Terms you'll need to understand:
Web site attacks
Techniques you'll need to master:
Identify BASIC, DIGEST, FORM, and CLIENT-CERT authentication types.
Define data integrity.
Describe malicious code and Web site attacks.
Identify the deployment descriptor element names, and their structure, that declare a security constraint, a Web resource, the login configuration, and a security role.
A Web application is fundamentally built to invite many people to access it. At least one of these people is a jerk or, worse, a malicious malcontent. ...