Difference between revisions of "Testing for configuration management"

Revision as of 17:09, 7 March 2014

This article is part of the new OWASP Testing Guide v4.

Back to the OWASP Testing Guide v4 ToC:
   https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
Back to the OWASP Testing Guide Project:
   https://www.owasp.org/index.php/OWASP_Testing_Project

4.3 Testing for configuration management

Testing for configuration management include the following articles:

4.3.1 Test Network/Infrastructure Configuration (OTG-CONFIG-001)

4.3.2 Test Application Platform Configuration (OTG-CONFIG-002)

4.3.3 Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003)

4.3.4 Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004)

4.3.5 Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005)

4.3.6 Test HTTP Methods (OTG-CONFIG-006)

4.3.7 Test HTTP Strict Transport Security (OTG-CONFIG-009)

4.3.8 Test RIA cross domain policy (OTG-CONFIG-011)

@@ Line 6: / Line 6: @@
 Testing for configuration management include the following articles: <br>
-[[Testing for infrastructure configuration management (OWASP-CM-003)|4.3.1 Test Network/Infrastructure Configuration (OTG-CONFIG-001) ]] formerly "Testing for Infrastructure Configuration Management Testing weakness (OWASP-CM-001)"
+[[Testing for infrastructure configuration management (OWASP-CM-003)|4.3.1 Test Network/Infrastructure Configuration (OTG-CONFIG-001) ]]
-[[Testing for application configuration management (OWASP-CM-004)|4.3.2 Test Application Platform Configuration (OTG-CONFIG-002) ]] formerly "Testing for Application Configuration Management weakness (OWASP-CM-002)"
+[[Testing for application configuration management (OWASP-CM-004)|4.3.2 Test Application Platform Configuration (OTG-CONFIG-002) ]]
-[[Testing for file extensions handling  (OWASP-CM-005)|4.3.3 Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003) ]] formerly "Testing for File Extensions Handling  (OWASP-CM-003)"
+[[Testing for file extensions handling  (OWASP-CM-005)|4.3.3 Test File Extensions Handling for Sensitive Information (OTG-CONFIG-003) ]]
-[[Testing for Old, Backup and Unreferenced Files (OWASP-CM-006)|4.3.4 Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004) ]] formerly "Old, Backup and Unreferenced Files (OWASP-CM-004)"
+[[Testing for Old, Backup and Unreferenced Files (OWASP-CM-006)|4.3.4 Review Old, Backup and Unreferenced Files for Sensitive Information (OTG-CONFIG-004) ]]
-[[Testing for Admin Interfaces  (OWASP-CM-007)|4.3.5 Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005) ]] formerly "Infrastructure and Application Admin Interfaces  (OWASP-CM-005)"
+[[Testing for Admin Interfaces  (OWASP-CM-007)|4.3.5 Enumerate Infrastructure and Application Admin Interfaces (OTG-CONFIG-005) ]]
-[[Testing for HTTP Methods and XST  (OWASP-CM-008)|4.3.6 Test HTTP Methods (OTG-CONFIG-006) ]] formerly "Testing for Bad HTTP Methods (OWASP-CM-006)"
+[[Testing for HTTP Methods and XST  (OWASP-CM-008)|4.3.6 Test HTTP Methods (OTG-CONFIG-006) ]]
-[[Testing for Missing HSTS header|4.3.7 Test HTTP Strict Transport Security (OTG-CONFIG-009) ]] formerly "Testing for Missing HSTS header (OWASP-CM-009)"
+[[Testing for Missing HSTS header|4.3.7 Test HTTP Strict Transport Security (OTG-CONFIG-009) ]]
-[[Testing for RIA policy files weakness|4.3.8 Test RIA cross domain policy (OTG-CONFIG-011) ]] formerly "Testing for RIA policy files weakness (OWASP-CM-010)"
+[[Testing for RIA policy files weakness|4.3.8 Test RIA cross domain policy (OTG-CONFIG-011) ]]

Difference between revisions of "Testing for configuration management"

Revision as of 17:09, 7 March 2014

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools