IT Professional Curricula     Internet and Network Technologies Solution Area     Security Solutions     OWASP Top 10 2020

---

Resource authorization occurs after successful authentication. Resources include objects such as files, folders, web apps, storage accounts, virtual machines, and so on. In this course, you'll learn about various resource access control models including MAC, DAC, and RBAC. Next, you'll examine how broken access control attacks occur. You'll then explore HTTP methods, as well as how to set file system permissions in Windows and Linux, assign permissions to code, and digitally sign a PowerShell script. Lastly, you'll learn about identify federation, how to execute broken access control attacks, and how to mitigate broken access control attacks.

---

---

Objectives

OWASP Top 10: A5 - Broken Access Control discover the key concepts covered in this course differentiate between mandatory, discretionary, role-based, and attribute-based access control identify how broken access control attacks occur identify how HTTP requests and responses interact with web applications manage Windows file system permissions manage Linux file system permissions configure attribute-based file system permissions in Windows configure permissions for Microsoft Azure managed identities digitally sign a Microsoft PowerShell script recognize the role of identity and resource providers in a federated identity environment navigate through web server subdirectories through a web application capture user keystrokes using a hardware keylogger apply security controls to mitigate broken access control attacks summarize the key concepts covered in this course