|
|
Security evaluation of the PHP application according to OWASP ASVS standard
Sůva, Jakub ; Mészáros, Jan (advisor) ; Buchalcevová, Alena (referee)
The goal of this bachelor's thesis is to verify security level of web application. Verification is based on the standard called OWASP ASVS 2013 Beta especially on its first level of requirements. To achieve the goal thesis uses semi-automated white box penetration tests and interview. The thesis is limited to testing of PHP web applications and it is divided into two main sections, theoretical and practical. The theoretical part is mainly focused on introducing penetration testing of web applications in general. Cardinal part is description of OWASP ASVS 2013 Beta. A research of automated testing tools is done in the practical section. One of the tools is chosen afterwards to make the testing of web application more efficient. Practical part is mostly focused on the tests themselves. The end result is comprehensible report with outcomes and their interpretation.
|
|
|
Web application security
Matušek, Václav ; Palovský, Radomír (advisor) ; Pinkas, Otakar (referee)
The Bachelor thesis deals with the security of web applications. The main aim is to create complex view of most frequent attacks in practice and also to describe possibilities in prevention of the attacks. The prevention is described for both, user's and developer's side. Thesis contains also information about their origin and reminds the attacks from the past. It includes review of the standards and Czech legislation, which affect the security or define proper way how to develop the application. Important output of this thesis is also list of rules, which helps the developer to design secure application.
|
|
|
Information Security Risk Analysis in company operating in the distribution of healthcare and beauty products
Genský, Oliver ; Veber, Jaromír (advisor) ; Luc, Ladislav (referee)
This thesis processes the risk analysis topic, which is included in the overall information security management system. Thesis is divided into two parts; theoretical and practical. Terms and processes used in the risk analysis are included in the theoretical part. This section also describes standards that offer best practices of information security management, based on historical experience in variety of businesses. The defined terms and the chosen standards and methods are thereafter applied in the practical section, where risks of a particular business are analyzed and afterwards supported by an evaluation of risks and proposed solutions. This work is concluded by an overall information security report, which is consulted with the lead management of the business.
|
|
|
Vulnerability Management in the Corporate IT Infrastructure
Hronek, Tomáš ; Veber, Jaromír (advisor) ; Klíma, Tomáš (referee)
The present thesis deals with the area of vulnerability management and its relation to information security. Its main purpose is to set the topic of vulnerability management in context of company information security and to explain its relationship to related disciplines. In the practical part, selected vulnerability assessment tools are compared and methodology is applied to determine the criticality of the vulnerabilities identified in relation to the provided IT services. The objectives were achieved by literature review, personal consultations with employees responsible for information security at J&T Bank and by comparing the results of several tools for assessing vulnerability (Nessus, Retina, OpenVAS, Nexpose, Tripwire). To date, there has not been published a thesis devoted exclusively to the topic of vulnerability management. This thesis is the first one to provide comparable results of vulnerability scanning of the same targets. Equally valuable is the application of Common Vulnerability Scoring System to determine the criticality of the vulnerabilities identified in relation to delivered IT services.
|
|
|
Procedures of information risk management of software companies.
Fischer, Radek ; Veber, Jaromír (advisor) ; Luc, Ladislav (referee)
Subject of the thesis is to take up possibilities of practical using of the Risk analysis which is a part of the Information security management system. Thesis is focused on risk management for typical organization which creates information systems. Main part of the thesis is the description of "ČSN ISO/IEC 27005:2013 - Information technology - Security techniques -- Information security risk management" standard, how could this standard be applied and also contains the explanation of typical examples of assets which can be in similar types of organizations. Theoretical part is aimed on explanation of key words in literature and closer description of organizations which creates this standard. Practical part shows creation of the Risk analysis methodology according to different accesses that are contained in this standard. Thesis continues with application of specific part of this methodology in practice. Assumed contribution of this thesis is better understanding to the process of making the Risk analysis methodology and possibilities its application in practice.
|
|
|
Security testing tools for ASP.NET applications
Kikerle, Martin ; Buchalcevová, Alena (advisor) ; Vít, Jan (referee)
The purpose of this thesis is to create a methodology which helps ASP.NET developers to test their web applications for the presence of the most common vulnerabilities. The theoretical part is focused on the ways of application testing and briefly describes ten of the most common web application vulnerabilities, so-called OWASP Top Ten 2013. The web application testing methodology is included in the practical part. A process of the application testing is the key part of the methodology. The designed methodology is used for the selected web application testing.
|
|
|
Effect of crisis in the family on the psychosocial development of the child
KŘIVANCOVÁ, Kristýna
The bachelor thesis deals with crisis in the family and their effect on the psychosocial development of the child. The bachelor thesis is divided into the theoretical part and the practical part. The theoretical part focuses on the characteristics of the family and crisis. It also deals with crises in the family and their effect on the psychosocial development of the child. Research examines the perceived effect of crisis in the family for individual and their importance for his future live. For this research was selected biographical design. Data were obtained using the narrative interview.
|
|
|
"Stress and burnout by kindergarten teachers in context with personality characteristics."
BAKEŠOVÁ, Ivana
The bachelor thesis is dedicated to burnout and its relation to personal and social qualities of nursery school teachers. The theoretical part describes phases, causes and displays of burnout, possibitilies of prevention and treatment. It dealswith differences in personal qualities, especially in connection with the ability to face stress and preassure and deal with them effectively. It also points out the specifics of the work at nursery schools. The practical part contains the results of the questionnaire sutvey of nursery school teachers in Tábor and its vicinity. The aim is to find out if personal and social qualities are linked with burnout and to what extent.
|
|
|
Ethical-psychological Contexts of a Relationship between a Social Worker And a Client
SÝKOROVÁ, Eva
The thesis reflects a relationship between a social worker and a client within ethical-psychological contexts and provides understanding of its significance. It gives an insight into conditions for establishing an optimum relationship between a social worker and a client and into risks that may disturb the mutual relationship, especially the risk of power. The terms of social worker, client and their relationship are characterized in terms of professional ethics. If an ethical reflection is to be competent, it is to cover psychological knowledge such as human needs, incentives and motives for acting. To conclude, ethical solutions a social worker should take into account in relation to a client are defined. These are human dignity, respect, autonomy, responsibility, dependency and vulnerability.
|
|
|
External and fiscal sustainability of the Czech economy: a quick look through the IMF's night-vision goggles
Bulíř, Aleš
The paper presents the rationale for spreadsheet-based debt sustainability assessments. Policymakers can use these exercises in two ways. First, assessments of possible debt developments provide “reality checks” of macroeconomic projections. Second, the financial stability exercise may indicate vulnerability to crises. Empirically, using the IMF debt sustainability template, the paper finds that the external position of the Czech Republic appears sustainable under most plausible history-based scenarios.
Fulltext:  PDF
|
guest ::
