• Online, Self-Paced

Discover security aspects focusing on OWASP Top 10 - 2017 item A3: Sensitive Data Exposure, A2: Broken Authentication and A1: Injection.

Learning Objectives

OWASP: Top 10 Items A3, A2, & A1

  • discover the subject areas covered in this course
  • describe OWASP Top 10 2017 item A3, sensitive data exposure
  • recognize how to prevent sensitive data disclosure
  • enable BitLocker encryption for a web server disk volume
  • describe OWASP Top 10 2017 item A2, broken authentication
  • recognize how to secure authentication
  • enable MFA for an Amazon Web Services user account
  • retrieve sensitive data through password reset pages
  • describe OWASP Top 10 2017 item A1, injection
  • recognize how to validate user input before allowing submission for execution
  • inject SQL commands into a web form field
  • encrypt data at rest, secure authentication and prevent injection attacks

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.