• Online, Self-Paced

Explore security aspects focusing on OWASP Top 10 -2017 item A6: Security Misconfiguration, A5: Broken Access Control, and A4: XML External Entities.

Learning Objectives

OWASP: Top 10 Items A6, A5, & A4

  • describe OWASP Top 10 2017 item A6 dealing with security misconfigurations
  • recognize how security misconfigurations can be mitigated
  • lock down anonymous cloud storage access
  • disable SSLv3 on web browsers and web servers
  • describe OWASP Top 10 2017 item A5 - Broken Access Control
  • recognize how broken access control can be mitigated
  • create a Microsoft Azure shared access signature
  • describe OWASP Top 10 2017 item A4 covering XML external entities
  • recognize how XML external entity vulnerabilities can be mitigated
  • describe security configurations, misconfigurations, and access control

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.