针对"网络安全"课程中网络攻击与防范方面存在的教学问题,文章分析了问题原因,论证了设计Web攻击与防范实验项目的必要性,准备了植入Web安全漏洞的实验站点,这些安全漏洞均与Web开发密切相关。在实验教学中,采用任务驱动法教学模式,分阶段循序渐进,发挥了学生在实验教学中的主体作用,提高了学生开发安全Web应用的能力。
Aiming at teaching problems of the Web attack and defense in the course of network securi- ty, the paper analyses causes of these problems, puts forward necessity arguments of the experiment design of Web attack and defense, and prepares experimental Web site containing security vulnerabili- ties. These security vulnerabilities have closed correlations with Web development. During experimental teaching, the pattern of task driven is adopted, phases are divided clearly. Students exert subjective roles in the process of experimental teaching, and improve their abilities of secure Web application development.