• Online, Self-Paced

This course covers system configuration, injection attacks, session management, package management, and the AngularJS framework, all within the context of Node.js security.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills to:

  • Identify best practices for Node.js server and system configuration
  • Describe several types of injection attack and prevention techniques for each
  • Identify important settings for session cookie security
  • Explain two approaches to mitigating cross-site request forgery attacks
  • Identify common static analysis tools for Node.js
  • Explain why templates and expressions are vulnerable to injection
  • Identify parameters that should not be used with untrusted data
  • Describe best practices for loading templates

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.