Course Details
Oversikt
Acquiring the knowledge needed to understand the features and functions of today’s Web Application Firewall solutions. The network topologies and the specific functions of application layer firewall are analyzed. The course includes lab sessions on real equipment, in order to better understand the topics and acquire skills of analysis and troubleshooting
Innhold
- HTTP in depth (Methods,Hdr,Cookies)
- Web App FW: Concept and Components
- Network Implementation and Data Flow
- The PCI-DSS Standard
- Threat Mitigation
- SQL injection
- Cross-site scripting
- Parameter tampering
- Hidden field and session manipulation
- Cookie poisoning
- Stealth commanding
- Backdoor and debug options
- Geo location-based blocking
- Application buffer overflow attacks
- Brute force attacks
- Data encoding
- Unauthorized navigation
- Gateway circumvention
- Web server reconnaissance
- SOAP and Web services manipulation
- Parameters pollution
Målgruppe
- Technical personnel involved in working in network and computer system security, as well as to the designers of ICT security systems.
Forkunnskaper
- LAN and TCP/IP basic understanding.