Normalization
Normalization is a database design technique that organizes tables in a manner that reduces redundancy and dependency on data
It divides larger tables into smaller tables and links them using relationships
SQL Injection
SQL injection is a code injection technique that might destroy the database
SQL injection is one of the most common web hacking techniques
SQL injection is the placement of malicious code in SQL statements, via web page input
Prevention:
Use Parameterized Queries (Prepared Statements)
Input Validation and Sanitization
Least Privilege Principle
Escaping Special Characters
Stored Procedures
Web Application Firewalls (WAFs)
Regular Updates and Patching
Error Handling
Use an ORM (Object-Relational Mapping)
Security Audits and Code Reviews
Education and Training
Blacklist and Whitelist
Trust no one
Don't use dynamic SQL
Reduce your attack surface
Use appropriate privileges
Keep your secrets secret
Continuously monitor SQL statements from database-connected applications
Buy better software
Components of .NET Framework
Common Language Runtime (CLR)
The code that runs under the CLR is known as Managed Code
It provides an environment to run all the .NET programs e.g. C#, VB.NET, etc.
CLR offer supports for thread management as well as memory management.
CLR allocates the memory for scope and de-allocates the memory if the scope is completed
.Net Framework Class Library (.NFCL)
This is also called the base class library
It is common for all other languages in .NET
It is the way you access the Library Classes and Methods in VB.net will be the same in C#
The following are different types of applications that can make use of a .net class library e.g.
Windows Application
Console Application
Web Application
XML Web Services
Windows Services
Common Type System (CTS)
It describes set of data types that can be used in different .Net languages in common.
e.g. CTS ensures that objects written in different .Net languages can interact with each other.
Common Language Specification (CLS)
Which are nothing but guidelines that language to follow so that they can communicate with others.
It describes the minimal and complete set of features to produce code that can be hosted by others.
Software Development Life Cycle (SDLC)
The Software Development Life Cycle (SDLC) consists of several phases that outline the process of creating, developing, testing, and maintaining software applications. The exact number and names of the phases can vary slightly depending on the methodology.
Requirement Analysis
Planning
Design
Implementation (Coding)
Testing
Deployment
Maintenance
Monitoring and Support
Private IP
A private IP address is an IP address that is used within a private network, such as a home or office network and is not directly accessible from the public internet or other Network Address Translation (NAT) device.
The Internet Assigned Numbers Authority (IANA) reserves the following Private IP addresses are governed by three ranges defined in the Internet Protocol version 4 (IPv4) standard: e.g.
Class A Range (10.0.0.0 - 10.255.255.255)
Class B Range (172.16.0.0 - 172.31.255.255)
Class C Range (192.168.0.0 - 192.168.255.255)
Access Time vs Transfer Time
Access Time
Access time refers to the time it takes to locate and retrieve a specific piece of data from a storage medium, such as a hard disk drive (HDD) or solid-state drive (SSD)
Components: e.g.
Seek Time
Rotational Latency
Transfer Time
Transfer time, on the other hand, refers to the time it takes to physically move data from one location to another. It's specifically focused on the time required for the actual data transfer operation once the data is accessible.
Context: e.g.
Read Transfer Time
Write Transfer Time
Transfer Rate
The number of bytes transferred in one unit of time is called as transfer rate of the disk.
