processor state2. "Programmer": it can be the person who writes the program with assembly code, or it can be a compi

also have access rights division. Instead of adding a if-else when you want to access the data inside the code, it should be blocked out before the call has started.Second, a program that must be networked to use, why not data access, core business logic is placed on the remote server, exposing the interface to the client call it? There is only one reason why the programmer is too lazy. I am the WinForm, you want me to do what service side, not! Even the basic hierarchy and service division are

The purpose of this article is to summarize some things, solve the problem in the process of trying to construct a vulnerability database, that is how to classify the computer network vulnerabilities. Some of the ideas in this article are not mature, some even themselves are not satisfied with the right to make a point, in order to have in-depth research in this respect tongren exchanges, and improve the common. A computer network security vulnerabili

Information Security System Design Foundation Fourth Week study summaryLearning tasks: Textbook Chapter IIIDuration of study: 10 hoursLearning content First, the textbook knowledge carding1. Program coding and machine-level code　　Program Code :gcc compiler, converting source code into executable code, c preprocessor-assembler-linker　　machine-Level code :The

20145321 "The basis of information security system Design" 7th Week study summary textbook study content summary sixth chapterA memory system is a hierarchical structure of storage devices with different capacities, costs, and access times.6.1 Storage TechnologyThree common storage technologies: ram/rom/disk(1) Random access memory RAM There are two cate

20145216 Shi Yao "Information Security system Design Fundamentals" Seventh week Study summary teaching Contents summary Sixth chapter memory hierarchyA memory system is a hierarchical structure of storage devices with different capacities, costs, and access times.CPU registers, cache memory, primary storage, disk.The first section of storage technologyOne, random access memory (RAM)1.RAM classification:

and the number of cylinders in a disk is generally the same relationship? Because in the exercise, they are replaced directly with each other.Problem two, the simple way to estimate disk access time is to take the seek time by 2, but in exercise 6.3, so that the results of 16ms and the actual result 10ms difference is very large?Harvest and experience:This time the homework is completed the longest time, spent three days, finally read the book carefully, the exercise. After finishing this, I ha

, and easy standard for the authorization of user resources. Unlike previous licensing methods , OAuth 's authorization does not allow a third party to touch the user's account information (such as a user name and password), which means that the third party can request authorization for the user's resources without using the user's username and password, so OAuth is secure. Features: (1). simple: both OAUTH service providers and application developers are easy to understand and use;(2).

2018-2019-1 20165329 "Information Security system Design Fundamentals" 4th Week Study SummarySummary of learning contents of textbook Y86-64 directive: The y86-64 instruction is a subset of the x86-84 instruction set. It includes only 8-byte integer operations. There are 4 integer operations directives: ADDQ, SUBQ, ANDQ, and Xorq. There are 7 jump commands: jmp, Jle, JL, je, jne, Jge, and JG. There are

2018-2019-1 20165333 "Information Security system Design Fundamentals" Third Week study summarySummary of learning contents of textbookThe machine-level representation of the program:Two important abstractions of computer systemsISA (Instruction set architecture): Instruction set architecture, machine-level program format and behavior. Defines the format of the processor status directives and the effect of

2018-2019-1 20165210 "Information Security system Design Fundamentals" 4th Week study summary Textbook Learning content Summary ISA Concept: The byte-level encoding of a processor-supported instruction and instruction is called its instruction set architecture Isa.While the processor performance and complexity of each manufacturer is increasing, the different models remain compatible at the IS

2018-2019-1 20165336 "Information Security system Design Fundamentals" Fourth week study summary 1. The knowledge points learned in the textbook The states that are visible to programmers (assembler programmers, compilers, and so on) in y86-64 include program registers, condition codes, program states, program counters (PCS), memory Y86-64 15 Program registers are%eax%ecx%edx%ebx%esp%ebp%esi%eadi ZF S

Information Security System Design Foundation 14th Week study Summary"Learning Time: 5 hours""Learning content: The Nineth chapter--Virtual Memory"I. Textbook content carding 1. Virtual memory Role: The main memory is considered as a cache of the address space stored on disk, only the active area is protected in main memory, and the data is transmitted back and forth between the disk and mai

Information Security System Design Foundation 14th Week study Summary"Learning Time: 7 hours""Learning content: chapter9--virtual Memory"First, the content of the textbook Understanding (Personal Understanding section with "" marked) 1. Virtual Storage (VM) function : The main memory is considered as a cache of the address space stored on disk, only the active area is protected in main m

20145317 "Information Security system Design Fundamentals" 7th Week study summary 1 Textbook Learning content SummaryBasic storage technology: SRAM memory DRAM memory ROM memory rotary hard drive SSD1. Storage TechnologyThree common storage technologies: ram/rom/disk( 1 ) random access memory RAM Two categories: Static RAM (SRAM) and dynamic RAM (DRAM) Static RAM (SRAM) is faster, but much more

20145331 "The basis of information security system Design" 9th Week Study Summary Textbook learning Contents 10.1 Unix I/OAll I/O devices in Unix are modeled as files, and all inputs and outputs are executed as read and write to the corresponding file.10.2 Open Close File1. Open File:int open(char *filename, int flags,mode_t mode);Where the first parameter in parentheses is a file name, the second parameter

corresponding to the session Url jsession session Id session for this customer Session session Id this Session ID will be returned to the client in this response to save. Save Session ID in several ways :q Save The Session ID can be in the form of a Cookie, so that during theinteraction the browser can automatically follow the rules to send this identity to the server. q because of the cookie can be artificially banned, There must be other mechanisms in place to cookie A technique th

method is not very practical. if (top!==window)Top.location = window.location.href;ClickJacking is a visual deception, so how to defend it? For traditional ClickJacking, it is generally forbidden to avoid cross-domain iframe5.6.2 X-frame-optionsadd x-frame-options sameorigin to the header. It has three optional values:q DENYq Sameoriginq Allow-from originDuty is Deny , the browser rejects the current page to load any frame page, and if the value is Sameorigin, the address of the frame pag