From the course: CompTIA CySA+ (CS0-002) Cert Prep: 4 Software and Systems Security
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Error and exception handling
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 4 Software and Systems Security
Error and exception handling
- [Instructor] Many security issues occur when software acts in an unexpected manner in response to invalid user input or another error situation. For this reason, appropriately handling errors is a critical component of software security. Software is designed to perform orderly transitions between different states. For example, let's consider a very simple software program that is designed to calculate the sales tax on a retail purchase. The software might sit at an input screen waiting for the user to input the purchase amount. Once it receives that input, it calculates the transaction's tax, and then moves into a display mode where it displays the tax amount to the user. The user can then press a new transaction button to enter another transaction amount. You might view this as three different states in the software. The first one is a waiting input. Once the user provides the input, it moves to the calculating tax…
Contents
-
-
-
-
-
(Locked)
Input validation2m 46s
-
(Locked)
Parameterized queries3m 35s
-
(Locked)
Authentication and session management issues2m 41s
-
(Locked)
Data protection3m 39s
-
(Locked)
Output encoding3m 55s
-
(Locked)
Error and exception handling3m 52s
-
(Locked)
Code repositories6m 29s
-
(Locked)
Code signing2m 50s
-
(Locked)
-
-
-
-
-
-
-
-
-
-