• Online, Self-Paced
Course Description

In this defending Java lab the learner will fix a vulnerability that discloses sensitive information in error messages. The lab features an authentication page that discloses whether a specific username is valid or not when invalid authentication credentials are provided, thus allowing valid username enumeration.

Learning Objectives

On successful completion of this lab, learners will demonstrate their ability to:

  • Prevent disclosing sensitive information in error messages within Java applications

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Risk Management
  • Software Development