Introduction To OWASP Top Ten: A6 - Security Misconfiguration - Scored
Cyberscore

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Time
25 minutes
Difficulty
Intermediate

This module for the Introduction to OWASP Top Ten Module covers A6: Security Misconfiguration.

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Overview

The Introduction to OWASP Top Ten A6 Security Misconfiguration lab is a premium Lab built for the intermediate skill level student to experiment and practice Security Misconfiguration Vulnerabilities. Security Misconfiguration is the sixth web application security risk on the OWASP top ten most common web application security risks, reported in the OWASP Top 10 2017 report.

Security misconfiguration is a broad term meaning anything that could be configured more securely but isn't. It can include many different configuration options, including what files are visible, what permissions are given to the user, what applications are visible and able to be used, and many others.

CybrScore’s Introduction to OWASP Top Ten A6 Security Misconfiguration lab teaches students how to Identify and exploit simple examples of Security Misconfiguration in a web application, be able to create and upload a PHP backdoor in a web application, and to be to able to execute arbitrary commands in a web application. CybrScore’s Introduction to OWASP Top Ten A6 Security Misconfiguration lab takes approximately 1-2 hours for most students most students to complete.

Upon successful completion of the CybrScore’s Introduction to OWASP Top Ten A6 Security Misconfiguration lab, students should be able to exploit simple examples of Security Misconfiguration in a web application and be able to create and upload a PHP backdoor in a web application and be able to execute arbitrary commands in a web application

In CybrScore’s Introduction to OWASP Top Ten A6 Security Misconfiguration lab students will learn about Security Misconfiguration in web application. This is a key part of the Vulnerability Assessment Analyst work role and builds the ability to identify and exploit simple examples of security misconfiguration in a web application.

In CybrScore’s Introduction to OWASP Top Ten A6 Security Misconfiguration lab students will learn about executing arbitrary commands in web applications. This is a key part of the Vulnerability Assessment Analyst work role and builds the ability to use commands otherwise not intended in a web application.

Click the launch button to open the lab.