CompTIA Security+ (SY0-601) Cert Prep: 2 Secure Code Design and Implementation
Description
Learn about the risks associated with application vulnerabilities—and the secure coding practices that can help you avoid attacks—as you prepare for the Security+ exam.
Tags
Syllabus
Syllabus IntroductionSecure code design and implementationWhat you need to knowStudy resources1. Software Development LifecycleSoftware platformsDevelopment methodologiesMaturity modelsChange managementAutomation and DevOps2. Software Quality AssuranceCode reviewSoftware testingCode security testsFuzz testingCode repositoriesApplication managementThird-party code3. Application AttacksOWASP Top 10Application securityPrevent SQL injectionCross-site scriptingRequest forgeryDefend against directory traversalOverflow attacksCookies and attachmentsSession hijackingCode execution attacksPrivilege escalationDriver manipulationMemory vulnerabilitiesRace condition vulnerabilities4. Secure Coding PracticesInput validationParameterized queriesAuthentication and session management issuesOutput encodingError and exception handlingCode signingDatabase securityData deidentificationData obfuscationConclusionContinue your studies Read more
Related Books
CompTIA Security+ (SY0-601) Cert Prep: 2 Secure Code Design and Implementation
-
Provider