This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Testing for configuration management

From OWASP
Revision as of 12:31, 14 May 2014 by Jane O'Connor (talk | contribs)

Jump to: navigation, search 
This article is part of the new OWASP Testing Guide v4.

Back to the OWASP Testing Guide v4 ToC:
   https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
Back to the OWASP Testing Guide Project:
   https://www.owasp.org/index.php/OWASP_Testing_Project


4.3 Testing for configuration management

Testing for configuration management includes the following sections:

4.3.1 Test Network and Infrastructure Configuration (OTG-CONFIG-001)

4.3.2 Test Application Platform Configuration (OTG-CONFIG-002)

4.3.3 Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003)

4.3.4 Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004)

4.3.5 Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005)

4.3.6 Test HTTP Methods (OTG-CONFIG-006)

4.3.7 Test HTTP Strict Transport Security (OTG-CONFIG-009)

4.3.8 Test RIA cross domain policy (OTG-CONFIG-011)

Retrieved from "https://wiki.owasp.org/index.php?title=Testing_for_configuration_management&oldid=175022"