• Online, Self-Paced
Course Description

Improper Privilege Management occurs when software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. This course introduces ways to identify and mitigate this security weakness, referenced as CWE-269 by the 2020 CWE Top 25.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills to:

  • Manage the setting, management, and handling of privileges
  • Explicitly manage trust zones in the software
  • Follow the principle of least privilege when assigning access rights to entities in a software system
  • Ensure requirement that multiple conditions be met before permitting access to a system resource

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Risk Management
  • Software Development