• Online, Self-Paced
Course Description

In this defending Node.js lab the learner will fix a vulnerability that discloses sensitive information in error messages. The lab features an authentication page that discloses whether a specific username is valid or not when invalid authentication credentials are provided, thus allowing valid username enumeration.

Learning Objectives


On successful completion of this lab, learners will demonstrate their ability to:


  • Prevent disclosing sensitive information in error messages within Node.js applications


Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.