Final Exam: Secure Programmer


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

Final Exam: Secure Programmer will test your knowledge and application of the topics presented throughout the Secure Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer Journey.



Expected Duration (hours)
0.0

Lesson Objectives

Final Exam: Secure Programmer

  • apply C# secure coding to combat common code vulnerabilities
  • apply JavaScript secure coding to combat SQL Injection Vulnerability
  • code against buffer overflow attacks in C#
  • code against buffer overflow attacks in Java
  • code against buffer overflow attacks in Java - part 2
  • code against buffer overflow attacks in Java - part 3
  • code against buffer overflow attacks in JavaScript
  • code against buffer overflow attacks in Python
  • code against cross-site scripting attacks in C#
  • code against cross-site scripting attacks in Java
  • code against cross-site scripting attacks in JavaScript
  • code against cross-site scripting attacks in JavaScript - part 2
  • code against cross-site scripting attacks in Python
  • code against format string attacks in C#
  • code against format string attacks in Java
  • code against format string attacks in Python
  • code against password cracking attacks in JavaScript
  • code against password cracking attacks in JavaScript - part 2
  • code against SQL injection attacks in C#
  • code against SQL injection attacks in C# - part 2
  • code against SQL injection attacks in Java
  • code against SQL injection attacks in Java - part 2
  • code against SQL injection attacks in JavaScript
  • code against SQL injection attacks in Python
  • code against SQL injection attacks in Python - part 2
  • describe and be able to avoid common programming errors that can undermine the security
  • describe and use CVE vulnerability scoring
  • describe and use threat models including STRIDE, PASTA, DREAD, and SQUARE
  • describe asymmetric algorithms including RSA, ECC, and Diffie-Helman
  • describe authentication and authorization, including models such as DAC, MAC, RBAC, and ABAC
  • describe hashing algorithms such as MD5 and SHA as well as MAC and HMAC
  • describe OWASP Top 10 vulnerabilities
  • describe OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
  • describe OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs
  • describe OWASP Top 10 vulnerabilities including SQL injection, broken authentication, and cross-site scripting
  • describe secure programming verification and validation process and techniques
  • describe security concepts, including the CIA triangle, least privileges, and separation of duties
  • describe specific security vulnerabilities and recognize how to program counter techniques
  • describe symmetric algorithms including AES, Blowfish, and Serpent
  • describe the resiliency concepts such as stability, recovery, and defensive coding
  • identify OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
  • identify OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs
  • identify security concepts, including the CIA triangle, least privileges, and separation of duties
  • identify symmetric algorithms including AES, Blowfish, and Serpent
  • identify the resiliency concepts such as stability, recovery, and defensive coding
  • implement C# secure coding to combat common code vulnerabilities
  • implement JavaScript secure coding to combat Cross-Site Scripting attacks
  • implement JavaScript secure coding to combat SQL Injection Vulnerability
  • implement Java secure coding to combat SQL Injection Vulnerability
  • implement Python secure coding to combat a variety of security vulnerabilities
  • recognize OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
  • recognize specific security vulnerabilities and recognize how to program counter techniques
  • use CVSS scoring for vulnerabilities
  • use OWASP Zap vulnerability scanner to test web sites for common vulnerabilities
  • use Vega Vulnerability Scanner to test web sites for common vulnerabilities
  • write resilient C# code
  • write resilient Java code
  • write resilient Java code - part 2
  • write resilient JavaScript code
  • write resilient Python code

    • Course Number:
    it_fesap_02_enus

    Expertise Level
    Intermediate