Final Exam: Defensive Programmer will test your knowledge and application of the topics presented throughout the Defensive Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer Journey.
apply secure integration testing including when and who conducts integration testing
apply secure unit testing including how it is done and who should do it
apply the Flaw Hypothesis Method
define risk management and be able to apply risk management to software projects
describe assertive programming and be able to implement assertions
describe basic cryptography applications to confidentiality and integrity
describe basic cryptography concepts, cryptography types, and applications
describe CDI/UDI, why it is important and how it should be done
describe component trust including when and how to achieve the trust of components
describe how to reuse code effectively and defensively
describe intelligible exceptions and be able to implement meaningful and actionable exception handling
describe reliability, resiliency, and recoverability and how it can be achieved in software engineering
describe secure testing concepts including unit, integration, and regression testing
describe session management techniques and secure session management
describe the first five CERT Top 10 secure coding practices - Validate input, Heed compiler warnings, Architect and design for security, Keep it simple, and the Default deny
describe the last five CERT Top 10 secure coding practices - Adhere to the principle of least privilege, Sanitize data sent to other systems, Practice defense-in-depth, Use effective quality assurance techniques, and Adopt a secure coding standard
describe the role of Six Sigma in producing better quality, secure programming
describe validation techniques and procedures
effectively track security bugs
identify general defensive concepts
identify intelligible exceptions
implement C# filtering
implement C# parameter checking
implement C# recoverable code
implement C# resilient code
implement Java filtering
implement Java parameter checking
implement Java recoverable code
implement Java resilient code
implement JavaScript filtering
implement JavaScript parameter checking
implement JavaScript recoverable code
implement JavaScript resilient code
implement Python filtering
implement Python parameter checking
implement Python recoverable code
implement Python resilient code
implement secure integration testing including when and who conducts integration testing
implement validation in C#
implement validation in Java
implement validation in JavaScript
implement validation in Python
use C# Cryptography
use C# exception handling
use C# validation
use effective security metrics
use Java Cryptography
use Java exception handling
use JavaScript Cryptography
use JavaScript exception handling
use JavaScript validation
use Java validation
use Open Source Security Testing Methodology Manual concepts