Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our mobile code module. Mobile code is active content from the internet that is downloaded and run within a web browser. Some of this code is desired by the user. However, some code is malicious and can cause damage or other unintended consequences on the user's machine. They can increase the user's functionality when the user is using the web browser.
And they are documents or scripts that are designed to carry out actions without the user's intervention. These include Java applets, ActiveX controls, JavaScript, macros, executable code, plug-ins, and email attachments. They can extend the capabilities and functionality of the user's system, but they can also introduce risks as the user browses the internet.
Trojan horses, viruses, worms, backdoors, and malicious code all take advantage of active content in order to infect the user's system. Microsoft's ActiveX technology is considered to be insecure, because it allows too much access to the user's system. This technology was designed so that programmers could write controls that internet users can download to increase the functionality of their system or improve their internet experience.
It is an extension of the object linking and embedding technology. The security scheme for ActiveX informs the user of the origin of the component and asks if the user trusts the producer of the software before it is run. Security relies on Authenticode, which uses digital signatures to ensure the integrity and the identity of the individual responsible for developing the program.
It uses PKI or public key infrastructure certificates and trusted certificate authorities. Java is an example of object oriented programming that is platform independent. It runs on top of the Java virtual machine software, which allows applets to run on several different types of platforms. Java uses byte code to build applets instead of being compiled directly into machine code.
Java applets are very common on the web. They are basically stand alone programs that are downloaded and run within a user's browser. In order to increase security, the mobile code supports memory isolation, running the program in a sandbox in order to isolate it from other programs that are running on the computer.
Common gateway interface, or CGI, is an older method of manipulating data that is passed into a website. CGI scripts reside on the web server and not in the user's browser. It allows interactive websites to process user input or allow database queries. Security risks do exist with CGI because they use an array of low level system commands that can be exploited by an attacker.
Scripts are interpreted and not compiled, therefore there is more risk of it being modified by an unauthorized individual. CGI scripts should always check for illegal commands before processing the input. JavaScript is different than Java. It is a scripting language developed by Netscape. It allows interactive features to be added to web pages.
It is also designed to operate within a browser instance, and it's interpreted by the user's web browser. In order to increase security, you should enable features such as the validation of forms on the client before they are submitted to the server. This is known as client side validation.
JavaScript also runs in a restricted memory area known as a sandbox, in order to increase security. This concludes our mobile code module. Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!