Final Exam: OWASP Top 10 Mitigations

Intermediate
  • 1 video | 32s
  • Includes Assessment
  • Earns a Badge
Rating 4.2 of 23 users Rating 4.2 of 23 users (23)
Final Exam: OWASP Top 10 Mitigations will test your knowledge and application of the topics presented throughout the Skillsoft Aspire Web App Vulnerability Analyst Journey.

WHAT YOU WILL LEARN

  • Differentiate between siem and soar monitoring and incident response solutions
    manage docker containers on a linux computer
    describe how the concept of objects, methods, and properties applies to scripting and software development
    configure and test snort ids rules
    recognize how security must be integrated into all aspects of continuous integration and continuous delivery (ci/cd)
    install the snort ids
    deploy security controls to mitigate xss attacks
    install and configure windows server update services (wsus)
    describe how java and javascript are used in web applications
    configure syslog-ng in linux to forward log entries to a central logging host
    deploy security controls to correct monitoring deficiencies
    recognize how cross-site scripting (xss) attacks occur
    apply security settings to users and computers using microsoft group policy
    recognize how to deploy security controls to mitigate deserialization attacks
    describe how intrusion detection and prevention can be deployed and used
    describe how application containers work
    search vulnerable devices on the shodan.io website
    browse vulnerable devices on the shodan.io website
    encrypt user credentials
    describe how a web application firewall differs from other types of firewalls
    hash files using windows commands
    identify how http requests and responses interact with web applications
    apply security controls to mitigate broken access control attacks
    list various ways that xml attacks can be executed
    describe what personally identifiable information (pii) is and how it relates to data classification and security
    mitigate injection attacks using techniques such as fuzzing and input validation, and sanitization
    manage windows file system permissions
    differentiate between mandatory, discretionary, role-based, and attribute-based access control
    differentiate between authentication and authorization
    identify active network hosts and services using nmap
  • plan for various types of security testing
    digitally sign a microsoft powershell script
    list methods by which malicious actors can gain access to sensitive data
    identify how extensible markup language (xml) is used to describe data
    recall methods by which sensitive data exposure attacks can be mitigated
    recognize types of injection attacks
    enable ipsec to protect lan traffic
    use wireshark to view plain text credential transmissions
    recognize how to mitigate broken authentication attacks
    navigate through web server subdirectories through a web application
    hash user credentials
    describe the purpose of the open web application security project (owasp)
    crack rdp passwords using hydra
    describe the pki hierarchy
    use freely available tools to run a sql injection attack against a web application
    list common data privacy standards
    use the hydra tool to crack web form user passwords
    identify methods by which sensitive data exposure attacks can be mitigated
    harden user authentication settings using microsoft group policy
    recognize how to securely write code
    describe how security misconfigurations can be mitigated
    describe how to mitigate xxe attacks
    recognize how weak authentication configurations can lead to system compromise
    deploy a web application firewall solution in the microsoft azure cloud
    identify how broken access control attacks occur
    identify components related to developing and running a web application
    provide examples of security misconfigurations
    manage linux file system permissions
    differentiate between static and dynamic software testing
    hash files using linux commands

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Rating 4.6 of 344 users Rating 4.6 of 344 users (344)
Rating 4.6 of 28 users Rating 4.6 of 28 users (28)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Rating 4.5 of 276 users Rating 4.5 of 276 users (276)
Rating 4.4 of 69 users Rating 4.4 of 69 users (69)
Rating 4.4 of 12189 users Rating 4.4 of 12189 users (12189)