OWASP Top 10: A01:2021-Broken Access Control

OWASP    |    Intermediate
  • 12 videos | 1h 13m 29s
  • Includes Assessment
  • Earns a Badge
Rating 4.5 of 276 users Rating 4.5 of 276 users (276)
Resource authorization occurs after successful authentication. Resources include objects such as files, folders, web apps, storage accounts, virtual machines, and more. In this course, learn about various resource access control models, including mandatory (MAC), discretionary (DAC), role-based (RBAC), and attribute-based access control (ABAC). Next, examine how broken access control attacks occur and how HTTP requests and responses interact with web applications. Discover how to set file system permissions in Windows and Linux, assign permissions to code, and digitally sign a PowerShell script. Finally, explore identity federation and how to execute and mitigate broken access control attacks. Upon completion, you'll be able to harden resource access to mitigate broken access control attacks.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Differentiate between mandatory, discretionary, role-based, and attribute-based access control
    Identify how broken access control attacks occur
    Identify how http requests and responses interact with web applications
    Manage windows file system permissions
    Manage linux file system permissions
  • Manage attribute-based file system permissions in windows
    Assign permissions for microsoft azure managed identities
    Recognize the role of identity and resource providers in a federated identity environment
    Execute a directory traversal attack and navigate across web server subdirectories
    Capture user keystrokes using a hardware keylogger
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 44s
  • 5m 9s
  • Locked
    3.  Broken Access Control Attacks
    7m
  • Locked
    4.  HTTP Methods
    5m 46s
  • Locked
    5.  Managing Windows File System Permissions
    5m 19s
  • Locked
    6.  Managing Linux File System Permissions
    8m 6s
  • Locked
    7.  Managing Attribute-based File System Permissions
    9m 56s
  • Locked
    8.  Assigning Permissions for Azure Managed Identities
    6m 22s
  • Locked
    9.  Identity Federation and Claims
    9m 45s
  • Locked
    10.  Executing a Directory Traversal Attack
    8m 3s
  • Locked
    11.  Acquiring Keystrokes Using a Hardware Keylogger
    6m 13s
  • Locked
    12.  Course Summary
    1m 6s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course CompTIA A+ Core 2: Operating System Security Best Practices
Rating 4.6 of 80 users Rating 4.6 of 80 users (80)
Course CompTIA Cybersecurity Analyst+: Network Security Concepts
Rating 4.4 of 5 users Rating 4.4 of 5 users (5)
Course CompTIA Linux+: Authentication & Authorization
Rating 4.1 of 9 users Rating 4.1 of 9 users (9)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Threat Intelligence & Attribution Best Practices: Threat Intelligence Concepts
Rating 4.6 of 232 users Rating 4.6 of 232 users (232)
Course OWASP Top 10: A03:2021-Injection
Rating 4.6 of 344 users Rating 4.6 of 344 users (344)
Course OWASP Top 10: A10:2021-Server-Side Request Forgery (SSRF)
Rating 4.6 of 196 users Rating 4.6 of 196 users (196)