• Online, Self-Paced

Web applications rely on numerous underlying infrastructure components including PKI. Discover the overall web application ecosystem with a focus on the OWASP Top 10 for 2017.

Learning Objectives

OWASP: Top 10 & Web Applications

  • identify common web application security issues and their impact, including embedded web apps in IoT devices
  • define how tools such as Nmap, Metasploit and Nessus can be used for benign and malicious purposes
  • recognize how the OWASP Top 10 helps to secure web applications
  • recognize OWASP security tools
  • identify common web application architecture and development techniques and the role that clients and servers play
  • recall how TLS supersedes SSL and tools such as SSL Labs can test PKI implementations
  • recognize how PKI certificates can enhance web application security
  • configure an HTTPS binding for a Microsoft IIS web site
  • configure a Microsoft IIS web site to require client certificates
  • configure an HTTPS binding for a Linux Apache web site
  • scan a public Internet site's PKI configuration to determine the security posture of the site
  • implement measures to secure the web application environment

 

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.