Web App Vulnerability Analyst 2022 Competency (Intermediate Level)

  • 21m
  • 21 questions
The Web App Vulnerability Analyst 2022 Competency (Intermediate Level) benchmark measures your basic exposure to basic web application vulnerabilities. Learners who score high on this benchmark demonstrate that they are competent in the web application vulnerability discipline and can quickly adapt to new tools and processes. They can work mostly independently after receiving direction from superiors.

Topics covered

  • compare past network scans with current scans to identify changes
  • configure attribute-based file system permissions in Windows
  • describe how a web application firewall differs from other types of firewalls
  • describe the purpose of the Open Web Application Security Project (OWASP)
  • describe what Personally Identifiable Information (PII) is and how it relates to data classification and security
  • differentiate between static and dynamic software testing
  • download and run the Metasploitable intentionally vulnerable web app VM
  • encrypt user credentials
  • hash user credentials
  • identify active network hosts and services using nmap
  • identify host vulnerabilities using OpenVAS
  • identify how HTTP requests and responses interact with web applications
  • list common data privacy standards
  • list the benefits of using a secure API when writing web app code
  • manage Linux file system permissions
  • manage Windows file system permissions
  • mitigate injection attacks using techniques such as fuzzing and input validation and sanitization
  • plan for various types of security testing
  • recognize how to securely write code
  • recognize how weak authentication configurations can lead to system compromise
  • recognize the relevance of web application security testing