Having a web presence is almost a necessity in today's business age, but web applications can be very complicated and difficult to build securely. This includes the web server that runs the app. In this course, you'll explore the web server, its function, common components that can lead to vulnerabilities, and security controls to help mitigate those possible vulnerabilities. Next, you'll examine common web server attacks such as directory traversal, HTTP response splitting, and Server-side Request Forgery. Finally, you'll learn how following an established attack methodology will increase your likelihood of success when attacking a web server, and examine a common web server attack methodology and tools and techniques used at each step. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v11 (312-50) exam.