Mobile Code

Code that can be transmitted across a network, to be executed by a system or device on the other end, is called mobile code. There are many legitimate reasons to allow mobile code—for example, web browser applets that may execute in the background to download additional content for the web page, such as plug-ins that allow you to view a video.

The cautions arise when a web site downloads code intended to do malicious or compromising actions, especially when the recipient is unaware that the compromising activity is taking place. If a web site is compromised, it can be used as a platform from which to launch attacks against anyone visiting the site and just browsing. On a web browser, having security settings set to high, or disallowing ...

Get CISSP Certification All-in-One Exam Guide, Fourth Edition, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.