a6 exposure, working on the wording for SSNs being stored in the clear

app/views/layouts/tutorial/_sidebar.html.erb

@@ -49,8 +49,8 @@
         A5 Misconfig
       <% end %>
     </li>
-    <li id="sensitive_exposure">
-      <%= link_to "#" do %>
+    <li id="exposure">
+      <%= link_to exposure_tutorials_path do %>
         <div class="icon">
           <span class="fs1" aria-hidden="true" data-icon="&#xe094;"></span>
         </div>

app/views/layouts/tutorial/exposure/_password_hashing.html.erb

@@ -1,7 +1,7 @@
 <div class="widget">
     <div class="widget-header">
       <div class="title">
-        <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A7 - Insecure Cryptographic Storage - Password Storage
+        <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A6 - Sensitive Data Exposure - Insecure Password Storage
       </div>
     </div>
     <div class="widget-body">

app/views/layouts/tutorial/exposure/_ssn.html.erb

@@ -1,7 +1,7 @@
 <div class="widget">
     <div class="widget-header">
       <div class="title">
-        <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A7 - Insecure Cryptographic Storage - Clear-text storage of SSN(s)
+        <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A6 - Sensitive Data Exposure - Clear-text storage of SSN(s)
       </div>
     </div>
     <div class="widget-body">
@@ -62,7 +62,7 @@
           </div>
           <div class="accordion-body collapse" id="collapseSSNThree" style="height: 0px;">
             <div class="accordion-inner">
-			  <p><b>Password Storage - SOLUTION</b></p>
+			  <p><b>SSN Storage - SOLUTION</b></p>
 			  <p class="desc">
 				There is a lot of guidance on adequately protecting sensitive data at rest and using a layered defensive approach. Make no mistake, this should not be your sole means of securing sensitive data. That being said, there are at least four precautions that should be taken.
 				<li>The sensitive data is encrypted everywhere, including backups</li>
@@ -92,7 +92,7 @@
           </div>
           <div class="accordion-body collapse" id="collapseSSNFour" style="height: 0px;">
             <div class="accordion-inner">
-              How protected are those passwords in the database against cracking?
+              My SSN seems pretty important, hope it's kept safe!
             </div>
           </div>
         </div>

app/views/tutorials/exposure.html.erb

@@ -2,22 +2,22 @@
 	<div class="main-container">
 		<div class="row-fluid">
 		    <div class="span12">  <!-- Beginning of span-->
-		       <%= render :partial => "layouts/tutorial/crypto/password_hashing" %>
+		       <%= render :partial => "layouts/tutorial/exposure/password_hashing" %>
 		    </div> <!-- End of span-->
 		</div>
-<!--		
+		
 		<div class="row-fluid">
 		    <div class="span12">  
-		       <%#= render :partial => "layouts/tutorial/crypto/ssn" %>
+		       <%= render :partial => "layouts/tutorial/exposure/ssn" %>
 		    </div>
 		</div>
--->		
+	
 	</div>
 </div>
 
 <script type="text/javascript">
 function makeActive(){
-	$('li[id="crypto"]').addClass('active');
+	$('li[id="exposure"]').addClass('active');
 };
 
 $(document).ready(makeActive);

config/routes.rb

@@ -45,7 +45,7 @@ resources :tutorials do
     get "insecure_dor"
     get "csrf"
     get "misconfig"
-    get "crypto"
+    get "exposure"
     get "url_access"
     get "ssl_tls"
     get "redirects"