The TLS protocol aims primarily to provide privacy and data integrity between two or more communicating computer applications. However, flaws in TLS protocol include weak cryptographic primitives, or specific implementation errors, cross-protocol vulnerabilities or any combination of each. This course teaches how to identify vulnerabilities, detecting acceptance of unencrypted connections and testing configurations.
On successful completion of this course, learners should have the knowledge and skills to:
- Identify typical TLS misconfiguration vulnerabilities
- Detect network services accepting unencrypted connections
- Test web server TLS configurations
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.