Final Exam: Defensive Programmer

Expected Duration
Lesson Objectives
Course Number
Expertise Level


Final Exam: Defensive Programmer will test your knowledge and application of the topics presented throughout the Defensive Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer Journey.

Expected Duration (hours)

Lesson Objectives

Final Exam: Defensive Programmer

  • apply defensive coding
  • apply effective and secure regression testing
  • apply exception handling effectively
  • apply parameter checking
  • apply secure integration testing including when and who conducts integration testing
  • apply secure unit testing including how it is done and who should do it
  • apply the Flaw Hypothesis Method
  • define risk management and be able to apply risk management to software projects
  • describe assertive programming and be able to implement assertions
  • describe basic cryptography applications to confidentiality and integrity
  • describe basic cryptography concepts, cryptography types, and applications
  • describe CDI/UDI, why it is important and how it should be done
  • describe component trust including when and how to achieve the trust of components
  • describe how to reuse code effectively and defensively
  • describe intelligible exceptions and be able to implement meaningful and actionable exception handling
  • describe reliability, resiliency, and recoverability and how it can be achieved in software engineering
  • describe secure testing concepts including unit, integration, and regression testing
  • describe session management techniques and secure session management
  • describe the first five CERT Top 10 secure coding practices - Validate input, Heed compiler warnings, Architect and design for security, Keep it simple, and the Default deny
  • describe the last five CERT Top 10 secure coding practices - Adhere to the principle of least privilege, Sanitize data sent to other systems, Practice defense-in-depth, Use effective quality assurance techniques, and Adopt a secure coding standard
  • describe the role of Six Sigma in producing better quality, secure programming
  • describe validation techniques and procedures
  • effectively track security bugs
  • identify general defensive concepts
  • identify intelligible exceptions
  • implement C# filtering
  • implement C# parameter checking
  • implement C# recoverable code
  • implement C# resilient code
  • implement Java filtering
  • implement Java parameter checking
  • implement Java recoverable code
  • implement Java resilient code
  • implement JavaScript filtering
  • implement JavaScript parameter checking
  • implement JavaScript recoverable code
  • implement JavaScript resilient code
  • implement Python filtering
  • implement Python parameter checking
  • implement Python recoverable code
  • implement Python resilient code
  • implement secure integration testing including when and who conducts integration testing
  • implement validation in C#
  • implement validation in Java
  • implement validation in JavaScript
  • implement validation in Python
  • use C# Cryptography
  • use C# exception handling
  • use C# validation
  • use effective security metrics
  • use Java Cryptography
  • use Java exception handling
  • use JavaScript Cryptography
  • use JavaScript exception handling
  • use JavaScript validation
  • use Java validation
  • use Open Source Security Testing Methodology Manual concepts
  • use Python Cryptography
  • use Python exception handling
  • use Python validation
  • Course Number:

    Expertise Level