BiteSizedChunks.comLearn one small thing at a time.

Course contentsShow

1CIA Triad: Confidentiality, Integrity, Availability
2Least Privilege Principle
3Defense in Depth
4Fail-Safe Defaults and Secure by Default
5Complete Mediation
6Open Design and Security Through Obscurity
7Separation of Duties and Privilege Separation
8Economy of Mechanism and Keep It Simple
9Psychological Acceptability and Usable Security
10Attack Surface Reduction
11Trust Boundaries and Implicit Trust
12Security as a Non-Functional Requirement
13CIA Triad: Confidentiality, Integrity, Availability
14The Parkerian Hexad: Extending the CIA Triad
15Bell-LaPadula Model: Confidentiality Control
16Biba Model: Integrity Protection
17Clark-Wilson Model: Commercial Integrity
18Chinese Wall Model: Conflict of Interest Prevention
19Access Control Models: DAC, MAC, and RBAC
20Attribute-Based Access Control (ABAC)
21Security Frameworks: NIST Cybersecurity Framework
22ISO 27001 and Security Management Systems
23Defense-in-Depth Philosophy
24Security Layer Categories
25Perimeter vs Internal Security
26Compensating Controls
27Security Control Types
28Redundancy and Diversity in Security
29Security Choke Points
30Weakest Link Analysis
31Security as Continuous Improvement, Not a Final State
32The Security Lifecycle: Plan-Do-Check-Act
33Threat Landscape Evolution and Adaptive Security
34Security Maturity Models and Assessment
35Balancing Security with Usability and Business Goals
36Building a Security Culture and Mindset

1CIA Triad: Confidentiality, Integrity, Availability
2Least Privilege Principle
3Defense in Depth
4Fail-Safe Defaults and Secure by Default
5Complete Mediation
6Open Design and Security Through Obscurity
7Separation of Duties and Privilege Separation
8Economy of Mechanism and Keep It Simple
9Psychological Acceptability and Usable Security
10Attack Surface Reduction
11Trust Boundaries and Implicit Trust
12Security as a Non-Functional Requirement
13CIA Triad: Confidentiality, Integrity, Availability
14The Parkerian Hexad: Extending the CIA Triad
15Bell-LaPadula Model: Confidentiality Control
16Biba Model: Integrity Protection
17Clark-Wilson Model: Commercial Integrity
18Chinese Wall Model: Conflict of Interest Prevention
19Access Control Models: DAC, MAC, and RBAC
20Attribute-Based Access Control (ABAC)
21Security Frameworks: NIST Cybersecurity Framework
22ISO 27001 and Security Management Systems
23Defense-in-Depth Philosophy
24Security Layer Categories
25Perimeter vs Internal Security
26Compensating Controls
27Security Control Types
28Redundancy and Diversity in Security
29Security Choke Points
30Weakest Link Analysis
31Security as Continuous Improvement, Not a Final State
32The Security Lifecycle: Plan-Do-Check-Act
33Threat Landscape Evolution and Adaptive Security
34Security Maturity Models and Assessment
35Balancing Security with Usability and Business Goals
36Building a Security Culture and Mindset

Lesson 2130 of 3,052·42. Penetration Testing and Red TeamingPro lesson

Token Manipulation and Impersonation

Stealing and duplicating access tokens, impersonating user contexts, and creating processes with elevated or alternate security contexts.

This lesson is for subscribers

You've completed the free preview. Subscribe to unlock every lesson in every course.

See pricing Back to course