Final Exam: OWASP Top 10 Mitigations
Intermediate
- 1 Video | 32s
- Includes Assessment
- Earns a Badge
Final Exam: OWASP Top 10 Mitigations will test your knowledge and application of the topics presented throughout the Skillsoft Aspire Web App Vulnerability Analyst Journey.
WHAT YOU WILL LEARN
-
apply security controls to mitigate broken access control attacksapply security settings to users and computers using Microsoft Group Policybrowse vulnerable devices on the Shodan.io websiteconfigure and test Snort IDS rulesconfigure syslog-ng in Linux to forward log entries to a central logging hostcrack RDP passwords using Hydradeploy a web application firewall solution in the Microsoft Azure clouddeploy security controls to correct monitoring deficienciesdeploy security controls to mitigate XSS attacksdescribe how application containers workdescribe how a web application firewall differs from other types of firewallsdescribe how intrusion detection and prevention can be deployed and useddescribe how Java and JavaScript are used in web applicationsdescribe how security misconfigurations can be mitigateddescribe how the concept of objects, methods, and properties applies to scripting and software developmentdescribe how to mitigate XXE attacksdescribe the PKI hierarchydescribe the purpose of the Open Web Application Security Project (OWASP)describe what Personally Identifiable Information (PII) is and how it relates to data classification and securitydifferentiate between authentication and authorizationdifferentiate between mandatory, discretionary, role-based, and attribute-based access controldifferentiate between SIEM and SOAR monitoring and incident response solutionsdifferentiate between static and dynamic software testingdigitally sign a Microsoft PowerShell scriptenable IPsec to protect LAN trafficencrypt user credentialsharden user authentication settings using Microsoft Group Policyhash files using Linux commandshash files using Windows commandshash user credentials
-
identify active network hosts and services using nmapidentify components related to developing and running a web applicationidentify how broken access control attacks occuridentify how Extensible Markup Language (XML) is used to describe dataidentify how HTTP requests and responses interact with web applicationsidentify methods by which sensitive data exposure attacks can be mitigatedinstall and configure Windows Server Update Services (WSUS)install the Snort IDSlist common data privacy standardslist methods by which malicious actors can gain access to sensitive datalist various ways that XML attacks can be executedmanage Docker containers on a Linux computermanage Linux file system permissionsmanage Windows file system permissionsmitigate injection attacks using techniques such as fuzzing and input validation, and sanitizationnavigate through web server subdirectories through a web applicationplan for various types of security testingprovide examples of security misconfigurationsrecall methods by which sensitive data exposure attacks can be mitigatedrecognize how Cross-site Scripting (XSS) attacks occurrecognize how security must be integrated into all aspects of Continuous Integration and Continuous Delivery (CI/CD)recognize how to deploy security controls to mitigate deserialization attacksrecognize how to mitigate broken authentication attacksrecognize how to securely write coderecognize how weak authentication configurations can lead to system compromiserecognize types of injection attackssearch vulnerable devices on the Shodan.io websiteuse freely available tools to run a SQL injection attack against a web applicationuse the Hydra tool to crack web form user passwordsuse Wireshark to view plain text credential transmissions
IN THIS COURSE
-
1.OWASP Top 10 Mitigations33sUP NEXT
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.YOU MIGHT ALSO LIKE

COURSE
Final Exam: Web Fundamentals

COURSE
Final Exam: Business Analyst