Discussion

This week's reading covers the steps needed to protect systems, applications and data from typical attacks.  Answer the following questions and then discuss with your classmates:

1. Why is it important for aplication builders to check data received from unknown sources, such as web applications, prior to using the data?  What could happen if they don't, and what would the recourse be?
   
   
2. Why is it important for web admins that run systems allowing users to add content (such as blogs, forums, etc) carefully and consistently patch their systems?  Give an example of an attack that could be used against an unpatched or vulnerable system, and explain what could be done by a successful attack. 
   
   
3. Why are logs important?  Discuss the importance of monitoring logs on a regular basis.  If you've ever come across an attack on a system at your job in the past, explain to the class what was discovered, and how the attack either succeeded or was thwarted.