SKILL BENCHMARK

OWASP Top 10 Competency

  • 20m
  • 20 questions
The OWASP Top 10 Competency benchmark will measure your ability to recognize key terms and concepts related to OWASP Top 10 concepts. You will be evaluated on securing web applications and each of the OWASP Top 10 web vulnerabilities. A learner who scores high on this benchmark demonstrates that they have the skills related to OWASP Top 10 terminology and concepts.

Topics covered

  • analyze suspicious network traffic using a Wireshark packet capture
  • browse vulnerable devices using the Shodan website
  • capture cleartext HTTP credentials using Wireshark
  • capture user keystrokes using a hardware keylogger
  • configure and test Snort IDS rules
  • configure Azure Policy to check for the security compliance of Azure resources
  • configure web application deployment slots in the Microsoft Azure cloud
  • crack Linux passwords using John the Ripper
  • crack RDP passwords using Hydra
  • enable HTTPS for a web application
  • execute a command injection attack against a web application using freely available tools
  • execute a Cross-Site Request Forgery (CSRF) attack against a vulnerable web application
  • execute a directory traversal attack and navigate across web server subdirectories
  • execute a SQL injection attack against a web application using freely available tools
  • harden security settings for users and computers using Microsoft Group Policy
  • hash files using Linux commands
  • list the benefits of using a secure API when writing web app code
  • run a Denial of Service (DoS) attack against a vulnerable web application
  • secure a back-end database
  • verify that publicly disclosed vulnerabilities are not present within a project's dependencies