Defensive Programming in Java: Data Handling, Injection Attacks, and Concurrency Overview/Description Target Audience Prerequisites Expected Duration Lesson Objectives Course Number Expertise Level Overview/Description
Defensive programming is an approach to programming that attempts to ensure that software still functions under adverse or unforeseen circumstances. In this course, you'll learn how to defend against injection attacks, including SQL, XML, LDAP, and coding attacks. You'll also learn how to handle concurrency.
Target Audience
Java developers seeking an introductory guide to developing efficient, secure, Java applications that are defendable against a variety of issues
Prerequisites
None
Expected Duration (hours)
2.8
Lesson Objectives Defensive Programming in Java: Data Handling, Injection Attacks, and Concurrency
start the course
identify why unsanitized data should not be logged in Java programs
identify why unsanitized data should be excluded from format strings
identify the issues that can occur when handling ZIP and GZIP files in Java
identify how to use input validation in a Java application
identify how to protect regular expressions against regex injection attacks
identify how to prevent SQL injection attacks in Java
identify how to prevent code injections in Java
set up a local LDAP server, create a connection, and populate the server with directory entries
identify how to prevent LDAP injection in Java
identify how to prevent XPath injections in Java
identify how to prevent XML injection attacks in Java
identify how to prevent against XML Entity expansion attacks in Java
list the potential problems that path traversal may cause and recognize how to prevent them in Java
handle concurrency securely by avoiding race conditions in Java programs
safely manage concurrency by ensuring safe publication of the members of referenced objects
safely manage concurrency by ensuring proper synchronization semantics
use thread-safety-related annotation in Java programs
use defensive programming techniques to defend against attacks in Java programs
Course Number: sd_sprj_a02_it_enus
Expertise Level
Intermediate