Course Catalog | LAB 624 - ATT&CK: Exploiting Java Web Application Server Misconfiguration

Home / Training / Course Catalog

Course Overview

This lab simulates a Security Misconfiguration vulnerability found in the AccountAll Cyber Range. The challenge includes an HR Back Office System that fails to implement the security principle of “Establish Secure Defaults”.

Leveraging a virtual machine, participants will analyze code to identify and mitigate instances of “Misconfiguration of default credentials”.

The objective of this lab is to apply ATT&CK Techniques T1190 Exploit Public-Facing Application” and “T1133 External Remote Services”.

Course Details

Course Number: LAB 624

Course Duration: 12 minutes

Course CPE Credits: 0.25

NICE Specialty Areas

Risk Management (RSK)
Software Development (DEV)

Technology

Java

Standard

MITRE ATT&CK
OWASP ASVS
OWASP Web

Platform

Web Services

Type

Skill Labs

Available Languages

English

Home / Training / Course Catalog

LAB 624 – ATT&CK: Exploiting Java Web Application Server Misconfiguration

Course Overview

Course Details

Our Company

Follow Us

Products

Office