Final Exam: Secure Programmer

Final Exam: Secure Programmer

• apply C# secure coding to combat common code vulnerabilities
• apply JavaScript secure coding to combat SQL Injection Vulnerability
• code against buffer overflow attacks in C#
• code against buffer overflow attacks in Java
• code against buffer overflow attacks in Java - part 2
• code against buffer overflow attacks in Java - part 3
• code against buffer overflow attacks in JavaScript
• code against buffer overflow attacks in Python
• code against cross-site scripting attacks in C#
• code against cross-site scripting attacks in Java
• code against cross-site scripting attacks in JavaScript
• code against cross-site scripting attacks in JavaScript - part 2
• code against cross-site scripting attacks in Python
• code against format string attacks in C#
• code against format string attacks in Java
• code against format string attacks in Python
• code against password cracking attacks in JavaScript
• code against password cracking attacks in JavaScript - part 2
• code against SQL injection attacks in C#
• code against SQL injection attacks in C# - part 2
• code against SQL injection attacks in Java
• code against SQL injection attacks in Java - part 2
• code against SQL injection attacks in JavaScript
• code against SQL injection attacks in Python
• code against SQL injection attacks in Python - part 2
• describe and be able to avoid common programming errors that can undermine the security
• describe and use CVE vulnerability scoring
• describe and use threat models including STRIDE, PASTA, DREAD, and SQUARE
• describe asymmetric algorithms including RSA, ECC, and Diffie-Helman
• describe authentication and authorization, including models such as DAC, MAC, RBAC, and ABAC
• describe hashing algorithms such as MD5 and SHA as well as MAC and HMAC
• describe OWASP Top 10 vulnerabilities
• describe OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
• describe OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs
• describe OWASP Top 10 vulnerabilities including SQL injection, broken authentication, and cross-site scripting
• describe secure programming verification and validation process and techniques
• describe security concepts, including the CIA triangle, least privileges, and separation of duties
• describe specific security vulnerabilities and recognize how to program counter techniques
• describe symmetric algorithms including AES, Blowfish, and Serpent
• describe the resiliency concepts such as stability, recovery, and defensive coding
• identify OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
• identify OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs
• identify security concepts, including the CIA triangle, least privileges, and separation of duties
• identify symmetric algorithms including AES, Blowfish, and Serpent
• identify the resiliency concepts such as stability, recovery, and defensive coding
• implement C# secure coding to combat common code vulnerabilities
• implement JavaScript secure coding to combat Cross-Site Scripting attacks
• implement JavaScript secure coding to combat SQL Injection Vulnerability
• implement Java secure coding to combat SQL Injection Vulnerability
• implement Python secure coding to combat a variety of security vulnerabilities
• recognize OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
• recognize specific security vulnerabilities and recognize how to program counter techniques
• use CVSS scoring for vulnerabilities
• use OWASP Zap vulnerability scanner to test web sites for common vulnerabilities
• use Vega Vulnerability Scanner to test web sites for common vulnerabilities
• write resilient C# code
• write resilient Java code
• write resilient Java code - part 2
• write resilient JavaScript code
• write resilient Python code

Final Exam: Secure Programmer will test your knowledge and application of the topics presented throughout the Secure Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer Journey.

Secure Programmer: Attacks

Secure Programmer: Attacks

• discover the key concepts covered in this course
• code against format string attacks in Java
• code against format string attacks in Python
• code against format string attacks in C#
• code against SQL injection attacks in Java
• code against SQL injection attacks in Python
• code against SQL injection attacks in C#
• code against SQL injection attacks in JavaScript
• code against buffer overflow attacks in Java
• code against buffer overflow attacks in Python
• code against buffer overflow attacks in C#
• code against buffer overflow attacks in JavaScript
• code against cross-site scripting attacks in Java
• code against cross-site scripting attacks in Python
• code against cross-site scripting attacks in C#
• code against cross-site scripting attacks in JavaScript
• code against password cracking attacks in Java
• code against password cracking attacks in Python
• code against password cracking attacks in C#
• code against password cracking attacks in JavaScript
• summarize the key concepts covered in this course

Explore common software attacks and the coding mistakes that make software vulnerable to them. Discover how to code against format string, SQL injection, buffer overflow, cross-site scripting, and password cracking attacks in Java, C#, JavaScript, and Python.

Secure Programmer: Resiliency Coding

Secure Programmer: Resiliency Coding

• discover the key concepts covered in this course
• describe the resiliency concepts such as stability, recovery, and defensive coding
• write resilient Java code
• write resilient Python code
• write resilient C# code
• write resilient JavaScript code
• summarize the key concepts covered in this course

Explore resiliency concepts such as stability, recovery, and defensive coding. Discover how to write resilient code in Java, Python, C#, and JavaScript.

Secure Programmer: Security Concepts

Secure Programmer: Security Concepts

• discover the key concepts covered in this course
• describe security concepts, including the CIA triangle, least privileges, and separation of duties
• describe authentication and authorization, including models such as DAC, MAC, RBAC, and ABAC
• describe and be able to avoid common programming errors that can undermine security
• describe secure programming verification and validation process and techniques
• summarize the key concepts covered in this course

Discover the basics of secure programming, including common security concepts like the CIA triangle, least privileges, and separation of duties. Explore authentication and authorization, including popular models like DAC, MAC, RBAC, and ABAC. Examine how to avoid common programming errors that can undermine security, as well as how to incorporate validation and verification into your programming.

Secure Programmer: Vulnerabilities

Secure Programmer: Vulnerabilities

• discover the key concepts covered in this course
• describe specific security vulnerabilities and recognize how to program counter techniques
• describe OWASP Top 10 vulnerabilities including SQL injection, broken authentication, and cross-site scripting
• describe OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
• describe OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs
• describe and use threat models including STRIDE, PASTA, DREAD, and SQUARE
• describe and use CVE vulnerability scoring
• implement Java secure coding to combat Rhino Script vulnerability
• implement Python secure coding to combat Remote Code Execution Vulnerability
• implement C# secure coding to combat SQL Injection Vulnerability
• implement JavaScript secure coding to combat SQL Injection Vulnerability
• implement Java secure coding to combat SQL Injection Vulnerability
• implement Python secure coding to combat a variety of security vulnerabilities
• implement C# secure coding to combat common code vulnerabilities
• implement JavaScript secure coding to combat Cross Site Scripting attacks
• use CVSS scoring for vulnerabilities
• use OWASP Zap vulnerability scanner to test web sites for common vulnerabilities
• use Vega Vulnerability Scanner to test web sites for common vulnerabilities
• summarize the key concepts covered in this course

Weaknesses or flaws in software leave it vulnerable to attack, so it's important to be able to recognize and correct against these vulnerabilities. Explore software vulnerability topics such a counter techniques, threat models, and common vulnerabilities and exposures. Discover the OWASP Top 10 commonly encountered vulnerabilities, and examine Java, Python, C#, and JavaScript secure coding examples.

Secure Programming: Encryption

Secure Programming: Encryption

• discover the key concepts covered in this course
• describe symmetric algorithms including AES, Blowfish, and Serpent
• describe asymmetric algorithms including RSA, ECC, and Diffie-Helman
• describe hashing algorithms such as MD5 and SHA as well as MAC and HMAC
• summarize the key concepts covered in this course

In this course, we'll discover the basics of cryptographic algorithms and explore symmetric encryption algorithms such as AES, Blowfish, and Serpent.We'll also examine asymmetric encryption algorithms like RSA, ECC, and Diffie-Helman. In addition, cryptographic hash algorithms like MD5, SHA, MAC, and HMAC are covered.