From the course: CompTIA Security+ (SY0-601) Cert Prep: 2 Secure Code Design and Implementation
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Error and exception handling
From the course: CompTIA Security+ (SY0-601) Cert Prep: 2 Secure Code Design and Implementation
Error and exception handling
- [Instructor] Many security issues occur when software acts in an unexpected manner in response to invalid user input or another error situation. For this reason, appropriately handling errors is a critical component of software security. Software is designed to perform orderly transitions between different states. For example, let's consider a very simple software program that's designed to calculate the sales tax on a retail purchase. The software might sit at an input screen, ready for the user to input a purchase amount. When it receives that input, it calculates the transaction tax and then moves into a display mode where it displays the tax amount to the user. The user can then press a new transaction button to enter another transaction amount. You might view this as three different states that the software has, awaiting input, calculating tax, and displaying output. This simple state transition model…
Contents
-
-
-
-
-
-
(Locked)
Input validation2m 37s
-
(Locked)
Parameterized queries3m
-
(Locked)
Authentication and session management issues1m 49s
-
(Locked)
Output encoding3m 13s
-
(Locked)
Error and exception handling3m
-
(Locked)
Code signing2m 8s
-
(Locked)
Database security3m 53s
-
(Locked)
Data deidentification2m 44s
-
(Locked)
Data obfuscation2m 12s
-
(Locked)
-