22. “REST's client–server
separation of concerns
simplifies component
implementation, reduces the
complexity of connector
semantics, improves the
effectiveness of performance
tuning, and increases the
scalability of pure server
components.”
84. SQL injection is a code injection
technique, used to attack data-
driven applications, in which
malicious SQL statements are
inserted into an entry field for
execution
https://en.wikipedia.org/wiki/SQL_injection
92. An attack technique used to uncover
hidden web site content and
functionality. By making educated
guesses, the attack is a brute force
search looking for content that is not
intended for public viewing.
http://www.infosecpro.com/applicationsecurity/a54.htm
122. Charles can be used as a man-in-
the-middle HTTPS proxy, enabling
you to view in plain text the
communication between web
browser and SSL web server.