Precise -Blog

You can use the Create Application Entry Point wizard in the “CUSTOMER INFORMATION CONTROL SYSTEM” (CICS) Explorer to develop an application entry point. An applications entry points can apply to whole application & a specific application operations. Each application’s entry point is declared on a resource or names of an operation. You can define the application entry points only on a sub set of CICS resources. CICS Customer Information Control System (CICS) is a transaction’s server that executes the primarily on IBM mainframe system under z/OS or z/VSE. CICS is middleware designed to support rapid, high volume online transactions processing. The resources for the application entry point do not have to be defined in the same CICS truss project as the applications entry point. CICS adds the application operation to the specified resource when the application set up is installed. When an action that does not have an applications context call of resources that has an appl...

Administrator’s interfaces may be present in the application and on the application servers to allow few users to start privileged activities on the site. Tests should be start work to reveal if or how this privileged functionality that can be accessed through an un-authorized and standard user. Applications may need an administrator interface to enables a privileged user to access functionality that may develop changes to, how the site functions? Such changes may involve: 1.        User account purveying 2.        Site design or layout 3.        Data fetch 4.        Configuration changes Admin Interface completes any of the following tasks: 1.        Create or configure groups. 2.        Handle basic software configurations. 3.        Create or manage ne...

Meaning of RIA The meaning of RIA “Register Investment Advisor”, an advisor and firm engaged with the investment advisory business or registered either with the Securities or Exchange Commission and state securities authorities’. What is cross-domain policy? The cross-domain policy are the files, and these files specifies the permissions of that a web client such as Adobe Flash, Java, etc. use to access information across the different domains. For Microsoft, Silverlight adopted a sub set of the Adobe's cross-domain.xml, or additionally created its own cross-domain policy file. Whenever web client find out that resource has to be requested from another domain, it will first see for a policy file in the target of domain to determine, if performing cross domain requests, involving headers, & socket-based connections are allowed. Master policy files are displayed at the domain's root. Client might be in-structed to loads another policy file but it will conti...

This is a web security policy cracy where by a web server declares that the complying of users’ agents is to interact with it using only secure HTTPS connections. HSTS Policy is communicated through the server to the user’s agent through a HTTP response headers fields named "Strict-Transport-Security". HSTS Policy specifies the period of time during which the user’s agent shall approach the server in a secure only manner. HSTS mechanisms: Servers implement an HSTS policy through supplying the header over HTTPS connections. 1.        An automatically turn any in-secure links referencing the web application into secure links. 2.        If the security of the connections can’t be ensured, show an error message or do not allow the user’s to access the web application. Limitations: The first request remains un-protected from active attacks, if it uses an in-secure protocol such as plain HTTP and if the URL for th...

HTTP refers to Hyper Text Transfer Protocol; its motion the number of method’s that can be used to performs activity on the web server. Several of these methods are developed to help of developers in deploying or testing of the HTTP applications. These HTTP methods can be used for un-trustful purposes, if the web server is misconfigured. Additionally, Cross Site Tracing, a form of cross site scripting writing using the server's HTTP TRACE methods, is examined. When GET & POST are through away the most common methods that used to retrieve information provided through a web server, the HTTP allows several other methods.  The following methods of the HTTP such as: Ø   HEAD Ø   GET Ø   POST Ø   TRACE Ø   PUT Ø   DELETE Ø   OPTIONS Ø   CONNECT Some methods can potentially pretense a security risk for the web application, as they allow an attacker’s to modify the files and stored on the web server or, in some scenario’s, thi...

This following point helps to get the information about the performance of your Web server using Load Runner’s Web Resource monitor. About Web Resource Monitoring on page ➤ Hits per Second Graph on page ➤ Throughput Graph on page ➤ HTTP Responses per Second Graph on page ➤ Pages Downloaded per Second Graph on page ➤ Retries per Second Graph on page ➤ Connections Graph on page ➤ Connections per Second Graph on page ➤ SSLs per Second Graph on page What is Web Resource Monitoring? The Web Resource monitor to provide the power of  you, to analyze the output on the web server,  and the number of push (hits) per second that occurred during the scenarios, or the number of HTTPs reactions per second, and the HTTP’s status codes returned from Web server, & the number of downloaded pages per second, or the number of server re-tries per second, the number of opens TCP/IP connection’s, the number of new TCP/IP connection’s per second, and the number o...

  What is Map Network? Network map is a visualization of device on networks, their inter relationships, & the transport layers providing a network services. Practically, a Network Map is a single tool to provide network users, managers or administrators, & IT personnel with a better understanding of the network performance, specifically concerning data bottle-necks & associated root cause analysis. What is the Application Architecture? In this information system, Applications Architecture is one of several architectures domain’s that forms of the pillars of enterprise architecture and solutions of architecture. The different type’s elements that make up the infra-structure required to be determined to understand how they meet with a web application & how they affect security. In fact it takes only an ace vulnerability to undermine the security of the whole infra-structure, & even small & seemingly un-important problems may be evolve into harsh ri...

What is fingerprinting? Fingerprint is the most common activity for attackers is to first footprint the objective’s web presence & enumerates as much of data as possible. With this data, the attacker might develop a right and accurate attack scenarios, which will efficaciously exploit vulnerability in the software type and version being utilized through the target host. Fingerprinting Web Server: A fingerprinting Web server is a critical work for the entrance tester. Knowing the version or type of an executing web server allows to the testers to determine known vulnerabilities & the appropriate feats to use during testing. Today's there are many different vendors or versions of web server in the market. Knowing the type of web server i.e. being tested significantly help in the testing activity & can also change the flow of test. This data can be derived through sending the web server’s specific commands or analyzing the results, as every version of web serve...

Definition of Security testing A Security testing is the process of purposeful to reveal flaws in the security mechanisms of information’s system that protect information and maintain the functionality as intended. Due to logical restrictions of the security testing, passing security testing isn’t a pointing of that no flaws exist and that the system completely satisfies the security requirements. Definition of Ethical hacking Ethical hacker is a computer & network experts who attack a security system on the behalf of its owners and seeking vulnerabilities that a malicious hacker could exploit. Definition of Un-ethical hacking: People steal information for their own personal gain each of the time. This is a very dangerous and serious issue, because every user’s almost is facing this kind of trouble. It involves mostly, credit card information, ID theft, or the make perfect sense to me. It means that when people, steal some single information just for their own person...

Boundary Value Analysis is a software testing technique which is used to create the test cases for required input field or we can say that BVA used for test cases design(between the valid boundary partition and invalid partition). BVA is also a part of stress and negative testing. Boundary value include the border value means minimum and maximum value for example an address text box which takes 500 character but if create the test cases for each character then it’s very difficult to design so here we will use the BVA technique means take the boundary values. Another example for this technique at office a very important tool which is used for take valid user name and password field in which minimum 8 characters and maximum 12 characters so here we can partition  valid range will be 8-12 and invalid range 7-13. Most important thing it is used for Black box testing. Many application   errors create at the boundaries .  ‘Boundary value analysis’ testing technique is used ...