OWASP Top 10: A01:2021-Broken Access Control
OWASP 2022 | Intermediate
- 12 videos | 1h 13m 29s
- Includes Assessment
- Earns a Badge
Resource authorization occurs after successful authentication. Resources include objects such as files, folders, web apps, storage accounts, virtual machines, and more. In this course, learn about various resource access control models, including mandatory (MAC), discretionary (DAC), role-based (RBAC), and attribute-based access control (ABAC). Next, examine how broken access control attacks occur and how HTTP requests and responses interact with web applications. Discover how to set file system permissions in Windows and Linux, assign permissions to code, and digitally sign a PowerShell script. Finally, explore identity federation and how to execute and mitigate broken access control attacks. Upon completion, you'll be able to harden resource access to mitigate broken access control attacks.
WHAT YOU WILL LEARN
discover the key concepts covered in this coursedifferentiate between mandatory, discretionary, role-based, and attribute-based access controlidentify how broken access control attacks occuridentify how HTTP requests and responses interact with web applicationsmanage Windows file system permissionsmanage Linux file system permissions
manage attribute-based file system permissions in Windowsassign permissions for Microsoft Azure managed identitiesrecognize the role of identity and resource providers in a federated identity environmentexecute a directory traversal attack and navigate across web server subdirectoriescapture user keystrokes using a hardware keyloggersummarize the key concepts covered in this course
IN THIS COURSE
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.Digital badges are yours to keep, forever.
YOU MIGHT ALSO LIKE
Course OWASP Top 10: A1 - Injection
PEOPLE WHO VIEWED THIS ALSO VIEWED THESE
Course OWASP Overview