CompTIA PenTest+: Application-Based vulnerabilities


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level



Overview/Description

There are common exploits and vulnerabilities of applications and programs that security professionals be aware of. During this course, you will explore topics such as injection attacks, authentication and authorization exploits, cross-site scripting attacks, cross-site request forgery, clickjacking, security misconfiguration, file inclusion exploits, and unsecure code practices. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. As a review exercise, you will list three types of exploits from SQL injection attacks, name three SQLi attack tools, and name five unsecure coding practices.



Expected Duration (hours)
0.9

Lesson Objectives

CompTIA PenTest+: Application-Based vulnerabilities

  • identify injection attacks
  • define authentication exploits
  • describe authorization exploits
  • recognize XSS attacks
  • recognize CSRF/XSRF attacks
  • define clickjacking
  • compare security misconfigurations
  • describe file inclusion exploits
  • describe unsecure coding practices
  • describe application exploits
  • Course Number:
    it_cspent_07_enus

    Expertise Level
    Intermediate