BROADCASTS.com

b"

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 40 today we are discussing about In the last lesson, we covered a lot of the basics of web browser security.In this lesson, we're going to go a bit more in depth and talk about some additional concerns that you need to think about within your organization when we start talking about web browser security.And the first one is cookies.Cookies are text files that are placed on a client's computer to store information about the user's browsing habits,their credentials, and other data.Cookies are used for authentication into websites,session tracking, your shopping carts,and many other purposes.Most organizations these days, though,will block the storage of cookies because they're concerned about privacy and security.You should know there are two different types of cookies,though, that are asked about on the exam.There are tracking cookies and session cookies.Now, a tracking cookie is usually used by spyware to gather details on you.They're trying to learn what websites you go to,for how long, and what type of things you click on.Now, session cookies, on the other hand,are used to keep track of users and their preferences and maybe even the things that they're putting into their shopping carts.This is being used not as much to track you but instead to maintain the connection and the session between you and the server versus me and the server. Now, many sites are realizing that cookies are not something that people like anymore, and so they're starting to migrate over to what's called server-side tracking instead.This allows them to do the same types of tracking for your shopping carts and things of that nature while allowing you to block cookiee and not have to have them on your machine,because again, you might be afraid that your cookies are going to get stolen and people will get personal information about you.The second thing we want to cover in this lesson is locally shared objects, or LSOs.These are also known as Flash cookies, and they're stored in your Windows user profile under the Flash folder inside your roaming AppData folder.This is used by Adobe's Flash Player and it's less of an issue these days because Adobe Flash is being phased out in favor of HTML5.LSOs can be disabled within your Flash Player settings if you're still using Flash, and this is also found inside the local settings manager in most of today's operating systems.Next we have add-ons, and add-ons are small browser extensions or plugins that'll provide you additional functionality.Now, there are some examples of this,would be things like Adobe Flash or Adobe Shockwave that allow you to run active content within your browser.You might have a browser extension for a password manager that will load in your password when you visit a site.Now, these add-ons are not necessarily bad, but any time you're adding additional code,there could be some malicious code being added.Or if you're downloading an untrusted add-on, you could be installing malicious code into your browser as well.Organizations, for this reason, most of the time,will block additional add-ons,and they try to keep their browser as slimmed down as possible, because that eliminates some of the additional issues that you might have.The last concern we're going to talk about is advanced security options. Every browser has a way for you to configure it and set the different settings you want for the security of your browser.For example, do you want to use an SSL or TLS to be able to make your secure connection? How about your local storage or cache sizes? How big or small do you want those to be? Do you want your browsing history to be kept or deleted once you turn off the browser?Each of these things are things you can configure through the browser through its own tool and through group policy.I'm going to show you both of these in the next lesson.