Browser add-ons provide third-party developers with the ability to customize the browsing experience by adding functionality. In this video, learn about the security risks associated with malicious browser add-ons.
- [Instructor] Browser add-ons or extensions…are a valuable way to add functionality for web users,…but they can also turn malicious.…Let's take a look at how add-ons and extensions work,…and what security risks they pose.…Browser add-ons provide third party developers…with the ability to customize the browsing experience…by adding functionality to the browser.…Some examples of this include adding email…functionality to a web-based email system,…such as returning messages to the inbox…after a specified period of time.…
Extensions might also post pages…to social media websites, manage passwords,…or run video conferences for you.…There are, however, some security risks…inherent with browser add-ons.…First, you might not know who wrote the code.…A malicious author might embed Trojan…horses within a browser extension.…Second, the permissions granted to an extension…may be overly broad, giving third parties…access to your personal information.…Let's take a look at how you can…manage browser extensions in Chrome.…
We'll pull down the Chrome menu…
This course—along with the others in this nine-part series—prepare you for the CISSP exam and provide you with a solid foundation for a career in information security.
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Software development methodologies
- Operation, maintenance, and change management
- Cross-site scripting
- Preventing SQL injection
- Overflow attacks
- Malicious add-ons
- Secure coding practices
- Code signing
- Risk analysis and mitigation
- Software testing
- Acquired software