Cookies are stored in user browsers by websites and are typically used to track a single user or to retain the information needed between sessions. In this video, learn about the security and privacy risks associated with cookies and locally stored objects.
- [Instructor] You may already be familiar with web cookies.…These are small pieces of content…that can track users between website visits…and across different websites.…Understanding the uses of cookies…and how to move them from a system is a critical task…for privacy minded security administrators.…Cookies are stored in user browsers by websites…and are typically used to track a single user…or to retain information needed between web sessions.…There are some privacy risks associated with cookies.…
This is especially true when a cookie is used…to track activity across multiple websites.…The tracking might be theoretically anonymous…but as soon as you provide your name to just one…of the websites using the same tracking cookie,…you activity across all…of those websites becomes deanonymized.…This is a particular concern with cookies belonging…to advertising networks…that are used across a large number of sites.…Fortunately, the user has a high degree…of control over the use of cookies.…
Let's look at how you can control cookies in Google Chrome.…
Author
Mike Chapple
Released
5/11/2018Looking for study partners?
Join the CISSP Exam study groupPrepare for the Certified Information Systems Security Professional (CISSP) exam by bolstering your knowledge of software development security practices. In this course, follow Mike Chapple as he walks through each topic in the eighth domain of the CISSP exam—Software Development Security. He covers the software development lifecycle and common software security issues, such as cookies, session hijacking, and code execution attacks. Mike also discusses secure coding practices and software security assessment.
This course—along with the others in this nine-part series—prepare you for the CISSP exam and provide you with a solid foundation for a career in information security.
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Software development methodologies
- Operation, maintenance, and change management
- DevOps
- Cross-site scripting
- Preventing SQL injection
- Overflow attacks
- Malicious add-ons
- Secure coding practices
- Code signing
- Risk analysis and mitigation
- Software testing
- Acquired software
Skill Level Advanced
Duration
Views
-
Introduction
-
Welcome2m 50s
-
Application security4m 16s
-
-
1. Software Development Lifecycle
-
Development methodologies6m 17s
-
Maturity models3m 34s
-
DevOps4m 5s
-
-
2. Software Security Issues
-
Preventing SQL injection5m 13s
-
Privilege escalation2m 14s
-
Directory traversal3m 16s
-
Overflow attacks3m 16s
-
Cookies3m 40s
-
Session hijacking3m 47s
-
Malicious add-ons2m 47s
-
Code execution attacks3m 2s
-
3. Secure Coding Practices
-
Error and exception handling3m 52s
-
Code repositories6m 28s
-
Third-party code4m 49s
-
Code signing2m 53s
-
-
4. Software Security Assessment
-
Risk analysis and mitigation3m 43s
-
Software testing3m 10s
-
Acquired software3m 7s
-
-
Conclusion
-
What's next?1m 26s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Cookies